def __init__(self, required=True, password_type=None):
if password_type is None:
password_type = []
super().__init__(option_type='enum',
name=CREDENTIAL_OPTION.get('name'),
name_tag=CREDENTIAL_OPTION.get('name_tag'),
desc=CREDENTIAL_OPTION.get('desc'),
option_length=CREDENTIAL_OPTION.get('option_length'),
required=required,
extra_data={'password_type': password_type})
def _store_result_in_history(self):
"""存储模块运行结果到历史记录"""
if self.MODULETYPE in [TAG2CH.internal]:
return None
opts = {}
for key in self._custom_param:
for option in self.OPTIONS:
if option.get("name") == key:
if self._custom_param.get(key) is None:
continue
opts[option.get("name_tag")] = self._custom_param.get(key)
# 处理凭证,监听,文件等参数
try:
if key == HANDLER_OPTION.get("name"):
handler_dict = json.loads(
self._custom_param.get(key))
# 清理无效的参数
new_params = {
"PAYLOAD": handler_dict.get("PAYLOAD"),
"LPORT": handler_dict.get("LPORT")
}
if handler_dict.get("LHOST") is not None:
new_params["LHOST"] = handler_dict.get("LHOST")
if handler_dict.get("RHOST") is not None:
new_params["RHOST"] = handler_dict.get("RHOST")
opts[option.get("name_tag")] = json.dumps(
new_params)
elif key == FILE_OPTION.get("name"):
file_dict = json.loads(self._custom_param.get(key))
opts[option.get("name_tag")] = json.dumps({
"name":
file_dict.get("name"),
})
elif key == CREDENTIAL_OPTION.get("name"):
credential_dict = json.loads(
self._custom_param.get(key))
opts[option.get("name_tag")] = json.dumps({
"username":
credential_dict.get("username"),
"password":
credential_dict.get("password"),
"password_type":
credential_dict.get("password_type"),
})
except Exception as E:
logger.exception(E)
module_result = Xcache.get_module_result(ipaddress=self.host_ipaddress,
loadpath=self.__module__)
flag = Xcache.add_module_result_history(
ipaddress=self.host_ipaddress,
loadpath=self.__module__,
opts=opts,
update_time=module_result.get("update_time"),
result=module_result.get("result"))
return flag
def param(self, name):
"""获取输入参数的接口"""
if name in [
HANDLER_OPTION.get('name'),
CREDENTIAL_OPTION.get('name'),
FILE_OPTION.get('name')
]:
if self._custom_param.get(name) is None:
return None
try:
tmp_param = json.loads(self._custom_param.get(name))
return tmp_param
except Exception as E:
logger.warning(E)
return None
else:
return self._custom_param.get(name)
def set_smb_info_by_credential(self):
credential_record = self.param(CREDENTIAL_OPTION.get('name'))
if credential_record is None:
return False
if credential_record.get('username') is not None:
self.set_option(key='SMBUser',
value=credential_record.get('username'))
else:
return False
if credential_record.get('password') is not None:
self.set_option(key='SMBPass',
value=credential_record.get('password'))
else:
return False
if credential_record.get('tag').get('domain') is not None:
self.set_option(key='SMBDomain',
value=credential_record.get('tag').get('domain'))
else:
return True
return True
def _deal_dynamic_option(one_module_config=None):
"""处理handler及凭证等动态变化参数,返回处理后参数列表"""
options = one_module_config.get('OPTIONS')
for option in options:
# handler处理
if option.get('name') == HANDLER_OPTION.get("name"):
option['enum_list'] = Handler.list_handler_config()
if len(option['enum_list']) == 1: # 只有一个监听
option['default'] = option['enum_list'][0].get("value")
# 凭证处理
elif option.get('name') == CREDENTIAL_OPTION.get("name"):
credentials = Credential.list_credential()
tmp_enum_list = []
try:
if option.get('extra_data') is None or option.get(
'extra_data').get('password_type') is None:
pass
else:
type_list = option.get('extra_data').get(
'password_type')
for credential in credentials:
if credential.get('password_type') in type_list:
name = "用户名:{} | 密码:{} | 标签:{} | 主机:{}".format(
credential.get('username'),
credential.get('password'),
credential.get('tag'),
credential.get('host_ipaddress'))
import json
value = json.dumps(credential)
tmp_enum_list.append({
'name': name,
'value': value
})
option['enum_list'] = tmp_enum_list
except Exception as E:
logger.warning(E)
# 文件处理
elif option.get('name') == FILE_OPTION.get("name"):
if option.get('extra_data') is None or option.get(
'extra_data').get('file_extension') is None:
file_extension_list = None
else:
file_extension_list = option.get('extra_data').get(
'file_extension')
files = FileMsf.list_msf_files()
tmp_enum_list = []
for file in files:
import json
# {
# "filename": "test",
# "filesize": 0,
# "mtime": 1552273961
# },
name = file.get("name")
size = FileSession.get_size_in_nice_string(
file.get('size'))
mtime = file.get("mtime")
style_time = time.strftime("%Y-%m-%d %H:%M:%S",
time.localtime(mtime))
show = False # 是否满足文件后缀要求
if isinstance(file_extension_list, list):
for ext in file_extension_list:
if name.lower().endswith(ext.lower()):
show = True
else:
show = True
if show:
name = "文件: {} 大小: {} 修改时间: {}".format(
name, size, style_time)
value = json.dumps(file)
tmp_enum_list.append({'name': name, 'value': value})
option['enum_list'] = tmp_enum_list
return one_module_config