def smb_cmd_list(targets):
commands = parse_list_file(conf.smbcmdlist)
targets_tuple = ()
for target in targets:
if len(target.get_valid_credentials()) == 0:
continue
else:
admin_credentials = get_admin_credentials(target)
if admin_credentials is False:
admin_credentials = target.get_valid_credentials()[0]
logger.warn(
'No admin user identified for target %s, some commands will not work'
% target.get_identity())
logger.info('Executing SMB commands on %s with user %s' %
(target.get_identity(), admin_credentials.getUser()))
shell = InteractiveShell(target, admin_credentials, conf.name)
if len(commands) > 0:
logger.info('Executing SMB commands from provided file')
for command in commands:
print('SMB command \'%s\' output:' % command)
try:
shell.onecmd(command)
except SessionError as e:
# traceback.print_exc()
logger.error('SMB error: %s' % (e.getErrorString(), ))
except NetBIOSTimeout as e:
logger.error('SMB connection timed out')
except keimpxError as e:
logger.error(e)
except KeyboardInterrupt as _:
print()
logger.info('User aborted')
shell.do_exit('')
except Exception as e:
# traceback.print_exc()
logger.error(str(e))
print('----------8<----------')
def main():
global conf
global credentials
global domains
global have_readline
global pool_thread
banner()
conf = cmdline_parser()
check_conf()
pool_thread = threading.BoundedSemaphore(conf.threads)
try:
for target in targets:
pool_thread.acquire()
current = test_login(target)
current.daemon = True
current.start()
while threading.activeCount() > 1:
a = 'Caughtit'
pass
except KeyboardInterrupt:
print
try:
logger.warn('Test interrupted')
a = 'Caughtit'
stop_threads[0] = True
except KeyboardInterrupt:
print
logger.info('User aborted')
exit(1)
if successes == 0:
print '\nNo credentials worked on any target\n'
exit(0)
print '\nThe credentials worked in total %d times\n' % successes
print 'TARGET SORTED RESULTS:\n'
for target in targets:
valid_credentials = target.get_valid_credentials()
if len(valid_credentials) > 0:
print target.get_identity()
for valid_credential in valid_credentials:
print ' %s' % valid_credential.get_identity()
print
print '\nUSER SORTED RESULTS:\n'
for credential in credentials:
valid_credentials = credential.get_valid_targets()
if len(valid_credentials) > 0:
print credential.get_identity()
for valid_credential in valid_credentials:
print ' %s' % valid_credential.get_identity()
print
if conf.smbcmdlist is not None:
smb_cmd_list()
if conf.oscmdlist is not None:
os_cmd_list()
if conf.batch or conf.smbcmdlist or conf.oscmdlist:
return
while True:
msg = 'Do you want to establish a SMB shell from any of the targets? [Y/n] '
choice = raw_input(msg)
if choice and choice[0].lower() != 'y':
return
counter = 0
targets_dict = {}
msg = 'Which target do you want to connect to?'
for target in targets:
valid_credentials = target.get_valid_credentials()
if len(valid_credentials) > 0:
counter += 1
msg += '\n[%d] %s%s' % (counter, target.get_identity(), ' (default)' if counter == 1 else '')
targets_dict[counter] = (target, valid_credentials)
msg += '\n> '
choice = read_input(msg, counter)
user_target, valid_credentials = targets_dict[int(choice)]
counter = 0
credentials_dict = {}
msg = 'Which credentials do you want to use to connect?'
for credential in valid_credentials:
counter += 1
msg += '\n[%d] %s%s' % (counter, credential.get_identity(), ' (default)' if counter == 1 else '')
credentials_dict[counter] = credential
msg += '\n> '
choice = read_input(msg, counter)
user_credentials = credentials_dict[int(choice)]
if sys.platform.lower() == 'win32' and have_readline:
try:
_outputfile = readline.GetOutputFile()
except AttributeError:
logger.debug('Failed GetOutputFile when using platform\'s readline library')
have_readline = False
uses_libedit = False
if sys.platform.lower() == 'darwin' and have_readline:
import commands
(status, result) = commands.getstatusoutput('otool -L %s | grep libedit' % readline.__file__)
if status == 0 and len(result) > 0:
readline.parse_and_bind('bind ^I rl_complete')
debugMsg = 'Leopard libedit detected when using platform\'s '
debugMsg += 'readline library'
logger.debug(debugMsg)
uses_libedit = True
try:
shell = InteractiveShell(user_target, user_credentials, conf.name)
shell.cmdloop()
except RuntimeError, e:
logger.error('Runtime error: %s' % str(e))
except Exception, _:
# traceback.print_exc()
pass
