forked from p15670423/monkey
Rename to check_tcp|udp_port and refactor.
This commit is contained in:
parent
ab18005fd0
commit
fe2af59975
|
@ -13,7 +13,7 @@ from exploit import HostExploiter
|
||||||
from exploit.tools import HTTPTools, get_monkey_depth
|
from exploit.tools import HTTPTools, get_monkey_depth
|
||||||
from exploit.tools import get_target_monkey
|
from exploit.tools import get_target_monkey
|
||||||
from model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS
|
from model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS
|
||||||
from network.tools import check_port_tcp
|
from network.tools import check_tcp_port
|
||||||
from tools import build_monkey_commandline
|
from tools import build_monkey_commandline
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
@ -245,7 +245,7 @@ class RdpExploiter(HostExploiter):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
if not self.host.os.get('type'):
|
if not self.host.os.get('type'):
|
||||||
is_open, _ = check_port_tcp(self.host.ip_addr, RDP_PORT)
|
is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT)
|
||||||
if is_open:
|
if is_open:
|
||||||
self.host.os['type'] = 'windows'
|
self.host.os['type'] = 'windows'
|
||||||
return True
|
return True
|
||||||
|
@ -254,7 +254,7 @@ class RdpExploiter(HostExploiter):
|
||||||
def exploit_host(self):
|
def exploit_host(self):
|
||||||
global g_reactor
|
global g_reactor
|
||||||
|
|
||||||
is_open, _ = check_port_tcp(self.host.ip_addr, RDP_PORT)
|
is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT)
|
||||||
if not is_open:
|
if not is_open:
|
||||||
LOG.info("RDP port is closed on %r, skipping", self.host)
|
LOG.info("RDP port is closed on %r, skipping", self.host)
|
||||||
return False
|
return False
|
||||||
|
|
|
@ -7,7 +7,7 @@ from exploit import HostExploiter
|
||||||
from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth
|
from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth
|
||||||
from model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS
|
from model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS
|
||||||
from network import SMBFinger
|
from network import SMBFinger
|
||||||
from network.tools import check_port_tcp
|
from network.tools import check_tcp_port
|
||||||
from tools import build_monkey_commandline
|
from tools import build_monkey_commandline
|
||||||
|
|
||||||
LOG = getLogger(__name__)
|
LOG = getLogger(__name__)
|
||||||
|
@ -31,12 +31,12 @@ class SmbExploiter(HostExploiter):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
if not self.host.os.get('type'):
|
if not self.host.os.get('type'):
|
||||||
is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445)
|
is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445)
|
||||||
if is_smb_open:
|
if is_smb_open:
|
||||||
smb_finger = SMBFinger()
|
smb_finger = SMBFinger()
|
||||||
smb_finger.get_host_fingerprint(self.host)
|
smb_finger.get_host_fingerprint(self.host)
|
||||||
else:
|
else:
|
||||||
is_nb_open, _ = check_port_tcp(self.host.ip_addr, 139)
|
is_nb_open, _ = check_tcp_port(self.host.ip_addr, 139)
|
||||||
if is_nb_open:
|
if is_nb_open:
|
||||||
self.host.os['type'] = 'windows'
|
self.host.os['type'] = 'windows'
|
||||||
return self.host.os.get('type') in self._TARGET_OS_TYPE
|
return self.host.os.get('type') in self._TARGET_OS_TYPE
|
||||||
|
|
|
@ -7,7 +7,7 @@ import monkeyfs
|
||||||
from exploit import HostExploiter
|
from exploit import HostExploiter
|
||||||
from exploit.tools import get_target_monkey, get_monkey_depth
|
from exploit.tools import get_target_monkey, get_monkey_depth
|
||||||
from model import MONKEY_ARG
|
from model import MONKEY_ARG
|
||||||
from network.tools import check_port_tcp
|
from network.tools import check_tcp_port
|
||||||
from tools import build_monkey_commandline
|
from tools import build_monkey_commandline
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
@ -41,7 +41,7 @@ class SSHExploiter(HostExploiter):
|
||||||
if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'):
|
if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'):
|
||||||
port = int(servkey.replace('tcp-', ''))
|
port = int(servkey.replace('tcp-', ''))
|
||||||
|
|
||||||
is_open, _ = check_port_tcp(self.host.ip_addr, port)
|
is_open, _ = check_tcp_port(self.host.ip_addr, port)
|
||||||
if not is_open:
|
if not is_open:
|
||||||
LOG.info("SSH port is closed on %r, skipping", self.host)
|
LOG.info("SSH port is closed on %r, skipping", self.host)
|
||||||
return False
|
return False
|
||||||
|
|
|
@ -17,7 +17,7 @@ from impacket.dcerpc.v5 import transport
|
||||||
from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth
|
from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth
|
||||||
from model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
from model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
|
||||||
from network import SMBFinger
|
from network import SMBFinger
|
||||||
from network.tools import check_port_tcp
|
from network.tools import check_tcp_port
|
||||||
from tools import build_monkey_commandline
|
from tools import build_monkey_commandline
|
||||||
from . import HostExploiter
|
from . import HostExploiter
|
||||||
|
|
||||||
|
@ -168,7 +168,7 @@ class Ms08_067_Exploiter(HostExploiter):
|
||||||
|
|
||||||
if not self.host.os.get('type') or (
|
if not self.host.os.get('type') or (
|
||||||
self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')):
|
self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')):
|
||||||
is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445)
|
is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445)
|
||||||
if is_smb_open:
|
if is_smb_open:
|
||||||
smb_finger = SMBFinger()
|
smb_finger = SMBFinger()
|
||||||
if smb_finger.get_host_fingerprint(self.host):
|
if smb_finger.get_host_fingerprint(self.host):
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
import re
|
import re
|
||||||
from network import HostFinger
|
|
||||||
from network.tools import check_port_tcp
|
|
||||||
from model.host import VictimHost
|
from model.host import VictimHost
|
||||||
|
from network import HostFinger
|
||||||
|
from network.tools import check_tcp_port
|
||||||
|
|
||||||
SSH_PORT = 22
|
SSH_PORT = 22
|
||||||
SSH_SERVICE_DEFAULT = 'tcp-22'
|
SSH_SERVICE_DEFAULT = 'tcp-22'
|
||||||
|
@ -38,7 +39,7 @@ class SSHFinger(HostFinger):
|
||||||
self._banner_match(name, host, banner)
|
self._banner_match(name, host, banner)
|
||||||
return
|
return
|
||||||
|
|
||||||
is_open, banner = check_port_tcp(host.ip_addr, SSH_PORT, TIMEOUT, True)
|
is_open, banner = check_tcp_port(host.ip_addr, SSH_PORT, TIMEOUT, True)
|
||||||
|
|
||||||
if is_open:
|
if is_open:
|
||||||
host.services[SSH_SERVICE_DEFAULT] = {}
|
host.services[SSH_SERVICE_DEFAULT] = {}
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
import time
|
import time
|
||||||
from random import shuffle
|
from random import shuffle
|
||||||
from network import HostScanner, HostFinger
|
|
||||||
from model.host import VictimHost
|
from model.host import VictimHost
|
||||||
from network.tools import check_port_tcp
|
from network import HostScanner, HostFinger
|
||||||
|
from network.tools import check_tcp_port
|
||||||
|
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
|
@ -26,7 +27,7 @@ class TcpScanner(HostScanner, HostFinger):
|
||||||
|
|
||||||
for target_port in target_ports:
|
for target_port in target_ports:
|
||||||
|
|
||||||
is_open, banner = check_port_tcp(host.ip_addr,
|
is_open, banner = check_tcp_port(host.ip_addr,
|
||||||
target_port,
|
target_port,
|
||||||
self._config.tcp_scan_timeout / 1000.0,
|
self._config.tcp_scan_timeout / 1000.0,
|
||||||
self._config.tcp_scan_get_banner)
|
self._config.tcp_scan_get_banner)
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
import socket
|
|
||||||
import select
|
|
||||||
import logging
|
import logging
|
||||||
|
import select
|
||||||
|
import socket
|
||||||
import struct
|
import struct
|
||||||
|
|
||||||
DEFAULT_TIMEOUT = 10
|
DEFAULT_TIMEOUT = 10
|
||||||
|
@ -32,10 +32,10 @@ def struct_unpack_tracker_string(data, index):
|
||||||
"""
|
"""
|
||||||
ascii_len = data[index:].find('\0')
|
ascii_len = data[index:].find('\0')
|
||||||
fmt = "%ds" % ascii_len
|
fmt = "%ds" % ascii_len
|
||||||
return struct_unpack_tracker(data,index,fmt)
|
return struct_unpack_tracker(data, index, fmt)
|
||||||
|
|
||||||
|
|
||||||
def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
||||||
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||||
sock.settimeout(timeout)
|
sock.settimeout(timeout)
|
||||||
|
|
||||||
|
@ -43,7 +43,7 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
||||||
sock.connect((ip, port))
|
sock.connect((ip, port))
|
||||||
except socket.timeout:
|
except socket.timeout:
|
||||||
return False, None
|
return False, None
|
||||||
except socket.error, exc:
|
except socket.error as exc:
|
||||||
LOG.debug("Check port: %s:%s, Exception: %s", ip, port, exc)
|
LOG.debug("Check port: %s:%s, Exception: %s", ip, port, exc)
|
||||||
return False, None
|
return False, None
|
||||||
|
|
||||||
|
@ -56,23 +56,23 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False):
|
||||||
banner = sock.recv(BANNER_READ)
|
banner = sock.recv(BANNER_READ)
|
||||||
except:
|
except:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
sock.close()
|
sock.close()
|
||||||
return True, banner
|
return True, banner
|
||||||
|
|
||||||
|
|
||||||
def check_port_udp(ip, port, timeout=DEFAULT_TIMEOUT):
|
def check_udp_port(ip, port, timeout=DEFAULT_TIMEOUT):
|
||||||
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||||||
sock.settimeout(timeout)
|
sock.settimeout(timeout)
|
||||||
|
|
||||||
data = None
|
data = None
|
||||||
is_open = False
|
is_open = False
|
||||||
|
|
||||||
try:
|
try:
|
||||||
sock.sendto("-", (ip, port))
|
sock.sendto("-", (ip, port))
|
||||||
data, _ = sock.recvfrom(BANNER_READ)
|
data, _ = sock.recvfrom(BANNER_READ)
|
||||||
is_open = True
|
is_open = True
|
||||||
except:
|
except socket.error:
|
||||||
pass
|
pass
|
||||||
sock.close()
|
sock.close()
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ from threading import Thread
|
||||||
from model import VictimHost
|
from model import VictimHost
|
||||||
from network.firewall import app as firewall
|
from network.firewall import app as firewall
|
||||||
from network.info import local_ips, get_free_tcp_port
|
from network.info import local_ips, get_free_tcp_port
|
||||||
from network.tools import check_port_tcp
|
from network.tools import check_tcp_port
|
||||||
from transport.base import get_last_serve_time
|
from transport.base import get_last_serve_time
|
||||||
|
|
||||||
__author__ = 'hoffer'
|
__author__ = 'hoffer'
|
||||||
|
@ -40,7 +40,7 @@ def _check_tunnel(address, port, existing_sock=None):
|
||||||
sock = existing_sock
|
sock = existing_sock
|
||||||
|
|
||||||
LOG.debug("Checking tunnel %s:%s", address, port)
|
LOG.debug("Checking tunnel %s:%s", address, port)
|
||||||
is_open, _ = check_port_tcp(address, int(port))
|
is_open, _ = check_tcp_port(address, int(port))
|
||||||
if not is_open:
|
if not is_open:
|
||||||
LOG.debug("Could not connect to %s:%s", address, port)
|
LOG.debug("Could not connect to %s:%s", address, port)
|
||||||
if not existing_sock:
|
if not existing_sock:
|
||||||
|
|
Loading…
Reference in New Issue