def parse_create_audit(pcmd):
audit_name = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
audit_exp = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-" + " ")))
audit_name_parser = '-n ' + Group(audit_name).setResultsName('audit')
audit_exp_parser = '-exp ' + Group(audit_exp).setResultsName('exp')
command_parser = (audit_name_parser & audit_exp_parser) + ";"
return_list = list()
try:
parse_result = command_parser.parseString(pcmd)
except ParseException:
error_module('parse_create_audit_010',
'ParseException from dbhack_parser.parse_create_audit',
'Your command can not be parsed')
return_list = ['Error']
return return_list
return_list.append(parse_result['audit'][0])
return_list.append(parse_result['exp'][0])
return return_list
def parse_user_for_mssql_null_passwd(pcmd):
ipField = Word(nums, max=3)
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
servernames = Or([full_ip, servername])
port = Word(nums)
sid = Word(printables)
server_parser = "-s" + servernames.setResultsName('server')
port_parser = "-p" + port.setResultsName('port')
username = Combine(
Word(alphas) +
Optional(Word(alphas + nums + "-" + "_" + "&" + "#" + "$")))
usernames = "-user" + (Group(delimitedList(
username, ",")).setResultsName('username'))
Oracle_tnsping_parser = (server_parser & port_parser & usernames) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module(
'parse_user_for_mssql_010',
'ParseException from dbhack_parser.parse_user_for_mssql_null_passwd',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list()
server_list.append(parse_result['server'])
return_list.append(server_list)
port_list = list()
port_list.append(parse_result['port'])
return_list.append(port_list)
username_list = list()
for s in parse_result['username']:
username_list.append(s)
return_list.append(username_list)
return return_list
def parse_mssql_check_odbc(pcmd):
ipField = Word(nums, max=3)
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
servernames = Or([full_ip, servername])
portrange = Word(nums) + "-" + Word(nums)
port = Word(nums)
iprange = ipField + "." + ipField + "." + ipField + "." + ipField + "-" + ipField
server_parser = "-s" + Group(Or(
[iprange, delimitedList(servernames)])).setResultsName('server')
port_parser = "-p" + Group(Or(
[portrange, delimitedList(port, ",")])).setResultsName('port')
Oracle_tnsping_parser = (server_parser & port_parser) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module('mssql_check_odbc_010',
'ParseException from dbhack_parser.mssql_check_odbc',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list(parse_result['server'])
port_list = list(parse_result['port'])
server_range_list = list()
# Server is ip range
if '-' in server_list:
# Check ip range list
if int(server_list[6]) >= int(server_list[8]):
error_module(
'mssql_check_odbc_030',
'IP range condition check at dbhack_parser.mssql_check_odbc',
'IP Range is not correct')
return_list = ['Error']
return return_list
#Check IP less than 255
if int(server_list[6]) > 255 or int(server_list[8]) > 255 or int(
server_list[0]) > 255 or int(server_list[2]) > 255 or int(
server_list[4]) > 255:
error_module(
'mssql_check_odbc_040',
'IP range condition check at dbhack_parser.mssql_check_odbc',
'IPs greater than 255')
return_list = ['Error']
return return_list
# Prepare IPs
domain_ip = server_list[0] + '.' + server_list[2] + '.' + server_list[
4] + '.'
for x in range(int(server_list[6]), int(server_list[8]) + 1):
server_range_list.append(domain_ip + str(x))
return_list.append(server_range_list)
else:
# if there is no ip range put server_list into return list directly
return_list.append(server_list)
# port is in ip range
portrange_list = list()
if '-' in port_list:
# if there is port range , produce port range list
if int(port_list[0]) >= int(port_list[2]):
error_module(
'mssql_check_odbc_020',
'Port range condition check at dbhack_parser.mssql_check_odbc',
'Port Range is not correct')
return_list = ['Error']
return return_list
if int(port_list[0]) > 65535 or int(port_list[2]) > 65535:
error_module(
'mssql_check_odbc_050',
'Port range condition check at dbhack_parser.mssql_check_odbc',
'Port is greater than 65535')
return_list = ['Error']
return return_list
# Prepare port range list
for x in range(int(port_list[0]), int(port_list[2]) + 1):
portrange_list.append(x)
return_list.append(portrange_list)
else:
if len([x for x in port_list if int(x) > 65535]):
error_module(
'mssql_check_odbc_060',
'Port range condition check at dbhack_parser.mssql_check_odbc',
'Port numbers can not be greater than 65535')
return_list = ['Error']
return return_list
for i in range(len(port_list)):
portrange_list.append(int(port_list[i]))
return_list.append(portrange_list)
return return_list
def parse_brute_file_mssql(pcmd):
ipField = Word(nums, max=3)
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
servernames = Or([full_ip, servername])
port = Word(nums)
sid = Word(printables)
server_parser = "-s" + servernames.setResultsName('server')
port_parser = "-p" + port.setResultsName('port')
sid_parser = "-db" + sid.setResultsName('sid')
file_path = Combine(Word(printables))
cred_file = "-cred_file" + file_path.setResultsName('cred_file')
Oracle_tnsping_parser = (server_parser & port_parser & sid_parser
& cred_file) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module('parse_brute_file_mssql_010',
'ParseException from dbhack_parser.brute_file_mssql',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list()
server_list.append(parse_result['server'])
return_list.append(server_list)
port_list = list()
port_list.append(parse_result['port'])
return_list.append(port_list)
sid_list = list()
sid_list.append(parse_result['sid'])
return_list.append(sid_list)
# cred-file okunup liste içine çoklu olarak alınması
mylist1 = []
mylist2 = []
try:
with open(parse_result['cred_file']) as f:
mylist1 = [tuple(map(str, i.split(','))) for i in f]
except Exception as error:
error_module(
'parse_brute_file_020',
'Open Credential file from dbhack_parser.parse_brute_file_mssql',
'Can not open credential File')
return_list = ['Error']
return return_list
try:
for i in range(0, len(mylist1)):
mylist2.append(
(mylist1[i][0].split()[0], mylist1[i][1].split()[0]))
except Exception as error:
error_module(
'parse_brute_file_030',
'Producing tuple list at dbhack_parser.parse_brute_file_mssql',
'Something wrong in Credential File')
return_list.append(mylist2)
return return_list
def parse_user_for_mssql(pcmd):
ipField = Word(nums, max=3)
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
servernames = Or([full_ip, servername])
port = Word(nums)
sid = Word(printables)
server_parser = "-s" + servernames.setResultsName('server')
port_parser = "-p" + port.setResultsName('port')
sid_parser = "-db" + sid.setResultsName('sid')
username = Combine(
Word(alphas) +
Optional(Word(alphas + nums + "-" + "_" + "&" + "#" + "$")))
usernames = "-user" + (Group(delimitedList(
username, ",")).setResultsName('username'))
password = Combine(
Word(alphas) + Optional(
Word(alphas + nums + "-" + "_" + "&" + "#" + "$" + "?" + "%" +
"+" + "!")))
passwords = "-passwd" + (Group(delimitedList(
password, ",")).setResultsName('password'))
user_passwd_list = usernames + passwords
user_passwd_part = user_passwd_list
file_path = Combine(Word(printables))
username_file = "-user_file" + file_path.setResultsName('username_file')
passwd_file = "-passwd_file" + file_path.setResultsName('password_file')
user_passwd_file = username_file + passwd_file
user_passwd_part = Or([user_passwd_list, user_passwd_file])
Oracle_tnsping_parser = (server_parser & port_parser & sid_parser
& user_passwd_part) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module('parse_user_for_mssql_010',
'ParseException from dbhack_parser.parse_user_for_mssql',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list()
server_list.append(parse_result['server'])
return_list.append(server_list)
port_list = list()
port_list.append(parse_result['port'])
return_list.append(port_list)
sid_list = list()
sid_list.append(parse_result['sid'])
return_list.append(sid_list)
# Username ve Password komutda girilmiş ise
try:
x_list = list(parse_result['username_file'])
except KeyError:
username_list = list()
for s in parse_result['username']:
username_list.append(s)
return_list.append(username_list)
password_list = list()
for s in parse_result['password']:
password_list.append(s)
return_list.append(password_list)
return return_list
# username ve password file ile girilmiş ise
username_list = []
file_name = parse_result['username_file']
try:
f = open(file_name)
except FileNotFoundError:
error_module(
'parse_user_for_mssql_070',
'SID file open check at dbhack_parser.parse_user_for_mssql',
'username list file does not exist')
return_list = ['Error']
return return_list
with open(parse_result['username_file']) as f:
read_sid = f.read()
username_list = read_sid.split()
f.closed
return_list.append(username_list)
# password file ile girilmiş ise
password_list = []
file_name = parse_result['password_file']
try:
f = open(file_name)
except FileNotFoundError:
error_module(
'parse_user_for_mssql_080',
'SID file open check at dbhack_parser.parse_user_for_mssql',
'password list file does not exist')
return_list = ['Error']
return return_list
with open(parse_result['password_file']) as f:
read_sid = f.read()
password_list = read_sid.split()
f.closed
return_list.append(password_list)
return return_list
def parse_mssql_ping(pcmd):
ipField = Word(nums, max=3)
name = Optional(Word(nums)) + Optional(
Word(alphas)) + Optional("-") + Optional(".")
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-" + "#")))
servernames = Or([full_ip, servername])
iprange = ipField + "." + ipField + "." + ipField + "." + ipField + "-" + ipField
server_parser = "-s" + Group(Or(
[iprange, delimitedList(servernames)])).setResultsName('server')
Oracle_tnsping_parser = (server_parser) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module('parse_mssql_ping_010',
'ParseException from dbhack_parser.parse_mssql_ping',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list(parse_result['server'])
server_range_list = list()
# Server is ip range
if '-' in server_list:
# Check ip range list
if int(server_list[6]) >= int(server_list[8]):
error_module(
'parse_mssql_ping_030',
'IP range condition check at dbhack_parser.parse_mssql_ping',
'IP Range is not correct')
return_list = ['Error']
return return_list
#Check IP less than 255
if int(server_list[6]) > 255 or int(server_list[8]) > 255 or int(
server_list[0]) > 255 or int(server_list[2]) > 255 or int(
server_list[4]) > 255:
error_module(
'parse_mssql_ping_040',
'IP range condition check at dbhack_parser.parse_mssql_ping',
'IPs greater than 255')
return_list = ['Error']
return return_list
# Prepare IPs
domain_ip = server_list[0] + '.' + server_list[2] + '.' + server_list[
4] + '.'
for x in range(int(server_list[6]), int(server_list[8]) + 1):
server_range_list.append(domain_ip + str(x))
return_list.append(server_range_list)
else:
# if there is no ip range put server_list into return list directly
return_list.append(server_list)
return return_list
def parse_sid(pcmd):
ipField = Word(nums, max=3)
full_ip = Combine(ipField + "." + ipField + "." + ipField + "." + ipField)
servername = Combine(
Word(alphas) + Optional(Word(alphas + nums + "." + "-")))
servernames = Or([full_ip, servername])
portrange = Word(nums) + "-" + Word(nums)
port = Word(nums)
sid = Combine(
Word(alphas) +
Optional(Word(alphas + nums + "-" + "_" + "&" + "#" + "$")))
iprange = ipField + "." + ipField + "." + ipField + "." + ipField + "-" + ipField
server_parser = "-s" + Group(Or(
[iprange, delimitedList(servernames)])).setResultsName('server')
port_parser = "-p" + Group(Or(
[portrange, delimitedList(port, ",")])).setResultsName('port')
# sid_file
sid_name_parser = "-sid" + (Group(delimitedList(
sid, ",")).setResultsName('sid'))
file_path = Combine(Word(printables))
sid_file_parser = "-sid_file" + Group(file_path).setResultsName('sid_file')
sid_parser = Or([sid_name_parser, sid_file_parser])
Oracle_tnsping_parser = (server_parser & port_parser & sid_parser) + ";"
return_list = list()
try:
parse_result = Oracle_tnsping_parser.parseString(pcmd)
except ParseException:
error_module('parse_sid_010',
'ParseException from dbhack_parser.parse_sid',
'Your command can not be parsed')
return_list = ['Error']
return return_list
server_list = list(parse_result['server'])
port_list = list(parse_result['port'])
server_range_list = list()
# Server is ip range
if '-' in server_list:
# Check ip range list
if int(server_list[6]) >= int(server_list[8]):
error_module(
'parse_sid_030',
'IP range condition check at dbhack_parser.parse_sid',
'IP Range is not correct')
return_list = ['Error']
return return_list
#Check IP less than 255
if int(server_list[6]) > 255 or int(server_list[8]) > 255 or int(
server_list[0]) > 255 or int(server_list[2]) > 255 or int(
server_list[4]) > 255:
error_module(
'parse_sid_040',
'IP range condition check at dbhack_parser.parse_sid',
'IPs greater than 255')
return_list = ['Error']
return return_list
# Prepare IPs
domain_ip = server_list[0] + '.' + server_list[2] + '.' + server_list[
4] + '.'
for x in range(int(server_list[6]), int(server_list[8]) + 1):
server_range_list.append(domain_ip + str(x))
return_list.append(server_range_list)
else:
# if there is no ip range put server_list into return list directly
return_list.append(server_list)
# port is in ip range
portrange_list = list()
if '-' in port_list:
# if there is port range , produce port range list
if int(port_list[0]) >= int(port_list[2]):
error_module(
'parse_sid_020',
'Port range condition check at dbhack_parser.parse_sid',
'Port Range is not correct')
return_list = ['Error']
return return_list
if int(port_list[0]) > 65535 or int(port_list[2]) > 65535:
error_module(
'parse_sid_050',
'Port range condition check at dbhack_parser.parse_sid',
'Port is greater than 65535')
return_list = ['Error']
return return_list
# Prepare port range list
for x in range(int(port_list[0]), int(port_list[2]) + 1):
portrange_list.append(x)
return_list.append(portrange_list)
else:
if len([x for x in port_list if int(x) > 65535]):
error_module(
'parse_sid_060',
'Port range condition check at dbhack_parser.parse_sid',
'Port numbers can not be greater than 65535')
return_list = ['Error']
return return_list
for i in range(len(port_list)):
portrange_list.append(int(port_list[i]))
return_list.append(portrange_list)
# sid listesinin doldurulmasi
# sid ler komut icinde girilmis ise direk SID leri komut satirindan al
try:
sidrange_list = list(parse_result['sid'])
# sid_file girilmis ise
except KeyError:
sidrange_list = []
file_name = parse_result['sid_file'][0]
try:
f = open(file_name)
except FileNotFoundError:
error_module('parse_sid_070',
'SID file open check at dbhack_parser.parse_sid',
'sid list file does not exist')
return_list = ['Error']
return return_list
with open(parse_result['sid_file'][0]) as f:
read_sid = f.read()
sidrange_list = read_sid.split()
f.closed
return_list.append(sidrange_list)
return return_list