def __take_screenshot(self, logger):
logger._logging("START: Screen Scan {0} threads".format(self.__args.thread))
pool = ThreadPool(self.__args.thread)
for url in self.__urls:
output_file = "{0}{1}_{2}.png".format(self._output_dir, url.split("/")[2], datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
phantomjs_cmd = "{0} --ignore-ssl-errors=true {1} {2} {3}".format(Core._commands_path["phantomjs"], self.__args.rasterize, url, output_file)
logger._logging("Taking screenshot: {0}".format(url.split("/")[2]))
pool.add_task(self.__run_phantomjs, phantomjs_cmd)
pool.wait_completion()
logger._logging("Finished Screenshot Scan. Results saved in {0} folder".format(self._output_dir))
def vnckey(self, *options):
port = 5901
if not os.path.exists(self.vncviewer_path):
mess = "vncviewer: %s path doesn't exists on the system!" % os.path.abspath(
self.vncviewer_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
if not os.path.isfile(self.args.key_file):
mess = "Key file: \"%s\" doesn't exists." % os.path.abspath(
self.args.key_file)
raise CrowbarExceptions(mess)
try:
pool = ThreadPool(int(self.args.thread))
except Exception, err:
raise CrowbarExceptions(str(err))
def rdp(self):
port = 3389
if not os.path.exists(self.xfreerdp_path):
mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(
self.xfreerdp_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
pwds_count = len(open(self.args.passwd_file, "r").read().splitlines())
counter_step = 50
ws_counter = WSCounter(counter_step, counter_step * 30, pwds_count)
try:
pool = ThreadPool(int(self.args.thread), ws_counter)
except Exception, err:
raise CrowbarExceptions(str(err))
def vnckey(self, *options):
port = 5901
if not os.path.exists(self.vncviewer_path):
mess = "vncviewer: %s path doesn't exists on the system" % os.path.abspath(self.vncviewer_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" % self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
if not os.path.isfile(self.args.key_file):
mess = "Key file: \"%s\" doesn't exists" % os.path.abspath(self.args.key_file)
raise CrowbarExceptions(mess)
try:
pool = ThreadPool(int(self.args.thread))
except Exception as err:
raise CrowbarExceptions(str(err))
for ip in self.ip_list:
if not self.args.quiet:
self.logger.output_file("Trying %s:%s" % (ip, port))
pool.add_task(self.vnclogin, ip, port, self.args.key_file)
pool.wait_completion()
def sshkey(self):
port = 22
if self.args.port is not None:
port = self.args.port
if self.args.discover:
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(self.args.thread)
except Exception, err:
raise CrowbarExceptions(str(err))
def sshkey(self):
port = 22
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(self.args.thread)
except Exception, err:
raise CrowbarExceptions(str(err))
def rdp(self):
port = 3389
if not os.path.exists(self.xfreerdp_path):
mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(self.xfreerdp_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(int(self.args.thread))
except Exception, err:
raise CrowbarExceptions(str(err))
def openvpn(self):
port = 443
if not os.path.exists(self.openvpn_path):
mess = "openvpn: %s path doesn't exists on the system !!!" % (
self.openvpn_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(int(self.args.thread))
except Exception, err:
raise CrowbarExceptions(str(err))
def openvpn(self):
port = 443 #TCP 443, TCP 943, UDP 1194
if not os.path.exists(self.openvpn_path):
mess = "openvpn: %s path doesn't exists on the system!" % os.path.abspath(
self.openvpn_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(int(self.args.thread))
except Exception, err:
raise CrowbarExceptions(str(err))
def vnckey(self, *options):
port = 5901
if not os.path.exists(self.vncviewer_path):
mess = "vncviewer: %s path doesn't exists on the system !!!" % (
self.vncviewer_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
self.ip_list = self.nmap.port_scan(self.args.server, port)
if not os.path.isfile(self.args.key_file):
mess = "Key file: \"%s\" doesn't exists." % self.args.key_file
raise CrowbarExceptions(mess)
try:
pool = ThreadPool(int(self.args.thread))
except Exception, err:
raise CrowbarExceptions(str(err))
def __take_screenshot(self, logger):
logger._logging("START: Screen Scan {0} threads".format(
self.__args.thread))
pool = ThreadPool(self.__args.thread)
for url in self.__urls:
output_file = "{0}{1}_{2}.png".format(
self._output_dir,
url.split("/")[2],
datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
phantomjs_cmd = "{0} --ignore-ssl-errors=true {1} {2} {3}".format(
Core._commands_path["phantomjs"], self.__args.rasterize, url,
output_file)
logger._logging("Taking screenshot: {0}".format(url.split("/")[2]))
pool.add_task(self.__run_phantomjs, phantomjs_cmd)
pool.wait_completion()
logger._logging(
"Finished Screenshot Scan. Results saved in {0} folder".format(
self._output_dir))
def sshkey(self):
port = 22
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(self.args.thread)
except Exception as err:
raise CrowbarExceptions(str(err))
if not os.path.exists(self.args.key_file):
mess = "Key file/folder: \"%s\" doesn't exists." % os.path.abspath(
self.args.key_file)
raise CrowbarExceptions(mess)
for ip in self.ip_list:
if not self.args.quiet:
self.logger.output_file("Trying %s:%s" % (ip, port))
if self.args.username_file:
try:
userfile = open(self.args.username_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists!" % os.path.abspath(
self.args.username_file)
raise CrowbarExceptions(mess)
for user in userfile:
if os.path.isdir(self.args.key_file):
for dirname, dirnames, filenames in os.walk(
self.args.key_file):
for keyfile in filenames:
keyfile_path = self.args.key_file + "/" + keyfile
if keyfile.endswith('.pub', 4):
self.logger.output_file(
"LOG-SSH: Skipping Public Key - %s" %
keyfile_path)
continue
pool.add_task(self.sshlogin, ip, port, user,
keyfile_path, self.args.timeout)
else:
pool.add_task(self.sshlogin, ip, port, user,
self.args.key_file, self.args.timeout)
else:
if os.path.isdir(self.args.key_file):
for dirname, dirnames, filenames in os.walk(
self.args.key_file):
for keyfile in filenames:
keyfile_path = dirname + "/" + keyfile
if keyfile.endswith('.pub', 4):
self.logger.output_file(
"LOG-SSH: Skipping Public Key - %s" %
keyfile_path)
continue
pool.add_task(self.sshlogin, ip, port,
self.args.username, keyfile_path,
self.args.timeout)
else:
pool.add_task(self.sshlogin, ip, port, self.args.username,
self.args.key_file, self.args.timeout)
pool.wait_completion()
def rdp(self):
port = 3389
if not os.path.exists(self.xfreerdp_path):
mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(
self.xfreerdp_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(int(self.args.thread))
except Exception as err:
raise CrowbarExceptions(str(err))
for ip in self.ip_list:
if not self.args.quiet:
self.logger.output_file("Trying %s:%s" % (ip, port))
if self.args.username_file:
try:
userfile = open(self.args.username_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists!" % os.path.abspath(
self.args.username_file)
raise CrowbarExceptions(mess)
for user in userfile:
if ' ' in user:
user = '******' + user + '"'
if self.args.passwd_file:
try:
passwdfile = open(self.args.passwd_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists" % os.path.abspath(
self.args.passwd_file)
raise CrowbarExceptions(mess)
for password in passwdfile:
pool.add_task(self.rdplogin, ip, user, password,
port)
else:
pool.add_task(self.rdplogin, ip, user,
self.args.passwd, port)
else:
if self.args.passwd_file:
try:
passwdfile = open(self.args.passwd_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists" % os.path.abspath(
self.args.passwd_file)
raise CrowbarExceptions(mess)
for password in passwdfile:
pool.add_task(self.rdplogin, ip, self.args.username,
password, port)
else:
pool.add_task(self.rdplogin, ip, self.args.username,
self.args.passwd, port)
pool.wait_completion()
def openvpn(self):
port = 443 # TCP 443, TCP 943, UDP 1194
if not 'SUDO_UID' in os.environ.keys():
mess = "OpenVPN requires super user privileges"
raise CrowbarExceptions(mess)
if not os.path.exists(self.openvpn_path):
mess = "openvpn: %s path doesn't exists on the system!" % os.path.abspath(
self.openvpn_path)
raise CrowbarExceptions(mess)
if self.args.port is not None:
port = self.args.port
if self.args.discover:
if not self.args.quiet:
self.logger.output_file("Discovery mode - port scanning: %s" %
self.args.server)
self.ip_list = self.nmap.port_scan(self.args.server, port)
try:
pool = ThreadPool(int(self.args.thread))
except Exception as err:
raise CrowbarExceptions(str(err))
for config_line in open(self.args.config, "r"):
if re.search(self.vpn_remote_regex, config_line):
raise CrowbarExceptions(self.vpn_warning)
for ip in self.ip_list:
if not self.args.quiet:
self.logger.output_file("Trying %s:%s" % (ip, port))
if self.args.username_file:
try:
userfile = open(self.args.username_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists!" % os.path.abspath(
self.args.username_file)
raise CrowbarExceptions(mess)
for user in userfile:
if self.args.passwd_file:
try:
passwdfile = open(self.args.passwd_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists!" % os.path.abspath(
self.args.passwd_file)
raise CrowbarExceptions(mess)
for password in passwdfile:
brute_file = tempfile.NamedTemporaryFile(
mode='w+t')
brute_file.write(user + "\n")
brute_file.write(password + "\n")
pool.add_task(self.openvpnlogin, ip, user,
password, brute_file, port)
else:
brute_file = tempfile.NamedTemporaryFile(mode='w+t')
brute_file.write(user + "\n")
brute_file.write(self.args.passwd + "\n")
pool.add_task(self.openvpnlogin, ip, user,
self.args.passwd, brute_file, port)
else:
if self.args.passwd_file:
try:
passwdfile = open(self.args.passwd_file,
"r").read().splitlines()
except:
mess = "File: %s doesn't exists!" % os.path.abspath(
self.args.passwd_file)
raise CrowbarExceptions(mess)
for password in passwdfile:
brute_file = tempfile.NamedTemporaryFile(mode='w+t')
brute_file.write(self.args.username + "\n")
brute_file.write(password + "\n")
pool.add_task(self.openvpnlogin, ip,
self.args.username, password, brute_file,
port)
else:
brute_file = tempfile.NamedTemporaryFile(mode='w+t')
brute_file.write(self.args.username + "\n")
brute_file.write(self.args.passwd + "\n")
pool.add_task(self.openvpnlogin, ip, self.args.username,
self.args.passwd, brute_file, port)
pool.wait_completion()