def run(args):
"""Execute wrapper using provided arguments."""
module.LogHandler.setup(msg_prefix="{} - ".format(args["RHOSTS"]))
if DEPENDENCIES_MISSING:
logging.error("Module dependency (requests) is missing, cannot continue")
return
try:
cotopaxi_output = common_utils.scrap_output(
main, [args["RHOSTS"], args["RPORTS"], "-P", "DTLS"]
)
module.log(cotopaxi_output, "error")
start_index = cotopaxi_output.find("Identified issues:")
end_index = cotopaxi_output.find("Total number", start_index)
if start_index < 0 or end_index < 0:
raise Exception("Incorrect format of Cotopaxi response!")
protocol_services = cotopaxi_output[
start_index + 2 : end_index - 1
].splitlines()[1:]
for protocol_service in protocol_services:
name_start = protocol_service.find("Protocol.")
name_end = protocol_service.find(":", name_start)
proto_name = protocol_service[name_start + len("Protocol.") : name_end]
services = protocol_service[name_end + 3 : -1].split(",")
for service in services:
service = service.strip(" '")
service = service.split(":")
service_ip = service[0]
service_port = service[1].split(" ")[0]
vuln_name = service[2]
transport_proto = (
PROTOCOL_TESTERS[getattr(Protocol, proto_name)]
.transport_protocol()
.__name__
)
module.log(
"Found service - host: {} port: {} proto: {} over {}".format(
service_ip, service_port, proto_name, transport_proto
),
"error",
)
module.log(
"Found vulnerability - host: {} port: {} name: {} ".format(
service_ip, service_port, vuln_name
),
"error",
)
module.report_service(
service_ip,
proto=transport_proto.lower(),
port=service_port,
name=proto_name.lower(),
)
module.report_vuln(
service_ip, name=vuln_name, References="Cotopaxi docs"
)
except Exception as exc:
module.log("Error: {}".format(exc), "error")
logging.error(traceback.format_exc())
return
def run(args):
"""Execute wrapper using provided arguments."""
module.LogHandler.setup(msg_prefix="{} - ".format(args["RHOSTS"]))
if DEPENDENCIES_MISSING:
logging.error(
"Module dependency (requests) is missing, cannot continue")
return
try:
parameters = [args["RHOSTS"], args["RPORTS"]]
if args["PROTOCOLS"]:
parameters += ["-P", args["PROTOCOLS"]]
if args["IGNORE_PING_CHECK"]:
parameters += ["--ignore-ping-check"]
cotopaxi_output = common_utils.scrap_output(main, parameters)
module.log(cotopaxi_output, "error")
start_index = cotopaxi_output.find("Identified:")
end_index = cotopaxi_output.find("Total number", start_index)
if start_index < 0 or end_index < 0:
raise Exception("Incorrect format of Cotopaxi response!")
protocol_services = cotopaxi_output[start_index + 2:end_index -
1].splitlines()[1:]
for protocol_service in protocol_services:
name_start = protocol_service.find("Protocol.")
name_end = protocol_service.find(":", name_start)
proto_name = protocol_service[name_start +
len("Protocol."):name_end]
services = protocol_service[name_end + 3:-1].split(",")
for service in services:
service = service.strip(" '")
service = service.split(" is using ")
service_ip = service[0].split(":")[0]
service_port = service[0].split(":")[1]
service_name = service[-1]
transport_proto = (PROTOCOL_TESTERS[getattr(
Protocol, proto_name)].transport_protocol().__name__)
module.log(
"Found service - host: {} port: {} proto: {} over {} using {}"
.format(
service_ip,
service_port,
proto_name,
transport_proto,
service_name,
),
"error",
)
module.report_service(
service_ip,
proto=transport_proto.lower(),
port=service_port,
name=proto_name.lower(),
info="Server: " + service_name,
)
except Exception as exc:
module.log("Error: {}".format(exc), "error")
logging.error(traceback.format_exc())
return
def run_scan(schema, host, port, targeturi, verbose=False):
r = requests.get('{}://{}:{}{}'.format(schema, host, port, targeturi),
timeout=3)
if r.status_code == 200:
module.log('{}://{}:{}{} success!'.format(schema, host, port,
targeturi),
level='good')
module.report_service(host,
port=port,
info=targeturi,
proto='tcp',
name=targeturi)
else:
if verbose:
logging.error('{}://{}:{}{}'.format(schema, host, port, targeturi))