forked from p15670423/monkey
SMB bugfixed to be able to exploit machine with smb v3, by not specifying preferred dialect for rpctransport
This commit is contained in:
parent
5ba1bf1db8
commit
04e89411fb
|
@ -1,7 +1,6 @@
|
|||
from logging import getLogger
|
||||
|
||||
from impacket.dcerpc.v5 import scmr, transport
|
||||
from impacket.smbconnection import SMB_DIALECT
|
||||
|
||||
from common.utils.attack_utils import ScanStatus, UsageEnum
|
||||
from common.utils.exploit_enum import ExploitType
|
||||
|
@ -121,8 +120,7 @@ class SmbExploiter(HostExploiter):
|
|||
for str_bind_format, port in SmbExploiter.KNOWN_PROTOCOLS.values():
|
||||
rpctransport = transport.DCERPCTransportFactory(str_bind_format % (self.host.ip_addr,))
|
||||
rpctransport.set_dport(port)
|
||||
if hasattr(rpctransport, 'preferred_dialect'):
|
||||
rpctransport.preferred_dialect(SMB_DIALECT)
|
||||
rpctransport.setRemoteHost(self.host.ip_addr)
|
||||
if hasattr(rpctransport, 'set_credentials'):
|
||||
# This method exists only for selected protocol sequences.
|
||||
rpctransport.set_credentials(user, password, '', lm_hash, ntlm_hash, None)
|
||||
|
@ -168,7 +166,7 @@ class SmbExploiter(HostExploiter):
|
|||
SmbExploiter.KNOWN_PROTOCOLS['445/SMB'][1]))
|
||||
return True
|
||||
|
||||
def set_vulnerable_port(self, host: VictimHost):
|
||||
def set_vulnerable_port(self):
|
||||
if 'tcp-445' in self.host.services:
|
||||
self.vulnerable_port = "445"
|
||||
elif 'tcp-139' in self.host.services:
|
||||
|
|
Loading…
Reference in New Issue