def import_pwdump():
"""Downloads a pwdump loot and processes it"""
msf_settings = msf_get_config(session)
alert = False
error = None
response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title)
try:
from MetasploitProAPI import MetasploitProAPI, MSFProAPIError
except ImportError as error:
return dict(alert=True, error=str(error), form=None)
msf = MetasploitProAPI(host=msf_settings['url'],
apikey=msf_settings['key'])
try:
msf.login()
data = msf.loot_list(msf_settings['workspace'])
except MSFProAPIError as error:
return dict(alert=True, error=str(error), form=None)
if not alert:
loot_list = [] # list of loot IDs and IPs
loot_hosts = {} # mapping of IP to loot IDs
for k, v in data.items():
if v['ltype'] == 'host.windows.pwdump' or v[
'ltype'] == 'windows.hashes':
loot_list.append([k, v['host']])
loot_hosts.setdefault(v['host'], k)
form = SQLFORM.factory(
Field('hosts',
'list',
requires=IS_IN_SET(loot_list, multiple=True),
label=T('Host')),
Field('host_text', 'text', label=T('Host list (1 per line)')),
Field('addevidence', 'boolean', label=T('Add to Evidence')),
)
if form.accepts(request, session):
from skaldship.metasploit import process_pwdump_loot
data = []
# based on which form data is entered, make a new loot_list
if len(form.vars.hosts) > 0:
loot_list = form.vars.hosts
elif len(form.vars.host_text) > 0:
for ip in form.vars.host_text.split('\n'):
try:
loot_list.append(loot_hosts[ip])
except:
logging.debug("%s not found in MSF loot list" % (ip))
continue
retval = process_pwdump_loot(loot_list, msf)
response.flash = "PWDUMP files imported\n%s" % (retval)
elif form.errors:
response.flash = "Errors in your form"
else:
form = None
return dict(form=form, alert=alert, error=str(error))
def import_screenshots():
"""
Import Screenshot files from Metasploit Pro into Kvasir
"""
response.title = "%s :: Import Metasploit Screenshots" % (settings.title)
msf_settings = msf_get_config(session)
loot_apidata = {}
try:
from MetasploitProAPI import MetasploitProAPI, MSFProAPIError
except ImportError as error:
return dict(form=None, error=str(error), alert=True)
msf = MetasploitProAPI(host=msf_settings['url'],
apikey=msf_settings['key'])
try:
msf.login()
loot_apidata = msf.loot_list(msf_settings['workspace'])
except MSFProAPIError as error:
return dict(form=None, error=str(error), alert=True)
loot_list = []
loot_dict = {}
loot_hosts = {}
for k, v in loot_apidata.items():
if v['ltype'] == 'host.windows.screenshot':
loot_list.append([k, v['host']])
loot_dict.setdefault(k, v['host'])
loot_hosts.setdefault(v['host'], k)
form = SQLFORM.factory(
Field('host',
'list',
requires=IS_IN_SET(loot_list, multiple=True),
label=T('Host')),
Field('host_text', 'text', label=T('Host list (1 per line)')),
)
if form.accepts(request, session):
loots = []
# based on which form data is entered, make a new loot_list
if form.vars.hosts:
loot_list = form.vars.hosts
elif form.vars.host_text:
for ip in form.vars.host_text.split('\n'):
try:
loot_list.append(loot_hosts[ip])
except:
logging.debug("%s not found in MSF loot list" % (ip))
continue
loot_count = process_screenshot_loot(loot_list, msf)
repsonse.flash = 'Screenshots added for %s host(s)' % (loot_count)
elif form.errors:
response.flash = "Errors in your form"
return dict(form=form, alert=False, error=None)
def import_pwdump():
"""Downloads a pwdump loot and processes it"""
msf_settings = msf_get_config(session)
alert = False
error = None
response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title)
try:
from MetasploitProAPI import MetasploitProAPI, MSFProAPIError
except ImportError, error:
return dict(alert=True, error=str(error), form=None)
msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key'])
try:
msf.login()
data = msf.loot_list(msf_settings['workspace'])
except MSFProAPIError, error:
return dict(alert=True, error=str(error), form=None)
if not alert:
loot_list = [] # list of loot IDs and IPs
loot_hosts = {} # mapping of IP to loot IDs
for k,v in data.iteritems():
if v['ltype'] == 'host.windows.pwdump' or v['ltype'] == 'windows.hashes':
loot_list.append([k, v['host']])
loot_hosts.setdefault(v['host'], k)
form=SQLFORM.factory(
Field('hosts', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')),
Field('host_text', 'text', label=T('Host list (1 per line)')),
Field('addevidence', 'boolean', label=T('Add to Evidence')),
def import_pwdump():
"""Downloads a pwdump loot and processes it"""
msf_settings = msf_get_config(session)
alert = False
error = None
response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title)
try:
from MetasploitProAPI import MetasploitProAPI, MSFProAPIError
except ImportError, error:
return dict(alert=True, error=str(error), form=None)
msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key'])
try:
msf.login()
data = msf.loot_list(msf_settings['workspace'])
except MSFProAPIError, error:
return dict(alert=True, error=str(error), form=None)
if not alert:
loot_list = [] # list of loot IDs and IPs
loot_hosts = {} # mapping of IP to loot IDs
for k,v in data.iteritems():
if v['ltype'] == 'host.windows.pwdump' or v['ltype'] == 'windows.hashes':
loot_list.append([k, v['host']])
loot_hosts.setdefault(v['host'], k)
form=SQLFORM.factory(
Field('hosts', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')),
Field('host_text', 'text', label=T('Host list (1 per line)')),
Field('addevidence', 'boolean', label=T('Add to Evidence')),
