parser.add_argument('-p', '--password', help='Password', default='', nargs='+', required=False)
parser.add_argument('--hashdump', help='Dump Domino hashes', action='store_true', required=False)
parser.add_argument('--quickconsole', help='Interact with Domino Quick Console', action='store_true', required=False)
args = parser.parse_args()
HEADER = {
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36',
'Accept': '*/*',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Connection': 'keep-alive'
}
# Process Domino URL
target = utility.process_url(args.url)
# Interact with quick console
if args.quickconsole:
utility.print_status('Accessing Domino Quick Console...')
quickconsole.check_access(target, HEADER, args.username, ' '.join(args.password))
# Dump hashes
elif args.hashdump:
utility.print_status('Enumerating accounts...')
hashdump.enum_accounts(target, HEADER, args.username, ' '.join(args.password))
# Fingerprint
else:
utility.print_status('Fingerprinting Domino server...')
fingerprint.fingerprint(target, HEADER)
fingerprint.check_portals(target, HEADER)
# Process Domino URL
target = utility.check_url(args.url)
if target:
# Detect type of authentication
auth_type = utility.detect_auth(target)
if auth_type:
# Fingerprint
if args.action == 'fingerprint':
utility.print_status('Fingerprinting Domino server')
fingerprint.fingerprint(target, args.username, ' '.join(args.password), auth_type)
# Dump hashes
elif args.action == 'hashdump':
utility.print_status('Dumping account hashes')
hashdump.enum_accounts(target, args.username, ' '.join(args.password), auth_type)
# Interact with Quick Console
elif args.action == 'console':
utility.print_status('Accessing Domino Quick Console')
quickconsole.check_access(target, args.username, ' '.join(args.password), auth_type)
# Reverse brute force
else:
if os.path.isfile(args.userlist):
utility.print_status("Starting reverse brute force with '{0}' as the password".format(' '.join(args.password)))
bruteforce.reverse_bruteforce(target, os.path.abspath(args.userlist), ' '.join(args.password), auth_type)
else:
utility.print_warn('You must supply a file containing a list of usernames')
else:
target = utility.check_url(args.url)
if target == None:
utility.print_warn('Please provide a valid URL!')
else:
# Detect type of authentication the Domino server is using
auth_type = utility.detect_auth(target)
# Interact with quick console
if args.quickconsole:
utility.print_status('Accessing Domino Quick Console...')
quickconsole.check_access(target, args.username, ' '.join(args.password), auth_type)
# Dump hashes
elif args.hashdump:
utility.print_status('Dumping account hashes...')
hashdump.enum_accounts(target, args.username, ' '.join(args.password), auth_type)
# Reverse brute force
elif args.bruteforce:
if os.path.isfile(args.username):
utility.print_status("Starting reverse brute force with {0} as the password...".format(' '.join(args.password)))
bruteforce.reverse_bruteforce(target, args.username, ' '.join(args.password), auth_type)
else:
utility.print_warn('You must supply the full path to a file containing a list of usernames!')
# Fingerprint
else:
utility.print_status('Fingerprinting Domino server...')
fingerprint.fingerprint(target, args.username, ' '.join(args.password), auth_type)