Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# Impacket - Collection of Python classes for working with network protocols. 

2# 

3# SECUREAUTH LABS. Copyright (C) 2018 SecureAuth Corporation. All rights reserved. 

4# 

5# This software is provided under a slightly modified version 

6# of the Apache Software License. See the accompanying LICENSE file 

7# for more information. 

8# 

9# Description: 

10# Protocol Attack Base Class definition 

11# Defines a base class for all attacks + loads all available modules 

12# 

13# Author: 

14# Alberto Solino (@agsolino) 

15# Dirk-jan Mollema (@_dirkjan) / Fox-IT (https://www.fox-it.com) 

16# 

17import os, sys 

18import pkg_resources 

19from impacket import LOG 

20from threading import Thread 

21 

22PROTOCOL_ATTACKS = {} 

23 

24# Base class for Protocol Attacks for different protocols (SMB, MSSQL, etc) 

25# Besides using this base class you need to define one global variable when 

26# writing a plugin for protocol clients: 

27# PROTOCOL_ATTACK_CLASS = "<name of the class for the plugin>" 

28# or (to support multiple classes in one file) 

29# PROTOCOL_ATTACK_CLASSES = ["<name of the class for the plugin>", "<another class>"] 

30# These classes must have the attribute PLUGIN_NAMES which is a list of protocol names 

31# that will be matched later with the relay targets (e.g. SMB, LDAP, etc) 

32class ProtocolAttack(Thread): 

33 PLUGIN_NAMES = ['PROTOCOL'] 

34 def __init__(self, config, client, username): 

35 Thread.__init__(self) 

36 # Set threads as daemon 

37 self.daemon = True 

38 self.config = config 

39 self.client = client 

40 # By default we only use the username and remove the domain 

41 self.username = username.split('/')[1] 

42 

43 def run(self): 

44 raise RuntimeError('Virtual Function') 

45 

46for file in pkg_resources.resource_listdir('impacket.examples.ntlmrelayx', 'attacks'): 46 ↛ exitline 46 didn't exit the module, because the loop on line 46 didn't complete

47 if file.find('__') >= 0 or file.endswith('.py') is False: 

48 continue 

49 # This seems to be None in some case (py3 only) 

50 # __spec__ is py3 only though, but I haven't seen this being None on py2 

51 # so it should cover all cases. 

52 try: 

53 package = __spec__.name # Python 3 

54 except NameError: 

55 package = __package__ # Python 2 

56 __import__(package + '.' + os.path.splitext(file)[0]) 

57 module = sys.modules[package + '.' + os.path.splitext(file)[0]] 

58 try: 

59 pluginClasses = set() 

60 try: 

61 if hasattr(module, 'PROTOCOL_ATTACK_CLASSES'): 61 ↛ 63line 61 didn't jump to line 63, because the condition on line 61 was never true

62 # Multiple classes 

63 for pluginClass in module.PROTOCOL_ATTACK_CLASSES: 

64 pluginClasses.add(getattr(module, pluginClass)) 

65 else: 

66 # Single class 

67 pluginClasses.add(getattr(module, getattr(module, 'PROTOCOL_ATTACK_CLASS'))) 

68 except Exception as e: 

69 LOG.debug(e) 

70 pass 

71 

72 for pluginClass in pluginClasses: 

73 for pluginName in pluginClass.PLUGIN_NAMES: 

74 LOG.debug('Protocol Attack %s loaded..' % pluginName) 

75 PROTOCOL_ATTACKS[pluginName] = pluginClass 

76 except Exception as e: 

77 LOG.debug(str(e))