Coverage for /root/GitHubProjects/impacket/impacket/examples/ntlmrelayx/utils/config.py : 22%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# Impacket - Collection of Python classes for working with network protocols.
2#
3# SECUREAUTH LABS. Copyright (C) 2021 SecureAuth Corporation. All rights reserved.
4#
5# This software is provided under a slightly modified version
6# of the Apache Software License. See the accompanying LICENSE file
7# for more information.
8#
9# Description:
10# Config utilities
11#
12# Configuration class which holds the config specified on the
13# command line, this can be passed to the tools' servers and clients
14#
15# Author:
16# Dirk-jan Mollema / Fox-IT (https://www.fox-it.com)
17#
18from impacket.examples.utils import parse_credentials
21class NTLMRelayxConfig:
22 def __init__(self):
24 self.daemon = True
26 # Set the value of the interface ip address
27 self.interfaceIp = None
29 self.listeningPort = None
31 self.domainIp = None
33 self.machineAccount = None
34 self.machineHashes = None
35 self.target = None
36 self.mode = None
37 self.redirecthost = None
38 self.outputFile = None
39 self.attacks = None
40 self.lootdir = None
41 self.randomtargets = False
42 self.encoding = None
43 self.ipv6 = False
44 self.remove_mic = False
46 self.command = None
48 # WPAD options
49 self.serve_wpad = False
50 self.wpad_host = None
51 self.wpad_auth_num = 0
52 self.smb2support = False
54 # WPAD options
55 self.serve_wpad = False
56 self.wpad_host = None
57 self.wpad_auth_num = 0
58 self.smb2support = False
60 # SMB options
61 self.exeFile = None
62 self.interactive = False
63 self.enumLocalAdmins = False
64 self.SMBServerChallenge = None
66 # RPC options
67 self.rpc_mode = None
68 self.rpc_use_smb = False
69 self.auth_smb = ''
70 self.smblmhash = None
71 self.smbnthash = None
72 self.port_smb = 445
74 # LDAP options
75 self.dumpdomain = True
76 self.addda = True
77 self.aclattack = True
78 self.validateprivs = True
79 self.escalateuser = None
81 # MSSQL options
82 self.queries = []
84 # Registered protocol clients
85 self.protocolClients = {}
87 # SOCKS options
88 self.runSocks = False
89 self.socksServer = None
91 # HTTP options
92 self.remove_target = False
94 # WebDAV options
95 self.serve_image = False
97 # AD CS attack options
98 self.isADCSAttack = False
99 self.template = None
101 def setSMBChallenge(self, value):
102 self.SMBServerChallenge = value
104 def setSMB2Support(self, value):
105 self.smb2support = value
107 def setProtocolClients(self, clients):
108 self.protocolClients = clients
110 def setInterfaceIp(self, ip):
111 self.interfaceIp = ip
113 def setListeningPort(self, port):
114 self.listeningPort = port
116 def setRunSocks(self, socks, server):
117 self.runSocks = socks
118 self.socksServer = server
120 def setOutputFile(self, outputFile):
121 self.outputFile = outputFile
123 def setTargets(self, target):
124 self.target = target
126 def setExeFile(self, filename):
127 self.exeFile = filename
129 def setCommand(self, command):
130 self.command = command
132 def setEnumLocalAdmins(self, enumLocalAdmins):
133 self.enumLocalAdmins = enumLocalAdmins
135 def setEncoding(self, encoding):
136 self.encoding = encoding
138 def setMode(self, mode):
139 self.mode = mode
141 def setAttacks(self, attacks):
142 self.attacks = attacks
144 def setLootdir(self, lootdir):
145 self.lootdir = lootdir
147 def setRedirectHost(self, redirecthost):
148 self.redirecthost = redirecthost
150 def setDomainAccount(self, machineAccount, machineHashes, domainIp):
151 # Don't set this if we're not exploiting it
152 if not self.remove_target:
153 return
154 if machineAccount is None or machineHashes is None or domainIp is None:
155 raise Exception("You must specify machine-account/hashes/domain all together!")
156 self.machineAccount = machineAccount
157 self.machineHashes = machineHashes
158 self.domainIp = domainIp
160 def setRandomTargets(self, randomtargets):
161 self.randomtargets = randomtargets
163 def setLDAPOptions(self, dumpdomain, addda, aclattack, validateprivs, escalateuser, addcomputer, delegateaccess, dumplaps, dumpgmsa, sid):
164 self.dumpdomain = dumpdomain
165 self.addda = addda
166 self.aclattack = aclattack
167 self.validateprivs = validateprivs
168 self.escalateuser = escalateuser
169 self.addcomputer = addcomputer
170 self.delegateaccess = delegateaccess
171 self.dumplaps = dumplaps
172 self.dumpgmsa = dumpgmsa
173 self.sid = sid
175 def setMSSQLOptions(self, queries):
176 self.queries = queries
178 def setRPCOptions(self, rpc_mode, rpc_use_smb, auth_smb, hashes_smb, rpc_smb_port):
179 self.rpc_mode = rpc_mode
180 self.rpc_use_smb = rpc_use_smb
181 self.smbdomain, self.smbuser, self.smbpass = parse_credentials(auth_smb)
183 if hashes_smb is not None:
184 self.smblmhash, self.smbnthash = hashes_smb.split(':')
185 else:
186 self.smblmhash = ''
187 self.smbnthash = ''
189 self.rpc_smb_port = rpc_smb_port
191 def setInteractive(self, interactive):
192 self.interactive = interactive
194 def setIMAPOptions(self, keyword, mailbox, dump_all, dump_max):
195 self.keyword = keyword
196 self.mailbox = mailbox
197 self.dump_all = dump_all
198 self.dump_max = dump_max
200 def setIPv6(self, use_ipv6):
201 self.ipv6 = use_ipv6
203 def setWpadOptions(self, wpad_host, wpad_auth_num):
204 if wpad_host is not None:
205 self.serve_wpad = True
206 self.wpad_host = wpad_host
207 self.wpad_auth_num = wpad_auth_num
209 def setExploitOptions(self, remove_mic, remove_target):
210 self.remove_mic = remove_mic
211 self.remove_target = remove_target
213 def setWebDAVOptions(self, serve_image):
214 self.serve_image = serve_image
216 def setADCSOptions(self, template):
217 self.template = template
219 def setIsADCSAttack(self, isADCSAttack):
220 self.isADCSAttack = isADCSAttack