coercer.network.authentications
1#!/usr/bin/env python3 2# -*- coding: utf-8 -*- 3# File name : authentications.py 4# Author : Podalirius (@podalirius_) 5# Date created : 21 Sep 2022 6 7 8from coercer.structures.TestResult import TestResult 9from concurrent.futures import ThreadPoolExecutor 10from coercer.network.Listener import Listener 11import time 12 13 14def trigger_and_catch_authentication(options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80): 15 """ 16 17 """ 18 listenertype = listenertype.lower() 19 if listenertype not in ["smb", "http"]: 20 print("[!] Unknown listener type '%s'" % listenertype) 21 return False 22 else: 23 control_structure = {"result": TestResult.NO_AUTH_RECEIVED} 24 # Waits for all the threads to be completed 25 26 with ThreadPoolExecutor(max_workers=3) as tp: 27 listener_instance = Listener(options=options, listen_ip=listen_ip) 28 29 if listenertype == "smb": 30 # print("[debug] Created smb listener") 31 tp.submit(listener_instance.start_smb, control_structure) 32 33 elif listenertype == "http": 34 # print("[debug] Created http listener") 35 tp.submit(listener_instance.start_http, control_structure, http_port=http_port) 36 37 time.sleep(0.25) 38 result_trigger = tp.submit(method_trigger_function, dcerpc_session, target) 39 40 if control_structure["result"] == TestResult.NO_AUTH_RECEIVED: 41 if "rpc_x_bad_stub_data" in str(result_trigger._result): 42 control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA 43 44 elif "nca_s_unk_if" in str(result_trigger._result): 45 control_structure["result"] = TestResult.NCA_S_UNK_IF 46 47 elif "rpc_s_access_denied" in str(result_trigger._result): 48 control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED 49 50 elif "ERROR_BAD_NETPATH" in str(result_trigger._result): 51 control_structure["result"] = TestResult.ERROR_BAD_NETPATH 52 53 elif "ERROR_INVALID_NAME" in str(result_trigger._result): 54 control_structure["result"] = TestResult.ERROR_INVALID_NAME 55 56 elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger._result): 57 control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED 58 59 elif "RPC_S_INVALID_BINDING" in str(result_trigger._result): 60 control_structure["result"] = TestResult.RPC_S_INVALID_BINDING 61 62 elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger._result): 63 control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR 64 65 return control_structure["result"] 66 67 68def trigger_authentication(dcerpc_session, target, method_trigger_function): 69 """ 70 71 """ 72 control_structure = {"result": TestResult.NO_AUTH_RECEIVED} 73 74 result_trigger = method_trigger_function(dcerpc_session, target) 75 76 if control_structure["result"] == TestResult.NO_AUTH_RECEIVED: 77 if "rpc_x_bad_stub_data" in str(result_trigger): 78 control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA 79 80 elif "nca_s_unk_if" in str(result_trigger): 81 control_structure["result"] = TestResult.NCA_S_UNK_IF 82 83 elif "rpc_s_access_denied" in str(result_trigger): 84 control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED 85 86 elif "ERROR_BAD_NETPATH" in str(result_trigger): 87 control_structure["result"] = TestResult.ERROR_BAD_NETPATH 88 89 elif "ERROR_INVALID_NAME" in str(result_trigger): 90 control_structure["result"] = TestResult.ERROR_INVALID_NAME 91 92 elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger): 93 control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED 94 95 elif "RPC_S_INVALID_BINDING" in str(result_trigger): 96 control_structure["result"] = TestResult.RPC_S_INVALID_BINDING 97 98 elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger): 99 control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR 100 101 return control_structure["result"]
def
trigger_and_catch_authentication( options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80):
15def trigger_and_catch_authentication(options, dcerpc_session, target, method_trigger_function, listenertype, listen_ip=None, http_port=80): 16 """ 17 18 """ 19 listenertype = listenertype.lower() 20 if listenertype not in ["smb", "http"]: 21 print("[!] Unknown listener type '%s'" % listenertype) 22 return False 23 else: 24 control_structure = {"result": TestResult.NO_AUTH_RECEIVED} 25 # Waits for all the threads to be completed 26 27 with ThreadPoolExecutor(max_workers=3) as tp: 28 listener_instance = Listener(options=options, listen_ip=listen_ip) 29 30 if listenertype == "smb": 31 # print("[debug] Created smb listener") 32 tp.submit(listener_instance.start_smb, control_structure) 33 34 elif listenertype == "http": 35 # print("[debug] Created http listener") 36 tp.submit(listener_instance.start_http, control_structure, http_port=http_port) 37 38 time.sleep(0.25) 39 result_trigger = tp.submit(method_trigger_function, dcerpc_session, target) 40 41 if control_structure["result"] == TestResult.NO_AUTH_RECEIVED: 42 if "rpc_x_bad_stub_data" in str(result_trigger._result): 43 control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA 44 45 elif "nca_s_unk_if" in str(result_trigger._result): 46 control_structure["result"] = TestResult.NCA_S_UNK_IF 47 48 elif "rpc_s_access_denied" in str(result_trigger._result): 49 control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED 50 51 elif "ERROR_BAD_NETPATH" in str(result_trigger._result): 52 control_structure["result"] = TestResult.ERROR_BAD_NETPATH 53 54 elif "ERROR_INVALID_NAME" in str(result_trigger._result): 55 control_structure["result"] = TestResult.ERROR_INVALID_NAME 56 57 elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger._result): 58 control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED 59 60 elif "RPC_S_INVALID_BINDING" in str(result_trigger._result): 61 control_structure["result"] = TestResult.RPC_S_INVALID_BINDING 62 63 elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger._result): 64 control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR 65 66 return control_structure["result"]
def
trigger_authentication(dcerpc_session, target, method_trigger_function):
69def trigger_authentication(dcerpc_session, target, method_trigger_function): 70 """ 71 72 """ 73 control_structure = {"result": TestResult.NO_AUTH_RECEIVED} 74 75 result_trigger = method_trigger_function(dcerpc_session, target) 76 77 if control_structure["result"] == TestResult.NO_AUTH_RECEIVED: 78 if "rpc_x_bad_stub_data" in str(result_trigger): 79 control_structure["result"] = TestResult.RPC_X_BAD_STUB_DATA 80 81 elif "nca_s_unk_if" in str(result_trigger): 82 control_structure["result"] = TestResult.NCA_S_UNK_IF 83 84 elif "rpc_s_access_denied" in str(result_trigger): 85 control_structure["result"] = TestResult.RPC_S_ACCESS_DENIED 86 87 elif "ERROR_BAD_NETPATH" in str(result_trigger): 88 control_structure["result"] = TestResult.ERROR_BAD_NETPATH 89 90 elif "ERROR_INVALID_NAME" in str(result_trigger): 91 control_structure["result"] = TestResult.ERROR_INVALID_NAME 92 93 elif "STATUS_PIPE_DISCONNECTED" in str(result_trigger): 94 control_structure["result"] = TestResult.SMB_STATUS_PIPE_DISCONNECTED 95 96 elif "RPC_S_INVALID_BINDING" in str(result_trigger): 97 control_structure["result"] = TestResult.RPC_S_INVALID_BINDING 98 99 elif "RPC_S_INVALID_NET_ADDR" in str(result_trigger): 100 control_structure["result"] = TestResult.RPC_S_INVALID_NET_ADDR 101 102 return control_structure["result"]