def verify_results(self, session: Session,
command: Command,
source: Source,
report_item: ReportItem,
process: PopenCommand = None, **kwargs) -> None:
"""This method analyses the results of the command execution.
After the execution, this method checks the OS command's results to determine the command's execution status as
well as existing vulnerabilities (e.g. weak login credentials, NULL sessions, hidden Web folders). The
stores the output in table command. In addition, the collector might add derived information to other tables as
well.
:param session: Sqlalchemy session that manages persistence operations for ORM-mapped objects
:param command: The command instance that contains the results of the command execution
:param source: The source object of the current collector
:param report_item: Item that can be used for reporting potential findings in the UI
:param process: The PopenCommand object that executed the given result. This object holds stderr, stdout, return
code etc.
"""
command.hint = []
for line in command.stdout_output:
match = self._export_re.match(line)
if match:
export = match.group("export").strip().strip('"').strip("'")
self.add_path(session=session,
command=command,
service=command.service,
path=export,
path_type=PathType.nfs_export,
source=source,
report_item=report_item)
def verify_results(self,
session: Session,
command: Command,
source: Source,
report_item: ReportItem,
process: PopenCommand = None,
**kwargs) -> None:
"""This method analyses the results of the command execution.
After the execution, this method checks the OS command's results to determine the command's execution status as
well as existing vulnerabilities (e.g. weak login credentials, NULL sessions, hidden Web folders). The
stores the output in table command. In addition, the collector might add derived information to other tables as
well.
:param session: Sqlalchemy session that manages persistence operations for ORM-mapped objects
:param command: The command instance that contains the results of the command execution
:param source: The source object of the current collector
:param report_item: Item that can be used for reporting potential findings in the UI
:param process: The PopenCommand object that executed the given result. This object holds stderr, stdout, return
code etc.
"""
contexts = {}
unique = {}
matchers = [
"defaultNamingContext:", "defaultNamingContext:",
"rootDomainNamingContext:"
]
command.hint = []
for line in command.stdout_output:
for matcher in matchers:
if matcher in line:
tmp = line.split(":")
if len(tmp) >= 2:
key = tmp[0]
value = ":".join(tmp[1:])
contexts[key] = value
unique[value] = True
for key, value in contexts.items():
self.add_additional_info(session=session,
command=command,
service=command.service,
name="{} {}".format(
command.collector_name.name, key),
values=[value],
source=source,
report_item=report_item)
for key, _ in unique.items():
new_command = command.os_command_substituted[:-2]
new_command.extend(['-b', '"{}"'.format(key)])
self.add_hint(command=command,
hint="$ {}".format(" ".join(new_command)))
def verify_results(self,
session: Session,
command: Command,
source: Source,
report_item: ReportItem,
process: PopenCommand = None,
**kwargs) -> None:
"""This method analyses the results of the command execution.
After the execution, this method checks the OS command's results to determine the command's execution status as
well as existing vulnerabilities (e.g. weak login credentials, NULL sessions, hidden Web folders). The
stores the output in table command. In addition, the collector might add derived information to other tables as
well.
:param session: Sqlalchemy session that manages persistence operations for ORM-mapped objects
:param command: The command instance that contains the results of the command execution
:param source: The source object of the current collector
:param report_item: Item that can be used for reporting potential findings in the UI
:param process: The PopenCommand object that executed the given result. This object holds stderr, stdout, return
code etc.
"""
command.hint = []
command.hide = command.return_code and command.return_code > 0
for line in command.stdout_output:
line = line.strip()
match_share = self._re_shares.match(line)
if match_share:
ipv4_address = command.service.host.ipv4_address
name = "/{}".format(match_share.group(1))
self.add_path(session=session,
command=command,
service=command.service,
path=name,
path_type=PathType.smb_share,
source=source,
report_item=report_item)
self.add_hint(
command=command,
hint="$ smbclient //{}{} -U\"$user\"%\"$password\" -c "
"'prompt OFF;recurse ON;mget *'".format(
ipv4_address, name))
self.add_hint(
command=command,
hint=
"$ sudo mount -t cifs -o user=$usr,password=$pwd //{}/{} "
"$mountpoint".format(ipv4_address, name))