p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Better way to get NetBIOS name

This commit is contained in:
Shreya 2020-11-01 18:19:14 +05:30
parent b3e9695289
commit 8b0dd91c18
2 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
monkey/infection_monkey/network/windowsserver_fingerprint.py
View File

@ -5,6 +5,7 @@ Implementation from https://github.com/SecuraBV/CVE-2020-1472
import logging import logging
import subprocess import subprocess
import nmb.NetBIOS
from impacket.dcerpc.v5 import epm, nrpc, transport from impacket.dcerpc.v5 import epm, nrpc, transport
import infection_monkey.config import infection_monkey.config
@ -25,15 +26,11 @@ class WindowsServerFinger(HostFinger):
""" """
name = '' name = ''
try: try:
if is_windows_os(): nb = nmb.NetBIOS.NetBIOS()
cmd = f'nbtstat -A {DC_IP} | findstr "<00>"' name = nb.queryIPForName(ip=DC_IP) # returns either a list of NetBIOS names or None
name = subprocess.check_output(cmd, shell=True).decode().split('\n')[0].strip(' ').split(' ')[0] return name[0] if name else None
else:
cmd = f'nmblookup -A {DC_IP} | grep "<00>"'
name = subprocess.check_output(cmd, shell=True).decode().split('\n')[0].strip('\t').strip(' ').split(' ')[0]
except BaseException as ex: except BaseException as ex:
LOG.info(f'Exception: {ex} Most likely not a Windows Domain Controller.') LOG.info(f'Exception: {ex}')
return name
def get_host_fingerprint(self, host): def get_host_fingerprint(self, host):
""" """

1
monkey/infection_monkey/requirements.txt
View File

@ -12,5 +12,6 @@ pycryptodome==3.9.8
pyftpdlib==1.5.6 pyftpdlib==1.5.6
pymssql<3.0 pymssql<3.0
pypykatz==0.3.12 pypykatz==0.3.12
pysmb==1.2.5
requests>=2.24 requests>=2.24
wmi==1.5.1 ; sys_platform == 'win32' wmi==1.5.1 ; sys_platform == 'win32'