def attack(self):
"""
Run the attack against all targets
:param fast_mode:
"""
# Initialize top status/progress bar
# If single target (total=None), the counter format will be used instead of the progress bar format
attack_progress = manager.counter(
total=len(self.targets) + 1 if len(self.targets) > 1 else None,
desc='',
unit='target',
bar_format=STATUSBAR_FORMAT, # For multi targets
counter_format=STATUSBAR_FORMAT_SINGLE) # For single target
time.sleep(.5) # hack for progress bar display
for i in range(1, len(self.targets) + 1):
print()
self.show_summary()
print()
# Target selection
if not self.fast_mode:
if len(self.targets) > 1:
self.current_targetid = Output.prompt_choice_range(
'Attack target # ? [{default}] '.format(
default=self.current_targetid), 1,
len(self.targets), self.current_targetid)
else:
if Output.prompt_confirm('Start attack ?', default=True):
self.current_targetid = 1
else:
logger.warning('Attack canceled !')
sys.exit(1)
target = self.targets[self.current_targetid - 1]
# Update status/progress bar
status = 'Current target [{cur}/{total}]: host {ip} | port {port}/{proto} | service {service}'.format(
cur=i,
total=len(self.targets),
ip=target.get_ip(),
port=target.get_port(),
proto=target.get_protocol(),
service=target.get_service_name())
attack_progress.desc = '{status}{fill}'.format(
status=status, fill=' ' * (DESC_LENGTH - len(status)))
attack_progress.update()
print()
# Launch the attack on the selected target
self.__attack_target(self.current_targetid, attack_progress)
self.current_targetid += 1
attack_progress.update()
time.sleep(.5)
attack_progress.close()
manager.stop() # Clear progress bars
def attack(self):
"""Run the attack against all targets in the scope"""
# Initialize top status/progress bar
# If single target (total=None), the counter format will be used instead of
# the progress bar format
attack_progress = manager.counter(
total=len(self.targets) + 1 if len(self.targets) > 1 else None,
desc='',
unit='target',
bar_format=STATUSBAR_FORMAT, # For multi targets
counter_format=STATUSBAR_FORMAT_SINGLE) # For single target
time.sleep(.5) # hack for progress bar display
# Loop over the targets
for i in range(1, len(self.targets) + 1):
# In Multi-targets mode:
# Display summary table and prompt for target selection
# (not if too many target to avoid poor output)
if 2 <= len(self.targets) <= 15:
self.show_summary()
if not self.fast_mode and len(self.targets) > 1:
self.current_targetid = Output.prompt_choice_range(
'Attack target # (Ctrl+C to quit) ? [{default}] '.format(
default=self.current_targetid), 1, len(self.targets),
self.current_targetid)
target = self.targets[self.current_targetid - 1]
# Update status/progress bar
status = 'Current target [{cur}/{total}]: {target}'.format(
cur=i, total=len(self.targets), target=target)
attack_progress.desc = '{status}{fill}'.format(
status=status, fill=' ' * (DESC_LENGTH - len(status)))
attack_progress.update()
print()
# Check the current target
# For single target mode: already done in AttackController
if len(self.targets) > 1:
# By default, do NOT perform reverve DNS lookup & Nmap banner grabbing
# because we assume it has been added via Nmap results in most cases
# and thus, has already been done (behaviour can be changed with opt)
reachable = target.smart_check(
reverse_dns=(self.arguments.args.reverse_dns == 'on'),
availability_check=True,
grab_banner_nmap=(
self.arguments.args.nmap_banner_grab == 'on'),
web_technos_detection=False)
if target.service.name == 'http':
msg = 'Target URL {url} is {neg}reachable'.format(
url=target.get_url(),
neg='not ' if not reachable else '')
else:
msg = 'Target {neg}reachable: {target}'.format(
neg='not ' if not reachable else '', target=target)
# Update info into database if needed
self.services_requester.add_target(target)
if reachable:
#target.service.up = True
logger.success(msg)
else:
# Skip target if not reachable
logger.error(msg)
continue
# In Single-target mode: Display summary table and prompt for confirmation
if len(self.targets) == 1:
self.show_summary()
if not self.fast_mode:
if Output.prompt_confirm('Start attack ?', default=True):
self.current_targetid = 1
else:
logger.warning('Attack canceled !')
sys.exit(1)
# Launch the attack on the selected target
self.__attack_target(target, attack_progress)
self.current_targetid += 1
self.current_targetid = self.current_targetid % len(self.targets)
attack_progress.update()
time.sleep(.5)
attack_progress.close()
manager.stop() # Clear progress bars
def attack(self):
"""Run the attack against all targets in the scope"""
# Initialize top status/progress bar
# If single target (total=None), the counter format will be used instead of
# the progress bar format
attack_progress = manager.counter(
total=len(self.targets)+1 if len(self.targets) > 1 else None,
desc='',
unit='target',
bar_format=STATUSBAR_FORMAT, # For multi targets
counter_format=STATUSBAR_FORMAT_SINGLE) # For single target
time.sleep(.5) # hack for progress bar display
# Loop over the targets
for i in range(1,len(self.targets)+1):
# Display table with targets
self.show_summary()
# Prompt for target selection
if not self.fast_mode:
if len(self.targets) == 1:
if Output.prompt_confirm('Start attack ?', default=True):
self.current_targetid = 1
else:
logger.warning('Attack canceled !')
sys.exit(1)
else:
self.current_targetid = Output.prompt_choice_range(
'Attack target # (Ctrl+C to quit) ? [{default}] '.format(
default=self.current_targetid),
1, len(self.targets), self.current_targetid)
target = self.targets[self.current_targetid-1]
# Update status/progress bar
status = 'Current target [{cur}/{total}]: {target}'.format(
cur = i,
total = len(self.targets),
target = target)
attack_progress.desc = '{status}{fill}'.format(
status = status,
fill = ' '*(DESC_LENGTH-len(status)))
attack_progress.update()
print()
# Check the selected target and update its information
# This is done for targets loaded from the database in multi-targets mode
# (For single target, done before adding it to a mission in AttackController)
#
# - Reverse DNS lookup: not by default (should have already been done)
# - Port check: always (target might not been reachable anymore)
# - Nmap service detection: not by default (should have already been done)
# - HTML title grabbing: always
# - Web technologies detection: always
# - Context initialization via SmartStart: always
if len(self.targets) > 1:
reachable = target.smart_check(
reverse_dns_lookup=(self.arguments.args.reverse_dns == 'on'),
availability_check=True,
nmap_banner_grabbing=(self.arguments.args.nmap_banner_grab == 'on'),
html_title_grabbing=True,
web_technos_detection=True,
smart_context_initialize=True)
# Update info into database if needed
self.services_requester.add_target(target)
# Display availability status, skip if not reachable
if target.service.name == 'http':
msg = 'Target URL {url} is {neg}reachable'.format(
url=target.get_url(),
neg='not ' if not reachable else '')
else:
msg = 'Target {neg}reachable: {target}'.format(
neg='not ' if not reachable else '',
target=target)
if reachable:
logger.success(msg)
else:
logger.error(msg)
self.__next_target()
continue
# Launch the attack on the selected target
self.__attack_target(target, attack_progress)
# Move to next target
self.__next_target()
# Clear progress bars
attack_progress.update()
time.sleep(.5)
attack_progress.close()
manager.stop()
