def fingerprint(ip): iface = conf.route.route(ip)[0] us = cookie('.sploitego.p0f.%s.sock' % iface) if not os.path.exists(us): log = cookie('.sploitego.p0f.%s.log' % iface) cmd = os.path.join(config['p0f/path'], 'p0f') fpf = os.path.join(config['p0f/path'], 'p0f.fp') p = subprocess.Popen( [cmd, '-d', '-s', us, '-o', log, '-f', fpf, '-i', iface, '-u', 'nobody'], stdout=subprocess.PIPE ) debug(*p.communicate()[0].split('\n')) debug( "!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!", "! IF THIS TRANSFORM IS STILL RUNNING THEN SHUT IT DOWN AND !", "! TRY AGAIN! THERE IS A BUG IN MALTEGO THAT DOES NOT !", "! TERMINATE TRANSFORMS IF A TRANSFORM SPAWNS A CHILD !", "! PROCESS. PLEASE BUG [email protected] FOR A FIX. !", "!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!", ) if p.returncode: os.remove(us) raise P0fError('Could not locate or successfully execute the p0f executable.') return {'status': P0fStatus.NoMatch} r = P0fApiQuery() r.magic = P0fMagic.Query if ':' in ip: r.addr_type = P0fAddr.IPv6 ip = inet_pton(AF_INET6, ip) else: r.addr_type = P0fAddr.IPv4 ip = inet_pton(AF_INET, ip) for i, a in enumerate(ip): r.addr[i] = ord(a) s = socket(AF_UNIX) s.connect(us) s.send(string_at(addressof(r), sizeof(r))) data = c_char_p(s.recv(sizeof(P0fApiResponse))) pr = cast(data, POINTER(P0fApiResponse)).contents s.close() if pr.status == P0fStatus.BadQuery: raise P0fError('P0f could not understand the query.') return dict( ( fn, getattr(pr, fn) if isinstance(getattr(pr, fn), Number) else string_at(getattr(pr, fn)) ) for fn, ft in pr._fields_ )
def fingerprint(ip): iface = conf.route.route(ip)[0] us = cookie('.sploitego.p0f.%s.sock' % iface) if not os.path.exists(us): log = cookie('.sploitego.p0f.%s.log' % iface) cmd = os.path.join(config['p0f/path'], 'p0f') fpf = os.path.join(config['p0f/path'], 'p0f.fp') p = subprocess.Popen([ cmd, '-d', '-s', us, '-o', log, '-f', fpf, '-i', iface, '-u', 'nobody' ], stdout=subprocess.PIPE) debug(*p.communicate()[0].split('\n')) debug( "!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!", "! IF THIS TRANSFORM IS STILL RUNNING THEN SHUT IT DOWN AND !", "! TRY AGAIN! THERE IS A BUG IN MALTEGO THAT DOES NOT !", "! TERMINATE TRANSFORMS IF A TRANSFORM SPAWNS A CHILD !", "! PROCESS. PLEASE BUG [email protected] FOR A FIX. !", "!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!", ) if p.returncode: os.remove(us) raise P0fError( 'Could not locate or successfully execute the p0f executable.') return {'status': P0fStatus.NoMatch} r = P0fApiQuery() r.magic = P0fMagic.Query if ':' in ip: r.addr_type = P0fAddr.IPv6 ip = inet_pton(AF_INET6, ip) else: r.addr_type = P0fAddr.IPv4 ip = inet_pton(AF_INET, ip) for i, a in enumerate(ip): r.addr[i] = ord(a) s = socket(AF_UNIX) s.connect(us) s.send(string_at(addressof(r), sizeof(r))) data = c_char_p(s.recv(sizeof(P0fApiResponse))) pr = cast(data, POINTER(P0fApiResponse)).contents s.close() if pr.status == P0fStatus.BadQuery: raise P0fError('P0f could not understand the query.') return dict( (fn, getattr(pr, fn) if isinstance(getattr(pr, fn), Number ) else string_at(getattr(pr, fn))) for fn, ft in pr._fields_)
def login(**kwargs): s = None host = kwargs.get('host', config['msfrpcd/server']) port = kwargs.get('port', config['msfrpcd/port']) uri = kwargs.get('uri', config['msfrpcd/uri']) fn = cookie('%s.%s.%s.msfrpcd' % (host, port, uri.replace('/', '.'))) if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() fv = [host, port, uri, 'msf'] errmsg = '' while True: fv = multpasswordbox( errmsg, 'Metasploit Login', ['Server:', 'Port:', 'URI', 'Username:'******'Password:'], fv) if not fv: return try: s = MsfRpcClient(fv[4], server=fv[0], port=fv[1], uri=fv[2], username=fv[3]) except MsfRpcError, e: errmsg = str(e) continue except socket.error, e: errmsg = str(e) continue break
def login(host='localhost', port='8834', username='', password=''): s = None fn = cookie('%s.%s.nessus' % (host, port)) if not os.path.exists(fn): with fsemaphore(fn, 'wb') as f: f.lockex() errmsg = '' while True: fv = multpasswordbox( errmsg, 'Nessus Login', ['Server:', 'Port:', 'Username:'******'Password:'], [host, port, username, password] ) if not fv: f.close() os.unlink(fn) return host, port, username, password = fv try: s = NessusXmlRpcClient(username, password, host, port) except NessusException, e: errmsg = str(e) continue except socket.error, e: errmsg = str(e) continue break f.write(urlencode(dict(host=host, port=port, token=s.token)))
def get_creds(): fn = cookie('netwitness') if not os.path.exists(fn): with fsemaphore(fn, 'wb') as f: f.lockex() while True: msg = 'Please enter your Netwitness credentials' fv = multpasswordbox(msg, 'Netwitness Credentials', ['Username:'******'Password:'******'username %s#password %s' % (nwu, nwp)) break else: with fsemaphore(fn) as f: f.locksh() creds = f.read().split('#') for i in creds: if 'username' in i: parse = i.split() nwu = parse[1] if 'password' in i: parse = i.split() nwp = parse[1] return nwu, nwp
def fingerprint(ip): iface = conf.route.route(ip)[0] us = cookie('.sploitego.p0f.%s.sock' % iface) if not path.exists(us): log = cookie('.sploitego.p0f.%s.log' % iface) cmd = config['p0f/path'] + sep + 'p0f' fpf = config['p0f/path'] + sep + 'p0f.fp' if system('%s -d -s %s -o %s -f %s -i %s > %s' % (cmd, us, log, fpf, iface, devnull)): raise P0fError('Could not locate p0f executable.') return { 'status' : P0fStatus.NoMatch } r = P0fApiQuery() r.magic = P0fMagic.Query if ':' in ip: r.addr_type = P0fAddr.IPv6 ip = inet_pton(AF_INET6, ip) else: r.addr_type = P0fAddr.IPv4 ip = inet_pton(AF_INET, ip) for i,a in enumerate(ip): r.addr[i] = ord(a) s = socket(AF_UNIX) s.connect(us) s.send(string_at(addressof(r), sizeof(r))) data = c_char_p(s.recv(sizeof(P0fApiResponse))) pr = cast(data, POINTER(P0fApiResponse)).contents s.close() if pr.status == P0fStatus.BadQuery: raise P0fError('P0f could not understand the query.') return dict( map( lambda x: [ x[0], getattr(pr, x[0]) if isinstance(getattr(pr, x[0]), Number) else string_at(getattr(pr, x[0])) ], pr._fields_ ) )
def fingerprint(ip): iface = conf.route.route(ip)[0] us = cookie('.sploitego.p0f.%s.sock' % iface) if not path.exists(us): log = cookie('.sploitego.p0f.%s.log' % iface) cmd = config['p0f/path'] + sep + 'p0f' fpf = config['p0f/path'] + sep + 'p0f.fp' if system('%s -d -s %s -o %s -f %s -i %s > %s' % (cmd, us, log, fpf, iface, devnull)): raise P0fError('Could not locate p0f executable.') return {'status': P0fStatus.NoMatch} r = P0fApiQuery() r.magic = P0fMagic.Query if ':' in ip: r.addr_type = P0fAddr.IPv6 ip = inet_pton(AF_INET6, ip) else: r.addr_type = P0fAddr.IPv4 ip = inet_pton(AF_INET, ip) for i, a in enumerate(ip): r.addr[i] = ord(a) s = socket(AF_UNIX) s.connect(us) s.send(string_at(addressof(r), sizeof(r))) data = c_char_p(s.recv(sizeof(P0fApiResponse))) pr = cast(data, POINTER(P0fApiResponse)).contents s.close() if pr.status == P0fStatus.BadQuery: raise P0fError('P0f could not understand the query.') return dict( map( lambda x: [ x[0], getattr(pr, x[0]) if isinstance(getattr(pr, x[0]), Number) else string_at( getattr(pr, x[0])) ], pr._fields_))
def login(): s = None fn = cookie('nessus') if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() fv = ['localhost', '8834'] errmsg = '' while True: fv = multpasswordbox(errmsg, 'Nessus Login', ['Server:', 'Port:', 'Username:'******'Password:'******'host' : fv[0], 'port' : fv[1], 'token': s.token}))
def login(): client = None if not path.exists(cookie('facebook')): for i in range(0, 3): token = multenterbox("Enter a valid Facebook access token", ['Access Token'], [''])[0] try: client = GraphAPI(token) client.request('me') fmutex('facebook').write(token) return client except GraphAPIError, e: print str(e) pass raise GraphAPIError('Unable to query GraphAPI')
def login(): s = None fn = cookie('nessus') if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() fv = ['localhost', '8834'] errmsg = '' while True: fv = multpasswordbox( errmsg, 'Nessus Login', ['Server:', 'Port:', 'Username:'******'Password:'******'host': fv[0], 'port': fv[1], 'token': s.token}))
def get_creds(): fn = cookie('netwitness') if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() msg = 'Please enter your Netwitness credentials' fv = multpasswordbox(msg, 'Netwitness Credentials', ['Username:'******'Password:'******'username=%s#password=%s' % (nwu, nwp)) else: f = fsemaphore(fn) f.locksh() creds = f.read().split('#') for i in creds: if 'username' in i: parse = i.split('=') nwu = parse[1] if 'password' in i: parse = i.split('=') nwp = parse[1] return nwu, nwp
def get_login(): fn = cookie('pakey') if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() msg = "Please Enter the following Palo Alto Configuration" fv = easygui.multpasswordbox(msg, "PaloAlto Credentials", ['Username:'******'Password:'******'https://%s/api/?' % config['pamalt/pa_hostname'] params_dic = {'type': 'keygen', 'user': pau, 'password': pap} enc_params = urllib.urlencode(params_dic) full_url = base_url + enc_params ret_data = http_get(full_url) root = ET.fromstring(ret_data) key = root[0][0].text f.write(key) else: f = fsemaphore(fn) f.locksh() key = f.read() return key
def login(**kwargs): s = None host = kwargs.get('host', config['msfrpcd/server']) port = kwargs.get('port', config['msfrpcd/port']) uri = kwargs.get('uri', config['msfrpcd/uri']) fn = cookie('%s.%s.%s.msfrpcd' % (host, port, uri.replace('/', '.'))) if not path.exists(fn): f = fsemaphore(fn, 'wb') f.lockex() fv = [ host, port, uri, 'msf' ] errmsg = '' while True: fv = multpasswordbox(errmsg, 'Metasploit Login', ['Server:', 'Port:', 'URI', 'Username:'******'Password:'], fv) if not fv: return try: s = MsfRpcClient(fv[4], server=fv[0], port=fv[1], uri=fv[2], username=fv[3]) except MsfRpcError, e: errmsg = str(e) continue except socket.error, e: errmsg = str(e) continue break
for c in categories: f.write('%s\n' % ','.join(c)) f.close() return dict(map(lambda x: (int(x[0]),x[1]), categories)) def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return dict(map(lambda x: (int(x[0]),x[1]), map(lambda x: x.split(','), data))) categories = None tmpfile = cookie('sploitego.bluecoat.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: categories = updatelist(tmpfile) else: categories = readlist(tmpfile) def _chunks(s): return [ int(s[i:i+2], 16) for i in range(0, len(s), 2) ] def sitereview(site, port=80): r = urlopen( 'http://sp.cwfservice.net/1/R/%s/K9-00006/0/GET/HTTP/%s/%s///' % (config['bluecoat/license'], site, port)
for i in range(0, 3): token = multenterbox("Enter a valid Facebook access token", ['Access Token'], [''])[0] try: client = GraphAPI(token) client.request('me') fmutex('facebook').write(token) return client except GraphAPIError, e: print str(e) pass raise GraphAPIError('Unable to query GraphAPI') try: client = GraphAPI(file(cookie('facebook')).read()) client.request('me') except GraphAPIError, e: unlink(cookie('facebook')) return login() return client #access_token = None # #class RequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): # # def do_GET(self): # global access_token # self.send_response(200) # self.send_header("Content-type", "text/html")
__email__ = '*****@*****.**' __status__ = 'Development' __all__ = ['subdomains'] def updatelist(filename): f = fsemaphore(filename, 'wb') f.lockex() subdomains = config['dnsdiscovery/wordlist'] f.write('\n'.join(subdomains)) f.close() return subdomains def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data subdomains = None tmpfile = cookie('sploitego.dnsdiscovery.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: subdomains = updatelist(tmpfile) else: subdomains = readlist(tmpfile)
def updatelist(filename): topsites = [] f = fsemaphore(filename, 'wb') f.lockex() for i in xrange(20): page = wordlist('http://www.alexa.com/topsites/global;%d' % i, '<a href="/siteinfo/(.+)?">') topsites += page f.write('\n'.join(page)) f.write('\n') f.close() return topsites def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data topsites = None tmpfile = cookie('sploitego.alexa.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: topsites = updatelist(tmpfile) else: topsites = readlist(tmpfile)
f = fsemaphore(filename, 'wb') f.lockex() ouis = dict( map( lambda x: split(r'\s+\(base 16\)\s+', x), wordlist('http://standards.ieee.org/develop/regauth/oui/oui.txt', r'([\d\w]{6}\s+\(base 16\)\s+\w.+)\n') ) ) for o in ouis: f.write('%s\n' % ','.join([o, ouis[o]])) f.close() return ouis def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return dict(map(lambda x: (x[0],x[1]), map(lambda x: x.split(','), data))) ouis = None tmpfile = cookie('sploitego.ieee.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: ouis = updatelist(tmpfile) else: ouis = readlist(tmpfile)
def updatelist(filename): f = fsemaphore(filename, 'wb') f.lockex() ouis = dict( map( lambda x: split(r'\s+\(base 16\)\s+', x), wordlist('http://standards.ieee.org/develop/regauth/oui/oui.txt', r'([\d\w]{6}\s+\(base 16\)\s+\w.+)\n'))) for o in ouis: f.write('%s\n' % ','.join([o, ouis[o]])) f.close() return ouis def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return dict(map(lambda x: (x[0], x[1]), map(lambda x: x.split(','), data))) ouis = None tmpfile = cookie('sploitego.ieee.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: ouis = updatelist(tmpfile) else: ouis = readlist(tmpfile)
__status__ = 'Development' __all__ = ['topsites'] def updatelist(filename): topsites = wordlist('http://www.google.com/adplanner/static/top1000/', '<a href="http://(.*?)/"target') f = fsemaphore(filename, 'wb') f.lockex() f.write('\n'.join(topsites)) f.close() return topsites def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data topsites = None tmpfile = cookie('sploitego.adplanner.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: topsites = updatelist(tmpfile) else: topsites = readlist(tmpfile)
def updatelist(filename): topsites = [] f = fsemaphore(filename, 'wb') f.lockex() for i in xrange(0,20): page = wordlist('http://www.alexa.com/topsites/global;%d' % i, 'topsites-label">(.*?)</') topsites += page f.write('\n'.join(page)) f.write('\n') f.close() return topsites def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data topsites = None tmpfile = cookie('sploitego.alexa.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: topsites = updatelist(tmpfile) else: topsites = readlist(tmpfile)
def updatelist(filename): topsites = wordlist('http://www.google.com/adplanner/static/top1000/', '<a href="http://(.*?)/"target') f = fsemaphore(filename, 'wb') f.lockex() f.write('\n'.join(topsites)) f.close() return topsites def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data topsites = None tmpfile = cookie('sploitego.adplanner.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: topsites = updatelist(tmpfile) else: topsites = readlist(tmpfile)
f.write('%s\n' % ','.join(c)) f.close() return dict(map(lambda x: (int(x[0]), x[1]), categories)) def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return dict( map(lambda x: (int(x[0]), x[1]), map(lambda x: x.split(','), data))) categories = None tmpfile = cookie('sploitego.bluecoat.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: categories = updatelist(tmpfile) else: categories = readlist(tmpfile) def _chunks(s): return [int(s[i:i + 2], 16) for i in range(0, len(s), 2)] def sitereview(site, port=80): r = urlopen( 'http://sp.cwfservice.net/1/R/%s/K9-00006/0/GET/HTTP/%s/%s///' % (config['bluecoat/license'], site, port))
def updatelist(filename): f = fsemaphore(filename, 'wb') f.lockex() subdomains = config['dnsdiscovery/wordlist'] f.write('\n'.join(subdomains)) f.close() return subdomains def readlist(filename): f = fsemaphore(filename) f.locksh() data = wordlist('file://%s' % filename) f.close() return data subdomains = None tmpfile = cookie('sploitego.dnsdiscovery.tmp') if not path.exists(tmpfile) or age(tmpfile) >= config['cookie/maxage']: subdomains = updatelist(tmpfile) else: subdomains = readlist(tmpfile)