def runAllModules(args):
'''
Run all modules
'''
connectionInformation, validSIDsList = {}, []
#A)SID MANAGEMENT
if args['sid'] == None :
logging.debug("Searching valid SIDs")
validSIDsList = runSIDGuesserModule(args)
args['user'], args['password'] = None, None
else :
validSIDsList = [args['sid']]
#B)ACCOUNT MANAGEMENT
if args['credentielsFile'] == True :
logging.debug("Loading credentiels stored in the {0} file".format(args['accounts-file']))
#Load accounts from file
passwordGuesser = PasswordGuesser(args, args['accounts-file'])
validAccountsList = passwordGuesser.getAccountsFromFile()
for aSid in validSIDsList:
for anAccount in validAccountsList:
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[anAccount[0], anAccount[1]]]
else : connectionInformation[aSid].append([anAccount[0], anAccount[1]])
elif args['user'] == None and args['password'] == None:
for sid in validSIDsList:
args['print'].title("Searching valid accounts on the {0} SID".format(sid))
args['sid'] = sid
passwordGuesser = PasswordGuesser(args,args['accounts-file'])
passwordGuesser.searchValideAccounts()
validAccountsList = passwordGuesser.valideAccounts
if validAccountsList == {}:
args['print'].badNews("No found a valid account on {0}:{1}/{2}".format(args['server'], args['port'], args['sid']))
exit(EXIT_NO_ACCOUNTS)
else :
args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],validAccountsList))
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
else : connectionInformation[sid].append([aLogin,aPassword])
else :
validAccountsList = {args['user']:args['password']}
for aSid in validSIDsList:
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
else : connectionInformation[aSid].append([aLogin,aPassword])
#C)ALL OTHERS MODULES
if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
for aSid in connectionInformation.keys():
for loginAndPass in connectionInformation[aSid]:
args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
#INFO ABOUT REMOTE SERVER
info = Info(args)
status = info.connection()
if isinstance(status,Exception):
args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
break
info.loadInformationRemoteDatabase()
args['info'] = info
#UTL_HTTP
utlHttp = UtlHttp(args)
status = utlHttp.connection()
utlHttp.testAll()
#HTTPURITYPE
httpUriType = HttpUriType(args)
httpUriType.testAll()
#UTL_FILE
utlFile = UtlFile(args)
utlFile.testAll()
#JAVA
java = Java(args)
java.testAll()
#DBMS ADVISOR
dbmsAdvisor = DbmsAdvisor(args)
dbmsAdvisor.testAll()
#DBMS Scheduler
dbmsScheduler = DbmsScheduler(args)
dbmsScheduler.testAll()
#CTXSYS
ctxsys = Ctxsys(args)
ctxsys.testAll()
#Passwords
passwords = Passwords(args)
passwords.testAll()
#DbmsXmldom
dbmsXslprocessor = DbmsXslprocessor(args)
dbmsXslprocessor.testAll()
#External Table
externalTable = ExternalTable(args)
externalTable.testAll()
#Oradbg
oradbg = Oradbg(args)
oradbg.testAll()
#DbmsLob
dbmsLob = DbmsLob(args)
dbmsLob.testAll()
#SMB
smb = SMB(args)
smb.testAll()
smb.close() #Close the socket to the remote database
#CVE_2012_3137
cve = CVE_2012_3137 (args)
cve.testAll()
#usernamelikepassword
args['run'] = True
runUsernameLikePassword(args)
def runAllModules(args):
'''
Run all modules
'''
connectionInformation, validSIDsList = {}, []
#0)TNS Poinsoning
if args['no-tns-poisoning-check'] == False:
tnspoison = Tnspoison(args)
tnspoison.testAll()
else:
logging.info("Don't check if the target is vulnerable to TNS poisoning because the option --no-tns-poisoning-check is enabled in command line")
#A)SID MANAGEMENT
if args['sid'] == None :
logging.debug("Searching valid SIDs")
validSIDsList = runSIDGuesserModule(args)
args['user'], args['password'] = None, None
else :
validSIDsList = [args['sid']]
if validSIDsList == []:
exit(EXIT_NO_SIDS)
#B)ACCOUNT MANAGEMENT
if args['credentialsFile'] == True :
logging.debug("Loading credentials stored in the {0} file".format(args['accounts-file']))
#Load accounts from file
passwordGuesser = PasswordGuesser(args, args['accounts-file'], loginFile=None ,passwordFile=None, loginAsPwd=args['login-as-pwd'])
validAccountsList = passwordGuesser.getAccountsFromFile()
for aSid in validSIDsList:
for anAccount in validAccountsList:
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[anAccount[0], anAccount[1]]]
else : connectionInformation[aSid].append([anAccount[0], anAccount[1]])
elif args['user'] == None and args['password'] == None:
for sid in validSIDsList:
args['print'].title("Searching valid accounts on the {0} SID".format(sid))
args['sid'] = sid
if args['accounts-files'][0] != None and args['accounts-files'][1] != None : args['accounts-file'] = None
passwordGuesser = PasswordGuesser(args, accountsFile=args['accounts-file'], loginFile=args['accounts-files'][0], passwordFile=args['accounts-files'][1], timeSleep=args['timeSleep'], loginAsPwd=args['login-as-pwd'])
passwordGuesser.searchValideAccounts()
validAccountsList = passwordGuesser.valideAccounts
if validAccountsList == {}:
args['print'].badNews("No found a valid account on {0}:{1}/{2}. You should try with the option '--accounts-file accounts/accounts_multiple.txt' or '--accounts-file accounts/logins.txt accounts/pwds.txt'".format(args['server'], args['port'], args['sid']))
exit(EXIT_NO_ACCOUNTS)
else :
args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],getCredentialsFormated(validAccountsList)))
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
else : connectionInformation[sid].append([aLogin,aPassword])
else:
validAccountsList = {args['user']:args['password']}
for aSid in validSIDsList:
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
else : connectionInformation[aSid].append([aLogin,aPassword])
#C)ALL OTHERS MODULES
if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
for aSid in connectionInformation.keys():
for loginAndPass in connectionInformation[aSid]:
args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
#INFO ABOUT REMOTE SERVER
info = Info(args)
status = info.connection()
if isinstance(status,Exception):
args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
break
info.loadInformationRemoteDatabase()
args['info'] = info
#UTL_HTTP
utlHttp = UtlHttp(args)
status = utlHttp.connection()
utlHttp.testAll()
#HTTPURITYPE
httpUriType = HttpUriType(args)
httpUriType.testAll()
#UTL_FILE
utlFile = UtlFile(args)
utlFile.testAll()
#JAVA
java = Java(args)
java.testAll()
#DBMS ADVISOR
dbmsAdvisor = DbmsAdvisor(args)
dbmsAdvisor.testAll()
#DBMS Scheduler
dbmsScheduler = DbmsScheduler(args)
dbmsScheduler.testAll()
#CTXSYS
ctxsys = Ctxsys(args)
ctxsys.testAll()
#Passwords
passwords = Passwords(args)
passwords.testAll()
#DbmsXmldom
dbmsXslprocessor = DbmsXslprocessor(args)
dbmsXslprocessor.testAll()
#External Table
externalTable = ExternalTable(args)
externalTable.testAll()
#Oradbg
oradbg = Oradbg(args)
oradbg.testAll()
#DbmsLob
dbmsLob = DbmsLob(args)
dbmsLob.testAll()
#SMB
smb = SMB(args)
smb.testAll()
#Pribvilege escalation
privilegeEscalation = PrivilegeEscalation(args)
privilegeEscalation.testAll()
#Test some CVE
cve = CVE_XXXX_YYYY(args)
cve.testAll()
cve.close() #Close the socket to the remote database
#CVE_2012_3137
cve = CVE_2012_3137 (args)
cve.testAll()
#usernamelikepassword
args['run'] = True
runUsernameLikePassword(args)
def runAllModules(args):
'''
Run all modules
'''
connectionInformation, validSIDsList = {}, []
#0)TNS Poinsoning
if args['no-tns-poisoning-check'] == False:
tnspoison = Tnspoison(args)
tnspoison.testAll()
else:
logging.info("Don't check if the target is vulnerable to TNS poisoning because the option --no-tns-poisoning-check is enabled in command line")
#A)SID MANAGEMENT
if args['sid'] == None :
logging.debug("Searching valid SIDs")
validSIDsList = runSIDGuesserModule(args)
args['user'], args['password'] = None, None
else :
validSIDsList = [args['sid']]
if validSIDsList == []:
exit(EXIT_NO_SIDS)
#B)ACCOUNT MANAGEMENT
if args['credentialsFile'] == True :
logging.debug("Loading credentials stored in the {0} file".format(args['accounts-file']))
#Load accounts from file
passwordGuesser = PasswordGuesser(args, args['accounts-file'], loginFile=None ,passwordFile=None, loginAsPwd=args['login-as-pwd'])
validAccountsList = passwordGuesser.getAccountsFromFile()
for aSid in validSIDsList:
for anAccount in validAccountsList:
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[anAccount[0], anAccount[1]]]
else : connectionInformation[aSid].append([anAccount[0], anAccount[1]])
elif args['user'] == None and args['password'] == None:
for sid in validSIDsList:
args['print'].title("Searching valid accounts on the {0} SID".format(sid))
args['sid'] = sid
if args['accounts-files'][0] != None and args['accounts-files'][1] != None : args['accounts-file'] = None
passwordGuesser = PasswordGuesser(args, accountsFile=args['accounts-file'], loginFile=args['accounts-files'][0], passwordFile=args['accounts-files'][1], timeSleep=args['timeSleep'], loginAsPwd=args['login-as-pwd'])
passwordGuesser.searchValideAccounts()
validAccountsList = passwordGuesser.valideAccounts
if validAccountsList == {}:
args['print'].badNews("No found a valid account on {0}:{1}/{2}. You should try with the option '--accounts-file accounts/accounts_multiple.txt' or '--accounts-file accounts/logins.txt accounts/pwds.txt'".format(args['server'], args['port'], args['sid']))
exit(EXIT_NO_ACCOUNTS)
else :
args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],getCredentialsFormated(validAccountsList)))
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
else : connectionInformation[sid].append([aLogin,aPassword])
else:
validAccountsList = {args['user']:args['password']}
for aSid in validSIDsList:
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
else : connectionInformation[aSid].append([aLogin,aPassword])
#C)ALL OTHERS MODULES
if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
for aSid in connectionInformation.keys():
for loginAndPass in connectionInformation[aSid]:
args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
#INFO ABOUT REMOTE SERVER
status = OracleDatabase(args).connection()
if isinstance(status,Exception):
args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
break
#UTL_HTTP
utlHttp = UtlHttp(args)
status = utlHttp.connection()
utlHttp.testAll()
#HTTPURITYPE
httpUriType = HttpUriType(args)
httpUriType.testAll()
#UTL_FILE
utlFile = UtlFile(args)
utlFile.testAll()
#JAVA
java = Java(args)
java.testAll()
#DBMS ADVISOR
dbmsAdvisor = DbmsAdvisor(args)
dbmsAdvisor.testAll()
#DBMS Scheduler
dbmsScheduler = DbmsScheduler(args)
dbmsScheduler.testAll()
#CTXSYS
ctxsys = Ctxsys(args)
ctxsys.testAll()
#Passwords
passwords = Passwords(args)
passwords.testAll()
#DbmsXmldom
dbmsXslprocessor = DbmsXslprocessor(args)
dbmsXslprocessor.testAll()
#External Table
externalTable = ExternalTable(args)
externalTable.testAll()
#Oradbg
oradbg = Oradbg(args)
oradbg.testAll()
#DbmsLob
dbmsLob = DbmsLob(args)
dbmsLob.testAll()
#SMB
smb = SMB(args)
smb.testAll()
#Pribvilege escalation
privilegeEscalation = PrivilegeEscalation(args)
privilegeEscalation.testAll()
#Test some CVE
cve = CVE_XXXX_YYYY(args)
cve.testAll()
cve.close() #Close the socket to the remote database
#CVE_2012_3137
cve = CVE_2012_3137 (args)
cve.testAll()
#usernamelikepassword
args['run'] = True
runUsernameLikePassword(args)
def runAllModules(args):
'''
Run all modules
'''
connectionInformation, validSIDsList = {}, []
#A)SID MANAGEMENT
if args['sid'] == None:
logging.debug("Searching valid SIDs")
validSIDsList = runSIDGuesserModule(args)
args['user'], args['password'] = None, None
else:
validSIDsList = [args['sid']]
#B)ACCOUNT MANAGEMENT
if args['credentielsFile'] == True:
logging.debug("Loading credentiels stored in the {0} file".format(
args['accounts-file']))
#Load accounts from file
passwordGuesser = PasswordGuesser(args, args['accounts-file'])
validAccountsList = passwordGuesser.getAccountsFromFile()
for aSid in validSIDsList:
for anAccount in validAccountsList:
if connectionInformation.has_key(aSid) == False:
connectionInformation[aSid] = [[
anAccount[0], anAccount[1]
]]
else:
connectionInformation[aSid].append(
[anAccount[0], anAccount[1]])
elif args['user'] == None and args['password'] == None:
for sid in validSIDsList:
args['print'].title(
"Searching valid accounts on the {0} SID".format(sid))
args['sid'] = sid
passwordGuesser = PasswordGuesser(args, args['accounts-file'])
passwordGuesser.searchValideAccounts()
validAccountsList = passwordGuesser.valideAccounts
if validAccountsList == {}:
args['print'].badNews(
"No found a valid account on {0}:{1}/{2}".format(
args['server'], args['port'], args['sid']))
exit(EXIT_NO_ACCOUNTS)
else:
args['print'].goodNews(
"Accounts found on {0}:{1}/{2}: {3}".format(
args['server'], args['port'], args['sid'],
validAccountsList))
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(sid) == False:
connectionInformation[sid] = [[aLogin, aPassword]]
else:
connectionInformation[sid].append([aLogin, aPassword])
else:
validAccountsList = {args['user']: args['password']}
for aSid in validSIDsList:
for aLogin, aPassword in validAccountsList.items():
if connectionInformation.has_key(aSid) == False:
connectionInformation[aSid] = [[aLogin, aPassword]]
else:
connectionInformation[aSid].append([aLogin, aPassword])
#C)ALL OTHERS MODULES
if sidHasBeenGiven(args) == False: return EXIT_MISS_ARGUMENT
#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
for aSid in connectionInformation.keys():
for loginAndPass in connectionInformation[aSid]:
args['sid'], args['user'], args['password'] = aSid, loginAndPass[
0], loginAndPass[1]
args['print'].title(
"Testing all modules on the {0} SID with the {1}/{2} account".
format(args['sid'], args['user'], args['password']))
#INFO ABOUT REMOTE SERVER
info = Info(args)
status = info.connection()
if isinstance(status, Exception):
args['print'].badNews(
"Impossible to connect to the remote database: {0}".format(
str(status).replace('\n', '')))
break
info.loadInformationRemoteDatabase()
args['info'] = info
#UTL_HTTP
utlHttp = UtlHttp(args)
status = utlHttp.connection()
utlHttp.testAll()
#HTTPURITYPE
httpUriType = HttpUriType(args)
httpUriType.testAll()
#UTL_FILE
utlFile = UtlFile(args)
utlFile.testAll()
#JAVA
java = Java(args)
java.testAll()
#DBMS ADVISOR
dbmsAdvisor = DbmsAdvisor(args)
dbmsAdvisor.testAll()
#DBMS Scheduler
dbmsScheduler = DbmsScheduler(args)
dbmsScheduler.testAll()
#CTXSYS
ctxsys = Ctxsys(args)
ctxsys.testAll()
#Passwords
passwords = Passwords(args)
passwords.testAll()
#DbmsXmldom
dbmsXslprocessor = DbmsXslprocessor(args)
dbmsXslprocessor.testAll()
#External Table
externalTable = ExternalTable(args)
externalTable.testAll()
#Oradbg
oradbg = Oradbg(args)
oradbg.testAll()
#DbmsLob
dbmsLob = DbmsLob(args)
dbmsLob.testAll()
#SMB
smb = SMB(args)
smb.testAll()
smb.close() #Close the socket to the remote database
#CVE_2012_3137
cve = CVE_2012_3137(args)
cve.testAll()
#usernamelikepassword
args['run'] = True
runUsernameLikePassword(args)
