def parseOutputString(self, output, debug=False): host_info = re.search( r"(\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b)", output) if host_info is None: api.log("No hosts detected") else: for host in output.splitlines(): if host != "": h_id = self.createAndAddHost(host) i_id = self.createAndAddInterface(h_id, host, ipv4_address=host) s_id = self.createAndAddServiceToInterface( h_id, i_id, str(self._port), "tcp", ports=[self._port], status="open", version="", description="") if debug is True: api.devlog("Debug is active") return True
def parseOutputString(self, output, debug=False): host_info = re.search(r"Connected to (.+)\.", output) banner = re.search("220?([\w\W]+)$", output) if re.search("Connection timed out", output) is None and host_info is not None: hostname = host_info.group(1) ip_address = self.resolve(hostname) self._version = banner.groups(0) if banner else "" if debug: print ip_address h_id = self.createAndAddHost(ip_address) i_id = self.createAndAddInterface(h_id, ip_address, ipv4_address=ip_address, hostname_resolution=[hostname]) s_id = self.createAndAddServiceToInterface(h_id, i_id, "ftp", "tcp", ports=[self._port], status="open") if debug is True: api.devlog("Debug is active") return True
def _doSql(self, db, sql): try: api.devlog("SQL:" + sql) db.execute(sql) except Exception, e: print("Error SQL[" + e.pgcode + "] - " + e.pgerror) return None
def parseOutputString(self, output, debug=False): host_info = re.search( r"(\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b)", output) host_mac_addr = re.search(r"([\dA-F]{2}(?:[-:][\dA-F]{2}){5})", output, re.IGNORECASE) if host_info is None: api.devlog("No hosts detected") else: for line in output.split('\n'): vals = line.split("\t") if len(vals) == 3: if len(vals[0].split(".")) == 4: host = vals[0] h_id = self.createAndAddHost(host) i_id = self.createAndAddInterface(h_id, host, ipv4_address=host, mac=vals[1]) n_id = self.createAndAddNoteToHost( h_id, "NIC VENDOR:", vals[2]) return True
def setSavingModel(self, value): api.devlog("setSavingModel: %s" % value) self._saving_model_flag = value if value: self._saving_model_lock.acquire() else: try: self._saving_model_lock.release() except RuntimeError: pass
def parseOutputString(self, output, debug=False): """ This method will discard the output the shell sends, it will read it from the xml where it expects it to be present. NOTE: if 'debug' is true then it is being run from a test case and the output being sent is valid. """ try: f = urlopen( self.getSetting("Host") + "/api/hooks?token=" + self.getSetting("Authkey")) data = json.loads(f.read()) except: api.devlog("[BeEF] - Connection with api") return if "hooked-browsers" in data: for t in ["online", "offlne"]: for h in data["hooked-browsers"][t]: name = str(data["hooked-browsers"][t][h]['name']) version = str(data["hooked-browsers"][t][h]['version']) os = str(data["hooked-browsers"][t][h]['os']) platform = str(data["hooked-browsers"][t][h]['platform']) session = str(data["hooked-browsers"][t][h]['session']) ip = str(data["hooked-browsers"][t][h]['ip']) domain = str(data["hooked-browsers"][t][h]['domain']) port = str(data["hooked-browsers"][t][h]['port']) page_uri = str(data["hooked-browsers"][t][h]['page_uri']) desc = "Client ip:" + ip + \ " has been injected with BeEF using the url:" + page_uri + "\n" desc += "More information:" desc += "\ntype:" + t desc += "\nname:" + name desc += "\nversion:" + version desc += "\nos:" + os desc += "\nplatform:" + platform desc += "\nsession:" + session desc += "\nip:" + ip desc += "\ndomain:" + domain desc += "\nport:" + port desc += "\npage_uri:" + page_uri h_id = self.createAndAddHost(ip) v_id = self.createAndAddVulnToHost( h_id, "BeEF injected " + t + " session:" + session, desc=desc, ref=["http://http://beefproject.com/"], severity=3)
def addUpdate(self, old_object, new_object, command_id): # Returns True if the update was resolved without user interaction try: mergeAction = old_object.addUpdate(new_object, command_id) if mergeAction: if old_object not in self.objects_with_updates: self.objects_with_updates.append(old_object) notifier.conflictUpdate(1) return False except Exception as ex: api.devlog("(%s).addUpdate(%s, %s) - failed" % (self, old_object, new_object)) return False self.mappers_manager.update(old_object, command_id) notifier.editHost(old_object) return True
def _processAction(self, action, parameters, sync=False): """ decodes and performs the action given It works kind of a dispatcher """ if sync: self._sync_api_request = True api.devlog("_processAction - %s - parameters = %s" % (action, str(parameters))) action_callback = self._actionDispatcher[action] res = self._dispatchActionWithLock(action_callback, *parameters) # finally we notify the widgets about this change # if res: # notify only if action was done successfuly # self._notifyModelUpdated(*parameters) # else: if not res: api.devlog("Action code %d failed. Parameters = %s" % (action, str(parameters))) if sync: self._sync_api_request = False
def stop_server(self): api.devlog("server stopping...") self._stop = True
def serve_forever(self): while not self._stop: self.handle_request() api.devlog("server forever stopped by flag")
def run(self): self.serve_forever() api.devlog("serve_forever ended") return
def handle(self): try: api.devlog("-" * 60) api.devlog("[XMLRPCHandler] - request = %s" % str(self.request)) api.devlog("[XMLRPCHandler] - client_address = %s" % str(self.client_address)) api.devlog("[XMLRPCHandler] - server = %s" % str(self.server)) api.devlog("-" * 60) SimpleXMLRPCServer.SimpleXMLRPCRequestHandler.handle(self) except Exception: api.devlog( "[XMLRPCHandler] - An error ocurred while handling a request\n%s" % traceback.format_exc())
def _devlog(self, msg, *args, **kwargs): # I have no idea what I am doing api.devlog(msg) return True