def gatherFromHistory(self, historyFile): lootFolder = os.path.join(self.wspaceFolder, "loot") filename = str(self.connection.endpoint).replace(":", "-") + "_" + str( self.connection.user) + "_" + historyFile.replace("/", "_") filepath = os.path.join(lootFolder, filename) try: self.sftp.get(historyFile, filepath) except Exception as e: print(e) return None with open(filepath, "r", errors="ignore") as dledFile: data = dledFile.read() lines = data.splitlines() for line in lines: if re.search(r'^ *ssh ', line): option = "" words = line.split() host = False port = None user = None identity = None for i in range(1, len(words)): if option != "": if option == "identity": identity = words[i] if identity[:2] == '~/': identity = identity[2:] elif option == "port": port = words[i] option = "" elif words[i][0] == "-": if words[i] == "-i": option = "identity" elif words[i] == "-p": option = "port" else: option = words[i] elif not host: if '@' in words[i]: user, hostname = words[i].split("@", 1) else: hostname = words[i] host = True if not host: continue endpoints = self.hostnameToIP(hostname, port) if user is not None: user = User(user) if not self.connection.scope: user.scope = False if user.id is None: user.found = self.connection.endpoint user.save() self.newUsers.append(user) if identity is not None: identity = self.getKeyToCreds(identity, ".")
def gatherFromConfig(self): lootFolder = os.path.join(self.wspaceFolder, "loot") filename = str(self.connection.endpoint).replace(":", "-") + "_" + str( self.connection.user) + "_.ssh_config" filepath = os.path.join(lootFolder, filename) try: self.sftp.get(".ssh/config", filepath) except Exception as e: return None with open(filepath, 'r', errors='replace') as f: data = f.read() lines = data.split('\n') curHost = None for line in lines: if line == '': continue if line[:5].lower() == "Host ".lower(): if curHost != None and curHost["name"] != "*": if "host" in curHost.keys(): host = curHost["host"] else: host = curHost["name"] if "port" in curHost.keys(): port = curHost["port"] else: port = None endpoints = self.hostnameToIP(host, port) user = None identity = None if "user" in curHost.keys(): user = User(curHost["user"]) if not self.connection.scope: user.scope = False if user.id is None: user.found = self.connection.endpoint user.save() self.newUsers.append(user) if "identity" in curHost.keys(): identity = self.getKeyToCreds(curHost["identity"], ".") curHost = {} curHost["name"] = line.split()[1] else: [key, val] = line.strip().split(' ', 1) key = key.lower() if key == "user": curHost['user'] = val elif key == "port": curHost['port'] = val elif key == "hostname": curHost['host'] = val elif key == "identityfile": if val[:2] == '~/': val = val[2:] curHost['identity'] = val if curHost != None and curHost["name"] != "*": if "host" in curHost.keys(): host = curHost["host"] else: host = curHost["name"] if "port" in curHost.keys(): port = curHost["port"] else: port = None endpoints = self.hostnameToIP(host, port) user = None identity = None if "user" in curHost.keys(): user = User(curHost["user"]) if not self.connection.scope: user.scope = False if user.id is None: user.found = self.connection.endpoint self.newUsers.append(user) user.save() if "identity" in curHost.keys(): identity = self.getKeyToCreds(curHost["identity"], ".")