def setoption(self, name, value):
"""
Sets option to value if possible.
If STAGECERTIFICATEFILE has been changed, check consistency of its value.
"""
if name.upper() == "STAGECERTIFICATEFILE":
if not (self._validate_certificatefile("STAGECERTIFICATEFILE",
value)):
return True # value found, but not set
else:
# reset all key/cert data, it might change now
self.privatekey = None
self.fingerprint = None
self.certificate = None
self.publickeyxml = None
if name.upper() == "TIMEOUT" and (not isint(value) or int(value) < 1
or int(value) > 100):
print_error("TIMEOUT should be 1 <= TIMEOUT <= 100")
return True # value found, but not set
if name.upper() == "RETRIES" and (not isint(value) or int(value) < 0
or int(value) > 100):
print_error("RETRIES should be 0 <= RETRIES <= 100")
return True # value found, but not set
return ModuleBase.setoption(self, name, value)
def setoption(self, name, value):
"""
set an option for the handler or any of transport and platform modules currently selected
It tries all of these modules in that order and uses the first success.
"""
if ModuleBase.setoption(self, name, value):
#print_debug(DEBUG_MODULE, "set {} = {}".format(name, value))
if str(name).upper() == "TRANSPORT":
if str(value).upper() == "REVERSETCP":
print_debug(DEBUG_MODULE, "changing TRANSPORT to REVERSETCP")
self.transport = TransportReverseTcp(self)
elif str(value).upper() == "DNS":
print_debug(DEBUG_MODULE, "changing TRANSPORT to DNS")
self.transport = TransportDns(self)
if str(name).upper() == "PLATFORM":
if str(value).upper() == "POWERSHELL":
print_debug(DEBUG_MODULE, "changing PLATFORM to POWERSHELL")
self.platform = PlatformPowershell(self)
return True
elif self.transport and self.transport.setoption(name, value):
return True
elif self.platform and self.platform.setoption(name, value):
return True
else:
print_error(str(name.upper())+" not recognized as an option")
return False
def validate_options(self):
"""
validate the options for the handler, the selected transport and platform modules
The validation succeeds only if all of these modules can be validated.
"""
return ModuleBase.validate_options(self) and self.transport.validate_options() and \
self.platform.validate_options()
def show_options(self):
"""
print information of options for the handler and the selected transport and platform modules
:return: None
"""
print_message("Options for the Handler:")
ModuleBase.show_options(self)
print()
if self.transport:
print_message("Options for the TRANSPORT module "+str(self.options["TRANSPORT"]["Value"])+":")
self.transport.show_options()
else:
print_message("No TRANSPORT module selected")
print()
if self.platform:
print_message("Options for the PLATFORM module "+str(self.options["PLATFORM"]["Value"])+":")
self.platform.show_options()
else:
print_message("No PLATFORM module selected")
print()
def completeoption(self, name):
"""
lists autocomplete for option names starting with name for the handler or any of
transport and platform modules currently selected
:param name: start of the option name
:return: list of possible autocompletes
"""
l = ModuleBase.completeoption(self, name)
if self.transport:
l += self.transport.completeoption(name)
if self.platform:
l += self.platform.completeoption(name)
return l
def validate_options(self):
"""
Validate all currently set listener options.
"""
valid = ModuleBase.validate_options(self)
# TODO: check ips
# check port
port = self.options['LPORT']['Value']
if port and not (self._validate_port('LPORT', port)):
valid = False
port = self.options['CONNECTPORT']['Value']
if port and not (self._validate_port('CONNECTPORT', port)):
valid = False
return valid
def setoption(self, name, value):
"""
Sets an option
:param name: name of the option
:param value: new value
:return: True iff the value was found, not necessary set!
"""
# TODO: check ips
if name.upper() == "LPORT" and not (self._validate_port(
"LPORT", value)):
return True # value found, but not set
if name.upper() == "CONNECTPORT" and not (self._validate_port(
"CONNECTPORT", value)):
return True # value found, but not set
return ModuleBase.setoption(self, name, value)
def validate_options(self):
"""
Validate all currently set listener options.
"""
valid = ModuleBase.validate_options(self)
# TODO: check interface ip LHOST and DNSSERVER
port = self.options['LPORT']['Value']
if port and not (self._validate_port('LPORT', port)):
valid = False
zone = self.options['ZONE']['Value']
if zone and not (self._validate_zone('ZONE', port)):
valid = False
return valid
def validate_options(self):
"""
validate the options for the platform
Especially check validity of our STAGECERTIFICATEFILE if necessary
"""
valid = ModuleBase.validate_options(self)
# do we need STAGECERTIFICATEFILE and is it valid?
if self.options['STAGED']['Value'] == "TRUE" and (self.options['STAGEENCODING']['Value'] == "TRUE"
or self.options['STAGEAUTHENTICATION']['Value'] == "TRUE") \
or self.options['AGENTTYPE']['Value'] == "DNSCAT2" \
or self.options['AGENTTYPE']['Value'] == "DNSCAT2DOWNLOADER":
if not self.options['STAGECERTIFICATEFILE']['Value'] \
or self.options['STAGECERTIFICATEFILE']['Value'] == "":
print_error(
"STAGECERTIFICATEFILE must be set when using STAGEENCODING and/or "
+ "STAGEAUTHENTICATION and/or DNSCAT2")
valid = False
elif not self._validate_certificatefile(
"STAGECERTIFICATEFILE",
self.options['STAGECERTIFICATEFILE']['Value']):
valid = False
if (self.options['AGENTTYPE']['Value'] == "DNSCAT2"
or self.options['AGENTTYPE']['Value'] == "DNSCAT2DOWNLOADER") \
and self.handler.options['TRANSPORT']['Value'] != "DNS":
print_error(
"dnscat2 must be used with DNS transport, hence the name!")
valid = False
timeout = self.options['TIMEOUT']['Value']
if not isint(timeout) or int(timeout) < 1 or int(timeout) > 100:
print_error("TIMEOUT should be 1 <= TIMEOUT <= 100")
valid = False
retries = self.options['RETRIES']['Value']
if not isint(retries) or int(retries) < 0 or int(retries) > 100:
print_error("RETRIES should be 0 <= RETRIES <= 100")
valid = False
return valid
def setoption(self, name, value):
"""
Sets an option
:param name: name of the option
:param value: new value
:return: True iff the value was found, not necessary set!
"""
# TODO: check interface ip and DNSSERVER
if name.upper() == "ZONE" and not (self._validate_zone("ZONE", value)):
return True # value found, but not set
if name.upper() == "LPORT" and not (self._validate_port(
"LPORT", value)):
return True # value found, but not set
elif isint(value) and int(value) != 53:
print_error(
"DNS might not work if you set a non-default port. We will assume, "
+ "you know what you do and continue.")
# and continue setting it
return ModuleBase.setoption(self, name, value)