def import_pwdump(): """Downloads a pwdump loot and processes it""" msf_settings = msf_get_config(session) alert = False error = None response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title) try: from MetasploitProAPI import MetasploitProAPI, MSFProAPIError except ImportError as error: return dict(alert=True, error=str(error), form=None) msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) try: msf.login() data = msf.loot_list(msf_settings['workspace']) except MSFProAPIError as error: return dict(alert=True, error=str(error), form=None) if not alert: loot_list = [] # list of loot IDs and IPs loot_hosts = {} # mapping of IP to loot IDs for k, v in data.items(): if v['ltype'] == 'host.windows.pwdump' or v[ 'ltype'] == 'windows.hashes': loot_list.append([k, v['host']]) loot_hosts.setdefault(v['host'], k) form = SQLFORM.factory( Field('hosts', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')), Field('host_text', 'text', label=T('Host list (1 per line)')), Field('addevidence', 'boolean', label=T('Add to Evidence')), ) if form.accepts(request, session): from skaldship.metasploit import process_pwdump_loot data = [] # based on which form data is entered, make a new loot_list if len(form.vars.hosts) > 0: loot_list = form.vars.hosts elif len(form.vars.host_text) > 0: for ip in form.vars.host_text.split('\n'): try: loot_list.append(loot_hosts[ip]) except: logging.debug("%s not found in MSF loot list" % (ip)) continue retval = process_pwdump_loot(loot_list, msf) response.flash = "PWDUMP files imported\n%s" % (retval) elif form.errors: response.flash = "Errors in your form" else: form = None return dict(form=form, alert=alert, error=str(error))
def import_screenshots(): """ Import Screenshot files from Metasploit Pro into Kvasir """ response.title = "%s :: Import Metasploit Screenshots" % (settings.title) msf_settings = msf_get_config(session) loot_apidata = {} try: from MetasploitProAPI import MetasploitProAPI, MSFProAPIError except ImportError as error: return dict(form=None, error=str(error), alert=True) msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) try: msf.login() loot_apidata = msf.loot_list(msf_settings['workspace']) except MSFProAPIError as error: return dict(form=None, error=str(error), alert=True) loot_list = [] loot_dict = {} loot_hosts = {} for k, v in loot_apidata.items(): if v['ltype'] == 'host.windows.screenshot': loot_list.append([k, v['host']]) loot_dict.setdefault(k, v['host']) loot_hosts.setdefault(v['host'], k) form = SQLFORM.factory( Field('host', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')), Field('host_text', 'text', label=T('Host list (1 per line)')), ) if form.accepts(request, session): loots = [] # based on which form data is entered, make a new loot_list if form.vars.hosts: loot_list = form.vars.hosts elif form.vars.host_text: for ip in form.vars.host_text.split('\n'): try: loot_list.append(loot_hosts[ip]) except: logging.debug("%s not found in MSF loot list" % (ip)) continue loot_count = process_screenshot_loot(loot_list, msf) repsonse.flash = 'Screenshots added for %s host(s)' % (loot_count) elif form.errors: response.flash = "Errors in your form" return dict(form=form, alert=False, error=None)
def import_pwdump(): """Downloads a pwdump loot and processes it""" msf_settings = msf_get_config(session) alert = False error = None response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title) try: from MetasploitProAPI import MetasploitProAPI, MSFProAPIError except ImportError, error: return dict(alert=True, error=str(error), form=None) msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) try: msf.login() data = msf.loot_list(msf_settings['workspace']) except MSFProAPIError, error: return dict(alert=True, error=str(error), form=None) if not alert: loot_list = [] # list of loot IDs and IPs loot_hosts = {} # mapping of IP to loot IDs for k,v in data.iteritems(): if v['ltype'] == 'host.windows.pwdump' or v['ltype'] == 'windows.hashes': loot_list.append([k, v['host']]) loot_hosts.setdefault(v['host'], k) form=SQLFORM.factory( Field('hosts', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')), Field('host_text', 'text', label=T('Host list (1 per line)')), Field('addevidence', 'boolean', label=T('Add to Evidence')),
def import_pwdump(): """Downloads a pwdump loot and processes it""" msf_settings = msf_get_config(session) alert = False error = None response.title = "%s :: Import Metasploit PWDUMP Loot" % (settings.title) try: from MetasploitProAPI import MetasploitProAPI, MSFProAPIError except ImportError, error: return dict(alert=True, error=str(error), form=None) msf = MetasploitProAPI(host=msf_settings['url'], apikey=msf_settings['key']) try: msf.login() data = msf.loot_list(msf_settings['workspace']) except MSFProAPIError, error: return dict(alert=True, error=str(error), form=None) if not alert: loot_list = [] # list of loot IDs and IPs loot_hosts = {} # mapping of IP to loot IDs for k,v in data.iteritems(): if v['ltype'] == 'host.windows.pwdump' or v['ltype'] == 'windows.hashes': loot_list.append([k, v['host']]) loot_hosts.setdefault(v['host'], k) form=SQLFORM.factory( Field('hosts', 'list', requires=IS_IN_SET(loot_list, multiple=True), label=T('Host')), Field('host_text', 'text', label=T('Host list (1 per line)')), Field('addevidence', 'boolean', label=T('Add to Evidence')),