예제 #1
0
파일: dlink.py 프로젝트: Cr0n1c/SohoScanner
def interact(ip, port, creds):
    """
        @summary: If creds are good we will come here and enumerate
    """
    
    user = creds['user']
    pw = creds['pass']
    userAgent = creds['userAgent']
    cookie = creds['cookie']
    
    postContent = 'SERVICES=DEVICE.HOSTNAME%2CINET.LAN-1%2CDHCPS4.LAN-1%2CRUNTIME.INF.LAN-1%2CURLCTRL'
    scan = resources.web_scanner_config('POST', '/getcfg.php', ip, postContent, cookie, userAgent)
    tmp = resources.netcat(ip, port, scan)
    xmlOutput = resources.xml_http_parser(tmp)
    
    tree = ET.ElementTree(ET.fromstring(xmlOutput))
    print tree
    
예제 #2
0
파일: dlink.py 프로젝트: Cr0n1c/SohoScanner
def get_creds(ip, port, data):
    """
        @summary:  This will try default creds on a D-Link device.
    
        Tested on DIR-815 Firmware 1.04 11/13/2013
    """
    users = ['admin']
    passwords = ['']
    
    creds = {   'user'      : None,
                'pass'      : None, 
                'userAgent' : resources.get_user_agent_string(),
                'cookie'    : resources.get_random_cookie()
            }
                
    for user in users:
        for pw in passwords:
            postContent = 'REPORT_METHOD=xml&ACTION=login_plaintext&USER=%s&PASSWD=%s&CAPTCHA=' %(user, pw)
            scan = resources.web_scanner_config('POST', '/session.cgi', ip, postContent, creds['cookie'], creds['userAgent'])
            tmp = resources.netcat(ip, port, scan)
            
            if re.search('<RESULT>INVALIDPASSWD</RESULT>', tmp):
                creds['user'] = user
                continue
            elif re.search('<RESULT>INVALIDUSER</RESULT>', tmp):
                break
            elif re.search('<RESULT>SUCCESS</RESULT>', tmp):
                print 'Creds:\n\tUser: %s\n\tPass: %s' %(user, pw)
                creds['user'] = user
                creds['pass'] = pw
                return creds
                
    if creds['user'] is not None:
        print 'Creds:\n\tUser: %s\n\tPass: <Could Not Find>' %(user)
        return creds
    else:
        return False
예제 #3
0
def scanner_web(ip, port):
    webScan = resources.web_scanner_config('GET', '/', ip)
    
    results = resources.netcat(ip, port, webScan)
    if results: 
        web.main(ip, port, results)