forked from p15670423/monkey
Powershell started
This commit is contained in:
VakarisZ
parent
6ca33fff68
commit
dbf469f50f
|
|
@ -62,6 +62,15 @@ class HostExploiter(object):
|
||||||
def add_example_cmd(self, cmd):
|
def add_example_cmd(self, cmd):
|
||||||
self._exploit_info['executed_cmds']['example'] = cmd
|
self._exploit_info['executed_cmds']['example'] = cmd
|
||||||
|
|
||||||
|
def add_powershell_cmd(self, cmd):
|
||||||
|
"""
|
||||||
|
Determines if command uses powershell and if so adds that command to exploiter info
|
||||||
|
:param cmd: Command used
|
||||||
|
:return: None
|
||||||
|
"""
|
||||||
|
if "powershell" in cmd.lower():
|
||||||
|
self._exploit_info['executed_cmds']['powershell'] = cmd
|
||||||
|
|
||||||
|
|
||||||
from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
|
from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
|
||||||
from infection_monkey.exploit.wmiexec import WmiExploiter
|
from infection_monkey.exploit.wmiexec import WmiExploiter
|
||||||
|
|
|
||||||
|
|
@ -49,6 +49,7 @@ class HadoopExploiter(WebRCE):
|
||||||
return False
|
return False
|
||||||
http_thread.join(self.DOWNLOAD_TIMEOUT)
|
http_thread.join(self.DOWNLOAD_TIMEOUT)
|
||||||
http_thread.stop()
|
http_thread.stop()
|
||||||
|
self.add_powershell_cmd(command)
|
||||||
self.add_example_cmd(command)
|
self.add_example_cmd(command)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,7 @@ class MSSQLExploiter(HostExploiter):
|
||||||
"xp_cmdshell \"<nul set /p=, ^\'%s^\') >>%s\"" % (dst_path, tmp_file_path)]
|
"xp_cmdshell \"<nul set /p=, ^\'%s^\') >>%s\"" % (dst_path, tmp_file_path)]
|
||||||
MSSQLExploiter.execute_command(cursor, commands)
|
MSSQLExploiter.execute_command(cursor, commands)
|
||||||
MSSQLExploiter.run_file(cursor, tmp_file_path)
|
MSSQLExploiter.run_file(cursor, tmp_file_path)
|
||||||
|
self.add_powershell_cmd(' '.join(commands))
|
||||||
# Form monkey's command in a file
|
# Form monkey's command in a file
|
||||||
monkey_args = tools.build_monkey_commandline(self.host,
|
monkey_args = tools.build_monkey_commandline(self.host,
|
||||||
tools.get_monkey_depth() - 1,
|
tools.get_monkey_depth() - 1,
|
||||||
|
|
|
||||||
|
|
@ -337,7 +337,7 @@ class WebRCE(HostExploiter):
|
||||||
command = self.get_command(paths['dest_path'], http_path, commands)
|
command = self.get_command(paths['dest_path'], http_path, commands)
|
||||||
|
|
||||||
resp = self.exploit(url, command)
|
resp = self.exploit(url, command)
|
||||||
|
self.add_powershell_cmd(command)
|
||||||
resp = self.run_backup_commands(resp, url, paths['dest_path'], http_path)
|
resp = self.run_backup_commands(resp, url, paths['dest_path'], http_path)
|
||||||
|
|
||||||
http_thread.join(DOWNLOAD_TIMEOUT)
|
http_thread.join(DOWNLOAD_TIMEOUT)
|
||||||
|
|
|
||||||
|
|
@ -20,8 +20,8 @@ __author__ = "VakarisZ"
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
# How long server waits for get request in seconds
|
# How long server waits for get request in seconds
|
||||||
SERVER_TIMEOUT = 4
|
SERVER_TIMEOUT = 4
|
||||||
# How long should be wait after each request in seconds
|
# How long should we wait after each request in seconds
|
||||||
REQUEST_DELAY = 0.0001
|
REQUEST_DELAY = 0.1
|
||||||
# How long to wait for a sign(request from host) that server is vulnerable. In seconds
|
# How long to wait for a sign(request from host) that server is vulnerable. In seconds
|
||||||
REQUEST_TIMEOUT = 5
|
REQUEST_TIMEOUT = 5
|
||||||
# How long to wait for response in exploitation. In seconds
|
# How long to wait for response in exploitation. In seconds
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue