Minor PR fixes.

This commit is contained in:
VakarisZ 2019-05-27 11:46:54 +03:00
parent 079b5b75b0
commit 7b35005233
2 changed files with 31 additions and 7 deletions

View File

@ -51,6 +51,8 @@ class SambaCryExploiter(HostExploiter):
SAMBACRY_MONKEY_COPY_FILENAME_32 = "monkey32_2" SAMBACRY_MONKEY_COPY_FILENAME_32 = "monkey32_2"
# Monkey copy filename on share (64 bit) # Monkey copy filename on share (64 bit)
SAMBACRY_MONKEY_COPY_FILENAME_64 = "monkey64_2" SAMBACRY_MONKEY_COPY_FILENAME_64 = "monkey64_2"
# Supported samba port
SAMBA_PORT = 445
def __init__(self, host): def __init__(self, host):
super(SambaCryExploiter, self).__init__(host) super(SambaCryExploiter, self).__init__(host)
@ -80,6 +82,7 @@ class SambaCryExploiter(HostExploiter):
trigger_result is not None, creds['username'], creds['password'], creds['lm_hash'], creds['ntlm_hash']) trigger_result is not None, creds['username'], creds['password'], creds['lm_hash'], creds['ntlm_hash'])
if trigger_result is not None: if trigger_result is not None:
successfully_triggered_shares.append((share, trigger_result)) successfully_triggered_shares.append((share, trigger_result))
self.add_vuln_port(self.SAMBA_PORT)
self.clean_share(self.host.ip_addr, share, writable_shares_creds_dict[share]) self.clean_share(self.host.ip_addr, share, writable_shares_creds_dict[share])
for share, fullpath in successfully_triggered_shares: for share, fullpath in successfully_triggered_shares:
@ -89,10 +92,6 @@ class SambaCryExploiter(HostExploiter):
LOG.info( LOG.info(
"Shares triggered successfully on host %s: %s" % ( "Shares triggered successfully on host %s: %s" % (
self.host.ip_addr, str(successfully_triggered_shares))) self.host.ip_addr, str(successfully_triggered_shares)))
# TODO: add vulnerable url
#for share, fullpath in successfully_triggered_shares:
# self.add_vuln_url("smb://<username>@<hostname/ip>:<port>/<share_name>" % False,
# self.host.ip_addr, False, share)
return True return True
else: else:
LOG.info("No shares triggered successfully on host %s" % self.host.ip_addr) LOG.info("No shares triggered successfully on host %s" % self.host.ip_addr)

View File

@ -7,35 +7,51 @@ from common.utils.code_utils import abstractstatic
class AttackTechnique(object): class AttackTechnique(object):
""" Abstract class for ATT&CK report components """
__metaclass__ = abc.ABCMeta __metaclass__ = abc.ABCMeta
@abc.abstractproperty @abc.abstractproperty
def unscanned_msg(self): def unscanned_msg(self):
"""
:return: Message that will be displayed in case attack technique was not scanned.
"""
pass pass
@abc.abstractproperty @abc.abstractproperty
def scanned_msg(self): def scanned_msg(self):
"""
:return: Message that will be displayed in case attack technique was scanned.
"""
pass pass
@abc.abstractproperty @abc.abstractproperty
def used_msg(self): def used_msg(self):
"""
:return: Message that will be displayed in case attack technique was used by the scanner.
"""
pass pass
@abc.abstractproperty @abc.abstractproperty
def tech_id(self): def tech_id(self):
"""
:return: Message that will be displayed in case of attack technique not being scanned.
"""
pass pass
@staticmethod @staticmethod
@abstractstatic @abstractstatic
def get_report_data(): def get_report_data():
"""
:return: Report data aggregated from the database.
"""
pass pass
@staticmethod @staticmethod
def technique_status(technique): def technique_status(technique):
""" """
Gets status of certain attack technique. If Gets the status of a certain attack technique.
:param technique: :param technique: technique's id.
:return: :return: ScanStatus Enum object
""" """
if mongo.db.attack_results.find_one({'status': ScanStatus.USED.value, 'technique': technique}): if mongo.db.attack_results.find_one({'status': ScanStatus.USED.value, 'technique': technique}):
return ScanStatus.USED return ScanStatus.USED
@ -46,10 +62,19 @@ class AttackTechnique(object):
@staticmethod @staticmethod
def technique_title(technique): def technique_title(technique):
"""
:param technique: Technique's id. E.g. T1110
:return: techniques title. E.g. "T1110 Brute force"
"""
return AttackConfig.get_technique(technique)['title'] return AttackConfig.get_technique(technique)['title']
@staticmethod @staticmethod
def get_tech_base_data(technique): def get_tech_base_data(technique):
"""
Gathers basic attack technique data into a dict.
:param technique: Technique's id. E.g. T1110
:return: dict E.g. {'message': 'Brute force used', 'status': 'Used', 'title': 'T1110 Brute force'}
"""
data = {} data = {}
status = AttackTechnique.technique_status(technique.tech_id) status = AttackTechnique.technique_status(technique.tech_id)
title = AttackTechnique.technique_title(technique.tech_id) title = AttackTechnique.technique_title(technique.tech_id)