Пример #1
0
def smbcmdlist():
    parse_list_file(conf.smbcmdlist)
    targets_tuple = ()

    for target in targets:
        if len(target.getValidCredentials()) == 0:
            continue
        else:
            first_credentials = target.getValidCredentials()[0]

        logger.info('Executing SMB commands on %s with user %s' % (target.getIdentity(), first_credentials.getUser()))
        shell = InteractiveShell(target, first_credentials, conf.name)

        if len(commands) > 0:
            logger.info('Executing SMB commands from provided file')

            for command in commands:
                print 'SMB command \'%s\' output:' % command

                try:
                    shell.onecmd(command)
                except SessionError, e:
                    #traceback.print_exc()
                    logger.error('SMB error: %s' % (e.getErrorString(), ))
                except NetBIOSTimeout, e:
                    logger.error('SMB connection timed out')
                except keimpxError, e:
                    logger.error(e)
                except KeyboardInterrupt, _:
                    print
                    logger.info('User aborted')
                    shell.do_exit('')
Пример #2
0
def smbcmdlist():
    parse_list_file(conf.smbcmdlist)
    targets_tuple = ()

    for target in targets:
        if len(target.getValidCredentials()) == 0:
            continue
        else:
            admin_credentials = get_admin_credentials(target)

        if admin_credentials is False:
            admin_credentials = target.getValidCredentials()[0]
            logger.warn("No admin user identified for target %s, some commands will not work" % target.getIdentity())

        logger.info("Executing SMB commands on %s with user %s" % (target.getIdentity(), admin_credentials.getUser()))
        shell = InteractiveShell(target, admin_credentials, conf.name)

        if len(commands) > 0:
            logger.info("Executing SMB commands from provided file")

            for command in commands:
                print "SMB command '%s' output:" % command

                try:
                    shell.onecmd(command)
                except SessionError, e:
                    # traceback.print_exc()
                    logger.error("SMB error: %s" % (e.getErrorString(),))
                except NetBIOSTimeout, e:
                    logger.error("SMB connection timed out")
                except keimpxError, e:
                    logger.error(e)
                except KeyboardInterrupt, _:
                    print
                    logger.info("User aborted")
                    shell.do_exit("")
Пример #3
0
def smb_cmd_list(targets):
    commands = parse_list_file(conf.smbcmdlist)
    targets_tuple = ()

    for target in targets:
        if len(target.get_valid_credentials()) == 0:
            continue
        else:
            admin_credentials = get_admin_credentials(target)

        if admin_credentials is False:
            admin_credentials = target.get_valid_credentials()[0]
            logger.warn(
                'No admin user identified for target %s, some commands will not work'
                % target.get_identity())

        logger.info('Executing SMB commands on %s with user %s' %
                    (target.get_identity(), admin_credentials.getUser()))
        shell = InteractiveShell(target, admin_credentials, conf.name)

        if len(commands) > 0:
            logger.info('Executing SMB commands from provided file')

            for command in commands:
                print('SMB command \'%s\' output:' % command)

                try:
                    shell.onecmd(command)
                except SessionError as e:
                    # traceback.print_exc()
                    logger.error('SMB error: %s' % (e.getErrorString(), ))
                except NetBIOSTimeout as e:
                    logger.error('SMB connection timed out')
                except keimpxError as e:
                    logger.error(e)
                except KeyboardInterrupt as _:
                    print()
                    logger.info('User aborted')
                    shell.do_exit('')
                except Exception as e:
                    # traceback.print_exc()
                    logger.error(str(e))

                print('----------8<----------')
Пример #4
0
def main():
    global conf
    global credentials
    global domains
    global have_readline
    global pool_thread

    banner()
    conf = cmdline_parser()
    check_conf()
    pool_thread = threading.BoundedSemaphore(conf.threads)

    try:
        for target in targets:
            pool_thread.acquire()
            current = test_login(target)
            current.daemon = True
            current.start()

        while threading.activeCount() > 1:
            a = 'Caughtit'
            pass

    except KeyboardInterrupt:
        print
        try:
            logger.warn('Test interrupted')
            a = 'Caughtit'
            stop_threads[0] = True
        except KeyboardInterrupt:
            print
            logger.info('User aborted')
            exit(1)

    if successes == 0:
        print '\nNo credentials worked on any target\n'
        exit(0)

    print '\nThe credentials worked in total %d times\n' % successes
    print 'TARGET SORTED RESULTS:\n'

    for target in targets:
        valid_credentials = target.get_valid_credentials()

        if len(valid_credentials) > 0:
            print target.get_identity()

            for valid_credential in valid_credentials:
                print '  %s' % valid_credential.get_identity()

            print

    print '\nUSER SORTED RESULTS:\n'

    for credential in credentials:
        valid_credentials = credential.get_valid_targets()

        if len(valid_credentials) > 0:
            print credential.get_identity()

            for valid_credential in valid_credentials:
                print '  %s' % valid_credential.get_identity()

            print

    if conf.smbcmdlist is not None:
        smb_cmd_list()

    if conf.oscmdlist is not None:
        os_cmd_list()

    if conf.batch or conf.smbcmdlist or conf.oscmdlist:
        return

    while True:
        msg = 'Do you want to establish a SMB shell from any of the targets? [Y/n] '
        choice = raw_input(msg)

        if choice and choice[0].lower() != 'y':
            return

        counter = 0
        targets_dict = {}
        msg = 'Which target do you want to connect to?'

        for target in targets:
            valid_credentials = target.get_valid_credentials()

            if len(valid_credentials) > 0:
                counter += 1
                msg += '\n[%d] %s%s' % (counter, target.get_identity(), ' (default)' if counter == 1 else '')
                targets_dict[counter] = (target, valid_credentials)

        msg += '\n> '
        choice = read_input(msg, counter)
        user_target, valid_credentials = targets_dict[int(choice)]

        counter = 0
        credentials_dict = {}
        msg = 'Which credentials do you want to use to connect?'

        for credential in valid_credentials:
            counter += 1
            msg += '\n[%d] %s%s' % (counter, credential.get_identity(), ' (default)' if counter == 1 else '')
            credentials_dict[counter] = credential

        msg += '\n> '
        choice = read_input(msg, counter)
        user_credentials = credentials_dict[int(choice)]

        if sys.platform.lower() == 'win32' and have_readline:
            try:
                _outputfile = readline.GetOutputFile()
            except AttributeError:
                logger.debug('Failed GetOutputFile when using platform\'s readline library')
                have_readline = False

        uses_libedit = False

        if sys.platform.lower() == 'darwin' and have_readline:
            import commands

            (status, result) = commands.getstatusoutput('otool -L %s | grep libedit' % readline.__file__)

            if status == 0 and len(result) > 0:
                readline.parse_and_bind('bind ^I rl_complete')

                debugMsg = 'Leopard libedit detected when using platform\'s '
                debugMsg += 'readline library'
                logger.debug(debugMsg)

                uses_libedit = True

        try:
            shell = InteractiveShell(user_target, user_credentials, conf.name)
            shell.cmdloop()
        except RuntimeError, e:
            logger.error('Runtime error: %s' % str(e))
        except Exception, _:
            # traceback.print_exc()
            pass
Пример #5
0
def main():
    global conf
    global credentials
    global domains
    global have_readline
    global pool_thread

    banner()
    conf = cmdline_parser()
    check_conf()
    pool_thread = threading.BoundedSemaphore(conf.threads)

    try:
        for target in targets:
            pool_thread.acquire()
            current = test_login(target)
            current.start()

        while (threading.activeCount() > 1):
            a = 'Caughtit'
            pass

    except KeyboardInterrupt:
        print
        try:
            logger.warn('Test interrupted, waiting for threads to finish')

            while (threading.activeCount() > 1):
                a = 'Caughtit'
                pass
        except KeyboardInterrupt:
            print
            logger.info('User aborted')
            sys.exit(1)

    if successes == 0:
        print '\nNo credentials worked on any target\n'
        sys.exit(1)

    print '\nThe credentials worked in total %d times\n' % successes
    print 'TARGET SORTED RESULTS:\n'

    for target in targets:
        valid_credentials = target.getValidCredentials()

        if len(valid_credentials) > 0:
            print target.getIdentity()

            for valid_credential in valid_credentials:
                print '  %s' % valid_credential.getIdentity()

            print

    print '\nUSER SORTED RESULTS:\n'

    for credential in credentials:
        valid_credentials = credential.getValidTargets()

        if len(valid_credentials) > 0:
            print credential.getIdentity()

            for valid_credential in valid_credentials:
                print '  %s' % valid_credential.getIdentity()

            print

    if conf.smbcmdlist is not None:
        smbcmdlist()

    if conf.oscmdlist is not None:
        oscmdlist()

    if conf.batch or conf.smbcmdlist or conf.oscmdlist:
        return

    msg = 'Do you want to establish a SMB shell from any of the targets? [Y/n] '
    choice = raw_input(msg)

    if choice and choice[0].lower() != 'y':
        return

    counter = 0
    targets_dict = {}
    msg = 'Which target do you want to connect to?'

    for target in targets:
        valid_credentials = target.getValidCredentials()

        if len(valid_credentials) > 0:
            counter += 1
            msg += '\n[%d] %s%s' % (counter, target.getIdentity(), ' (default)' if counter == 1 else '')
            targets_dict[counter] = (target, valid_credentials)

    msg += '\n> '
    choice = read_input(msg, counter)
    user_target, valid_credentials = targets_dict[int(choice)]

    counter = 0
    credentials_dict = {}
    msg = 'Which credentials do you want to use to connect?'

    for credential in valid_credentials:
        counter += 1
        msg += '\n[%d] %s%s' % (counter, credential.getIdentity(), ' (default)' if counter == 1 else '')
        credentials_dict[counter] = credential

    msg += '\n> '
    choice = read_input(msg, counter)
    user_credentials = credentials_dict[int(choice)]

    if mswindows is True and have_readline:
        try:
            _outputfile = readline.GetOutputFile()
        except AttributeError:
            logger.debug('Failed GetOutputFile when using platform\'s readline library')
            have_readline = False

    uses_libedit = False

    if sys.platform.lower() == 'darwin' and have_readline:
        import commands

        (status, result) = commands.getstatusoutput('otool -L %s | grep libedit' % readline.__file__)

        if status == 0 and len(result) > 0:
            readline.parse_and_bind('bind ^I rl_complete')

            debugMsg  = 'Leopard libedit detected when using platform\'s '
            debugMsg += 'readline library'
            logger.debug(debugMsg)

            uses_libedit = True

    try:
        shell = InteractiveShell(user_target, user_credentials, conf.name)
        shell.cmdloop()
    except RuntimeError:
        sys.exit(255)
Пример #6
0
def main():
    global conf
    global credentials
    global domains
    global have_readline
    global pool_thread

    banner()
    conf = cmdline_parser()
    check_conf()
    pool_thread = threading.BoundedSemaphore(conf.threads)

    try:
        for target in targets:
            pool_thread.acquire()
            current = test_login(target)
            current.daemon = True
            current.start()

        while threading.activeCount() > 1:
            a = "Caughtit"
            pass

    except KeyboardInterrupt:
        print
        try:
            logger.warn("Test interrupted")
            a = "Caughtit"
            stop_threads[0] = True
        except KeyboardInterrupt:
            print
            logger.info("User aborted")
            os._exit(1)

    if successes == 0:
        print "\nNo credentials worked on any target\n"
        os._exit(0)

    print "\nThe credentials worked in total %d times\n" % successes
    print "TARGET SORTED RESULTS:\n"

    for target in targets:
        valid_credentials = target.getValidCredentials()

        if len(valid_credentials) > 0:
            print target.getIdentity()

            for valid_credential in valid_credentials:
                print "  %s" % valid_credential.getIdentity()

            print

    print "\nUSER SORTED RESULTS:\n"

    for credential in credentials:
        valid_credentials = credential.getValidTargets()

        if len(valid_credentials) > 0:
            print credential.getIdentity()

            for valid_credential in valid_credentials:
                print "  %s" % valid_credential.getIdentity()

            print

    if conf.smbcmdlist is not None:
        smbcmdlist()

    if conf.oscmdlist is not None:
        oscmdlist()

    if conf.batch or conf.smbcmdlist or conf.oscmdlist:
        return

    while True:
        msg = "Do you want to establish a SMB shell from any of the targets? [Y/n] "
        choice = raw_input(msg)

        if choice and choice[0].lower() != "y":
            return

        counter = 0
        targets_dict = {}
        msg = "Which target do you want to connect to?"

        for target in targets:
            valid_credentials = target.getValidCredentials()

            if len(valid_credentials) > 0:
                counter += 1
                msg += "\n[%d] %s%s" % (counter, target.getIdentity(), " (default)" if counter == 1 else "")
                targets_dict[counter] = (target, valid_credentials)

        msg += "\n> "
        choice = read_input(msg, counter)
        user_target, valid_credentials = targets_dict[int(choice)]

        counter = 0
        credentials_dict = {}
        msg = "Which credentials do you want to use to connect?"

        for credential in valid_credentials:
            counter += 1
            msg += "\n[%d] %s%s" % (counter, credential.getIdentity(), " (default)" if counter == 1 else "")
            credentials_dict[counter] = credential

        msg += "\n> "
        choice = read_input(msg, counter)
        user_credentials = credentials_dict[int(choice)]

        if mswindows is True and have_readline:
            try:
                _outputfile = readline.GetOutputFile()
            except AttributeError:
                logger.debug("Failed GetOutputFile when using platform's readline library")
                have_readline = False

        uses_libedit = False

        if sys.platform.lower() == "darwin" and have_readline:
            import commands

            (status, result) = commands.getstatusoutput("otool -L %s | grep libedit" % readline.__file__)

            if status == 0 and len(result) > 0:
                readline.parse_and_bind("bind ^I rl_complete")

                debugMsg = "Leopard libedit detected when using platform's "
                debugMsg += "readline library"
                logger.debug(debugMsg)

                uses_libedit = True

        try:
            shell = InteractiveShell(user_target, user_credentials, conf.name)
            shell.cmdloop()
        except RuntimeError, e:
            logger.error("Runtime error: %s" % str(e))
        except Exception, _:
            # traceback.print_exc()
            pass