Пример #1
0
	def __take_screenshot(self, logger):

		logger._logging("START: Screen Scan {0} threads".format(self.__args.thread))
		pool = ThreadPool(self.__args.thread)

		for url in self.__urls:
			output_file = "{0}{1}_{2}.png".format(self._output_dir, url.split("/")[2], datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
			phantomjs_cmd = "{0} --ignore-ssl-errors=true {1} {2} {3}".format(Core._commands_path["phantomjs"], self.__args.rasterize, url, output_file)
			
			logger._logging("Taking screenshot: {0}".format(url.split("/")[2]))
			pool.add_task(self.__run_phantomjs, phantomjs_cmd)

		pool.wait_completion()
		logger._logging("Finished Screenshot Scan. Results saved in {0} folder".format(self._output_dir))
Пример #2
0
    def vnckey(self, *options):
        port = 5901

        if not os.path.exists(self.vncviewer_path):
            mess = "vncviewer: %s path doesn't exists on the system!" % os.path.abspath(
                self.vncviewer_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        if not os.path.isfile(self.args.key_file):
            mess = "Key file: \"%s\" doesn't exists." % os.path.abspath(
                self.args.key_file)
            raise CrowbarExceptions(mess)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #3
0
    def rdp(self):
        port = 3389

        if not os.path.exists(self.xfreerdp_path):
            mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(
                self.xfreerdp_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        pwds_count = len(open(self.args.passwd_file, "r").read().splitlines())
        counter_step = 50
        ws_counter = WSCounter(counter_step, counter_step * 30, pwds_count)

        try:
            pool = ThreadPool(int(self.args.thread), ws_counter)
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #4
0
    def vnckey(self, *options):
        port = 5901

        if not os.path.exists(self.vncviewer_path):
            mess = "vncviewer: %s path doesn't exists on the system" % os.path.abspath(self.vncviewer_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" % self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        if not os.path.isfile(self.args.key_file):
            mess = "Key file: \"%s\" doesn't exists" % os.path.abspath(self.args.key_file)
            raise CrowbarExceptions(mess)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception as err:
            raise CrowbarExceptions(str(err))

        for ip in self.ip_list:
            if not self.args.quiet:
                self.logger.output_file("Trying %s:%s" % (ip, port))
            pool.add_task(self.vnclogin, ip, port, self.args.key_file)
        pool.wait_completion()
Пример #5
0
    def sshkey(self):
        port = 22

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(self.args.thread)
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #6
0
    def sshkey(self):
        port = 22

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(self.args.thread)
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #7
0
    def rdp(self):
        port = 3389

        if not os.path.exists(self.xfreerdp_path):
            mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(self.xfreerdp_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #8
0
    def openvpn(self):

        port = 443

        if not os.path.exists(self.openvpn_path):
            mess = "openvpn: %s path doesn't exists on the system !!!" % (
                self.openvpn_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #9
0
    def openvpn(self):
        port = 443  #TCP 443, TCP 943, UDP 1194

        if not os.path.exists(self.openvpn_path):
            mess = "openvpn: %s path doesn't exists on the system!" % os.path.abspath(
                self.openvpn_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #10
0
    def vnckey(self, *options):

        port = 5901

        if not os.path.exists(self.vncviewer_path):
            mess = "vncviewer: %s path doesn't exists on the system !!!" % (
                self.vncviewer_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        if not os.path.isfile(self.args.key_file):
            mess = "Key file: \"%s\" doesn't exists." % self.args.key_file
            raise CrowbarExceptions(mess)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception, err:
            raise CrowbarExceptions(str(err))
Пример #11
0
    def __take_screenshot(self, logger):

        logger._logging("START: Screen Scan {0} threads".format(
            self.__args.thread))
        pool = ThreadPool(self.__args.thread)

        for url in self.__urls:
            output_file = "{0}{1}_{2}.png".format(
                self._output_dir,
                url.split("/")[2],
                datetime.datetime.now().strftime("%Y%m%d%H%M%S"))
            phantomjs_cmd = "{0} --ignore-ssl-errors=true {1} {2} {3}".format(
                Core._commands_path["phantomjs"], self.__args.rasterize, url,
                output_file)

            logger._logging("Taking screenshot: {0}".format(url.split("/")[2]))
            pool.add_task(self.__run_phantomjs, phantomjs_cmd)

        pool.wait_completion()
        logger._logging(
            "Finished Screenshot Scan. Results saved in {0} folder".format(
                self._output_dir))
Пример #12
0
    def sshkey(self):
        port = 22

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(self.args.thread)
        except Exception as err:
            raise CrowbarExceptions(str(err))

        if not os.path.exists(self.args.key_file):
            mess = "Key file/folder: \"%s\" doesn't exists." % os.path.abspath(
                self.args.key_file)
            raise CrowbarExceptions(mess)

        for ip in self.ip_list:
            if not self.args.quiet:
                self.logger.output_file("Trying %s:%s" % (ip, port))

            if self.args.username_file:
                try:
                    userfile = open(self.args.username_file,
                                    "r").read().splitlines()
                except:
                    mess = "File: %s doesn't exists!" % os.path.abspath(
                        self.args.username_file)
                    raise CrowbarExceptions(mess)

                for user in userfile:
                    if os.path.isdir(self.args.key_file):
                        for dirname, dirnames, filenames in os.walk(
                                self.args.key_file):
                            for keyfile in filenames:
                                keyfile_path = self.args.key_file + "/" + keyfile
                                if keyfile.endswith('.pub', 4):
                                    self.logger.output_file(
                                        "LOG-SSH: Skipping Public Key - %s" %
                                        keyfile_path)
                                    continue
                                pool.add_task(self.sshlogin, ip, port, user,
                                              keyfile_path, self.args.timeout)
                    else:
                        pool.add_task(self.sshlogin, ip, port, user,
                                      self.args.key_file, self.args.timeout)
            else:
                if os.path.isdir(self.args.key_file):
                    for dirname, dirnames, filenames in os.walk(
                            self.args.key_file):
                        for keyfile in filenames:
                            keyfile_path = dirname + "/" + keyfile
                            if keyfile.endswith('.pub', 4):
                                self.logger.output_file(
                                    "LOG-SSH: Skipping Public Key - %s" %
                                    keyfile_path)
                                continue
                            pool.add_task(self.sshlogin, ip, port,
                                          self.args.username, keyfile_path,
                                          self.args.timeout)
                else:
                    pool.add_task(self.sshlogin, ip, port, self.args.username,
                                  self.args.key_file, self.args.timeout)
        pool.wait_completion()
Пример #13
0
    def rdp(self):
        port = 3389

        if not os.path.exists(self.xfreerdp_path):
            mess = "xfreerdp: %s path doesn't exists on the system!" % os.path.abspath(
                self.xfreerdp_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception as err:
            raise CrowbarExceptions(str(err))

        for ip in self.ip_list:
            if not self.args.quiet:
                self.logger.output_file("Trying %s:%s" % (ip, port))

            if self.args.username_file:
                try:
                    userfile = open(self.args.username_file,
                                    "r").read().splitlines()
                except:
                    mess = "File: %s doesn't exists!" % os.path.abspath(
                        self.args.username_file)
                    raise CrowbarExceptions(mess)

                for user in userfile:
                    if ' ' in user:
                        user = '******' + user + '"'

                    if self.args.passwd_file:
                        try:
                            passwdfile = open(self.args.passwd_file,
                                              "r").read().splitlines()
                        except:
                            mess = "File: %s doesn't exists" % os.path.abspath(
                                self.args.passwd_file)
                            raise CrowbarExceptions(mess)

                        for password in passwdfile:
                            pool.add_task(self.rdplogin, ip, user, password,
                                          port)
                    else:
                        pool.add_task(self.rdplogin, ip, user,
                                      self.args.passwd, port)
            else:
                if self.args.passwd_file:
                    try:
                        passwdfile = open(self.args.passwd_file,
                                          "r").read().splitlines()
                    except:
                        mess = "File: %s doesn't exists" % os.path.abspath(
                            self.args.passwd_file)
                        raise CrowbarExceptions(mess)

                    for password in passwdfile:
                        pool.add_task(self.rdplogin, ip, self.args.username,
                                      password, port)
                else:
                    pool.add_task(self.rdplogin, ip, self.args.username,
                                  self.args.passwd, port)
        pool.wait_completion()
Пример #14
0
    def openvpn(self):
        port = 443  # TCP 443, TCP 943, UDP 1194

        if not 'SUDO_UID' in os.environ.keys():
            mess = "OpenVPN requires super user privileges"
            raise CrowbarExceptions(mess)

        if not os.path.exists(self.openvpn_path):
            mess = "openvpn: %s path doesn't exists on the system!" % os.path.abspath(
                self.openvpn_path)
            raise CrowbarExceptions(mess)

        if self.args.port is not None:
            port = self.args.port

        if self.args.discover:
            if not self.args.quiet:
                self.logger.output_file("Discovery mode - port scanning: %s" %
                                        self.args.server)
            self.ip_list = self.nmap.port_scan(self.args.server, port)

        try:
            pool = ThreadPool(int(self.args.thread))
        except Exception as err:
            raise CrowbarExceptions(str(err))

        for config_line in open(self.args.config, "r"):
            if re.search(self.vpn_remote_regex, config_line):
                raise CrowbarExceptions(self.vpn_warning)

        for ip in self.ip_list:
            if not self.args.quiet:
                self.logger.output_file("Trying %s:%s" % (ip, port))

            if self.args.username_file:
                try:
                    userfile = open(self.args.username_file,
                                    "r").read().splitlines()
                except:
                    mess = "File: %s doesn't exists!" % os.path.abspath(
                        self.args.username_file)
                    raise CrowbarExceptions(mess)

                for user in userfile:
                    if self.args.passwd_file:
                        try:
                            passwdfile = open(self.args.passwd_file,
                                              "r").read().splitlines()
                        except:
                            mess = "File: %s doesn't exists!" % os.path.abspath(
                                self.args.passwd_file)
                            raise CrowbarExceptions(mess)

                        for password in passwdfile:
                            brute_file = tempfile.NamedTemporaryFile(
                                mode='w+t')
                            brute_file.write(user + "\n")
                            brute_file.write(password + "\n")
                            pool.add_task(self.openvpnlogin, ip, user,
                                          password, brute_file, port)
                    else:
                        brute_file = tempfile.NamedTemporaryFile(mode='w+t')
                        brute_file.write(user + "\n")
                        brute_file.write(self.args.passwd + "\n")
                        pool.add_task(self.openvpnlogin, ip, user,
                                      self.args.passwd, brute_file, port)
            else:
                if self.args.passwd_file:
                    try:
                        passwdfile = open(self.args.passwd_file,
                                          "r").read().splitlines()
                    except:
                        mess = "File: %s doesn't exists!" % os.path.abspath(
                            self.args.passwd_file)
                        raise CrowbarExceptions(mess)

                    for password in passwdfile:
                        brute_file = tempfile.NamedTemporaryFile(mode='w+t')
                        brute_file.write(self.args.username + "\n")
                        brute_file.write(password + "\n")
                        pool.add_task(self.openvpnlogin, ip,
                                      self.args.username, password, brute_file,
                                      port)
                else:
                    brute_file = tempfile.NamedTemporaryFile(mode='w+t')
                    brute_file.write(self.args.username + "\n")
                    brute_file.write(self.args.passwd + "\n")
                    pool.add_task(self.openvpnlogin, ip, self.args.username,
                                  self.args.passwd, brute_file, port)
        pool.wait_completion()