def searchValideAccounts(self): ''' Search valid accounts Return True if no connection error. Return False if a connection error ''' userChoice = 1 logging.info("Searching valid accounts on '{0}':'{1}'/'{2}'".format(self.args['host'], self.args['port'], self.args['database'])) pbar, nb = getStandardBarStarted(len(self.accounts)), 0 for anAccount in self.accounts : currentUser, currentPassword = anAccount[0], anAccount[1] nb += 1 pbar.update(nb) logging.debug("Try to connect with {0}".format('/'.join(anAccount))) status = self.__saveThisLoginInFileIfNotExist__(anAccount[0]) if self.args['force-retry'] == False and status == False and userChoice ==1: userChoice = self.__askToTheUserIfNeedToContinue__(anAccount[0]) if userChoice == 0 : logging.info("The attack is aborded because you choose to stop (s/S)") break self.args['user'], self.args['password'] = currentUser, currentPassword mssql = Mssql(args=self.args) status = mssql.connect(printErrorAsDebug = True) if status == -1: logging.error("Connection error. Abording!") return False elif status == True: mssql.closeConnection() self.valideAccounts[currentUser] = currentPassword logging.info("Valid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(currentUser, currentPassword, self.args['host'], self.args['port'], self.args['database'])) else: logging.info("Unvalid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(currentUser, currentPassword, self.args['host'], self.args['port'], self.args['database'])) sleep(self.args['timeSleep']) pbar.finish() return True
def searchValideAccounts(self, ip, port, database=DEFAULT_DATABASE_NAME, sqlRequest=DEFAULT_SQL_REQUEST, accountsFile=DEFAULT_ACCOUNT_FILE): ''' search valid accounts on a targeted database through Openrowset Return validAccounts = [[]] ''' #logging.info ("Search valid accounts (stored in {3}) on the remote database {O}:{1}/{2}".format(ip, port, database, accountsFile)) accounts = self.__getAccounts__(accountsFile=accountsFile) pbar, nb, validAccounts = getStandardBarStarted(len(accounts)), 0, [] for anAccount in accounts : nb += 1 pbar.update(nb) logging.debug("Try to connect with {0}".format('/'.join(anAccount))) status = self.remoteConnectionWithOpenrowset (ip=ip, port=port, login=anAccount[0], password=anAccount[1], database=database, sqlRequest=sqlRequest) if isinstance(status,Exception): if ERROR_PROCEDURE_BLOCKED in str(status): logging.info("openrowset can't be used to connect to a remote database") return status else: logging.info("Unvalid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(anAccount[0], anAccount[1], ip, port, database)) else: logging.info("Valid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(anAccount[0], anAccount[1], ip, port, database)) validAccounts.append([anAccount[0], anAccount[1]]) sleep(self.args['timeSleep']) pbar.finish() return validAccounts
def scanTcpPorts(self,scannerObject=None,ip=None,ports=[],nbThread=2): ''' Scan tcp port of the ip system ''' pbar,nb = getStandardBarStarted(len(ports)),Queue.Queue(1) threads, portStatusQueue, portsQueue = [], Queue.Queue(), Queue.Queue() queueLock = threading.Lock() nb.put(0) for aPort in ports : portsQueue.put(aPort) logging.info ("Multithread scan is starting....") for i in range(nbThread): thread = ScanPorts.scanAPort(scannerObject,ip,portStatusQueue,pbar,nb,portsQueue,queueLock) threads += [thread] thread.start() portsQueue.join() pbar.finish() logging.info ("Scan is finish") portStatus = [item for item in portStatusQueue.queue] return sorted(portStatus, key=lambda x: int(x[0]))