Пример #1
0
    def gatherFromHistory(self, historyFile):
        lootFolder = os.path.join(self.wspaceFolder, "loot")
        filename = str(self.connection.endpoint).replace(":", "-") + "_" + str(
            self.connection.user) + "_" + historyFile.replace("/", "_")
        filepath = os.path.join(lootFolder, filename)
        try:
            self.sftp.get(historyFile, filepath)
        except Exception as e:
            print(e)
            return None
        with open(filepath, "r", errors="ignore") as dledFile:
            data = dledFile.read()
        lines = data.splitlines()
        for line in lines:
            if re.search(r'^ *ssh ', line):
                option = ""
                words = line.split()
                host = False
                port = None
                user = None
                identity = None

                for i in range(1, len(words)):
                    if option != "":
                        if option == "identity":
                            identity = words[i]
                            if identity[:2] == '~/':
                                identity = identity[2:]
                        elif option == "port":
                            port = words[i]
                        option = ""
                    elif words[i][0] == "-":
                        if words[i] == "-i":
                            option = "identity"
                        elif words[i] == "-p":
                            option = "port"
                        else:
                            option = words[i]
                    elif not host:
                        if '@' in words[i]:
                            user, hostname = words[i].split("@", 1)
                        else:
                            hostname = words[i]
                        host = True
                if not host:
                    continue
                endpoints = self.hostnameToIP(hostname, port)
                if user is not None:
                    user = User(user)
                    if not self.connection.scope:
                        user.scope = False
                    if user.id is None:
                        user.found = self.connection.endpoint
                        user.save()
                        self.newUsers.append(user)
                if identity is not None:
                    identity = self.getKeyToCreds(identity, ".")
Пример #2
0
 def addUser(self,name):
     newUser = User(name)
     newUser.save()
Пример #3
0
 async def gatherFromConfig(self):
     lootFolder = os.path.join(self.wspaceFolder, "loot")
     filename = str(self.connection.getEndpoint()).replace(
         ":", "-") + "_" + str(self.connection.getUser()) + "_.ssh_config"
     filepath = os.path.join(lootFolder, filename)
     try:
         await asyncssh.scp((self.socket, ".ssh/config"), filepath)
     except Exception as e:
         return None
     with open(filepath, 'r', errors='replace') as f:
         data = f.read()
     lines = data.split('\n')
     curHost = None
     for line in lines:
         if line == '':
             continue
         if line[:5].lower() == "Host ".lower():
             if curHost != None and curHost["name"] != "*":
                 if "host" in curHost.keys():
                     host = curHost["host"]
                 else:
                     host = curHost["name"]
                 if "port" in curHost.keys():
                     port = curHost["port"]
                 else:
                     port = None
                 endpoints = await self.hostnameToIP(host, port)
                 user = None
                 identity = None
                 if "user" in curHost.keys():
                     user = User(curHost["user"])
                     if not self.connection.inScope():
                         user.unscope()
                     if user.getId() is None:
                         user.setFound(self.connection.getEndpoint())
                         user.save()
                         self.newUsers.append(user)
                 if "identity" in curHost.keys():
                     identity = await self.getKeyToCreds(
                         curHost["identity"], ".")
                 if user is not None and identity is not None:
                     for endpoint in endpoints:
                         conn = Connection(endpoint, user, identity)
                         conn.save()
                         self.newConnections.append(conn)
             curHost = {}
             curHost["name"] = line.split()[1]
         else:
             [key, val] = line.strip().split(' ', 1)
             key = key.lower()
             if key == "user":
                 curHost['user'] = val
             elif key == "port":
                 curHost['port'] = val
             elif key == "hostname":
                 curHost['host'] = val
             elif key == "identityfile":
                 if val[:2] == '~/':
                     val = val[2:]
                 curHost['identity'] = val
     if curHost != None and curHost["name"] != "*":
         print("Not None")
         if "host" in curHost.keys():
             host = curHost["host"]
         else:
             host = curHost["name"]
         if "port" in curHost.keys():
             port = curHost["port"]
         else:
             port = None
         endpoints = await self.hostnameToIP(host, port)
         user = None
         identity = None
         if "user" in curHost.keys():
             user = User(curHost["user"])
             if not self.connection.inScope():
                 user.unscope()
             if user.getId() is None:
                 user.setFound(self.connection.getEndpoint())
                 self.newUsers.append(user)
                 user.save()
         if "identity" in curHost.keys():
             identity = await self.getKeyToCreds(curHost["identity"], ".")
         if user is not None and identity is not None:
             for endpoint in endpoints:
                 conn = Connection(endpoint, user, identity)
                 conn.save()
                 self.newConnections.append(conn)
     print("End")
Пример #4
0
    def gatherFromConfig(self):
        lootFolder = os.path.join(self.wspaceFolder, "loot")
        filename = str(self.connection.endpoint).replace(":", "-") + "_" + str(
            self.connection.user) + "_.ssh_config"
        filepath = os.path.join(lootFolder, filename)

        try:
            self.sftp.get(".ssh/config", filepath)
        except Exception as e:
            return None

        with open(filepath, 'r', errors='replace') as f:
            data = f.read()
        lines = data.split('\n')
        curHost = None
        for line in lines:
            if line == '':
                continue
            if line[:5].lower() == "Host ".lower():
                if curHost != None and curHost["name"] != "*":
                    if "host" in curHost.keys():
                        host = curHost["host"]
                    else:
                        host = curHost["name"]
                    if "port" in curHost.keys():
                        port = curHost["port"]
                    else:
                        port = None
                    endpoints = self.hostnameToIP(host, port)
                    user = None
                    identity = None
                    if "user" in curHost.keys():
                        user = User(curHost["user"])
                        if not self.connection.scope:
                            user.scope = False
                        if user.id is None:
                            user.found = self.connection.endpoint
                            user.save()
                            self.newUsers.append(user)
                    if "identity" in curHost.keys():
                        identity = self.getKeyToCreds(curHost["identity"], ".")
                curHost = {}
                curHost["name"] = line.split()[1]
            else:
                [key, val] = line.strip().split(' ', 1)
                key = key.lower()
                if key == "user":
                    curHost['user'] = val
                elif key == "port":
                    curHost['port'] = val
                elif key == "hostname":
                    curHost['host'] = val
                elif key == "identityfile":
                    if val[:2] == '~/':
                        val = val[2:]
                    curHost['identity'] = val
        if curHost != None and curHost["name"] != "*":
            if "host" in curHost.keys():
                host = curHost["host"]
            else:
                host = curHost["name"]
            if "port" in curHost.keys():
                port = curHost["port"]
            else:
                port = None
            endpoints = self.hostnameToIP(host, port)
            user = None
            identity = None
            if "user" in curHost.keys():
                user = User(curHost["user"])
                if not self.connection.scope:
                    user.scope = False
                if user.id is None:
                    user.found = self.connection.endpoint
                    self.newUsers.append(user)
                    user.save()
            if "identity" in curHost.keys():
                identity = self.getKeyToCreds(curHost["identity"], ".")