public bool Connect()
{
bool _result = false;
try
{
if (m_Shell != null)
{
try
{
m_Shell.Close();
}
catch { }
}
m_Shell = new SshShell(FileManager.Configuration.Options.SSHOptions.SSHHost,
FileManager.Configuration.Options.SSHOptions.SSHUser,
FileManager.Configuration.Options.SSHOptions.SSHPass);
int _port = 22;
try
{
_port = Int32.Parse(FileManager.Configuration.Options.SSHOptions.SSHPort);
}
catch { }
m_Shell.Connect(_port);
_result = m_Shell.Connected;
}
catch (Exception ex)
{
Loggy.Logger.DebugException("SSH Connect: ", ex);
}
return(_result);
}
public static void RunExample()
{
try
{
SshConnectionInfo input = Util.GetInput();
SshShell shell = new SshShell(input.Host, input.User);
if (input.Pass != null)
{
shell.Password = input.Pass;
}
if (input.IdentityFile != null)
{
shell.AddIdentityFile(input.IdentityFile);
}
//This statement must be prior to connecting
shell.RedirectToConsole();
Console.Write("Connecting...");
shell.Connect();
Console.WriteLine("OK");
while (shell.ShellOpened)
{
System.Threading.Thread.Sleep(500);
}
Console.Write("Disconnecting...");
shell.Close();
Console.WriteLine("OK");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
public void Close()
{
if (ssh.Connected)
{
ssh.Close();
}
}
public void Disconnection()
{
try
{
RUN_CUT = false;
exit();
if (null != shell)
{
shell.Close();
}
if (null != m_Channel)
{
m_Channel.disconnect();
}
if (null != sftpChannel)
{
sftpChannel.disconnect();
}
logger.Debug("断开Ssh...OK");
}
catch (Exception ex)
{
logger.Error("断开链接异常:" + ex.Message, ex);
}
}
public string GetMacAddress(string _host, int _boot_groupid, int _environment, Log oLog, string _name, string _serial)
{
oLog.AddEvent(_name, _serial, "Starting MAC Address lookup...", LoggingType.Debug);
string strMAC = "";
if (_boot_groupid > 0)
{
Models oModel = new Models(0, dsn);
string strUsername = oModel.GetBootGroup(_boot_groupid, "username");
string strPassword = oModel.GetBootGroup(_boot_groupid, "password");
string strExpects = oModel.GetBootGroup(_boot_groupid, "regular");
string strCommand = oModel.GetBootGroup(_boot_groupid, "mac_query_command");
string strStart = oModel.GetBootGroup(_boot_groupid, "mac_query_substring_start");
oLog.AddEvent(_name, _serial, "Connecting...", LoggingType.Debug);
SshShell oSSHshell = new SshShell(_host, strUsername, strPassword);
oSSHshell.RemoveTerminalEmulationCharacters = true;
oSSHshell.Connect();
string[] strExpect = strExpects.Split(new char[] { '|' });
if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
{
// Wait for prompt
string strBanner = oSSHshell.Expect(strExpects);
oLog.AddEvent(_name, _serial, "Received banner prompt = " + strBanner, LoggingType.Debug);
if (IsInOutput(strBanner, strExpect) == false)
{
oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 1...", LoggingType.Debug);
strBanner = oSSHshell.Expect(strExpects);
oLog.AddEvent(_name, _serial, "Received banner prompt # 1 = " + strBanner, LoggingType.Debug);
}
if (IsInOutput(strBanner, strExpect) == false)
{
oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 2...", LoggingType.Debug);
strBanner = oSSHshell.Expect(strExpects);
oLog.AddEvent(_name, _serial, "Received banner prompt # 2 = " + strBanner, LoggingType.Debug);
}
if (IsInOutput(strBanner, strExpect) == false)
{
oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 3...", LoggingType.Debug);
strBanner = oSSHshell.Expect(strExpects);
oLog.AddEvent(_name, _serial, "Received banner prompt # 3 = " + strBanner, LoggingType.Debug);
}
if (IsInOutput(strBanner, strExpect) == true)
{
oLog.AddEvent(_name, _serial, "Writing command = " + strCommand, LoggingType.Debug);
// Send Command to get MAC Address
oSSHshell.WriteLine(strCommand);
// Wait for prompt
strMAC = oSSHshell.Expect(strExpects);
oLog.AddEvent(_name, _serial, "Received Response = " + strMAC, LoggingType.Debug);
oLog.AddEvent(_name, _serial, "Parsing using " + strStart, LoggingType.Debug);
strMAC = ParseOutput(strMAC, strStart, Environment.NewLine);
}
}
oSSHshell.Close();
}
return(strMAC);
}
//public void smb_enumusers(string mytarget)
public List <string> smb_enumusers(string mytarget)
{
List <string> SMBusers = new List <string>();
SshShell sshShell = connect();
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded
prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend;
//sshShell.WriteLine(cmd1);
//stdout = sshShell.Expect(prompt1);
cmd1 = "./msfcli auxiliary/scanner/smb/smb_enumusers RHOSTS=" + mytarget + " E"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
Console.WriteLine(stdout);
/*
* RHOSTS => 111.222.333.444
* [*] 111.222.333.444 xmachine [ nobody, nxpgsql ] ( LockoutTries=0 PasswordMin=5
* )
* [*] Scanned 1 of 1 hosts (100% complete)
* [*] Auxiliary module execution completed
*/
Regex myRegex = new Regex(Regex.Escape("[") + "[^<>]*" + Regex.Escape("]"));
string[] mytab = Regex.Split(stdout, "\r\n");
foreach (string line in mytab)
{
if (line.Contains(mytarget))
{
string strTemp = myRegex.Match(line.Replace("[*]", "")).ToString();
if (strTemp != "")
{
//Console.WriteLine("users:" + strTemp);
//[ nobody, nxpgsql ]
strTemp = strTemp.Replace("[", "");
strTemp = strTemp.Replace("]", "").Trim();
string[] myusers = Regex.Split(strTemp, ",");
foreach (string user in myusers)
{
Console.WriteLine(user.Trim());
SMBusers.Add(user.Trim());
}
}
}
}
sshShell.Close();
return(SMBusers);
}
private void ConfigureNexus()
{
try
{
Ping oPing = new Ping();
string strPingStatus = "";
try
{
PingReply oReply = oPing.Send(strSwitch);
strPingStatus = oReply.Status.ToString().ToUpper();
}
catch { }
if (strPingStatus == "SUCCESS")
{
// Switch the port of strSwitchA, strInterfaceA
oSSHshell = new SshShell(strSwitch, oVariable.NexusUsername(), oVariable.NexusPassword());
oSSHshell.RemoveTerminalEmulationCharacters = true;
oSSHshell.Connect();
string strLogin = oAsset.GetDellSwitchportOutput(oSSHshell);
if (strLogin != "**INVALID**")
{
oLog.AddEvent(intAnswer, strName, strSerial, "Successfully logged into Switch (" + strSwitch + ")...Setting " + (oMode == DellBladeSwitchportMode.Trunk ? "TRUNK" : "ACCESS") + " Switchport (" + strInterface + ") to " + strVlan + " (override = " + (boolOverride ? "true" : "false") + ")", LoggingType.Information);
string strResult = oAsset.ChangeDellSwitchport(oSSHshell, strInterface, oMode, strVlan, strNative, strDescription, boolOverride, intAsset);
if (strResult == "")
{
oLog.AddEvent(intAnswer, strName, strSerial, "Successfully changed switchport " + strInterface + " on " + strSwitch, LoggingType.Information);
Complete = true;
// Done Configuring Switchports
}
else
{
Error = "There was a problem configuring the Dell Blade Switchport ~ Switch: " + strSwitch + ", Interface: " + strInterface + ", Error: " + strResult;
oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error);
}
if (oSSHshell.ShellConnected == true && oSSHshell.ShellOpened == true)
{
oSSHshell.Close();
}
}
else
{
Error = "There was a problem logging into the Dell Blade Switch ~ Switch: " + strSwitch;
oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error);
}
}
else
{
Error = "There was a problem pinging the Dell Blade Switch ~ Switch: " + strSwitch + ", Status: " + strPingStatus;
oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error);
}
}
catch (Exception ex)
{
Error = "Physical Service (NexusThread - ConfigureNexus): " + "(Error Message: " + ex.Message + ") (Source: " + ex.Source + ") (Stack Trace: " + ex.StackTrace + ") [" + System.Environment.UserName + "]";
}
}
public static void RunExample()
{
try
{
SshConnectionInfo input = Util.GetInput();
SshShell ssh = new SshShell(input.Host, input.User);
if (input.Pass != null)
{
ssh.Password = input.Pass;
}
if (input.IdentityFile != null)
{
ssh.AddIdentityFile(input.IdentityFile);
}
Console.Write("Connecting...");
ssh.Connect();
Console.WriteLine("OK");
Console.Write("Enter a pattern to expect in response [e.g. '#', '$', C:\\\\.*>, etc...]: ");
string pattern = Console.ReadLine();
ssh.ExpectPattern = pattern;
ssh.RemoveTerminalEmulationCharacters = true;
Console.WriteLine();
Console.WriteLine(ssh.Expect(pattern));
while (ssh.ShellOpened)
{
Console.WriteLine();
Console.Write("Enter some data to write ['Enter' to cancel]: ");
string data = Console.ReadLine();
if (data == "")
{
break;
}
ssh.WriteLine(data);
string output = ssh.Expect(pattern);
Console.WriteLine(output);
}
Console.Write("Disconnecting...");
ssh.Close();
Console.WriteLine("OK");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
/// <summary>
/// Close the current Connection
/// </summary>
public override void CloseConnection()
{
WriteDisplayText("Disconnecting...");
_sshConnection.Close();
WriteDisplayText("OK");
_sshConnection = null;
// Triggering upper close connection event!
TriggerCloseConnectionEvent();
CloseTab();
}
static void Main(string[] args)
{
SshShell lol = new SshShell("10.10.99.2", "admin");
lol.Password = "******";
lol.RedirectToConsole();
lol.Connect();
while (lol.ShellOpened)
{
System.Threading.Thread.Sleep(500);
}
lol.Close();
}
public void Disconnect()
{
if (thr != null)
{
thr.Abort();
thr = null;
}
if (shell != null)
{
sshStream.Close();
shell.Close();
}
}
private string runStatusCommand(SshShell shell, SshExec exec, string command)
{
string stdout = "";
string stderr = "";
shell.Connect();
shell.RedirectToConsole();
exec.Connect();
int ret = exec.RunCommand(command, ref stdout, ref stderr);
exec.Close();
shell.Close();
return(stdout);
}
public void runCommand(string command, string stdout = "", string stderr = "")
{
_shell.Connect();
_shell.RedirectToConsole();
_exec.Connect();
int ret = _exec.RunCommand(command, ref stdout, ref stderr);
if (ret != 0)
{
System.Diagnostics.Debugger.Break();
}
_exec.Close();
_shell.Close();
}
public void RunShellTest()
{
try
{
shell.Connect();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
shell.ExpectPattern = "#";
Console.WriteLine(shell.Expect());
shell.WriteLine(@"ls");
Console.WriteLine(shell.Expect());
shell.WriteLine(@"ll");
Console.WriteLine(shell.Expect());
shell.WriteLine(@"cd /usr/local");
Console.WriteLine(shell.Expect());
shell.WriteLine(@"ll");
Console.WriteLine(shell.Expect());
shell.WriteLine(@"topp");
Console.WriteLine(shell.Expect());
shell.Close();
Console.WriteLine("----------------------------------------------");
exec.Connect();
string strRrr = "";
string strOut = "";
exec.RunCommand("ls", ref strOut, ref strRrr);
System.Threading.Thread.Sleep(1000);
Console.WriteLine(strOut);
Console.WriteLine(strRrr);
exec.RunCommand(@"cd /usr/local", ref strOut, ref strRrr);
Console.WriteLine(strOut);
Console.WriteLine(strRrr);
Console.WriteLine(exec.RunCommand(@"ll"));
Console.WriteLine(exec.RunCommand(@"cd /usr/local"));
exec.Close();
}
public void search_email_collector(string domainname)
{
SshShell sshShell = connect();
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/metasploitsvn"; //TODO Hardcoded
prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend;
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
cmd1 = "./msfcli auxiliary/gather/search_email_collector DOMAIN=" + domainname + " E"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
/*
* DOMAIN => target.com
* [*] Harvesting emails .....
* [*] Searching Google for email addresses from target.com
* [*] Extracting emails from Google search results...
* [*] Searching Bing email addresses from target.com
* [*] Extracting emails from Bing search results...
* [*] Searching Yahoo for email addresses from target.com
* [*] Extracting emails from Yahoo search results...
* [*] Located 2 email addresses for target.com
* [*] [email protected]
* [*] [email protected]
* [*] Auxiliary module execution completed
*/
string[] mytab = Regex.Split(stdout, "\r\n");
foreach (string line in mytab)
{
if (line.Contains("@" + domainname))
{
Console.WriteLine(line.Replace("[*]", "").Trim());
}
}
sshShell.Close();
}
static void Main(string[] args)
{
testScp();
try
{
string host = "192.168.0.3";
string user = "******";
string pass = "******";
Console.WriteLine("主机地址: {0}", host);
Console.WriteLine("登陆用户: {0}", user);
Console.WriteLine("登录密码: {0}", pass);
SshShell shell = new SshShell(host, user);
shell.Password = pass;
shell.RedirectToConsole();
Console.Write("正在连接...");
shell.Connect();
Console.WriteLine("连接完毕!");
Console.WriteLine("=========");
while (shell.ShellOpened)
{
System.Threading.Thread.Sleep(500);
}
Console.WriteLine("=========");
Console.WriteLine("断开连接中...");
shell.Close();
Console.WriteLine("断开完毕");
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Console.Write("按任意键继续...");
Console.ReadKey();
Console.WriteLine("\b");
Environment.Exit(0);
}
protected void Page_Load(object sender, EventArgs e)
{
string strUsername = "******";
string strPassword = "******";
//string strExpects = "sc>|[y/n]|} ok|return to ALOM";
string strExpects = "#";
SshShell oSSHshell = new SshShell("10.49.254.229", strUsername, strPassword);
oSSHshell.RemoveTerminalEmulationCharacters = true;
oSSHshell.Connect();
CombinedStream oSSHstream = (CombinedStream)(oSSHshell.GetStream());
if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
{
//int bt = oSSHstream.ReadByte();
string strOutput = oSSHshell.Expect(strExpects);
Response.Write(strOutput);
}
oSSHshell.Close();
}
private void button1_Click(object sender, EventArgs e)
{
try
{
string host = tb_host.Text;
string acc = tb_acc.Text;
string pwd = tb_pwd.Text;
shell = new SshShell(host, acc, pwd);
//shell.RedirectToConsole();
shell.Connect(22);
m_Channel = shell.getChannel();
string line = null;
ThreadPool.QueueUserWorkItem((a) =>
{
while (shell.ShellOpened)
{
System.Threading.Thread.Sleep(100);
while ((line = m_Channel.GetMessage()) != null)
{
ShowLogger(line);
}
}
Console.Write("Disconnecting...");
shell.Close();
Console.WriteLine("OK");
});
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
}
public void dns_enum(string domainname)
{
SshShell sshShell = connect();
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded
prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend;
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
cmd1 = "./msfcli auxiliary/gather/dns_enum DOMAIN=" + domainname + " E"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
Console.Write(stdout);
sshShell.Close();
}
public void vnc_login(string target)
{
SshShell sshShell = connect();
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded
prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend;
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
cmd1 = "./msfcli auxiliary/scanner/vnc/vnc_login RHOSTS=" + target + " PASS_FILE=" + PASS_FILE + " STOP_ON_SUCCESS=true E"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
Console.Write(stdout);
/*
* [*] 8.6.6.8:5900 - Attempting VNC login with password 'computer'
* [*] 8.6.6.8:5900, VNC server protocol version : 3.3
* [+] 8.6.6.8:5900, VNC server password : "******"
* [*] Scanned 1 of 1 hosts (100% complete)
* [*] Auxiliary module execution completed
*/
Regex myRegex = new Regex("VNC server password : "******"\"") + "[^<>]*" + Regex.Escape("\""));
string strTemp = myRegex.Match(stdout).ToString();
if (strTemp != "")
{
strTemp = strTemp.Replace("VNC server password : "******"");
strTemp = strTemp.Replace("\"", "");
Console.Write(strTemp);
}
sshShell.Close();
}
static void Main(string[] args)
{
//SshConnectionInfo input = Util.GetInput();
SshShell shell = new SshShell("101.132.130.133", "root");
shell.Password = "******";
//This statement must be prior to connecting
shell.RedirectToConsole();
Console.Write("Connecting...");
shell.Connect();
Console.WriteLine("OK");
while (shell.ShellOpened)
{
System.Threading.Thread.Sleep(500);
}
Console.Write("Disconnecting...");
shell.Close();
Console.WriteLine("OK");
Console.ReadKey();
}
protected override void RunWithSession(ref Session session)
{
string toDirectory = "/tmp";
Status = Messages.IN_PROGRESS;
log.InfoFormat("{0} Upgrade...", Host.address);
int sshdstate = 1;
int sshport = 22;
Dictionary <string, string> _servicearguments = new Dictionary <string, string>();
_servicearguments.Add("servicename", "sshd");
try
{
string rsvalue = XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "getserviceinfo", _servicearguments);
rsvalue = rsvalue.Replace("[", "").Replace("]", "").Replace("'", "").Replace("\\n", "");
string[] rsvalues = rsvalue.Split(',');
if (rsvalues.Length > 1 && "0".Equals(rsvalues[1].Trim()))
{
log.InfoFormat("{0} sshd is running ...", Host.address);
}
if (rsvalues.Length > 1 && "3".Equals(rsvalues[1].Trim()))
{
log.InfoFormat("{0} sshd is stop, start sshd ...", Host.address);
rsvalue = XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "startserviceinfo", _servicearguments);
rsvalue = rsvalue.Replace("[", "").Replace("]", "").Replace("'", "").Replace("\\n", "");
rsvalues = rsvalue.Split(',');
if (rsvalues.Length > 1 && "0".Equals(rsvalues[1].Trim()))
{
sshdstate = 0;
}
else
{
throw new Exception(Messages.START_SSH_FAILED);
}
}
//sshport = 7443;
}catch (Exception)
{}
FileStream file = new FileStream(_fileName, FileMode.Open);
string topfilename = Path.GetFileNameWithoutExtension(_fileName);
System.Security.Cryptography.MD5 md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] retVal = md5.ComputeHash(file);
file.Close();
StringBuilder sb = new StringBuilder();
for (int i = 0; i < retVal.Length; i++)
{
sb.Append(retVal[i].ToString("x2"));
}
log.InfoFormat("md5.......{0}", sb);
SshTransferProtocolBase sshCp;
//sshCp = new Sftp(Host.address, Host.Connection.Username);
sshCp = new Scp(Host.address, Host.Connection.Username);
sshCp.Password = Host.Connection.Password;
log.InfoFormat("sshCp Connecting...");
sshCp.Connect(sshport);
log.InfoFormat("sshCp Connecting OK .......");
String Programurl = Program.AssemblyDir;
sshCp.Put(_fileName, toDirectory + "/" + Path.GetFileName(_fileName));
log.InfoFormat("cp Installation package ok......");
sshCp.Put(Programurl + "\\halsign_host_upgrade.py", "/etc/xapi.d/plugins/halsign_host_upgrade.py");
log.InfoFormat("cp halsign_host_upgrade.py ok......");
SshShell ssh = new SshShell(Host.address, Host.Connection.Username);
ssh.Password = Host.Connection.Password;
string productVersion = Host.ProductVersion;
log.InfoFormat("sshshell Connecting...");
ssh.Connect(sshport);
log.InfoFormat("sshshell Connecting ok...");
ssh.ExpectPattern = "#";
ssh.RemoveTerminalEmulationCharacters = true;
//System.Console.WriteLine();
//Thread.Sleep(1000);
//ssh.WriteLine("chmod 777 /etc/xapi.d/plugins/halsign_host_upgrade.py;echo $?");
//string output = ssh.Expect("#");
//log.InfoFormat(output);
while (true)
{
ssh.WriteLine("chmod 777 /etc/xapi.d/plugins/halsign_host_upgrade.py;echo $?");
string output = ssh.Expect("#");
log.InfoFormat(output);
if (output.IndexOf("rwxrwxrwx") > -1)
{
break;
}
ssh.WriteLine("ls -ld /etc/xapi.d/plugins/halsign_host_upgrade.py |awk '{print $1}'|sed 's/^[a-zA-Z-]//'");
output = ssh.Expect("#");
log.InfoFormat(output);
if (output.IndexOf("rwxrwxrwx") > -1)
{
break;
}
}
ssh.WriteLine("exit");
ssh.Close();
log.InfoFormat("sshshell Disconnecting OK.....");
sshCp.Close();
log.InfoFormat("sshCp Disconnecting OK.....");
if (sshdstate == 0)
{
XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "stopserviceinfo", _servicearguments);
}
_arguments = new Dictionary <string, string>();
_arguments.Add("md5", sb.ToString());
_arguments.Add("filename", topfilename);
_arguments.Add("toDirectory", toDirectory);
Status = Messages.PLAN_ACTION_STATUS_HOST_UPGRADED;
string value = XenAPI.Host.call_plugin(session, Host.opaque_ref, "halsign_host_upgrade.py", "main", _arguments);
if (value.ToLower() == "true")
{
//base.RunWithSession(ref session);
Status = Messages.PLAN_ACTION_STATUS_HOST_UPGRADED;
}
else if (",1,2,5,6,7,10,11,12,13,1001,1002,1003,1004,1005,1006,".IndexOf("," + value + ",") > -1)
{
value = value == "2" ? "1" : value;
string Ms = "PATCH_UPGRADE_" + value;
if (value.Equals("1"))
{
//Status = (string)XenAdmin.Messages.ResourceManager.GetString(Ms, resourceCulture);
throw new Exception("PATCHOK_" + (string)XenAdmin.Messages.ResourceManager.GetString(Ms));
}
else
{
throw new Exception((string)XenAdmin.Messages.ResourceManager.GetString(Ms));
}
}
else
{
throw new Exception(Messages.ERROR + ":" + value);
}
}
public void search_email_collector(string domainname)
{
Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " search_email_collector on : " + domainname);
SshShell sshShell = connect();
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/metasploitsvn"; //TODO Hardcoded
//prompt1 = prompt + "~/tools/metasploitsvn" + promptend;
sshShell.WriteLine(cmd1);
Thread.Sleep(2000);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " stdout001: " + stdout);
//TODO Hardcoded
cmd1 = "./msfcli auxiliary/gather/search_email_collector DOMAIN=" + domainname + " E"; //Hardcoded
sshShell.WriteLine(cmd1);
Thread.Sleep(60000);
stdout = sshShell.Expect(prompt);
/*
* DOMAIN => target.com
* [*] Harvesting emails .....
* [*] Searching Google for email addresses from target.com
* [*] Extracting emails from Google search results...
* [*] Searching Bing email addresses from target.com
* [*] Extracting emails from Bing search results...
* [*] Searching Yahoo for email addresses from target.com
* [*] Extracting emails from Yahoo search results...
* [*] Located 2 email addresses for target.com
* [*] [email protected]
* [*] [email protected]
* [*] Auxiliary module execution completed
*/
XORCISMEntities model = new XORCISMEntities();
string[] mytab = Regex.Split(stdout, "\r\n");
string mymail = "";
foreach (string line in mytab)
{
if (line.Contains("@" + domainname))
{
mymail = line.Replace("[*]", "").Trim();
Console.WriteLine(mymail);
//TODO
/*
* //Check if we already collected this email
* var Q = from e in model.INFORMATION
* where e.JobID == m_jobId && e.Title == "Email" && e.Result == mymail
* select e;
*
* INFORMATION newInfo = Q.FirstOrDefault();
*
* if (newInfo == null)
* {
* Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Email collected: " + mymail);
*
* newInfo = new INFORMATION();
* newInfo.Title = "Email";
* newInfo.Result = mymail;
* newInfo.JobID = m_jobId;
* m_model.AddToINFORMATION(newInfo);
* m_model.SaveChanges();
* }
*/
}
}
Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " esearchy on : " + domainname);
cmd1 = "esearchy -q \"@" + domainname + "\" --enable-all --disable-bing --disable-yahoo -m 500 -w " + m_target; //company //HARDCODED
//TODO Review
Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " esearchy command : " + cmd1);
sshShell.WriteLine(cmd1);
Thread.Sleep(60000);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "esearchy stdout: " + stdout);
mytab = Regex.Split(stdout, "\r\n");
mymail = "";
foreach (string line in mytab)
{
//TODO
/*
* if (line.ToLower().EndsWith("@" + domainname.ToLower()))
* {
* mymail = line.Trim();
* Console.WriteLine(mymail);
*
* //Check if we already collected this email
* var Q = from e in model.INFORMATION
* where e.JobID == m_jobId && e.Title == "Email" && e.Result == mymail
* select e;
*
* INFORMATION newInfo = Q.FirstOrDefault();
*
* if (newInfo == null)
* {
* Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Email collected: " + mymail);
* newInfo = new INFORMATION();
* newInfo.Title = "Email";
* newInfo.Result = mymail;
* newInfo.JobID = m_jobId;
* m_model.AddToINFORMATION(newInfo);
* m_model.SaveChanges();
* }
* }
* else
* {
*
* //Kerry Davis -> http://www.spoke.com/info/pC4F8IB/KerryDavis
* //Tom Bui -> http://www.linkedin.com/pub/tom-bui/2/329/168
* //Mark Behm profiles -> http://www.linkedin.com/pub/dir/Mark/Behm
*
* if (line.Contains("-> http://"))
* {
* try
* {
* mytab = Regex.Split(line, " -> ");
* Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "People collected: " + line);
* INFORMATION newInfo = new INFORMATION();
* newInfo.Title = "People";
* newInfo.Result = mytab[0];
* newInfo.Url = mytab[1];
* newInfo.JobID = m_jobId;
* m_model.AddToINFORMATION(newInfo);
* m_model.SaveChanges();
* }
* catch (Exception ex)
* {
* Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Exception esearchy: " + ex.Message + " " + ex.InnerException);
* }
* }
* else
* {
* if (line.StartsWith(m_target))
* {
* //TODO : URLs
* }
* }
* }
*/
}
sshShell.Close();
}
protected void Page_Load(object sender, EventArgs e)
{
string strSSH = "";
string strILO = "10.249.237.148";
if (Request.QueryString["ilo"] != null)
{
strILO = "10.249.237.144";
}
Variables oVariable = new Variables(intEnvironment);
int intLogging = 0;
byte[] byt;
string str;
Models oModel = new Models(0, dsn);
ModelsProperties oModelsProperties = new ModelsProperties(0, dsn);
Servers oServer = new Servers(0, dsn);
Settings oSetting = new Settings(0, dsn);
OnDemand oOnDemand = new OnDemand(0, dsn);
Log oEventLog = new Log(0, dsn);
SshShell oSSHshell = new SshShell(strILO, oVariable.SolarisUsername(), oVariable.SolarisPassword());
oSSHshell.RemoveTerminalEmulationCharacters = true;
oSSHshell.Connect();
Response.Write("Connected to " + strILO + "...sending commands..." + "<br/>");
CombinedStream oSSHstream = (CombinedStream)(oSSHshell.GetStream());
int intStep = 1;
if (Request.QueryString["none"] == null)
{
byt = new byte[100];
str = "" + strSSH_Carriage;
byt = System.Text.ASCIIEncoding.ASCII.GetBytes(str);
if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
{
oSSHstream.Write(byt);
}
}
int bt = 0;
int intMinutePrevious = 0;
bool boolProcessing = false;
while (bt != -1 && oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
{
bt = oSSHstream.ReadByte();
// Strip the processing cursor -\|/-\|/ from the output
if (bt == 8) // 8 = backspace
{
// Check to see if previous characters were a processing character as well
char chrSSH = strSSH[strSSH.Length - 1];
int intSymbol = (int)chrSSH;
while (IsGarbageChar(intSymbol) == true)
{
if (intLogging > 1)
{
Response.Write("The symbol [" + chrSSH.ToString() + "] is a garbage character and must be removed" + "<br/>");
}
strSSH = strSSH.Substring(0, strSSH.Length - 1);
chrSSH = strSSH[strSSH.Length - 1];
intSymbol = (int)chrSSH;
}
// Set processing to true to exclude future characters
boolProcessing = true;
}
if (boolProcessing == true && IsGarbageChar(bt) == false)
{
boolProcessing = false;
}
if (boolProcessing == false)
{
strSSH += (char)bt;
}
string strReadSSH = "";
string strWriteSSH = "";
switch (intStep)
{
case 1:
strReadSSH = "-sc>";
strWriteSSH = "poweron";
break;
case 2:
strReadSSH = "-sc>";
strWriteSSH = "showpower";
break;
case 3:
strReadSSH = "-sc>";
break;
}
if (strReadSSH != "" && strSSH.EndsWith(strReadSSH) == true)
{
try
{
Response.Write("SSH output ends with [" + strReadSSH + "] : " + strSSH + "<br/>");
}
catch { }
if (intStep == 3)
{
break;
}
// Execute next command
byt = new byte[100];
str = strWriteSSH + strSSH_Carriage;
byt = System.Text.ASCIIEncoding.ASCII.GetBytes(str);
if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
{
try
{
Response.Write("Sending command [" + strWriteSSH + "] : " + strSSH + "<br/>");
}
catch { }
oSSHstream.Write(byt);
}
intStep++;
}
else
{
}
}
Response.Write(strSSH);
oSSHstream.Close();
oSSHshell.Close();
}
public bool Parse()
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "Parse()");
Assembly a;
/* A way for loading XMLfile */
XPathNavigator nav;
XPathNavigator nav1;
XPathDocument docNav;
XPathNodeIterator NodeIter1;
String strExpression1;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "ARACHNI Assembly location = " + a.Location);
/* Name of XML result */
string file;
file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode());
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file));
/* SSH instructions & declarations */
//HARDCODED
int port = 22;
string address, username, password;
string prompt;
address = "192.168.1.2"; //TODO Hardcoded
username = "******";
password = "******";
prompt = "root"; //@backtrack:"; //Kali...
SshShell sshShell;
sshShell = new SshShell(address, username, password);
sshShell.RemoveTerminalEmulationCharacters = true;
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Connecting to ARACHNI server at {1}", m_jobId, address));
try{
sshShell.Connect(port);
//sshShell.Expect(prompt+"~#");
sshShell.Expect(prompt);// + "~$");
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} ConnectingERROR to ARACHNI server at {1} : " + ex.Message + " " + ex.InnerException, m_jobId, address));
address = "192.168.1.2"; //TODO hardcoded
username = "******";
password = "******";
prompt = "root";//@backtrack:";
sshShell = new SshShell(address, username, password);
sshShell.RemoveTerminalEmulationCharacters = true;
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Connecting to ARACHNI server at {1}", m_jobId, address));
try
{
sshShell.Connect(port);
sshShell.Expect(prompt);// + "~$");
}
catch (Exception ex2)
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} ConnectingERROR to ARACHNI server at {1} : " + ex2.Message + " " + ex2.InnerException, m_jobId, address));
}
}
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Successfully connected to ARACHNI server", m_jobId));
//string output;
string stdout = "";
//string stderr = "";
/* Command 1 */
string cmd1;
/* See for provider m_model */
/* For an URL */
cmd1 = string.Format("arachni {1} --report='xml:outfile={2}'", m_policy, m_target, file);
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1));
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId));
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", stdout);
string localOutputFile;
localOutputFile = Path.GetTempFileName();
// HACK :
// outputfile = "634244542240861588_39608125_output";
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("Downloading results via SFTP to [{0}]", localOutputFile));
try
{
Sftp ftp;
ftp = new Sftp(address, username, password);
ftp.OnTransferStart += new FileTransferEvent(ftp_OnTransferStart);
ftp.OnTransferProgress += new FileTransferEvent(ftp_OnTransferProgress);
ftp.OnTransferEnd += new FileTransferEvent(ftp_OnTransferEnd);
ftp.Connect(port);
ftp.Get("/" + file, localOutputFile);
ftp.Close();
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("Exception = {0} / {1}", ex.Message, ex.InnerException == null ? "" : ex.InnerException.Message));
return(false);
}
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "Loading the xml document");
/* SAMPLE of XML structure
*
* <?xml version="
* <arachni_report>
* <title>...</title>
* <generated_on>...</generated_on>
* <report_false_positives>http://github.com/Zapotek/arachni/issues</report_false_positives>
* <system>
* <version...</version>
* <revision>...</revision>
* <start_datetime>...</start_datetime>
* <finish_datetime>...</finish_datetime>
* <delta_time>...</delta_time>
* <url>...</url>
* <user_agent>...</user_agent>
* <audited_elements>
* <element>...</element>
* </audited_elements>
* <modules>
* <module name="..."/>
* </modules>
* <filters>
* <exclude>
* </exclude>
* <include>
* <regexp>...</regexp>
* </include>
* <redundant>
* </redundant>
* </filters>
* <cookies>
* <cookie name="..." value="..." />
* </cookies>
* </system>
* <issues>
* <issue>
* <name>...</name>
* <url>...</url>
* <element>...</element>
* <method>...</method>
* <tags>
* <tag name="..." />
* </tags>
* <variable>..</variable>
* <description>...</description>
* <manual_verification...</manual_verification>
* <references>
* <reference name="..." url="..." />
* </references>
* <variations>
* <variation>
* <url>...</url>
* <injected>...</injected>
* <regexp_match>...</regexp_match>
* <headers>
* <request>
* <field name="..." value="..." />
* </request>
* <response>
* <field name="..." value="..." />
* </response>
* </headers>
* <html>...</html>
* <variation>
* <variations>
* ...
* </arachni_report>
*/
try
{
docNav = new XPathDocument(localOutputFile); // for test : result_634521969362210000_41014879.xml || URL file : file
nav = docNav.CreateNavigator();
nav1 = docNav.CreateNavigator();
// If all is OK!
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Successfully loaded XML file : [{1}] ", m_jobId, file));
// Go to parse
try
{
// For read all plugin's
strExpression1 = "/arachni_report/title | /arachni_report/generated_on | /arachni_report/report_false_positives | /arachni_report/system/start_datetime | /arachni_report/system/finish_datetime | /arachni_report/system/delta_time | /arachni_report/system/url | /arachni_report/system/audited_elements/element | /arachni_report/issues/issue/name | /arachni_report/issues/issue/url | /arachni_report/issues/issue/element | /arachni_report/issues/issue/method | /arachni_report/issues/issue/tags/tag/@name | /arachni_report/issues/issue/variable | /arachni_report/issues/issue/description | /arachni_report/issues/issue/manual_verification | /arachni_report/issues/issue/references/reference/@name | /arachni_report/issues/issue/references/reference/@url | /arachni_report/issues/issue/variations/variation/url | /arachni_report/issues/issue/variations/variation/injected | /arachni_report/issues/issue/variations/variation/regexp_match | /arachni_report/issues/issue/variations/variation/headers/request/field/@name | /arachni_report/issues/issue/variations/variation/headers/request/field/@value | /arachni_report/issues/issue/variations/variation/headers/response/field/@value | /arachni_report/issues/issue/variations/variation/headers/response/field/@name | /arachni_report/issues/issue/variations/variation/html";
NodeIter1 = nav1.Select(strExpression1);
while (NodeIter1.MoveNext())
{
switch ((string)NodeIter1.Current.Name)
{
case "title":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - TITLE : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "generated_on":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - GENERATED-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "report_false_positives":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - REPORT : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "start_datetime":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - START-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "finish_datetime":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - FINISH-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "delta_time":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - DELTA-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "element":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ELEMENT : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "name":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-NAME : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "url":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-URL : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "method":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-METHOD : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
case "modules":
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - MODULE : [{1}] ", m_jobId, NodeIter1.Current.Value));
break;
}
list_parse.Add((string)NodeIter1.Current.Value);
}
;
}
catch (System.Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "JobID:" + m_jobId + "Exception Parsing XML PLUGIN'S = " + ex.Message + " " + ex.InnerException);
}
}
catch (System.Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "JobID:" + m_jobId + "Exception LOADING XML = " + ex.Message + " " + ex.InnerException);
}
Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE successfull for file : [{1}] ", m_jobId, file));
aff_list();
// Pause
Console.ReadLine();
sshShell.Close();
sshShell = null;
return(true);
}
public void ExecutionDeviceClose()
{
sshShell.Close();
isConnect = false;
}
public bool Parse()
{
Assembly a;
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", "WHATWEB Assembly location = " + a.Location);
/* Name of XML result */
string file;
file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode());
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file));
/* SSH instructions & declarations */
int port = 22;
string address, username, password;
string prompt;
/*
* address = "192.168.79.129"; //111.222.333.444
* username = "******"; //jerome
* password = "******"; //jerome
* //prompt = "root@ubuntu:~#";
*/
/*
* //OVH
* address = "111.222.333.444";
* username = "******";
* password = "******";
* prompt = "root@xmachine:";
*/
address = "111.222.333.444";
username = "******";
password = "******";
prompt = "root"; //@backtrack:";
SshShell sshShell;
sshShell = new SshShell(address, username, password);
sshShell.RemoveTerminalEmulationCharacters = true;
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Connecting to WHATWEB server at {1}", m_jobId, address));
try
{
sshShell.Connect(port);
//sshShell.Expect(prompt+"~#");
sshShell.Expect(prompt);// + "~$");
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ConnectingERROR to WHATWEB server at {1} : " + ex.Message + " " + ex.InnerException, m_jobId, address));
address = "111.222.333.444";
username = "******";
password = "******";
//prompt = "root@backtrack:";
sshShell = new SshShell(address, username, password);
sshShell.RemoveTerminalEmulationCharacters = true;
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Connecting to WHATWEB server at {1}", m_jobId, address));
try
{
sshShell.Connect(port);
sshShell.Expect(prompt);// + "~$");
}
catch (Exception ex2)
{
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ConnectingERROR to WHATWEB server at {1} : " + ex2.Message + " " + ex2.InnerException, m_jobId, address));
}
}
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Successfully connected to WHATWEB server", m_jobId));
//string output;
string stdout = "";
//string stderr = "";
/* Command 1 */
string cmd1;
//cmd1 = "cd /home/tools/whatweb-0.4.7";
cmd1 = "cd /home/root/tools/whatweb-0.4.7/";
sshShell.WriteLine(cmd1);
//prompt = prompt+"/home/tools/whatweb-0.4.7#";
//prompt = "root";//@backtrack:~/tools/whatweb-0.4.7$";
//prompt = "tools/whatweb-0.4.7";
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId));
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout);
cmd1 = "sudo /usr/local/rvm/bin/rvm use 1.8.7";
sshShell.WriteLine(cmd1);
Thread.Sleep(2000);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT02", m_jobId));
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout);
sshShell.WriteLine(password);
Thread.Sleep(2000);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT03", m_jobId));
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout);
/* See for provider m_model */
/* For an URL */
/*
* AGGRESSION LEVELS:
* --aggression, -a=LEVEL The aggression level controls the trade-off between
* speed/stealth and reliability. Default: 1
* Aggression levels are:
* 1 (Passive) Make one HTTP request per target. Except for redirects.
* 2 (Polite) Reserved for future use
* 3 (Aggressive) Triggers aggressive plugin functions only when a
* plugin matches passively.
* 4 (Heavy) Trigger aggressive functions for all plugins. Guess a
* lot of URLs like Nikto.
*/
string agressionlevel = "1";
if (m_policy == "Moderate")
{
agressionlevel = "3";
}
if (m_policy == "Intrusive")
{
agressionlevel = "4";
}
if (m_policy == "PCI DSS")
{
agressionlevel = "3";
}
cmd1 = string.Format("sudo ./whatweb -r -a {0} {1} --log-xml={2}", agressionlevel, m_target, file);
Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1));
sshShell.WriteLine(cmd1);
Thread.Sleep(2000);
stdout = "";
string localOutputFile;
localOutputFile = Path.GetTempFileName();
//ON ATTEND PLUS LE PROMPT CAR DES FOIS CA VIENT PAS - DEBUG A VOIR
Thread.Sleep(60000);
/*
* stdout = sshShell.Expect(prompt);
*
* Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT04", m_jobId));
* Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout);
* //whatweb: command not found
* //http://www.marocannonces.com/ ERROR: Timed out execution expired
*
* // HACK :
* // outputfile = "634244542240861588_39608125_output";
*
* if (stdout.Contains("bson_ext gem is in your load path"))
* {
* Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ExecutingAGAIN command [{1}]", m_jobId, cmd1));
* //We were not root?
* sshShell.WriteLine(cmd1);
* Thread.Sleep(2000);
* stdout = sshShell.Expect(prompt);
*
* Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT05", m_jobId));
* Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout);
* }
*/
if (stdout.Contains("bson_ext gem is in your load path"))
{
//TODO: voir cette erreur
}
else
{
whatweb_get_result(m_jobId, file, localOutputFile, 1);
}
// aff_list();
// Pause
Console.ReadLine();
sshShell.Close();
sshShell = null;
return(true);
}
public void Batch(string Url, string parameters)
{
/*
* Usage: python ./sqlmap.py [options]
*
* Options:
* --version show program's version number and exit
* -h, --help show this help message and exit
* -v VERBOSE Verbosity level: 0-6 (default 1)
*
* Target:
* At least one of these options has to be specified to set the source to
* get target urls from.
*
* -d DIRECT Direct connection to the database
* -u URL, --url=URL Target url
* -l LIST Parse targets from Burp or WebScarab proxy logs
* -r REQUESTFILE Load HTTP request from a file
* -g GOOGLEDORK Process Google dork results as target urls
* -c CONFIGFILE Load options from a configuration INI file
*
* Request:
* These options can be used to specify how to connect to the target url.
*
* --data=DATA Data string to be sent through POST
* --cookie=COOKIE HTTP Cookie header
* --cookie-urlencode URL Encode generated cookie injections
* --drop-set-cookie Ignore Set-Cookie header from response
* --user-agent=AGENT HTTP User-Agent header
* --random-agent Use randomly selected HTTP User-Agent header
* --referer=REFERER HTTP Referer header
* --headers=HEADERS Extra HTTP headers newline separated
* --auth-type=ATYPE HTTP authentication type (Basic, Digest or NTLM)
* --auth-cred=ACRED HTTP authentication credentials (name:password)
* --auth-cert=ACERT HTTP authentication certificate (key_file,cert_file)
* --proxy=PROXY Use a HTTP proxy to connect to the target url
* --proxy-cred=PCRED HTTP proxy authentication credentials (name:password)
* --ignore-proxy Ignore system default HTTP proxy
* --delay=DELAY Delay in seconds between each HTTP request
* --timeout=TIMEOUT Seconds to wait before timeout connection (default 30)
* --retries=RETRIES Retries when the connection timeouts (default 3)
* --scope=SCOPE Regexp to filter targets from provided proxy log
* --safe-url=SAFURL Url address to visit frequently during testing
* --safe-freq=SAFREQ Test requests between two visits to a given safe url
*
* Optimization:
* These options can be used to optimize the performance of sqlmap.
*
* -o Turn on all optimization switches
* --predict-output Predict common queries output
* --keep-alive Use persistent HTTP(s) connections
* --null-connection Retrieve page length without actual HTTP response body
* --threads=THREADS Max number of concurrent HTTP(s) requests (default 1)
*
* Injection:
* These options can be used to specify which parameters to test for,
* provide custom injection payloads and optional tampering scripts.
*
* -p TESTPARAMETER Testable parameter(s)
* --dbms=DBMS Force back-end DBMS to this value
* --os=OS Force back-end DBMS operating system to this value
* --prefix=PREFIX Injection payload prefix string
* --suffix=SUFFIX Injection payload suffix string
* --tamper=TAMPER Use given script(s) for tampering injection data
*
* Detection:
* These options can be used to specify how to parse and compare page
* content from HTTP responses when using blind SQL injection technique.
*
* --level=LEVEL Level of tests to perform (1-5, default 1)
* --risk=RISK Risk of tests to perform (0-3, default 1)
* --string=STRING String to match in page when the query is valid
* --regexp=REGEXP Regexp to match in page when the query is valid
* --text-only Compare pages based only on the textual content
*
* Techniques:
* These options can be used to tweak testing of specific SQL injection
* techniques.
*
* --technique=TECH SQL injection techniques to test for (default BEUST)
* --time-sec=TIMESEC Seconds to delay the DBMS response (default 5)
* --union-cols=UCOLS Range of columns to test for UNION query SQL injection
* --union-char=UCHAR Character to use for bruteforcing number of columns
* Fingerprint:
* -f, --fingerprint Perform an extensive DBMS version fingerprint
*
* Enumeration:
* These options can be used to enumerate the back-end database
* management system information, structure and data contained in the
* tables. Moreover you can run your own SQL statements.
*
* -b, --banner Retrieve DBMS banner
* --current-user Retrieve DBMS current user
* --current-db Retrieve DBMS current database
* --is-dba Detect if the DBMS current user is DBA
* --users Enumerate DBMS users
* --passwords Enumerate DBMS users password hashes
* --privileges Enumerate DBMS users privileges
* --roles Enumerate DBMS users roles
* --dbs Enumerate DBMS databases
* --tables Enumerate DBMS database tables
* --columns Enumerate DBMS database table columns
* --dump Dump DBMS database table entries
* --dump-all Dump all DBMS databases tables entries
* --search Search column(s), table(s) and/or database name(s)
* -D DB DBMS database to enumerate
* -T TBL DBMS database table to enumerate
* -C COL DBMS database table column to enumerate
* -U USER DBMS user to enumerate
* --exclude-sysdbs Exclude DBMS system databases when enumerating tables
* --start=LIMITSTART First query output entry to retrieve
* --stop=LIMITSTOP Last query output entry to retrieve
* --first=FIRSTCHAR First query output word character to retrieve
* --last=LASTCHAR Last query output word character to retrieve
* --sql-query=QUERY SQL statement to be executed
* --sql-shell Prompt for an interactive SQL shell
*
* Brute force:
* These options can be used to run brute force checks.
*
* --common-tables Check existence of common tables
* --common-columns Check existence of common columns
*
* User-defined function injection:
* These options can be used to create custom user-defined functions.
* --udf-inject Inject custom user-defined functions
* --shared-lib=SHLIB Local path of the shared library
*
* File system access:
* These options can be used to access the back-end database management
* system underlying file system.
*
* --file-read=RFILE Read a file from the back-end DBMS file system
* --file-write=WFILE Write a local file on the back-end DBMS file system
* --file-dest=DFILE Back-end DBMS absolute filepath to write to
*
* Operating system access:
* These options can be used to access the back-end database management
* system underlying operating system.
*
* --os-cmd=OSCMD Execute an operating system command
* --os-shell Prompt for an interactive operating system shell
* --os-pwn Prompt for an out-of-band shell, meterpreter or VNC
* --os-smbrelay One click prompt for an OOB shell, meterpreter or VNC
* --os-bof Stored procedure buffer overflow exploitation
* --priv-esc Database process' user privilege escalation
* --msf-path=MSFPATH Local path where Metasploit Framework 3 is installed
* --tmp-path=TMPPATH Remote absolute path of temporary files directory
*
* Windows registry access:
* These options can be used to access the back-end database management
* system Windows registry.
*
* --reg-read Read a Windows registry key value
* --reg-add Write a Windows registry key value data
* --reg-del Delete a Windows registry key value
* --reg-key=REGKEY Windows registry key
* --reg-value=REGVAL Windows registry key value
* --reg-data=REGDATA Windows registry key value data
* --reg-type=REGTYPE Windows registry key value type
*
* General:
* These options can be used to set some general working parameters.
* -t TRAFFICFILE Log all HTTP traffic into a textual file
* -s SESSIONFILE Save and resume all data retrieved on a session file
* --flush-session Flush session file for current target
* --fresh-queries Ignores query results stored in session file
* --eta Display for each output the estimated time of arrival
* --update Update sqlmap
* --save Save options on a configuration INI file
* --batch Never ask for user input, use the default behaviour
*
* Miscellaneous:
* --beep Alert when sql injection found
* --check-payload IDS detection testing of injection payloads
* --cleanup Clean up the DBMS by sqlmap specific UDF and tables
* --forms Parse and test forms on target url
* --gpage=GOOGLEPAGE Use Google dork results from specified page number
* --page-rank Display page rank (PR) for Google dork results
* --parse-errors Parse DBMS error messages from response pages
* --replicate Replicate dumped data into a sqlite3 database
* --tor Use default Tor (Vidalia/Privoxy/Polipo) proxy address
* --wizard Simple wizard interface for beginner users
*/
int port;
string address, username, password;
//HARDCODED
port = 22;
address = "111.222.333.444";
username = "******";
password = "******";
SshShell sshShell;
sshShell = new SshShell(address, username, password);
sshShell.RemoveTerminalEmulationCharacters = true;
string prompt;
prompt = "root@xmachine:~#";
//exec.Connect(address);
//exec.Login(username, password);
sshShell.Connect(port);
sshShell.Expect(prompt);
string stdout = "";
//string stderr = "";
string cmd1 = "cd /home/root/tools/sqlmap"; //Hardcoded
//string prompt1 = "root@xmachine:/home/tools/sqlmap#";
string prompt1 = "root@backtrack:~/tools/sqlmap$"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
//==============================================
cmd1 = "svn update"; //Hardcoded
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
//"./sqlmap.py -u http://10.13.102.203/login.php --forms --batch"
cmd1 = "./sqlmap.py -u " + Url + " " + parameters + " --level=3 --batch";
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt1);
Console.WriteLine(stdout);
string webos = string.Empty;
string webapptechno = string.Empty;
string mysgbd = string.Empty;
string[] myLines = stdout.Split(new char[] { '\n' });
for (int cpt = 1; cpt < myLines.Length - 1; cpt++)
{
if (myLines[cpt].Contains("web server operating system:")) //Hardcoded
{
webos = myLines[cpt].Replace("web server operating system:", "").Trim();
Console.WriteLine("webos:" + webos);
//Windows
}
if (myLines[cpt].Contains("web application technology:"))
{
webapptechno = myLines[cpt].Replace("web application technology:", "").Trim();
Console.WriteLine("webapptechno:" + webapptechno);
//PHP 5.3.5, Apache 2.2.17
}
if (myLines[cpt].Contains("back-end DBMS:"))
{
mysgbd = myLines[cpt].Replace("back-end DBMS:", "").Trim();
Console.WriteLine("mysgbd:" + mysgbd);
//MySQL 5.0
}
}
sshShell.Close();
}
public bool Parse()
{
Assembly a;
/* A way for loading XMLfile */
a = Assembly.GetExecutingAssembly();
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", "NIKTO Assembly location = " + a.Location);
/* Name of XML result */
string file;
file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode());
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file));
/* SSH instructions & declarations */
int port = 22;
string address, username, password;
string prompt;
/*
* address = "111.222.333.444";
* username = "******";
* password = "******";
* prompt = "root@xmachine:";
*/
//HARDCODED
address = "111.222.333.444";
username = "******";
password = "******";
prompt = "root"; //@backtrack:
SshShell sshShell;
sshShell = new SshShell(address, username, password);
// sshShell.RemoveTerminalEmulationCharacters = true;
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Connecting to NIKTO server at {1}", m_jobId, address));
try
{
sshShell.Connect(port);
//sshShell.Expect(prompt+"~#");
sshShell.Expect(prompt);// + "~$");
}
catch (Exception ex)
{
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", "Error in sshconnection to " + address + " " + ex.Message + " " + ex.InnerException);
}
// if ssh connection
if (sshShell.Connected)
{
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Successfully connected to NIKTO server", m_jobId));
//string output;
string stdout = "";
/* Command 1 */
string cmd1;
//cmd1 = "cd /home/tools/nikto-2.1.4";
cmd1 = "cd /home/root/tools/nikto-2.1.4"; //HARDCODED
sshShell.WriteLine(cmd1);
//prompt = prompt+"/home/tools/nikto-2.1.4#";
//prompt = "tools/nikto-2.1.4$";
stdout = sshShell.Expect(prompt);
/* See for provider m_model */
/* For an URL */
/*
* @ -T => tunning or strategy
* @ -C all => to force check all possible dirs
*/
//cmd1 = string.Format("nikto -Format XML -o {2} -host {1} -T {3} -C all", m_policy, m_target, file, m_strategy); //-g -e 6
cmd1 = string.Format("./nikto.pl -Format XML -o {2} -host {1} -C all", m_policy, m_target, file); //-g -e 6 //HARDCODED
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1));
sshShell.WriteLine(cmd1);
stdout = sshShell.Expect(prompt);
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId));
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", stdout);
string localOutputFile;
localOutputFile = Path.GetTempFileName();
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("Downloading results via SFTP to [{0}]", localOutputFile));
nikto_get_result(file, localOutputFile);
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} XML PARSE successfull for file : [{1}] ", m_jobId, file));
//aff_list();
// Pause
Console.ReadLine();
sshShell.Close();
sshShell = null;
return(true);
}
else
{
Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Connection failed to NIKTO server", m_jobId));
return(false);
}
}
protected void Page_Load(object sender, EventArgs e)
{
Models oModel = new Models(0, dsn);
Solaris oSolaris = new Solaris(0, dsn);
Variables oVariables = new Variables((int)CurrentEnvironment.PNCNT_QA);
string strMAC = "";
string strUsername = oVariables.NexusUsername();
string strPassword = oVariables.NexusPassword();
string strExpects = "#";
string strLine = "show int eth 102/1/24 br";
//SshShell oSSHshell = new SshShell("P-PRDC-ZA08A-1", strUsername, strPassword);
//oSSHshell.RemoveTerminalEmulationCharacters = true;
//oSSHshell.Connect();
//if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true)
//{
// // Wait for "sc>"
// string strBanner = oSSHshell.Expect(strExpects);
// // Send Command : showsc sys_enetaddr
// oSSHshell.WriteLine(strLine);
// //WriteLine(oSSHshell, strLine);
// // Wait for "sc>"
// strMAC = oSSHshell.Expect(strExpects);
// //strMAC = oSolaris.ParseOutput(strMAC, "macaddress = ", Environment.NewLine);
//}
//oSSHshell.Close();
//Response.Write("<p>" + strMAC + "</p>");
//SshExec oSSH = new SshExec("P-PRDC-ZA08A-1", strUsername, strPassword);
//oSSH.Connect();
//string strMAC2 = oSSH.RunCommand(strLine);
//oSSH.Close();
//Response.Write("<p>" + strMAC2 + "</p>");
//SshExec oSSHa = new SshExec("10.49.254.229", "admin", "nccSAN03");
//oSSHa.Connect();
//string strResult = oSSHa.RunCommand("config t");
//Response.Write(strResult);
////Response.Write(ExecuteSSH("config t", oSSHa));
//oSSHa.Close();
string strName = "HEALYTEST";
StringBuilder strSAN = new StringBuilder();
SshShell oSSHshellb = new SshShell("10.49.254.230", "admin", "nccSAN03");
oSSHshellb.RemoveTerminalEmulationCharacters = true;
oSSHshellb.Connect();
if (oSSHshellb.Connected == true && oSSHshellb.ShellOpened == true)
{
string strBanner = oSSHshellb.Expect("#");
strSAN.Append("10.49.254.230...");
strSAN.Append(ExecuteSSH("config t", oSSHshellb));
strSAN.Append(ExecuteSSH("device-alias database", oSSHshellb));
strSAN.Append(ExecuteSSH("device-alias name " + strName + "b pwwn 50:06:0b:00:00:c3:5a:36", oSSHshellb));
strSAN.Append(ExecuteSSH("exit", oSSHshellb));
strSAN.Append(ExecuteSSH("device-alias commit", oSSHshellb));
System.Threading.Thread.Sleep(20000); // wait 20 seconds
strSAN.Append(ExecuteSSH("zoneset name eng_cert vsan 1101", oSSHshellb));
strSAN.Append(ExecuteSSH("zone name " + strName + "b_vmax0425_01h1", oSSHshellb));
strSAN.Append(ExecuteSSH("member device-alias " + strName + "b", oSSHshellb));
strSAN.Append(ExecuteSSH("member device-alias vmax0425_01h1", oSSHshellb));
strSAN.Append(ExecuteSSH("exit", oSSHshellb));
strSAN.Append(ExecuteSSH("member " + strName + "b_vmax0425_01h1", oSSHshellb));
strSAN.Append(ExecuteSSH("exit", oSSHshellb));
strSAN.Append(ExecuteSSH("zoneset activate name eng_cert vsan 1101", oSSHshellb));
System.Threading.Thread.Sleep(10000); // wait 10 seconds
strSAN.Append(ExecuteSSH("zone commit vsan 1101", oSSHshellb));
System.Threading.Thread.Sleep(20000); // wait 20 seconds
strSAN.Append(ExecuteSSH("end", oSSHshellb));
strSAN.Append(ExecuteSSH("exit", oSSHshellb));
}
oSSHshellb.Close();
Response.Write("<p>" + strSAN + "</p>");
}
