Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# Impacket - Collection of Python classes for working with network protocols. 

2# 

3# SECUREAUTH LABS. Copyright (C) 2018 SecureAuth Corporation. All rights reserved. 

4# 

5# This software is provided under a slightly modified version 

6# of the Apache Software License. See the accompanying LICENSE file 

7# for more information. 

8# 

9# Description: 

10# Protocol Client Base Class definition 

11# Defines a base class for all clients + loads all available modules 

12# 

13# Author: 

14# Alberto Solino (@agsolino) 

15# 

16import os, sys, pkg_resources 

17from impacket import LOG 

18 

19PROTOCOL_CLIENTS = {} 

20 

21# Base class for Protocol Clients for different protocols (SMB, MSSQL, etc) 

22# Besides using this base class you need to define one global variable when 

23# writing a plugin for protocol clients: 

24# PROTOCOL_CLIENT_CLASS = "<name of the class for the plugin>" 

25# PLUGIN_NAME must be the protocol name that will be matched later with the relay targets (e.g. SMB, LDAP, etc) 

26class ProtocolClient: 

27 PLUGIN_NAME = 'PROTOCOL' 

28 def __init__(self, serverConfig, target, targetPort, extendedSecurity=True): 

29 self.serverConfig = serverConfig 

30 self.targetHost = target.hostname 

31 # A default target port is specified by the subclass 

32 if target.port is not None: 

33 # We override it by the one specified in the target 

34 self.targetPort = target.port 

35 else: 

36 self.targetPort = targetPort 

37 self.target = target 

38 self.extendedSecurity = extendedSecurity 

39 self.session = None 

40 self.sessionData = {} 

41 

42 def initConnection(self): 

43 raise RuntimeError('Virtual Function') 

44 

45 def killConnection(self): 

46 raise RuntimeError('Virtual Function') 

47 

48 def sendNegotiate(self, negotiateMessage): 

49 """ 

50 Charged of sending the type 1 NTLM Message 

51 

52 :param bytes negotiateMessage: 

53 :return: 

54 """ 

55 raise RuntimeError('Virtual Function') 

56 

57 def sendAuth(self, authenticateMessageBlob, serverChallenge=None): 

58 """ 

59 Charged of sending the type 3 NTLM Message to the Target 

60 

61 :param bytes authenticateMessageBlob: 

62 :param bytes serverChallenge: 

63 :return: 

64 """ 

65 raise RuntimeError('Virtual Function') 

66 

67 def sendStandardSecurityAuth(self, sessionSetupData): 

68 # Handle the situation When FLAGS2_EXTENDED_SECURITY is not set 

69 raise RuntimeError('Virtual Function') 

70 

71 def getSession(self): 

72 # Should return the active session for the relayed connection 

73 raise RuntimeError('Virtual Function') 

74 

75 def getSessionData(self): 

76 # Should return any extra data that could be useful for the SOCKS proxy to work (e.g. some of the 

77 # answers from the original server) 

78 return self.sessionData 

79 

80 def getStandardSecurityChallenge(self): 

81 # Should return the Challenge returned by the server when Extended Security is not set 

82 # This should only happen with against old Servers. By default we return None 

83 return None 

84 

85 def keepAlive(self): 

86 # Charged of keeping connection alive 

87 raise RuntimeError('Virtual Function') 

88 

89 def isAdmin(self): 

90 # Should return whether or not the user is admin in the form of a string (e.g. "TRUE", "FALSE") 

91 # Depending on the protocol, different techniques should be used. 

92 # By default, raise exception 

93 raise RuntimeError('Virtual Function') 

94 

95for file in pkg_resources.resource_listdir('impacket.examples.ntlmrelayx', 'clients'): 95 ↛ exitline 95 didn't exit the module, because the loop on line 95 didn't complete

96 if file.find('__') >= 0 or file.endswith('.py') is False: 

97 continue 

98 # This seems to be None in some case (py3 only) 

99 # __spec__ is py3 only though, but I haven't seen this being None on py2 

100 # so it should cover all cases. 

101 try: 

102 package = __spec__.name # Python 3 

103 except NameError: 

104 package = __package__ # Python 2 

105 __import__(package + '.' + os.path.splitext(file)[0]) 

106 module = sys.modules[package + '.' + os.path.splitext(file)[0]] 

107 try: 

108 pluginClasses = set() 

109 try: 

110 if hasattr(module,'PROTOCOL_CLIENT_CLASSES'): 

111 for pluginClass in module.PROTOCOL_CLIENT_CLASSES: 

112 pluginClasses.add(getattr(module, pluginClass)) 

113 else: 

114 pluginClasses.add(getattr(module, getattr(module, 'PROTOCOL_CLIENT_CLASS'))) 

115 except Exception as e: 

116 LOG.debug(e) 

117 pass 

118 

119 for pluginClass in pluginClasses: 

120 LOG.info('Protocol Client %s loaded..' % pluginClass.PLUGIN_NAME) 

121 PROTOCOL_CLIENTS[pluginClass.PLUGIN_NAME] = pluginClass 

122 except Exception as e: 

123 LOG.debug(str(e))