def searchValideAccounts(self):
'''
Search valid accounts
Return True if no connection error.
Return False if a connection error
'''
userChoice = 1
logging.info("Searching valid accounts on '{0}':'{1}'/'{2}'".format(self.args['host'], self.args['port'], self.args['database']))
pbar, nb = getStandardBarStarted(len(self.accounts)), 0
for anAccount in self.accounts :
currentUser, currentPassword = anAccount[0], anAccount[1]
nb += 1
pbar.update(nb)
logging.debug("Try to connect with {0}".format('/'.join(anAccount)))
status = self.__saveThisLoginInFileIfNotExist__(anAccount[0])
if self.args['force-retry'] == False and status == False and userChoice ==1:
userChoice = self.__askToTheUserIfNeedToContinue__(anAccount[0])
if userChoice == 0 :
logging.info("The attack is aborded because you choose to stop (s/S)")
break
self.args['user'], self.args['password'] = currentUser, currentPassword
mssql = Mssql(args=self.args)
status = mssql.connect(printErrorAsDebug = True)
if status == -1:
logging.error("Connection error. Abording!")
return False
elif status == True:
mssql.closeConnection()
self.valideAccounts[currentUser] = currentPassword
logging.info("Valid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(currentUser, currentPassword, self.args['host'], self.args['port'], self.args['database']))
else: logging.info("Unvalid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(currentUser, currentPassword, self.args['host'], self.args['port'], self.args['database']))
sleep(self.args['timeSleep'])
pbar.finish()
return True
def searchValideAccounts(self, ip, port, database=DEFAULT_DATABASE_NAME, sqlRequest=DEFAULT_SQL_REQUEST, accountsFile=DEFAULT_ACCOUNT_FILE):
'''
search valid accounts on a targeted database through Openrowset
Return validAccounts = [[]]
'''
#logging.info ("Search valid accounts (stored in {3}) on the remote database {O}:{1}/{2}".format(ip, port, database, accountsFile))
accounts = self.__getAccounts__(accountsFile=accountsFile)
pbar, nb, validAccounts = getStandardBarStarted(len(accounts)), 0, []
for anAccount in accounts :
nb += 1
pbar.update(nb)
logging.debug("Try to connect with {0}".format('/'.join(anAccount)))
status = self.remoteConnectionWithOpenrowset (ip=ip, port=port, login=anAccount[0], password=anAccount[1], database=database, sqlRequest=sqlRequest)
if isinstance(status,Exception):
if ERROR_PROCEDURE_BLOCKED in str(status):
logging.info("openrowset can't be used to connect to a remote database")
return status
else:
logging.info("Unvalid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(anAccount[0], anAccount[1], ip, port, database))
else:
logging.info("Valid credential: '{0}'/'{1}' on ('{2}':'{3}'/'{4}') ".format(anAccount[0], anAccount[1], ip, port, database))
validAccounts.append([anAccount[0], anAccount[1]])
sleep(self.args['timeSleep'])
pbar.finish()
return validAccounts
def scanTcpPorts(self,scannerObject=None,ip=None,ports=[],nbThread=2):
'''
Scan tcp port of the ip system
'''
pbar,nb = getStandardBarStarted(len(ports)),Queue.Queue(1)
threads, portStatusQueue, portsQueue = [], Queue.Queue(), Queue.Queue()
queueLock = threading.Lock()
nb.put(0)
for aPort in ports : portsQueue.put(aPort)
logging.info ("Multithread scan is starting....")
for i in range(nbThread):
thread = ScanPorts.scanAPort(scannerObject,ip,portStatusQueue,pbar,nb,portsQueue,queueLock)
threads += [thread]
thread.start()
portsQueue.join()
pbar.finish()
logging.info ("Scan is finish")
portStatus = [item for item in portStatusQueue.queue]
return sorted(portStatus, key=lambda x: int(x[0]))