p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Sambacry fixes

This commit is contained in:
VakarisZ 2019-10-16 18:27:14 +03:00
parent 547cfe2f92
commit e36bb9721d
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/exploit/sambacry.py
View File

@ -216,6 +216,8 @@ class SambaCryExploiter(HostExploiter):
pattern = re.compile(r'\d*\.\d*\.\d*') pattern = re.compile(r'\d*\.\d*\.\d*')
smb_server_name = self.host.services[SMB_SERVICE].get('name') smb_server_name = self.host.services[SMB_SERVICE].get('name')
if not smb_server_name:
return False
samba_version = "unknown" samba_version = "unknown"
pattern_result = pattern.search(smb_server_name) pattern_result = pattern.search(smb_server_name)
is_vulnerable = False is_vulnerable = False

21
monkey/infection_monkey/network/smbfinger.py
View File

@ -120,27 +120,26 @@ class SMBFinger(HostFinger):
n = SMBNego(data=SMBNegoFingerData()) n = SMBNego(data=SMBNegoFingerData())
n.calculate() n.calculate()
Packet = str(h) + str(n) packet_ = str(h) + str(n)
Buffer = struct.pack(">i", len(''.join(Packet))) + Packet buffer = struct.pack(">i", len(packet_)) + packet_.encode()
s.send(Buffer) s.send(buffer)
data = s.recv(2048) data = s.recv(2048)
if data[8:10] == "\x72\x00": if data[8:10] == "\x72\x00":
Header = SMBHeader(cmd="\x73", flag1="\x18", flag2="\x17\xc8", uid="\x00\x00") header = SMBHeader(cmd="\x73", flag1="\x18", flag2="\x17\xc8", uid="\x00\x00")
Body = SMBSessionFingerData() body = SMBSessionFingerData()
Body.calculate() body.calculate()
Packet = str(Header) + str(Body) packet_ = str(header) + str(body)
Buffer = struct.pack(">i", len(''.join(Packet))) + Packet buffer = struct.pack(">i", len(packet_)) + packet_.encode()
s.send(Buffer) s.send(buffer)
data = s.recv(2048) data = s.recv(2048)
if data[8:10] == "\x73\x16": if data[8:10] == "\x73\x16":
length = struct.unpack('<H', data[43:45])[0] length = struct.unpack('<H', data[43:45])[0]
pack = tuple(data[47 + length:].split('\x00\x00\x00'))[:2]
os_version, service_client = tuple( os_version, service_client = tuple(
[e.replace('\x00', '') for e in data[47 + length:].split('\x00\x00\x00')[:2]]) [e.replace(b'\x00', b'') for e in data[47 + length:].split(b'\x00\x00\x00')[:2]])
if os_version.lower() != 'unix': if os_version.lower() != 'unix':
host.os['type'] = 'windows' host.os['type'] = 'windows'