def single_mode(cli_parsed): display = None if cli_parsed.web: create_driver = selenium_module.create_driver capture_host = selenium_module.capture_host if not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() elif cli_parsed.headless: if not os.path.isfile('./bin/phantomjs'): print(" [*] Error: You are missing your phantomjs binary!") print(" [*] Please run the setup script!") sys.exit(0) create_driver = phantomjs_module.create_driver capture_host = phantomjs_module.capture_host url = cli_parsed.single http_object = objects.HTTPTableObject() if cli_parsed.active_scan: http_object._active_scan = True http_object.remote_system = url http_object.set_paths(cli_parsed.d, 'baseline' if cli_parsed.cycle is not None else None) if cli_parsed.active_scan: http_object._active_scan = True web_index_head = create_web_index_head(cli_parsed.date, cli_parsed.time) if cli_parsed.cycle is not None: print 'Making baseline request for {0}'.format( http_object.remote_system) else: print 'Attempting to screenshot {0}'.format(http_object.remote_system) driver = create_driver(cli_parsed) result, driver = capture_host(cli_parsed, http_object, driver) result = default_creds_category(result) if cli_parsed.resolve: result.resolved = resolve_host(result.remote_system) driver.quit() if cli_parsed.cycle is not None and result.error_state is None: ua_dict = get_ua_values(cli_parsed.cycle) for browser_key, user_agent_value in ua_dict.iteritems(): print 'Now making web request with: {0} for {1}'.format( browser_key, result.remote_system) ua_object = objects.UAObject(browser_key, user_agent_value) ua_object.copy_data(result) driver = create_driver(cli_parsed, user_agent_value) ua_object, driver = capture_host(cli_parsed, ua_object, driver) ua_object = default_creds_category(ua_object) result.add_ua_data(ua_object) driver.quit() if display is not None: display.stop() html = result.create_table_html() with open(os.path.join(cli_parsed.d, 'report.html'), 'w') as f: f.write(web_index_head) f.write(create_table_head()) f.write(html) f.write("</table><br>")
def single_mode(cli_parsed): display = None if cli_parsed.web: create_driver = selenium_module.create_driver capture_host = selenium_module.capture_host if not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() elif cli_parsed.headless: if not os.path.isfile('./bin/phantomjs'): print(" [*] Error: You are missing your phantomjs binary!") print(" [*] Please run the setup script!") sys.exit(0) create_driver = phantomjs_module.create_driver capture_host = phantomjs_module.capture_host url = cli_parsed.single http_object = objects.HTTPTableObject() if cli_parsed.active_scan: http_object._active_scan = True http_object.remote_system = url http_object.set_paths( cli_parsed.d, 'baseline' if cli_parsed.cycle is not None else None) if cli_parsed.active_scan: http_object._active_scan = True web_index_head = create_web_index_head(cli_parsed.date, cli_parsed.time) if cli_parsed.cycle is not None: print 'Making baseline request for {0}'.format(http_object.remote_system) else: print 'Attempting to screenshot {0}'.format(http_object.remote_system) driver = create_driver(cli_parsed) result, driver = capture_host(cli_parsed, http_object, driver) result = default_creds_category(result) if cli_parsed.resolve: result.resolved = resolve_host(result.remote_system) driver.quit() if cli_parsed.cycle is not None and result.error_state is None: ua_dict = get_ua_values(cli_parsed.cycle) for browser_key, user_agent_value in ua_dict.iteritems(): print 'Now making web request with: {0} for {1}'.format( browser_key, result.remote_system) ua_object = objects.UAObject(browser_key, user_agent_value) ua_object.copy_data(result) driver = create_driver(cli_parsed, user_agent_value) ua_object, driver = capture_host(cli_parsed, ua_object, driver) ua_object = default_creds_category(ua_object) result.add_ua_data(ua_object) driver.quit() if display is not None: display.stop() html = result.create_table_html() with open(os.path.join(cli_parsed.d, 'report.html'), 'w') as f: f.write(web_index_head) f.write(create_table_head()) f.write(html) f.write("</table><br>")
def single_mode(cli_parsed): display = None if cli_parsed.web: create_driver = selenium_module.create_driver capture_host = selenium_module.capture_host if not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() elif cli_parsed.headless: create_driver = phantomjs_module.create_driver capture_host = phantomjs_module.capture_host url = cli_parsed.single http_object = objects.HTTPTableObject() http_object.remote_system = url http_object.set_paths(cli_parsed.d, "baseline" if cli_parsed.cycle is not None else None) web_index_head = create_web_index_head(cli_parsed.date, cli_parsed.time) if cli_parsed.cycle is not None: print "Making baseline request for {0}".format(http_object.remote_system) else: print "Attempting to screenshot {0}".format(http_object.remote_system) driver = create_driver(cli_parsed) result, driver = capture_host(cli_parsed, http_object, driver) result = default_creds_category(result) if cli_parsed.resolve: result.resolved = resolve_host(result.remote_system) driver.quit() if cli_parsed.cycle is not None and result.error_state is None: ua_dict = get_ua_values(cli_parsed.cycle) for browser_key, user_agent_value in ua_dict.iteritems(): print "Now making web request with: {0} for {1}".format(browser_key, result.remote_system) ua_object = objects.UAObject(browser_key, user_agent_value) ua_object.copy_data(result) driver = create_driver(cli_parsed, user_agent_value) ua_object, driver = capture_host(cli_parsed, ua_object, driver) ua_object = default_creds_category(ua_object) result.add_ua_data(ua_object) driver.quit() if display is not None: display.stop() html = result.create_table_html() with open(os.path.join(cli_parsed.d, "report.html"), "w") as f: f.write(web_index_head) f.write(create_table_head()) f.write(html) f.write("</table><br>")
def multi_mode(cli_parsed): dbm = db_manager.DB_Manager(cli_parsed.d + '/ew.db') dbm.open_connection() if not cli_parsed.resume: dbm.initialize_db() dbm.save_options(cli_parsed) m = Manager() targets = m.Queue() lock = m.Lock() multi_counter = m.Value('i', 0) display = None def exitsig(*args): dbm.close() if current_process().name == 'MainProcess': print('') print( 'Resume using ./EyeWitness.py --resume {0}'.format(cli_parsed.d + '/ew.db')) os._exit(1) signal.signal(signal.SIGINT, exitsig) if cli_parsed.resume: pass else: url_list, rdp_list, vnc_list = target_creator(cli_parsed) if cli_parsed.web: for url in url_list: dbm.create_http_object(url, cli_parsed) for rdp in rdp_list: dbm.create_vnc_rdp_object('rdp', rdp, cli_parsed) for vnc in vnc_list: dbm.create_vnc_rdp_object('vnc', vnc, cli_parsed) if cli_parsed.web: if cli_parsed.web and not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() multi_total = dbm.get_incomplete_http(targets) if multi_total > 0: if cli_parsed.resume: print( 'Resuming Web Scan ({0} Hosts Remaining)'.format( str(multi_total))) else: print( 'Starting Web Requests ({0} Hosts)'.format( str(multi_total))) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in range(num_threads): targets.put(None) try: workers = [ Process( target=worker_thread, args=( cli_parsed, targets, lock, (multi_counter, multi_total))) for i in range(num_threads)] for w in workers: w.start() for w in workers: w.join() except Exception as e: print(str(e)) # Set up UA table here if cli_parsed.cycle is not None: ua_dict = get_ua_values(cli_parsed.cycle) if not cli_parsed.ua_init: dbm.clear_table("ua") completed = dbm.get_complete_http() completed[:] = [x for x in completed if x.error_state is None] for item in completed: for browser, ua in ua_dict.items(): dbm.create_ua_object(item, browser, ua) cli_parsed.ua_init = True dbm.clear_table("opts") dbm.save_options(cli_parsed) for browser, ua in ua_dict.items(): targets = m.Queue() multi_counter.value = 0 multi_total = dbm.get_incomplete_ua(targets, browser) if multi_total > 0: print(("[*] Starting requests for User Agent {0}" " ({1} Hosts)").format(browser, str(multi_total))) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in range(num_threads): targets.put(None) workers = [Process(target=worker_thread, args=(cli_parsed, targets, lock, (multi_counter, multi_total), (browser, ua))) for i in range(num_threads)] for w in workers: w.start() for w in workers: w.join() if any((cli_parsed.vnc, cli_parsed.rdp)): log._LOG_LEVEL = log.Level.ERROR multi_total, targets = dbm.get_incomplete_vnc_rdp() if multi_total > 0: print('') print( 'Starting VNC/RDP Requests ({0} Hosts)'.format(str(multi_total))) app = QtGui.QApplication(sys.argv) timer = QTimer() timer.start(10) timer.timeout.connect(lambda: None) # add qt4 reactor import qt4reactor qt4reactor.install() from twisted.internet import reactor for target in targets: if os.path.dirname( cli_parsed.d) != os.path.dirname( target.screenshot_path): target.set_paths(cli_parsed.d) tdbm = db_manager.DB_Manager(cli_parsed.d + '/ew.db') if target.proto == 'vnc': reactor.connectTCP( target.remote_system, target.port, vnc_module.RFBScreenShotFactory( target.screenshot_path, reactor, app, target, tdbm)) else: reactor.connectTCP( target.remote_system, int(target.port), rdp_module.RDPScreenShotFactory( reactor, app, 1200, 800, target.screenshot_path, cli_parsed.timeout, target, tdbm)) reactor.runReturn() app.exec_() if display is not None: display.stop() results = dbm.get_complete_http() vnc_rdp = dbm.get_complete_vnc_rdp() dbm.close() m.shutdown() write_vnc_rdp_data(cli_parsed, vnc_rdp) sort_data_and_write(cli_parsed, results) if cli_parsed.ocr: for target in targets: try: rdp_module.parse_screenshot(cli_parsed.d, target) except IOError: pass
def multi_mode(cli_parsed): dbm = db_manager.DB_Manager(cli_parsed.d + '/ew.db') dbm.open_connection() if not cli_parsed.resume: dbm.initialize_db() dbm.save_options(cli_parsed) m = Manager() targets = m.Queue() lock = m.Lock() multi_counter = m.Value('i', 0) display = None def exitsig(*args): dbm.close() if current_process().name == 'MainProcess': print '' print 'Resume using ./EyeWitness.py --resume {0}'.format(cli_parsed.d + '/ew.db') os._exit(1) signal.signal(signal.SIGINT, exitsig) if cli_parsed.resume: pass else: url_list, rdp_list, vnc_list = target_creator(cli_parsed) if any((cli_parsed.web, cli_parsed.headless)): for url in url_list: dbm.create_http_object(url, cli_parsed) for rdp in rdp_list: dbm.create_vnc_rdp_object('rdp', rdp, cli_parsed) for vnc in vnc_list: dbm.create_vnc_rdp_object('vnc', vnc, cli_parsed) if any((cli_parsed.web, cli_parsed.headless)): if cli_parsed.web and not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() multi_total = dbm.get_incomplete_http(targets) if multi_total > 0: if cli_parsed.resume: print 'Resuming Web Scan ({0} Hosts Remaining)'.format(str(multi_total)) else: print 'Starting Web Requests ({0} Hosts)'.format(str(multi_total)) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in xrange(num_threads): targets.put(None) try: workers = [Process(target=worker_thread, args=( cli_parsed, targets, lock, (multi_counter, multi_total))) for i in xrange(num_threads)] for w in workers: w.start() for w in workers: w.join() except Exception as e: print str(e) # Set up UA table here if cli_parsed.cycle is not None: ua_dict = get_ua_values(cli_parsed.cycle) if not cli_parsed.ua_init: dbm.clear_table("ua") completed = dbm.get_complete_http() completed[:] = [x for x in completed if x.error_state is None] for item in completed: for browser, ua in ua_dict.iteritems(): dbm.create_ua_object(item, browser, ua) cli_parsed.ua_init = True dbm.clear_table("opts") dbm.save_options(cli_parsed) for browser, ua in ua_dict.iteritems(): targets = m.Queue() multi_counter.value = 0 multi_total = dbm.get_incomplete_ua(targets, browser) if multi_total > 0: print("[*] Starting requests for User Agent {0}" " ({1} Hosts)").format(browser, str(multi_total)) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in xrange(num_threads): targets.put(None) workers = [Process(target=worker_thread, args=(cli_parsed, targets, lock, (multi_counter, multi_total), (browser, ua))) for i in xrange(num_threads)] for w in workers: w.start() for w in workers: w.join() if any((cli_parsed.vnc, cli_parsed.rdp)): log._LOG_LEVEL = log.Level.ERROR multi_total, targets = dbm.get_incomplete_vnc_rdp() if multi_total > 0: print '' print 'Starting VNC/RDP Requests ({0} Hosts)'.format(str(multi_total)) app = QtGui.QApplication(sys.argv) timer = QTimer() timer.start(10) timer.timeout.connect(lambda: None) # add qt4 reactor import qt4reactor qt4reactor.install() from twisted.internet import reactor for target in targets: if os.path.dirname(cli_parsed.d) != os.path.dirname(target.screenshot_path): target.set_paths(cli_parsed.d) tdbm = db_manager.DB_Manager(cli_parsed.d + '/ew.db') if target.proto == 'vnc': reactor.connectTCP( target.remote_system, target.port, vnc_module.RFBScreenShotFactory( target.screenshot_path, reactor, app, target, tdbm)) else: reactor.connectTCP( target.remote_system, int(target.port), rdp_module.RDPScreenShotFactory( reactor, app, 1200, 800, target.screenshot_path, cli_parsed.timeout, target, tdbm)) reactor.runReturn() app.exec_() if display is not None: display.stop() results = dbm.get_complete_http() vnc_rdp = dbm.get_complete_vnc_rdp() dbm.close() m.shutdown() write_vnc_rdp_data(cli_parsed, vnc_rdp) sort_data_and_write(cli_parsed, results)
def multi_mode(cli_parsed): dbm = db_manager.DB_Manager(cli_parsed.d + '/ew.db') dbm.open_connection() if not cli_parsed.resume: dbm.initialize_db() dbm.save_options(cli_parsed) m = Manager() targets = m.Queue() lock = m.Lock() multi_counter = m.Value('i', 0) display = None def exitsig(*args): dbm.close() if current_process().name == 'MainProcess': print('') print('Resume using ./EyeWitness.py --resume {0}'.format( cli_parsed.d + '/ew.db')) os._exit(1) signal.signal(signal.SIGINT, exitsig) if cli_parsed.resume: pass else: url_list = target_creator(cli_parsed) if cli_parsed.web: for url in url_list: dbm.create_http_object(url, cli_parsed) if cli_parsed.web: if cli_parsed.web and not cli_parsed.show_selenium: display = Display(visible=0, size=(1920, 1080)) display.start() multi_total = dbm.get_incomplete_http(targets) if multi_total > 0: if cli_parsed.resume: print('Resuming Web Scan ({0} Hosts Remaining)'.format( str(multi_total))) else: print('Starting Web Requests ({0} Hosts)'.format( str(multi_total))) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in range(num_threads): targets.put(None) try: workers = [ Process(target=worker_thread, args=(cli_parsed, targets, lock, (multi_counter, multi_total))) for i in range(num_threads) ] for w in workers: w.start() for w in workers: w.join() except Exception as e: print(str(e)) # Set up UA table here if cli_parsed.cycle is not None: ua_dict = get_ua_values(cli_parsed.cycle) if not cli_parsed.ua_init: dbm.clear_table("ua") completed = dbm.get_complete_http() completed[:] = [x for x in completed if x.error_state is None] for item in completed: for browser, ua in ua_dict.iteritems(): dbm.create_ua_object(item, browser, ua) cli_parsed.ua_init = True dbm.clear_table("opts") dbm.save_options(cli_parsed) for browser, ua in ua_dict.iteritems(): targets = m.Queue() multi_counter.value = 0 multi_total = dbm.get_incomplete_ua(targets, browser) if multi_total > 0: print("[*] Starting requests for User Agent {0}" " ({1} Hosts)").format(browser, str(multi_total)) if multi_total < cli_parsed.threads: num_threads = multi_total else: num_threads = cli_parsed.threads for i in range(num_threads): targets.put(None) workers = [ Process(target=worker_thread, args=(cli_parsed, targets, lock, (multi_counter, multi_total), (browser, ua))) for i in range(num_threads) ] for w in workers: w.start() for w in workers: w.join() if display is not None: display.stop() results = dbm.get_complete_http() dbm.close() m.shutdown() sort_data_and_write(cli_parsed, results)