async def list_interfaces(self):
try:
interfaces = []
ipc_file = SMBFile.from_uncpath(
'\\\\%s\\IPC$' % self.connection.target.get_hostname_or_ip())
await ipc_file.open(self.connection, 'r')
ifaces_raw, err = await self.connection.ioctl(
ipc_file.tree_id,
b'\xFF' * 16,
CtlCode.FSCTL_QUERY_NETWORK_INTERFACE_INFO,
data=None,
flags=IOCTLREQFlags.IS_FSCTL)
if err is not None:
raise err
for iface_raw in ifaces_raw:
t = {
'index': iface_raw.IfIndex,
'cap': iface_raw.Capability,
'speed': iface_raw.LinkSpeed,
'address': str(iface_raw.SockAddr_Storage.Addr),
}
interfaces.append(t)
return interfaces, None
except Exception as e:
return None, e
finally:
await ipc_file.close()
async def deploy_service(self,
path_to_executable,
remote_path=None,
service_name=None):
"""
remote path must be UNC
"""
try:
_, err = await self.connect_rpc('SERVICEMGR')
if err is not None:
raise err
if service_name is None:
service_name = os.urandom(4).hex()
if remote_path is None:
raise NotImplementedError()
filename = ntpath.basename(path_to_executable)
remote_file_path = remote_path + filename
remote_file = SMBFile.from_uncpath(remote_file_path)
await self.put_file(path_to_executable, remote_file)
command = remote_file_path
await self.create_service(service_name, command)
return True, None
except Exception as e:
return None, e
async def connect(self): # TODO: if the smb connection is not set up, we need to set it up try: unc_path = '\\\\%s\\%s%s' % (self.target.smb_connection.target.get_hostname_or_ip(), 'IPC$', self.target.pipe) self.smbfile = SMBFile.from_uncpath(unc_path) _, err = await self.smbfile.open(self.target.smb_connection, 'wp') return True, err except Exception as e: return None, e
async def run(self):
try:
self.task_q = asyncio.Queue()
self.target_gen_task = asyncio.create_task(self.__target_gen())
while True:
t = await self.task_q.get()
if t is None:
return True, None
tid, target = t
unc = PureWindowsPath(target)
file_name = unc.name
print()
connection = self.smb_mgr.create_connection_newtarget(
target.replace('\\\\', '').split('\\')[0])
async with connection:
_, err = await connection.login()
if err is not None:
raise err
print(target)
smbfile = SMBFile.from_uncpath(target)
_, err = await smbfile.open(connection, 'r')
if err is not None:
logger.info('Error Downloading file %s' % target)
continue
if self.show_progress is True:
pbar = tqdm.tqdm(desc='Downloading %s' % file_name,
total=smbfile.size,
unit='B',
unit_scale=True,
unit_divisor=1024)
with open(file_name, 'wb') as f:
async for data, err in smbfile.read_chunked():
if err is not None:
logger.info('Error Downloading file %s' %
target)
continue
if data is None:
break
f.write(data)
if self.show_progress is True:
pbar.update(len(data))
return True, None
except Exception as e:
return False, e
async def deploy_service(self, path_to_executable, remote_path = None, service_name = None): """ remote path must be UNC """ if service_name is None: service_name = os.urandom(4).hex() if remote_path is None: raise NotImplementedError() filename = ntpath.basename(path_to_executable) remote_file_path = remote_path + filename remote_file = SMBFile.from_uncpath(remote_file_path) await self.put_file(path_to_executable, remote_file) command = remote_file_path await self.create_service(service_name, command) return True, None