Hook method for exploiters implemented
This commit is contained in:
parent
f2d25c4481
commit
e6c3cdb361
|
@ -50,6 +50,12 @@ class HostExploiter(object):
|
|||
|
||||
@abstractmethod
|
||||
def exploit_host(self):
|
||||
self.set_start_time()
|
||||
self._exploit_host()
|
||||
self.set_finish_time()
|
||||
|
||||
@abstractmethod
|
||||
def _exploit_host(self):
|
||||
raise NotImplementedError()
|
||||
|
||||
def add_vuln_url(self, url):
|
||||
|
|
|
@ -31,7 +31,7 @@ class HadoopExploiter(WebRCE):
|
|||
def __init__(self, host):
|
||||
super(HadoopExploiter, self).__init__(host)
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
# Try to get exploitable url
|
||||
urls = self.build_potential_urls(self.HADOOP_PORTS)
|
||||
self.add_vulnerable_urls(urls, True)
|
||||
|
|
|
@ -29,7 +29,7 @@ class MSSQLExploiter(HostExploiter):
|
|||
def __init__(self, host):
|
||||
super(MSSQLExploiter, self).__init__(host)
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
# Brute force to get connection
|
||||
username_passwords_pairs_list = self._config.get_exploit_user_password_pairs()
|
||||
cursor = self.brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, username_passwords_pairs_list)
|
||||
|
|
|
@ -255,7 +255,7 @@ class RdpExploiter(HostExploiter):
|
|||
return True
|
||||
return False
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
global g_reactor
|
||||
|
||||
is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT)
|
||||
|
|
|
@ -57,7 +57,7 @@ class SambaCryExploiter(HostExploiter):
|
|||
def __init__(self, host):
|
||||
super(SambaCryExploiter, self).__init__(host)
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
if not self.is_vulnerable():
|
||||
return False
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ class ShellShockExploiter(HostExploiter):
|
|||
) for _ in range(20))
|
||||
self.skip_exist = self._config.skip_exploit_if_file_exist
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
# start by picking ports
|
||||
candidate_services = {
|
||||
service: self.host.services[service] for service in self.host.services if
|
||||
|
|
|
@ -43,7 +43,7 @@ class SmbExploiter(HostExploiter):
|
|||
return self.host.os.get('type') in self._TARGET_OS_TYPE
|
||||
return False
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
src_path = get_target_monkey(self.host)
|
||||
|
||||
if not src_path:
|
||||
|
|
|
@ -94,7 +94,7 @@ class SSHExploiter(HostExploiter):
|
|||
continue
|
||||
return exploited
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
ssh = paramiko.SSHClient()
|
||||
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ class VSFTPDExploiter(HostExploiter):
|
|||
LOG.error('Failed to send payload to %s', self.host.ip_addr)
|
||||
return False
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
LOG.info("Attempting to trigger the Backdoor..")
|
||||
ftp_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
|
||||
|
|
|
@ -66,7 +66,7 @@ class WebRCE(HostExploiter):
|
|||
|
||||
return exploit_config
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
"""
|
||||
Method that contains default exploitation workflow
|
||||
:return: True if exploited, False otherwise
|
||||
|
|
|
@ -92,7 +92,7 @@ class SRVSVC_Exploit(object):
|
|||
|
||||
def get_telnet_port(self):
|
||||
"""get_telnet_port()
|
||||
|
||||
|
||||
The port on which the Telnet service will listen.
|
||||
"""
|
||||
|
||||
|
@ -100,7 +100,7 @@ class SRVSVC_Exploit(object):
|
|||
|
||||
def start(self):
|
||||
"""start() -> socket
|
||||
|
||||
|
||||
Exploit the target machine and return a socket connected to it's
|
||||
listening Telnet service.
|
||||
"""
|
||||
|
@ -174,7 +174,7 @@ class Ms08_067_Exploiter(HostExploiter):
|
|||
self.host.os.get('version') in self._windows_versions.keys()
|
||||
return False
|
||||
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
src_path = get_target_monkey(self.host)
|
||||
|
||||
if not src_path:
|
||||
|
|
|
@ -23,7 +23,7 @@ class WmiExploiter(HostExploiter):
|
|||
super(WmiExploiter, self).__init__(host)
|
||||
|
||||
@WmiTools.dcom_wrap
|
||||
def exploit_host(self):
|
||||
def _exploit_host(self):
|
||||
src_path = get_target_monkey(self.host)
|
||||
|
||||
if not src_path:
|
||||
|
|
|
@ -283,9 +283,7 @@ class InfectionMonkey(object):
|
|||
|
||||
result = False
|
||||
try:
|
||||
exploiter.set_start_time()
|
||||
result = exploiter.exploit_host()
|
||||
exploiter.set_finish_time()
|
||||
if result:
|
||||
self.successfully_exploited(machine, exploiter)
|
||||
return True
|
||||
|
|
Loading…
Reference in New Issue