coercer.network.authentications

  1#!/usr/bin/env python3
  2# -*- coding: utf-8 -*-
  3# File name          : authentications.py
  4# Author             : Podalirius (@podalirius_)
  5# Date created       : 21 Sep 2022
  6
  7
  8from coercer.structures.TestResult import TestResult
  9from concurrent.futures import ThreadPoolExecutor
 10from coercer.network.Listener import Listener
 11import time
 12
 13
 14def trigger_and_catch_authentication(options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80):
 15    """
 16
 17    """
 18    listenertype = listenertype.lower()
 19    if listenertype not in ["smb", "http"]:
 20        print("[!] Unknown listener type '%s'" % listenertype)
 21        return False
 22    else:
 23        control_structure = {"result": TestResult.NO_AUTH_RECEIVED}
 24        # Waits for all the threads to be completed
 25
 26        with ThreadPoolExecutor(max_workers=3) as tp:
 27            listener_instance = Listener(options=options, listen_ip=listen_ip)
 28
 29            if listenertype == "smb":
 30                # print("[debug] Created smb listener")
 31                tp.submit(listener_instance.start_smb, control_structure)
 32
 33            elif listenertype == "http":
 34                # print("[debug] Created http listener")
 35                tp.submit(listener_instance.start_http, control_structure, http_port=http_port)
 36
 37            time.sleep(0.25)
 38            result_trigger = tp.submit(method_trigger_function, dcerpc_session, target)
 39
 40        if control_structure["result"] == TestResult.NO_AUTH_RECEIVED:
 41            if "rpc_x_bad_stub_data" in str(result_trigger._result):
 42                control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA
 43
 44            elif "nca_s_unk_if" in str(result_trigger._result):
 45                control_structure["result"] = TestResult.NCA_S_UNK_IF
 46
 47            elif "rpc_s_access_denied" in str(result_trigger._result):
 48                control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED
 49
 50            elif "ERROR_BAD_NETPATH" in str(result_trigger._result):
 51                control_structure["result"] = TestResult.ERROR_BAD_NETPATH
 52
 53            elif "ERROR_INVALID_NAME" in str(result_trigger._result):
 54                control_structure["result"] = TestResult.ERROR_INVALID_NAME
 55
 56            elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger._result):
 57                control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED
 58
 59            elif "RPC_S_INVALID_BINDING" in str(result_trigger._result):
 60                control_structure["result"] = TestResult.RPC_S_INVALID_BINDING
 61
 62            elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger._result):
 63                control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR
 64
 65        return control_structure["result"]
 66
 67
 68def trigger_authentication(dcerpc_session, target, method_trigger_function):
 69    """
 70
 71    """
 72    control_structure = {"result": TestResult.NO_AUTH_RECEIVED}
 73
 74    result_trigger = method_trigger_function(dcerpc_session, target)
 75
 76    if control_structure["result"] == TestResult.NO_AUTH_RECEIVED:
 77        if "rpc_x_bad_stub_data" in str(result_trigger):
 78            control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA
 79
 80        elif "nca_s_unk_if" in str(result_trigger):
 81            control_structure["result"] = TestResult.NCA_S_UNK_IF
 82
 83        elif "rpc_s_access_denied" in str(result_trigger):
 84            control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED
 85
 86        elif "ERROR_BAD_NETPATH" in str(result_trigger):
 87            control_structure["result"] = TestResult.ERROR_BAD_NETPATH
 88
 89        elif "ERROR_INVALID_NAME" in str(result_trigger):
 90            control_structure["result"] = TestResult.ERROR_INVALID_NAME
 91
 92        elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger):
 93            control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED
 94
 95        elif "RPC_S_INVALID_BINDING" in str(result_trigger):
 96            control_structure["result"] = TestResult.RPC_S_INVALID_BINDING
 97
 98        elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger):
 99            control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR
100
101    return control_structure["result"]
def trigger_and_catch_authentication( options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80):
15def trigger_and_catch_authentication(options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80):
16    """
17
18    """
19    listenertype = listenertype.lower()
20    if listenertype not in ["smb", "http"]:
21        print("[!] Unknown listener type '%s'" % listenertype)
22        return False
23    else:
24        control_structure = {"result": TestResult.NO_AUTH_RECEIVED}
25        # Waits for all the threads to be completed
26
27        with ThreadPoolExecutor(max_workers=3) as tp:
28            listener_instance = Listener(options=options, listen_ip=listen_ip)
29
30            if listenertype == "smb":
31                # print("[debug] Created smb listener")
32                tp.submit(listener_instance.start_smb, control_structure)
33
34            elif listenertype == "http":
35                # print("[debug] Created http listener")
36                tp.submit(listener_instance.start_http, control_structure, http_port=http_port)
37
38            time.sleep(0.25)
39            result_trigger = tp.submit(method_trigger_function, dcerpc_session, target)
40
41        if control_structure["result"] == TestResult.NO_AUTH_RECEIVED:
42            if "rpc_x_bad_stub_data" in str(result_trigger._result):
43                control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA
44
45            elif "nca_s_unk_if" in str(result_trigger._result):
46                control_structure["result"] = TestResult.NCA_S_UNK_IF
47
48            elif "rpc_s_access_denied" in str(result_trigger._result):
49                control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED
50
51            elif "ERROR_BAD_NETPATH" in str(result_trigger._result):
52                control_structure["result"] = TestResult.ERROR_BAD_NETPATH
53
54            elif "ERROR_INVALID_NAME" in str(result_trigger._result):
55                control_structure["result"] = TestResult.ERROR_INVALID_NAME
56
57            elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger._result):
58                control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED
59
60            elif "RPC_S_INVALID_BINDING" in str(result_trigger._result):
61                control_structure["result"] = TestResult.RPC_S_INVALID_BINDING
62
63            elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger._result):
64                control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR
65
66        return control_structure["result"]
def trigger_authentication(dcerpc_session, target, method_trigger_function):
 69def trigger_authentication(dcerpc_session, target, method_trigger_function):
 70    """
 71
 72    """
 73    control_structure = {"result": TestResult.NO_AUTH_RECEIVED}
 74
 75    result_trigger = method_trigger_function(dcerpc_session, target)
 76
 77    if control_structure["result"] == TestResult.NO_AUTH_RECEIVED:
 78        if "rpc_x_bad_stub_data" in str(result_trigger):
 79            control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA
 80
 81        elif "nca_s_unk_if" in str(result_trigger):
 82            control_structure["result"] = TestResult.NCA_S_UNK_IF
 83
 84        elif "rpc_s_access_denied" in str(result_trigger):
 85            control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED
 86
 87        elif "ERROR_BAD_NETPATH" in str(result_trigger):
 88            control_structure["result"] = TestResult.ERROR_BAD_NETPATH
 89
 90        elif "ERROR_INVALID_NAME" in str(result_trigger):
 91            control_structure["result"] = TestResult.ERROR_INVALID_NAME
 92
 93        elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger):
 94            control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED
 95
 96        elif "RPC_S_INVALID_BINDING" in str(result_trigger):
 97            control_structure["result"] = TestResult.RPC_S_INVALID_BINDING
 98
 99        elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger):
100            control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR
101
102    return control_structure["result"]