Esempio n. 1
0
def runAllModules(args):
	'''
	Run all modules
	'''
	connectionInformation, validSIDsList = {}, []
	#0)TNS Poinsoning
	if args['no-tns-poisoning-check'] == False:
		tnspoison = Tnspoison(args)
		tnspoison.testAll()
	else:
		logging.info("Don't check if the target is vulnerable to TNS poisoning because the option --no-tns-poisoning-check is enabled in command line")
	#A)SID MANAGEMENT
	if args['sid'] == None :
		logging.debug("Searching valid SIDs")
		validSIDsList = runSIDGuesserModule(args)
		args['user'], args['password'] = None, None 
	else :
		validSIDsList = [args['sid']]
	if validSIDsList == []:
		exit(EXIT_NO_SIDS)
	#B)ACCOUNT MANAGEMENT
	if args['credentialsFile'] == True :
		logging.debug("Loading credentials stored in the {0} file".format(args['accounts-file']))
		#Load accounts from file
		passwordGuesser = PasswordGuesser(args, args['accounts-file'], loginFile=None ,passwordFile=None, loginAsPwd=args['login-as-pwd'])
		validAccountsList = passwordGuesser.getAccountsFromFile()
		for aSid in validSIDsList:
			for anAccount in validAccountsList:
				if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[anAccount[0], anAccount[1]]]
				else : connectionInformation[aSid].append([anAccount[0], anAccount[1]])
	elif args['user'] == None and args['password'] == None:
		for sid in validSIDsList:
			args['print'].title("Searching valid accounts on the {0} SID".format(sid))
			args['sid'] = sid
			if args['accounts-files'][0] != None and args['accounts-files'][1] != None : args['accounts-file'] = None
			passwordGuesser = PasswordGuesser(args, accountsFile=args['accounts-file'], loginFile=args['accounts-files'][0], passwordFile=args['accounts-files'][1], timeSleep=args['timeSleep'], loginAsPwd=args['login-as-pwd'])
			passwordGuesser.searchValideAccounts()
			validAccountsList = passwordGuesser.valideAccounts
			if validAccountsList == {}:
				args['print'].badNews("No found a valid account on {0}:{1}/{2}. You should try with the option '--accounts-file accounts/accounts_multiple.txt' or '--accounts-file accounts/logins.txt accounts/pwds.txt'".format(args['server'], args['port'], args['sid']))
				exit(EXIT_NO_ACCOUNTS)
			else :
				args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],getCredentialsFormated(validAccountsList)))
				for aLogin, aPassword in validAccountsList.items(): 
					if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
					else : connectionInformation[sid].append([aLogin,aPassword])
	else:
		validAccountsList = {args['user']:args['password']}
		for aSid in validSIDsList:
			for aLogin, aPassword in validAccountsList.items():
				if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
				else : connectionInformation[aSid].append([aLogin,aPassword])
	#C)ALL OTHERS MODULES
	if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
	#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
	for aSid in connectionInformation.keys():
		for loginAndPass in connectionInformation[aSid]:
			args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
			args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
			#INFO ABOUT REMOTE SERVER
			info = Info(args)
			status = info.connection()
			if isinstance(status,Exception):
				args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
				break
			info.loadInformationRemoteDatabase()
			args['info'] = info
			#UTL_HTTP
			utlHttp = UtlHttp(args)
			status = utlHttp.connection()
			utlHttp.testAll()
			#HTTPURITYPE
			httpUriType = HttpUriType(args)
			httpUriType.testAll()
			#UTL_FILE
			utlFile = UtlFile(args)
			utlFile.testAll()
			#JAVA
			java = Java(args)
			java.testAll()
			#DBMS ADVISOR
			dbmsAdvisor = DbmsAdvisor(args)
			dbmsAdvisor.testAll()
			#DBMS Scheduler
			dbmsScheduler = DbmsScheduler(args)
			dbmsScheduler.testAll()
			#CTXSYS
			ctxsys = Ctxsys(args)
			ctxsys.testAll()
			#Passwords
			passwords = Passwords(args)
			passwords.testAll()
			#DbmsXmldom
			dbmsXslprocessor = DbmsXslprocessor(args)
			dbmsXslprocessor.testAll()
			#External Table
			externalTable = ExternalTable(args)
			externalTable.testAll()
			#Oradbg
			oradbg = Oradbg(args)
			oradbg.testAll()
			#DbmsLob
			dbmsLob = DbmsLob(args)
			dbmsLob.testAll()
			#SMB
			smb = SMB(args)
			smb.testAll()
			#Pribvilege escalation
			privilegeEscalation = PrivilegeEscalation(args)
			privilegeEscalation.testAll()
			#Test some CVE
			cve = CVE_XXXX_YYYY(args)
			cve.testAll()
			cve.close() #Close the socket to the remote database
			#CVE_2012_3137
			cve = CVE_2012_3137 (args)
			cve.testAll()
			
	#usernamelikepassword
	args['run'] = True
	runUsernameLikePassword(args)
Esempio n. 2
0
def runAllModules(args):
	'''
	Run all modules
	'''
	connectionInformation, validSIDsList = {}, []
	#A)SID MANAGEMENT
	if args['sid'] == None :
		validSIDsList = runSIDGuesserModule(args)
		args['user'], args['password'] = None, None 
	else :
		validSIDsList = [args['sid']]
	#B)ACCOUNT MANAGEMENT
	if args['user'] == None and args['password'] == None:
		for sid in validSIDsList:
			args['print'].title("Searching valid accounts on the {0} SID".format(sid))
			args['sid'] = sid
			passwordGuesser = PasswordGuesser(args,args['accounts-file'])
			passwordGuesser.searchValideAccounts()
			validAccountsList = passwordGuesser.valideAccounts
			if validAccountsList == {}:
				args['print'].badNews("No found a valid account on {0}:{1}/{2}".format(args['server'], args['port'], args['sid']))
				exit(EXIT_NO_ACCOUNTS)
			else :
				args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],validAccountsList))
				for aLogin, aPassword in validAccountsList.items(): 
					if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
					else : connectionInformation[sid].append([aLogin,aPassword])
	else :
		validAccountsList = {args['user']:args['password']}
		for aSid in validSIDsList:
			for aLogin, aPassword in validAccountsList.items():
				if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
				else : connectionInformation[aSid].append([aLogin,aPassword])
	#C)ALL OTHERS MODULES
	if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
	elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
	for aSid in connectionInformation.keys():
		for loginAndPass in connectionInformation[aSid]:
			args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
			args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
			#INFO ABOUT REMOTE SERVER
			info = Info(args)
			status = info.connection()
			if isinstance(status,Exception):
				args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
				break
			info.loadInformationRemoteDatabase()
			args['info'] = info
			#UTL_HTTP
			utlHttp = UtlHttp(args)
			status = utlHttp.connection()
			utlHttp.testAll()
			#HTTPURITYPE
			httpUriType = HttpUriType(args)
			httpUriType.testAll()
			#UTL_FILE
			utlFile = UtlFile(args)
			utlFile.testAll()
			#JAVA
			java = Java(args)
			java.testAll()
			#DBMS ADVISOR
			dbmsAdvisor = DbmsAdvisor(args)
			dbmsAdvisor.testAll()
			#DBMS Scheduler
			dbmsScheduler = DbmsScheduler(args)
			dbmsScheduler.testAll()
			#CTXSYS
			ctxsys = Ctxsys(args)
			ctxsys.testAll()
			#Passwords
			passwords = Passwords(args)
			passwords.testAll()
			#DbmsXmldom
			dbmsXslprocessor = DbmsXslprocessor(args)
			dbmsXslprocessor.testAll()
			#External Table
			externalTable = ExternalTable(args)
			externalTable.testAll()
			#Oradbg
			oradbg = Oradbg(args)
			oradbg.testAll()
			oradbg.close() #Close the socket to the remote database
			#CVE_2012_3137
			cve = CVE_2012_3137 (args)
			cve.testAll()
	#usernamelikepassword
	args['run'] = True
	runUsernameLikePassword(args)
Esempio n. 3
0
def runAllModules(args):
	'''
	Run all modules
	'''
	connectionInformation, validSIDsList = {}, []
	#0)TNS Poinsoning
	if args['no-tns-poisoning-check'] == False:
		tnspoison = Tnspoison(args)
		tnspoison.testAll()
	else:
		logging.info("Don't check if the target is vulnerable to TNS poisoning because the option --no-tns-poisoning-check is enabled in command line")
	#A)SID MANAGEMENT
	if args['sid'] == None :
		logging.debug("Searching valid SIDs")
		validSIDsList = runSIDGuesserModule(args)
		args['user'], args['password'] = None, None 
	else :
		validSIDsList = [args['sid']]
	if validSIDsList == []:
		exit(EXIT_NO_SIDS)
	#B)ACCOUNT MANAGEMENT
	if args['credentialsFile'] == True :
		logging.debug("Loading credentials stored in the {0} file".format(args['accounts-file']))
		#Load accounts from file
		passwordGuesser = PasswordGuesser(args, args['accounts-file'], loginFile=None ,passwordFile=None, loginAsPwd=args['login-as-pwd'])
		validAccountsList = passwordGuesser.getAccountsFromFile()
		for aSid in validSIDsList:
			for anAccount in validAccountsList:
				if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[anAccount[0], anAccount[1]]]
				else : connectionInformation[aSid].append([anAccount[0], anAccount[1]])
	elif args['user'] == None and args['password'] == None:
		for sid in validSIDsList:
			args['print'].title("Searching valid accounts on the {0} SID".format(sid))
			args['sid'] = sid
			if args['accounts-files'][0] != None and args['accounts-files'][1] != None : args['accounts-file'] = None
			passwordGuesser = PasswordGuesser(args, accountsFile=args['accounts-file'], loginFile=args['accounts-files'][0], passwordFile=args['accounts-files'][1], timeSleep=args['timeSleep'], loginAsPwd=args['login-as-pwd'])
			passwordGuesser.searchValideAccounts()
			validAccountsList = passwordGuesser.valideAccounts
			if validAccountsList == {}:
				args['print'].badNews("No found a valid account on {0}:{1}/{2}. You should try with the option '--accounts-file accounts/accounts_multiple.txt' or '--accounts-file accounts/logins.txt accounts/pwds.txt'".format(args['server'], args['port'], args['sid']))
				exit(EXIT_NO_ACCOUNTS)
			else :
				args['print'].goodNews("Accounts found on {0}:{1}/{2}: {3}".format(args['server'], args['port'], args['sid'],getCredentialsFormated(validAccountsList)))
				for aLogin, aPassword in validAccountsList.items(): 
					if connectionInformation.has_key(sid) == False: connectionInformation[sid] = [[aLogin,aPassword]]
					else : connectionInformation[sid].append([aLogin,aPassword])
	else:
		validAccountsList = {args['user']:args['password']}
		for aSid in validSIDsList:
			for aLogin, aPassword in validAccountsList.items():
				if connectionInformation.has_key(aSid) == False: connectionInformation[aSid] = [[aLogin,aPassword]]
				else : connectionInformation[aSid].append([aLogin,aPassword])
	#C)ALL OTHERS MODULES
	if sidHasBeenGiven(args) == False : return EXIT_MISS_ARGUMENT
	#elif anAccountIsGiven(args) == False : return EXIT_MISS_ARGUMENT
	for aSid in connectionInformation.keys():
		for loginAndPass in connectionInformation[aSid]:
			args['sid'] , args['user'], args['password'] = aSid, loginAndPass[0],loginAndPass[1]
			args['print'].title("Testing all modules on the {0} SID with the {1}/{2} account".format(args['sid'],args['user'],args['password']))
			#INFO ABOUT REMOTE SERVER
			info = Info(args)
			status = info.connection()
			if isinstance(status,Exception):
				args['print'].badNews("Impossible to connect to the remote database: {0}".format(str(status).replace('\n','')))
				break
			info.loadInformationRemoteDatabase()
			args['info'] = info
			#UTL_HTTP
			utlHttp = UtlHttp(args)
			status = utlHttp.connection()
			utlHttp.testAll()
			#HTTPURITYPE
			httpUriType = HttpUriType(args)
			httpUriType.testAll()
			#UTL_FILE
			utlFile = UtlFile(args)
			utlFile.testAll()
			#JAVA
			java = Java(args)
			java.testAll()
			#DBMS ADVISOR
			dbmsAdvisor = DbmsAdvisor(args)
			dbmsAdvisor.testAll()
			#DBMS Scheduler
			dbmsScheduler = DbmsScheduler(args)
			dbmsScheduler.testAll()
			#CTXSYS
			ctxsys = Ctxsys(args)
			ctxsys.testAll()
			#Passwords
			passwords = Passwords(args)
			passwords.testAll()
			#DbmsXmldom
			dbmsXslprocessor = DbmsXslprocessor(args)
			dbmsXslprocessor.testAll()
			#External Table
			externalTable = ExternalTable(args)
			externalTable.testAll()
			#Oradbg
			oradbg = Oradbg(args)
			oradbg.testAll()
			#DbmsLob
			dbmsLob = DbmsLob(args)
			dbmsLob.testAll()
			#SMB
			smb = SMB(args)
			smb.testAll()
			#Pribvilege escalation
			privilegeEscalation = PrivilegeEscalation(args)
			privilegeEscalation.testAll()
			#Test some CVE
			cve = CVE_XXXX_YYYY(args)
			cve.testAll()
			cve.close() #Close the socket to the remote database
			#CVE_2012_3137
			cve = CVE_2012_3137 (args)
			cve.testAll()
			
	#usernamelikepassword
	args['run'] = True
	runUsernameLikePassword(args)