예제 #1
0
def detect_os(cpe_list):
    for cpe in cpe_list:
        cpe_os_type = "cpe:/o"
        if cpe.startswith(cpe_os_type):
            print(utils.normal_message(), "Target OS appears to be",
                  cpe_utils.CPE(cpe).human())
            if cpe_utils.CPE(cpe).matches(cpe_utils.CPE("cpe:/o:microsoft:windows")) \
                    and platform.system() == "linux":
                print(utils.warning_message(),
                      "Target machine is running Microsoft Windows")
                print(utils.warning_message(),
                      "Will commence enumeration using enum4linux")
                print(utils.error_message(), "enum4linux not yet implemented")
예제 #2
0
def detect_apps(cpe_list):
    for cpe in cpe_list:
        cpe_app_type = "cpe:/a"
        if cpe.startswith(cpe_app_type):
            print(utils.normal_message(),
                  "Installed application is reported as",
                  cpe_utils.CPE(cpe).human())
예제 #3
0
    def test_cpe_parsing(self):
        cpe_str = "cpe:/part:vendor:product:version:update:edition"
        cpe_obj = cpe_utils.CPE(cpe_str)

        self.assertEqual(cpe_obj.part, "part")
        self.assertEqual(cpe_obj.vendor, "vendor")
        self.assertEqual(cpe_obj.product, "product")
        self.assertEqual(cpe_obj.version, "version")
        self.assertEqual(cpe_obj.update, "update")
        self.assertEqual(cpe_obj.edition, "edition")
예제 #4
0
    def test_cpe_obj_equals(self):
        orig_cpe = "cpe:/o:vendor:product:version:update:edition"
        cpe_obj1 = cpe_utils.CPE(orig_cpe)
        cpe_obj2 = cpe_utils.CPE(orig_cpe)

        false_cpes = [
            "cpe:/a:vendor:product:version:update:edition",
            "cpe:/o:vendor1:product:version:update:edition",
            "cpe:/o:vendor:product1:version:update:edition",
            "cpe:/o:vendor:product:version1:update:edition",
            "cpe:/o:vendor:product:version:update1:edition",
            "cpe:/o:vendor:product:version:update:edition1",
        ]

        for false_cpe in false_cpes:
            false_cpe_obj = cpe_utils.CPE(false_cpe)
            self.assertFalse(
                cpe_obj1 == false_cpe_obj,
                "{} is not equal to {}".format(false_cpe, orig_cpe))
예제 #5
0
    def __init__(self, cpe, ip):
        self.cpe = cpe
        self.ip = ip
        self.cpeJson = json.loads(cpe_utils.CPE(cpe).to_json())

        if (self.cpeJson["part"] == "a"):
            self.part = "Application"
        elif (self.cpeJson["part"] == "o"):
            self.part = "Operating System"
        else:
            self.part = "Hardware"
예제 #6
0
def parse_nmap_scan(out_file):
    xmldoc = minidom.parse(out_file)
    hostslist = xmldoc.getElementsByTagName('hosts')
    # We only scan one host at a time
    if int(hostslist[0].attributes['down'].value) > 0:
        print(error_message(), "Target was unreachable")
    else:
        portlist = xmldoc.getElementsByTagName('port')
        print("")

        print(normal_message(), len(portlist), "ports are open")

        cpelist = xmldoc.getElementsByTagName('cpe')
        for cpe in cpelist:
            cpe_retrieved = cpe.firstChild.nodeValue
            cpe_osstr = "cpe:/o"
            if cpe_retrieved.startswith(cpe_osstr):
                print(normal_message(), "Target OS appears to be",
                      cpe_utils.CPE(cpe_retrieved).human())
                if cpe_utils.CPE(cpe_retrieved).matches(cpe_utils.CPE("cpe:/o:microsoft:windows"))\
                        and platform.system() == "linux":
                    print(
                        warning_message(),
                        "Target machine is running Microsoft Windows."
                        "Will commence enumeration using enum4linux")

        for cpe in cpelist:
            cpe_retrieved = cpe.firstChild.nodeValue
            cpe_appstr = "cpe:/a"
            if cpe_retrieved.startswith(cpe_appstr):
                print(normal_message(), "Installed application is reported as",
                      cpe_utils.CPE(cpe_retrieved).human())

        # New line for nicer formatting
        print("")

        searchsploit_nmap_scan(out_file)

        for openport in portlist:
            detect_service(openport)
예제 #7
0
    def test_has_wildcards(self):
        cpe_tests = [
            "cpe:/*:vendor:product:version:update:edition",
            "cpe:/?:vendor:product:version:update:edition",
            "cpe:/o:v*ndor:product:version:update:edition",
            "cpe:/o:v?ndor:product:version:update:edition",
            "cpe:/o:vendor:pr*duct:version:update:edition",
            "cpe:/o:vendor:pr?duct:version:update:edition",
            "cpe:/o:vendor:product:vers*on:update:edition",
            "cpe:/o:vendor:product:vers?on:update:edition",
            "cpe:/o:vendor:product:version:upda*e:edition",
            "cpe:/o:vendor:product:version:upda?e:edition",
            "cpe:/o:vendor:product:version:update:ed*tion",
            "cpe:/o:vendor:product:version:update:ed?tion",
        ]

        for cpe_str in cpe_tests:
            cpe_obj = cpe_utils.CPE(cpe_str)
            self.assertTrue(cpe_obj.has_wildcards())

        no_wildcards = cpe_utils.CPE(
            "cpe:/o:vendor:product:version:update:edition")
        self.assertFalse(no_wildcards.has_wildcards())
예제 #8
0
def main():
    parser = argparse.ArgumentParser()
    parser.add_argument("-k", "--keyword", help="VM search parameter")
    parser.add_argument("-o",
                        "--output",
                        help="output file location [defaults to catalog.json]")
    parser.add_argument("hypervisorConfig", help="json hypervisor config")

    args = parser.parse_args()

    prefix = args.keyword

    catalog_file = "catalog.json"
    if args.output is not None:
        catalog_file = args.output

    vm_server = get_vm_server(config_file=args.hypervisorConfig)
    if vm_server is None:
        print("Failed to connect to VM environment")
        exit(1)

    vm_list = []
    vm_server.enumerateVms()
    for vm in vm_server.vmList:
        if prefix in vm.vmName:
            vm_list.append(vm.vmName)
    cpe_catalog = {}

    if os.path.isfile(catalog_file):
        with open(catalog_file) as catalog_handle:
            cpe_catalog = json.load(catalog_handle)

    for name in tqdm(vm_list):
        if "linux" in name.lower():
            cpe_str = vm_as_cpe_string(name.lower())
            if cpe_str:
                cpe = cpe_utils.CPE(cpe_str)
                vm_entry = {
                    'NAME': name,
                    'CPE': cpe_str,
                    'USERNAME': "******",
                    'PASSWORD': "******",
                    'OS': cpe.human()
                }
                cpe_catalog[vm_server.hostname + "_" + name] = vm_entry

    with open(catalog_file, "w") as catalog_handle:
        json.dump(cpe_catalog, catalog_handle, indent=2, sort_keys=True)
예제 #9
0
    def test_human(self):
        tests = [
            [
                "cpe:/"
                "a:vendor:product:1.1:sp3:x86", "Vendor Product 1.1 SP3 x86"
            ],
            [
                "cpe:/a:vendor_name:product:1.1:sp3:x86",
                "Vendor Name Product 1.1 SP3 x86"
            ],
            ["cpe:/a:vendor:product::sp3:x86", "Vendor Product SP3 x86"],
            ["cpe:/a:vendor:::sp3:x86", "Vendor SP3 x86"],
            ["cpe:/a:vendor::::", "Vendor"],
            ["cpe:/a::::sp3:x86", "SP3 x86"],
            ["cpe:/a:vendor:product:1.1::", "Vendor Product 1.1"],
            ["cpe:/a:::::", ""],
            ["cpe:/a::product:::", "Product"],
            ["cpe:/a:::1.1::", "1.1"],
            ["cpe:/a::::sp3:", "SP3"],
            ["cpe:/a:::::x86", "x86"],
            ["cpe:/a:vendor:product:::", "Vendor Product"],
            ["cpe:/a:vendor:product:1.1:sp3:", "Vendor Product 1.1 SP3"],
            ["cpe:/a:vendor_name::::x86", "Vendor Name x86"],
            ["cpe:/a:vendor_name:::sp3:", "Vendor Name SP3"],
            ["cpe:/a:vendor_name:product:1.1::", "Vendor Name Product 1.1"],
            ["cpe:/a:vendor_name::::", "Vendor Name"],
            ["cpe:/a:vendor::::x86", "Vendor x86"],
            ["cpe:/a:vendor:::sp3:", "Vendor SP3"],
        ]

        for test_info in tests:
            cpe_string = test_info[0]
            correct_human = test_info[1]

            cpe = cpe_utils.CPE(cpe_string)
            self.assertEqual(
                cpe.human(), correct_human,
                "{!r} was not {!r} (for cpe {})".format(
                    cpe.human(), correct_human, cpe_string))
예제 #10
0
    def test_to_json(self):

        tests = [
            [
                "cpe:/a:vendor:product:1.1:sp3:x86", {
                    "part": "a",
                    "vendor": "vendor",
                    "product": "product",
                    "version": "1.1",
                    "update": "sp3",
                    "edition": "x86"
                }
            ],
            [
                "cpe:/a::product:1.1:sp3:x86", {
                    "part": "a",
                    "vendor": "",
                    "product": "product",
                    "version": "1.1",
                    "update": "sp3",
                    "edition": "x86"
                }
            ],
            [
                "cpe:/a:vendor::1.1:sp3:x86", {
                    "part": "a",
                    "vendor": "vendor",
                    "product": "",
                    "version": "1.1",
                    "update": "sp3",
                    "edition": "x86"
                }
            ],
            [
                "cpe:/a:vendor:product::sp3:x86", {
                    "part": "a",
                    "vendor": "vendor",
                    "product": "product",
                    "version": "",
                    "update": "sp3",
                    "edition": "x86"
                }
            ],
            [
                "cpe:/a:vendor:product:1.1::x86", {
                    "part": "a",
                    "vendor": "vendor",
                    "product": "product",
                    "version": "1.1",
                    "update": "",
                    "edition": "x86"
                }
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3", {
                    "part": "a",
                    "vendor": "vendor",
                    "product": "product",
                    "version": "1.1",
                    "update": "sp3",
                    "edition": ""
                }
            ],
        ]

        for test_info in tests:
            cpe_string = test_info[0]
            correct_dict = test_info[1]

            cpe = cpe_utils.CPE(cpe_string)
            assert isinstance(cpe_string, object)
            self.assertEqual(
                cpe.to_json(), json.dumps(correct_dict),
                "{!r} was not {!r} (for cpe {})".format(
                    cpe.to_json(), correct_dict, cpe_string))
예제 #11
0
    def test_matches(self):
        tests = [
            [
                "cpe:/a:vendor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/X:vendor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:X:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:X:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:X:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:X:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:X",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vandor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:ndor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:dor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:or:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:r:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vbndo:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vand:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:ven:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:ve:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:v:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vbndor:produc:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:produ:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vcndor:prod:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vindor:pro:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vondor:pr:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vundor:p:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vondor::1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.0:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product::sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:sp:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:s:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1::x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:x8",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:x",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vndor:poduct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vedor:prduct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:venor:prouct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendr:prodct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendo:produt:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:produc:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:space:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:space:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.10:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.11:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.12:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.13:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.14:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.15:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.16:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.17:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.18:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.19:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", False
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:*",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:*:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:*:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:*:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:*:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/*:vendor:product:1.1:sp3:x8?",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:x?6",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:sp3:?86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:sp?:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:s?3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.1:?p3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1.?:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:1?1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:product:?.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:produc?:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:produ?t:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:prod?ct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:pro?uct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:pr?duct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:p?oduct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendor:?roduct:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vendo?:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:vend?r:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:ven?or:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:ve?dor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:v?ndor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/a:?endor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
            [
                "cpe:/?:vendor:product:1.1:sp3:x86",
                "cpe:/a:vendor:product:1.1:sp3:x86", True
            ],
        ]

        count = 0
        for test_info in tests:
            count += 1
            cpe_str1, cpe_str2, match_result = test_info
            cpe1 = cpe_utils.CPE(cpe_str1)
            cpe2 = cpe_utils.CPE(cpe_str2)

            self.assertTrue(
                cpe1.matches(cpe2) == match_result,
                "[{}] {}.match({}) was not {}".format(count, cpe_str1,
                                                      cpe_str2, match_result))
예제 #12
0
 def test_cpe_exception(self):
     with self.assertRaises(cpe_utils.CPEException):
         cpe_utils.CPE("cpe:::::")