coercer.models.MSPROTOCOLRPCCALL
1#!/usr/bin/env python3 2# -*- coding: utf-8 -*- 3# File name : MSPROTOCOLRPCCALL.py 4# Author : Podalirius (@podalirius_) 5# Date created : 16 Sep 2022 6 7import jinja2 8from coercer.structures.MethodType import MethodType 9 10 11class MSPROTOCOLRPCCALL(object): 12 """ 13 Documentation for class MSPROTOCOLRPCCALL 14 """ 15 16 method_type = MethodType.MICROSOFT_PROTOCOL 17 18 exploit_paths = [] 19 20 path = None 21 22 protocol = { 23 "longname": "", 24 "shortname": "" 25 } 26 27 function = { 28 "name": "", 29 "opnum": 0 30 } 31 32 def __init__(self, path): 33 super(MSPROTOCOLRPCCALL, self).__init__() 34 self.path = path 35 36 def __str__(self): 37 parameters = [] 38 from sys import platform 39 if platform == "linux" or platform == "linux2": 40 # linux 41 function_template = "%s──>\x1b[96m%s\x1b[0m(%s)" 42 parameter_template = "\x1b[94m%s\x1b[0m=\x1b[93m%s\x1b[0m" 43 elif platform == "darwin": 44 # OS X 45 function_template = "%s──>%s(%s)" 46 parameter_template = "\x1b[94m%s\x1b[0m=\x1b[93m%s\x1b[0m" 47 elif platform == "win32": 48 # Windows... 49 function_template = "%s──>%s(%s)" 50 parameter_template = "%s=%s" 51 52 53 for arg in self.function["vulnerable_arguments"]: 54 parameters.append( 55 parameter_template % ( 56 arg, 57 str(bytes(self.path, 'utf-8'))[1:].replace('\\\\', '\\') 58 ) 59 ) 60 parameters = ', '.join(parameters) 61 62 return function_template % ( 63 self.protocol["shortname"], 64 self.function["name"], 65 parameters 66 ) 67 68 @classmethod 69 def generate_exploit_templates(cls, desired_auth_type=None): 70 paths = [] 71 for auth_type, exploit_path in cls.exploit_paths: 72 if desired_auth_type is not None: 73 if auth_type == desired_auth_type: 74 paths.append((auth_type, exploit_path)) 75 else: 76 paths.append((auth_type, exploit_path)) 77 return paths
class
MSPROTOCOLRPCCALL:
12class MSPROTOCOLRPCCALL(object): 13 """ 14 Documentation for class MSPROTOCOLRPCCALL 15 """ 16 17 method_type = MethodType.MICROSOFT_PROTOCOL 18 19 exploit_paths = [] 20 21 path = None 22 23 protocol = { 24 "longname": "", 25 "shortname": "" 26 } 27 28 function = { 29 "name": "", 30 "opnum": 0 31 } 32 33 def __init__(self, path): 34 super(MSPROTOCOLRPCCALL, self).__init__() 35 self.path = path 36 37 def __str__(self): 38 parameters = [] 39 from sys import platform 40 if platform == "linux" or platform == "linux2": 41 # linux 42 function_template = "%s──>\x1b[96m%s\x1b[0m(%s)" 43 parameter_template = "\x1b[94m%s\x1b[0m=\x1b[93m%s\x1b[0m" 44 elif platform == "darwin": 45 # OS X 46 function_template = "%s──>%s(%s)" 47 parameter_template = "\x1b[94m%s\x1b[0m=\x1b[93m%s\x1b[0m" 48 elif platform == "win32": 49 # Windows... 50 function_template = "%s──>%s(%s)" 51 parameter_template = "%s=%s" 52 53 54 for arg in self.function["vulnerable_arguments"]: 55 parameters.append( 56 parameter_template % ( 57 arg, 58 str(bytes(self.path, 'utf-8'))[1:].replace('\\\\', '\\') 59 ) 60 ) 61 parameters = ', '.join(parameters) 62 63 return function_template % ( 64 self.protocol["shortname"], 65 self.function["name"], 66 parameters 67 ) 68 69 @classmethod 70 def generate_exploit_templates(cls, desired_auth_type=None): 71 paths = [] 72 for auth_type, exploit_path in cls.exploit_paths: 73 if desired_auth_type is not None: 74 if auth_type == desired_auth_type: 75 paths.append((auth_type, exploit_path)) 76 else: 77 paths.append((auth_type, exploit_path)) 78 return paths
Documentation for class MSPROTOCOLRPCCALL
@classmethod
def
generate_exploit_templates(cls, desired_auth_type=None):
69 @classmethod 70 def generate_exploit_templates(cls, desired_auth_type=None): 71 paths = [] 72 for auth_type, exploit_path in cls.exploit_paths: 73 if desired_auth_type is not None: 74 if auth_type == desired_auth_type: 75 paths.append((auth_type, exploit_path)) 76 else: 77 paths.append((auth_type, exploit_path)) 78 return paths