Python make_scanner Exemples

Exemple #1

Fichier : onion_omega2_login.py Projet : OJ/metasploit-framework

def run(args):
    if dependencies_missing:
        module.log('Python requests module missing, cannot continue', level='error')
        return
    scanner = login_scanner.make_scanner(
        lambda host, rport, username, password: valid_login(host, rport, username, password))
    scanner(args)

Exemple #2

Fichier : onion_omega2_login.py Projet : komander/dan-metasploit

def run(args):
    if dependencies_missing:
        module.log('Python requests module missing, cannot continue',
                   level='error')
        return
    scanner = login_scanner.make_scanner(
        lambda host, rport, username, password: valid_login(
            host, rport, username, password))
    scanner(args)

Exemple #3

Fichier : teradata_odbc_login.py Projet : 0stvind/metasploit-framework

def run(args):
    if dependencies_missing:
        module.log('Python Teradata module missing, cannot continue', level=error)
        return

    # Define UdaExec ODBC connection "application" globally, must be before LogHandler
    udaExec = teradata.UdaExec(appName="Auth", version="1.0", logConsole=False, configureLogging=False)
    module.LogHandler.setup(msg_prefix='{}:{} - '.format(args['rhost'], 1025))
    scanner = login_scanner.make_scanner(lambda host, port, username, password: valid_login(udaExec, host, username, password))
    scanner(args)

Exemple #4

def run(args):
    if dependencies_missing:
        module.log('Python Teradata module missing, cannot continue', level=error)
        return

    # Define UdaExec ODBC connection "application" globally, must be before LogHandler
    udaExec = teradata.UdaExec(appName="Auth", version="1.0", logConsole=False, configureLogging=False)
    module.LogHandler.setup(msg_prefix='{}:{} - '.format(args['rhost'], 1025))
    scanner = login_scanner.make_scanner(lambda host, port, username, password: valid_login(udaExec, host, username, password))
    scanner(args)

Exemple #5

Fichier : opcua_login.py Projet : prateeksingh103/msf-opcua

def run(args):
    # Disable unnecessary opcua module logging
    logging.getLogger("opcua").addHandler(logging.NullHandler())
    logging.getLogger("opcua").propagate = False

    if dependencies_missing:
        module.log("Module dependency (opcua) is missing, cannot continue",
                   level="error")
        return

    module.LogHandler.setup(
        msg_prefix="{}:{} - ".format(args["rhost"], args["rport"]))

    host = args["rhost"]
    port = args["rport"]
    certpath = args["certificate"]
    keypath = args["privatekey"]
    mode = args["mode"]
    policy = args["policy"]
    app_uri = args["applicationuri"]

    valid_auth = ["Anonymous", "Username", "Certificate"]
    valid_modes = ["None", "Sign", "SignAndEncrypt"]
    valid_policies = ["Basic128Rsa15", "Basic256", "Basic256Sha256"]

    # Precheck for opcua by sending HAL
    connection_str = "opc.tcp://{}:{}".format(host, port)

    if precheckConnection(connection_str):
        logging.info("Valid OPC UA response, starting analysis")
    else:
        logging.info("No OPC UA response, stop module")
        return

    # Check Mode
    if mode not in valid_modes:
        logging.error(
            "Security mode needs to be one of the following: {}".format(
                valid_modes))
        return

    # Check policy if mode not None
    if mode != "None" and policy not in valid_policies:
        logging.error(
            "Security mode other than 'None' is used thus security policy needs to be one of the following: {}"
            .format(valid_policies))
        return

    # Block for Mode setup
    app_uri = args["applicationuri"]
    security_policy = None
    security_mode = opcua.ua.MessageSecurityMode.None_
    if mode != "None":
        if not os.path.isfile(certpath):
            logging.error("Certificate not found")
            return

        if not os.path.isfile(keypath):
            logging.error("Key not found")
            return

        if policy == valid_policies[0]:
            security_policy = opcua.crypto.security_policies.SecurityPolicyBasic128Rsa15
        elif policy == valid_policies[1]:
            security_policy = opcua.crypto.security_policies.SecurityPolicyBasic256
        elif policy == valid_policies[2]:
            security_policy = (
                opcua.crypto.security_policies.SecurityPolicyBasic256Sha256)

        security_mode = opcua.ua.MessageSecurityMode.None_
        if mode == valid_modes[1]:
            security_mode = opcua.ua.MessageSecurityMode.Sign
        elif mode == valid_modes[2]:
            security_mode = opcua.ua.MessageSecurityMode.SignAndEncrypt

    # Run the metasploit login scanner
    valid_login_with_policy = partial(
        valid_login,
        security_mode=security_mode,
        security_policy=security_policy,
        certpath=certpath,
        keypath=keypath,
        app_uri=app_uri,
    )

    scanner = login_scanner.make_scanner(
        lambda host, port, username, password: valid_login_with_policy(
            host, port, username, password))
    scanner(args)