public bool Connect() { bool _result = false; try { if (m_Shell != null) { try { m_Shell.Close(); } catch { } } m_Shell = new SshShell(FileManager.Configuration.Options.SSHOptions.SSHHost, FileManager.Configuration.Options.SSHOptions.SSHUser, FileManager.Configuration.Options.SSHOptions.SSHPass); int _port = 22; try { _port = Int32.Parse(FileManager.Configuration.Options.SSHOptions.SSHPort); } catch { } m_Shell.Connect(_port); _result = m_Shell.Connected; } catch (Exception ex) { Loggy.Logger.DebugException("SSH Connect: ", ex); } return(_result); }
public static void RunExample() { try { SshConnectionInfo input = Util.GetInput(); SshShell shell = new SshShell(input.Host, input.User); if (input.Pass != null) { shell.Password = input.Pass; } if (input.IdentityFile != null) { shell.AddIdentityFile(input.IdentityFile); } //This statement must be prior to connecting shell.RedirectToConsole(); Console.Write("Connecting..."); shell.Connect(); Console.WriteLine("OK"); while (shell.ShellOpened) { System.Threading.Thread.Sleep(500); } Console.Write("Disconnecting..."); shell.Close(); Console.WriteLine("OK"); } catch (Exception e) { Console.WriteLine(e.Message); } }
public void Close() { if (ssh.Connected) { ssh.Close(); } }
public void Disconnection() { try { RUN_CUT = false; exit(); if (null != shell) { shell.Close(); } if (null != m_Channel) { m_Channel.disconnect(); } if (null != sftpChannel) { sftpChannel.disconnect(); } logger.Debug("断开Ssh...OK"); } catch (Exception ex) { logger.Error("断开链接异常:" + ex.Message, ex); } }
public string GetMacAddress(string _host, int _boot_groupid, int _environment, Log oLog, string _name, string _serial) { oLog.AddEvent(_name, _serial, "Starting MAC Address lookup...", LoggingType.Debug); string strMAC = ""; if (_boot_groupid > 0) { Models oModel = new Models(0, dsn); string strUsername = oModel.GetBootGroup(_boot_groupid, "username"); string strPassword = oModel.GetBootGroup(_boot_groupid, "password"); string strExpects = oModel.GetBootGroup(_boot_groupid, "regular"); string strCommand = oModel.GetBootGroup(_boot_groupid, "mac_query_command"); string strStart = oModel.GetBootGroup(_boot_groupid, "mac_query_substring_start"); oLog.AddEvent(_name, _serial, "Connecting...", LoggingType.Debug); SshShell oSSHshell = new SshShell(_host, strUsername, strPassword); oSSHshell.RemoveTerminalEmulationCharacters = true; oSSHshell.Connect(); string[] strExpect = strExpects.Split(new char[] { '|' }); if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true) { // Wait for prompt string strBanner = oSSHshell.Expect(strExpects); oLog.AddEvent(_name, _serial, "Received banner prompt = " + strBanner, LoggingType.Debug); if (IsInOutput(strBanner, strExpect) == false) { oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 1...", LoggingType.Debug); strBanner = oSSHshell.Expect(strExpects); oLog.AddEvent(_name, _serial, "Received banner prompt # 1 = " + strBanner, LoggingType.Debug); } if (IsInOutput(strBanner, strExpect) == false) { oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 2...", LoggingType.Debug); strBanner = oSSHshell.Expect(strExpects); oLog.AddEvent(_name, _serial, "Received banner prompt # 2 = " + strBanner, LoggingType.Debug); } if (IsInOutput(strBanner, strExpect) == false) { oLog.AddEvent(_name, _serial, "Did not recieve all the output...trying again # 3...", LoggingType.Debug); strBanner = oSSHshell.Expect(strExpects); oLog.AddEvent(_name, _serial, "Received banner prompt # 3 = " + strBanner, LoggingType.Debug); } if (IsInOutput(strBanner, strExpect) == true) { oLog.AddEvent(_name, _serial, "Writing command = " + strCommand, LoggingType.Debug); // Send Command to get MAC Address oSSHshell.WriteLine(strCommand); // Wait for prompt strMAC = oSSHshell.Expect(strExpects); oLog.AddEvent(_name, _serial, "Received Response = " + strMAC, LoggingType.Debug); oLog.AddEvent(_name, _serial, "Parsing using " + strStart, LoggingType.Debug); strMAC = ParseOutput(strMAC, strStart, Environment.NewLine); } } oSSHshell.Close(); } return(strMAC); }
//public void smb_enumusers(string mytarget) public List <string> smb_enumusers(string mytarget) { List <string> SMBusers = new List <string>(); SshShell sshShell = connect(); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend; //sshShell.WriteLine(cmd1); //stdout = sshShell.Expect(prompt1); cmd1 = "./msfcli auxiliary/scanner/smb/smb_enumusers RHOSTS=" + mytarget + " E"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); Console.WriteLine(stdout); /* * RHOSTS => 111.222.333.444 * [*] 111.222.333.444 xmachine [ nobody, nxpgsql ] ( LockoutTries=0 PasswordMin=5 * ) * [*] Scanned 1 of 1 hosts (100% complete) * [*] Auxiliary module execution completed */ Regex myRegex = new Regex(Regex.Escape("[") + "[^<>]*" + Regex.Escape("]")); string[] mytab = Regex.Split(stdout, "\r\n"); foreach (string line in mytab) { if (line.Contains(mytarget)) { string strTemp = myRegex.Match(line.Replace("[*]", "")).ToString(); if (strTemp != "") { //Console.WriteLine("users:" + strTemp); //[ nobody, nxpgsql ] strTemp = strTemp.Replace("[", ""); strTemp = strTemp.Replace("]", "").Trim(); string[] myusers = Regex.Split(strTemp, ","); foreach (string user in myusers) { Console.WriteLine(user.Trim()); SMBusers.Add(user.Trim()); } } } } sshShell.Close(); return(SMBusers); }
private void ConfigureNexus() { try { Ping oPing = new Ping(); string strPingStatus = ""; try { PingReply oReply = oPing.Send(strSwitch); strPingStatus = oReply.Status.ToString().ToUpper(); } catch { } if (strPingStatus == "SUCCESS") { // Switch the port of strSwitchA, strInterfaceA oSSHshell = new SshShell(strSwitch, oVariable.NexusUsername(), oVariable.NexusPassword()); oSSHshell.RemoveTerminalEmulationCharacters = true; oSSHshell.Connect(); string strLogin = oAsset.GetDellSwitchportOutput(oSSHshell); if (strLogin != "**INVALID**") { oLog.AddEvent(intAnswer, strName, strSerial, "Successfully logged into Switch (" + strSwitch + ")...Setting " + (oMode == DellBladeSwitchportMode.Trunk ? "TRUNK" : "ACCESS") + " Switchport (" + strInterface + ") to " + strVlan + " (override = " + (boolOverride ? "true" : "false") + ")", LoggingType.Information); string strResult = oAsset.ChangeDellSwitchport(oSSHshell, strInterface, oMode, strVlan, strNative, strDescription, boolOverride, intAsset); if (strResult == "") { oLog.AddEvent(intAnswer, strName, strSerial, "Successfully changed switchport " + strInterface + " on " + strSwitch, LoggingType.Information); Complete = true; // Done Configuring Switchports } else { Error = "There was a problem configuring the Dell Blade Switchport ~ Switch: " + strSwitch + ", Interface: " + strInterface + ", Error: " + strResult; oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error); } if (oSSHshell.ShellConnected == true && oSSHshell.ShellOpened == true) { oSSHshell.Close(); } } else { Error = "There was a problem logging into the Dell Blade Switch ~ Switch: " + strSwitch; oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error); } } else { Error = "There was a problem pinging the Dell Blade Switch ~ Switch: " + strSwitch + ", Status: " + strPingStatus; oLog.AddEvent(intAnswer, strName, strSerial, Error, LoggingType.Error); } } catch (Exception ex) { Error = "Physical Service (NexusThread - ConfigureNexus): " + "(Error Message: " + ex.Message + ") (Source: " + ex.Source + ") (Stack Trace: " + ex.StackTrace + ") [" + System.Environment.UserName + "]"; } }
public static void RunExample() { try { SshConnectionInfo input = Util.GetInput(); SshShell ssh = new SshShell(input.Host, input.User); if (input.Pass != null) { ssh.Password = input.Pass; } if (input.IdentityFile != null) { ssh.AddIdentityFile(input.IdentityFile); } Console.Write("Connecting..."); ssh.Connect(); Console.WriteLine("OK"); Console.Write("Enter a pattern to expect in response [e.g. '#', '$', C:\\\\.*>, etc...]: "); string pattern = Console.ReadLine(); ssh.ExpectPattern = pattern; ssh.RemoveTerminalEmulationCharacters = true; Console.WriteLine(); Console.WriteLine(ssh.Expect(pattern)); while (ssh.ShellOpened) { Console.WriteLine(); Console.Write("Enter some data to write ['Enter' to cancel]: "); string data = Console.ReadLine(); if (data == "") { break; } ssh.WriteLine(data); string output = ssh.Expect(pattern); Console.WriteLine(output); } Console.Write("Disconnecting..."); ssh.Close(); Console.WriteLine("OK"); } catch (Exception e) { Console.WriteLine(e.Message); } }
/// <summary> /// Close the current Connection /// </summary> public override void CloseConnection() { WriteDisplayText("Disconnecting..."); _sshConnection.Close(); WriteDisplayText("OK"); _sshConnection = null; // Triggering upper close connection event! TriggerCloseConnectionEvent(); CloseTab(); }
static void Main(string[] args) { SshShell lol = new SshShell("10.10.99.2", "admin"); lol.Password = "******"; lol.RedirectToConsole(); lol.Connect(); while (lol.ShellOpened) { System.Threading.Thread.Sleep(500); } lol.Close(); }
public void Disconnect() { if (thr != null) { thr.Abort(); thr = null; } if (shell != null) { sshStream.Close(); shell.Close(); } }
private string runStatusCommand(SshShell shell, SshExec exec, string command) { string stdout = ""; string stderr = ""; shell.Connect(); shell.RedirectToConsole(); exec.Connect(); int ret = exec.RunCommand(command, ref stdout, ref stderr); exec.Close(); shell.Close(); return(stdout); }
public void runCommand(string command, string stdout = "", string stderr = "") { _shell.Connect(); _shell.RedirectToConsole(); _exec.Connect(); int ret = _exec.RunCommand(command, ref stdout, ref stderr); if (ret != 0) { System.Diagnostics.Debugger.Break(); } _exec.Close(); _shell.Close(); }
public void RunShellTest() { try { shell.Connect(); } catch (Exception ex) { Console.WriteLine(ex.Message); } shell.ExpectPattern = "#"; Console.WriteLine(shell.Expect()); shell.WriteLine(@"ls"); Console.WriteLine(shell.Expect()); shell.WriteLine(@"ll"); Console.WriteLine(shell.Expect()); shell.WriteLine(@"cd /usr/local"); Console.WriteLine(shell.Expect()); shell.WriteLine(@"ll"); Console.WriteLine(shell.Expect()); shell.WriteLine(@"topp"); Console.WriteLine(shell.Expect()); shell.Close(); Console.WriteLine("----------------------------------------------"); exec.Connect(); string strRrr = ""; string strOut = ""; exec.RunCommand("ls", ref strOut, ref strRrr); System.Threading.Thread.Sleep(1000); Console.WriteLine(strOut); Console.WriteLine(strRrr); exec.RunCommand(@"cd /usr/local", ref strOut, ref strRrr); Console.WriteLine(strOut); Console.WriteLine(strRrr); Console.WriteLine(exec.RunCommand(@"ll")); Console.WriteLine(exec.RunCommand(@"cd /usr/local")); exec.Close(); }
public void search_email_collector(string domainname) { SshShell sshShell = connect(); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/metasploitsvn"; //TODO Hardcoded prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend; sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); cmd1 = "./msfcli auxiliary/gather/search_email_collector DOMAIN=" + domainname + " E"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); /* * DOMAIN => target.com * [*] Harvesting emails ..... * [*] Searching Google for email addresses from target.com * [*] Extracting emails from Google search results... * [*] Searching Bing email addresses from target.com * [*] Extracting emails from Bing search results... * [*] Searching Yahoo for email addresses from target.com * [*] Extracting emails from Yahoo search results... * [*] Located 2 email addresses for target.com * [*] [email protected] * [*] [email protected] * [*] Auxiliary module execution completed */ string[] mytab = Regex.Split(stdout, "\r\n"); foreach (string line in mytab) { if (line.Contains("@" + domainname)) { Console.WriteLine(line.Replace("[*]", "").Trim()); } } sshShell.Close(); }
static void Main(string[] args) { testScp(); try { string host = "192.168.0.3"; string user = "******"; string pass = "******"; Console.WriteLine("主机地址: {0}", host); Console.WriteLine("登陆用户: {0}", user); Console.WriteLine("登录密码: {0}", pass); SshShell shell = new SshShell(host, user); shell.Password = pass; shell.RedirectToConsole(); Console.Write("正在连接..."); shell.Connect(); Console.WriteLine("连接完毕!"); Console.WriteLine("========="); while (shell.ShellOpened) { System.Threading.Thread.Sleep(500); } Console.WriteLine("========="); Console.WriteLine("断开连接中..."); shell.Close(); Console.WriteLine("断开完毕"); } catch (Exception ex) { Console.WriteLine(ex.Message); } Console.Write("按任意键继续..."); Console.ReadKey(); Console.WriteLine("\b"); Environment.Exit(0); }
protected void Page_Load(object sender, EventArgs e) { string strUsername = "******"; string strPassword = "******"; //string strExpects = "sc>|[y/n]|} ok|return to ALOM"; string strExpects = "#"; SshShell oSSHshell = new SshShell("10.49.254.229", strUsername, strPassword); oSSHshell.RemoveTerminalEmulationCharacters = true; oSSHshell.Connect(); CombinedStream oSSHstream = (CombinedStream)(oSSHshell.GetStream()); if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true) { //int bt = oSSHstream.ReadByte(); string strOutput = oSSHshell.Expect(strExpects); Response.Write(strOutput); } oSSHshell.Close(); }
private void button1_Click(object sender, EventArgs e) { try { string host = tb_host.Text; string acc = tb_acc.Text; string pwd = tb_pwd.Text; shell = new SshShell(host, acc, pwd); //shell.RedirectToConsole(); shell.Connect(22); m_Channel = shell.getChannel(); string line = null; ThreadPool.QueueUserWorkItem((a) => { while (shell.ShellOpened) { System.Threading.Thread.Sleep(100); while ((line = m_Channel.GetMessage()) != null) { ShowLogger(line); } } Console.Write("Disconnecting..."); shell.Close(); Console.WriteLine("OK"); }); } catch (Exception ex) { Console.WriteLine(ex); } }
public void dns_enum(string domainname) { SshShell sshShell = connect(); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend; sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); cmd1 = "./msfcli auxiliary/gather/dns_enum DOMAIN=" + domainname + " E"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); Console.Write(stdout); sshShell.Close(); }
public void vnc_login(string target) { SshShell sshShell = connect(); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/metasploitsvn"; //Hardcoded prompt1 = prompt + "/home/root/tools/metasploitsvn" + promptend; sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); cmd1 = "./msfcli auxiliary/scanner/vnc/vnc_login RHOSTS=" + target + " PASS_FILE=" + PASS_FILE + " STOP_ON_SUCCESS=true E"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); Console.Write(stdout); /* * [*] 8.6.6.8:5900 - Attempting VNC login with password 'computer' * [*] 8.6.6.8:5900, VNC server protocol version : 3.3 * [+] 8.6.6.8:5900, VNC server password : "******" * [*] Scanned 1 of 1 hosts (100% complete) * [*] Auxiliary module execution completed */ Regex myRegex = new Regex("VNC server password : "******"\"") + "[^<>]*" + Regex.Escape("\"")); string strTemp = myRegex.Match(stdout).ToString(); if (strTemp != "") { strTemp = strTemp.Replace("VNC server password : "******""); strTemp = strTemp.Replace("\"", ""); Console.Write(strTemp); } sshShell.Close(); }
static void Main(string[] args) { //SshConnectionInfo input = Util.GetInput(); SshShell shell = new SshShell("101.132.130.133", "root"); shell.Password = "******"; //This statement must be prior to connecting shell.RedirectToConsole(); Console.Write("Connecting..."); shell.Connect(); Console.WriteLine("OK"); while (shell.ShellOpened) { System.Threading.Thread.Sleep(500); } Console.Write("Disconnecting..."); shell.Close(); Console.WriteLine("OK"); Console.ReadKey(); }
protected override void RunWithSession(ref Session session) { string toDirectory = "/tmp"; Status = Messages.IN_PROGRESS; log.InfoFormat("{0} Upgrade...", Host.address); int sshdstate = 1; int sshport = 22; Dictionary <string, string> _servicearguments = new Dictionary <string, string>(); _servicearguments.Add("servicename", "sshd"); try { string rsvalue = XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "getserviceinfo", _servicearguments); rsvalue = rsvalue.Replace("[", "").Replace("]", "").Replace("'", "").Replace("\\n", ""); string[] rsvalues = rsvalue.Split(','); if (rsvalues.Length > 1 && "0".Equals(rsvalues[1].Trim())) { log.InfoFormat("{0} sshd is running ...", Host.address); } if (rsvalues.Length > 1 && "3".Equals(rsvalues[1].Trim())) { log.InfoFormat("{0} sshd is stop, start sshd ...", Host.address); rsvalue = XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "startserviceinfo", _servicearguments); rsvalue = rsvalue.Replace("[", "").Replace("]", "").Replace("'", "").Replace("\\n", ""); rsvalues = rsvalue.Split(','); if (rsvalues.Length > 1 && "0".Equals(rsvalues[1].Trim())) { sshdstate = 0; } else { throw new Exception(Messages.START_SSH_FAILED); } } //sshport = 7443; }catch (Exception) {} FileStream file = new FileStream(_fileName, FileMode.Open); string topfilename = Path.GetFileNameWithoutExtension(_fileName); System.Security.Cryptography.MD5 md5 = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] retVal = md5.ComputeHash(file); file.Close(); StringBuilder sb = new StringBuilder(); for (int i = 0; i < retVal.Length; i++) { sb.Append(retVal[i].ToString("x2")); } log.InfoFormat("md5.......{0}", sb); SshTransferProtocolBase sshCp; //sshCp = new Sftp(Host.address, Host.Connection.Username); sshCp = new Scp(Host.address, Host.Connection.Username); sshCp.Password = Host.Connection.Password; log.InfoFormat("sshCp Connecting..."); sshCp.Connect(sshport); log.InfoFormat("sshCp Connecting OK ......."); String Programurl = Program.AssemblyDir; sshCp.Put(_fileName, toDirectory + "/" + Path.GetFileName(_fileName)); log.InfoFormat("cp Installation package ok......"); sshCp.Put(Programurl + "\\halsign_host_upgrade.py", "/etc/xapi.d/plugins/halsign_host_upgrade.py"); log.InfoFormat("cp halsign_host_upgrade.py ok......"); SshShell ssh = new SshShell(Host.address, Host.Connection.Username); ssh.Password = Host.Connection.Password; string productVersion = Host.ProductVersion; log.InfoFormat("sshshell Connecting..."); ssh.Connect(sshport); log.InfoFormat("sshshell Connecting ok..."); ssh.ExpectPattern = "#"; ssh.RemoveTerminalEmulationCharacters = true; //System.Console.WriteLine(); //Thread.Sleep(1000); //ssh.WriteLine("chmod 777 /etc/xapi.d/plugins/halsign_host_upgrade.py;echo $?"); //string output = ssh.Expect("#"); //log.InfoFormat(output); while (true) { ssh.WriteLine("chmod 777 /etc/xapi.d/plugins/halsign_host_upgrade.py;echo $?"); string output = ssh.Expect("#"); log.InfoFormat(output); if (output.IndexOf("rwxrwxrwx") > -1) { break; } ssh.WriteLine("ls -ld /etc/xapi.d/plugins/halsign_host_upgrade.py |awk '{print $1}'|sed 's/^[a-zA-Z-]//'"); output = ssh.Expect("#"); log.InfoFormat(output); if (output.IndexOf("rwxrwxrwx") > -1) { break; } } ssh.WriteLine("exit"); ssh.Close(); log.InfoFormat("sshshell Disconnecting OK....."); sshCp.Close(); log.InfoFormat("sshCp Disconnecting OK....."); if (sshdstate == 0) { XenAPI.Host.call_plugin(Host.Connection.Session, Host.opaque_ref, "serviceinfo.py", "stopserviceinfo", _servicearguments); } _arguments = new Dictionary <string, string>(); _arguments.Add("md5", sb.ToString()); _arguments.Add("filename", topfilename); _arguments.Add("toDirectory", toDirectory); Status = Messages.PLAN_ACTION_STATUS_HOST_UPGRADED; string value = XenAPI.Host.call_plugin(session, Host.opaque_ref, "halsign_host_upgrade.py", "main", _arguments); if (value.ToLower() == "true") { //base.RunWithSession(ref session); Status = Messages.PLAN_ACTION_STATUS_HOST_UPGRADED; } else if (",1,2,5,6,7,10,11,12,13,1001,1002,1003,1004,1005,1006,".IndexOf("," + value + ",") > -1) { value = value == "2" ? "1" : value; string Ms = "PATCH_UPGRADE_" + value; if (value.Equals("1")) { //Status = (string)XenAdmin.Messages.ResourceManager.GetString(Ms, resourceCulture); throw new Exception("PATCHOK_" + (string)XenAdmin.Messages.ResourceManager.GetString(Ms)); } else { throw new Exception((string)XenAdmin.Messages.ResourceManager.GetString(Ms)); } } else { throw new Exception(Messages.ERROR + ":" + value); } }
public void search_email_collector(string domainname) { Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " search_email_collector on : " + domainname); SshShell sshShell = connect(); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/metasploitsvn"; //TODO Hardcoded //prompt1 = prompt + "~/tools/metasploitsvn" + promptend; sshShell.WriteLine(cmd1); Thread.Sleep(2000); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " stdout001: " + stdout); //TODO Hardcoded cmd1 = "./msfcli auxiliary/gather/search_email_collector DOMAIN=" + domainname + " E"; //Hardcoded sshShell.WriteLine(cmd1); Thread.Sleep(60000); stdout = sshShell.Expect(prompt); /* * DOMAIN => target.com * [*] Harvesting emails ..... * [*] Searching Google for email addresses from target.com * [*] Extracting emails from Google search results... * [*] Searching Bing email addresses from target.com * [*] Extracting emails from Bing search results... * [*] Searching Yahoo for email addresses from target.com * [*] Extracting emails from Yahoo search results... * [*] Located 2 email addresses for target.com * [*] [email protected] * [*] [email protected] * [*] Auxiliary module execution completed */ XORCISMEntities model = new XORCISMEntities(); string[] mytab = Regex.Split(stdout, "\r\n"); string mymail = ""; foreach (string line in mytab) { if (line.Contains("@" + domainname)) { mymail = line.Replace("[*]", "").Trim(); Console.WriteLine(mymail); //TODO /* * //Check if we already collected this email * var Q = from e in model.INFORMATION * where e.JobID == m_jobId && e.Title == "Email" && e.Result == mymail * select e; * * INFORMATION newInfo = Q.FirstOrDefault(); * * if (newInfo == null) * { * Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Email collected: " + mymail); * * newInfo = new INFORMATION(); * newInfo.Title = "Email"; * newInfo.Result = mymail; * newInfo.JobID = m_jobId; * m_model.AddToINFORMATION(newInfo); * m_model.SaveChanges(); * } */ } } Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " esearchy on : " + domainname); cmd1 = "esearchy -q \"@" + domainname + "\" --enable-all --disable-bing --disable-yahoo -m 500 -w " + m_target; //company //HARDCODED //TODO Review Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + " esearchy command : " + cmd1); sshShell.WriteLine(cmd1); Thread.Sleep(60000); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "esearchy stdout: " + stdout); mytab = Regex.Split(stdout, "\r\n"); mymail = ""; foreach (string line in mytab) { //TODO /* * if (line.ToLower().EndsWith("@" + domainname.ToLower())) * { * mymail = line.Trim(); * Console.WriteLine(mymail); * * //Check if we already collected this email * var Q = from e in model.INFORMATION * where e.JobID == m_jobId && e.Title == "Email" && e.Result == mymail * select e; * * INFORMATION newInfo = Q.FirstOrDefault(); * * if (newInfo == null) * { * Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Email collected: " + mymail); * newInfo = new INFORMATION(); * newInfo.Title = "Email"; * newInfo.Result = mymail; * newInfo.JobID = m_jobId; * m_model.AddToINFORMATION(newInfo); * m_model.SaveChanges(); * } * } * else * { * * //Kerry Davis -> http://www.spoke.com/info/pC4F8IB/KerryDavis * //Tom Bui -> http://www.linkedin.com/pub/tom-bui/2/329/168 * //Mark Behm profiles -> http://www.linkedin.com/pub/dir/Mark/Behm * * if (line.Contains("-> http://")) * { * try * { * mytab = Regex.Split(line, " -> "); * Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "People collected: " + line); * INFORMATION newInfo = new INFORMATION(); * newInfo.Title = "People"; * newInfo.Result = mytab[0]; * newInfo.Url = mytab[1]; * newInfo.JobID = m_jobId; * m_model.AddToINFORMATION(newInfo); * m_model.SaveChanges(); * } * catch (Exception ex) * { * Utils.Helper_Trace("XORCISM PROVIDER XINFO", "JobID:" + m_jobId + "Exception esearchy: " + ex.Message + " " + ex.InnerException); * } * } * else * { * if (line.StartsWith(m_target)) * { * //TODO : URLs * } * } * } */ } sshShell.Close(); }
protected void Page_Load(object sender, EventArgs e) { string strSSH = ""; string strILO = "10.249.237.148"; if (Request.QueryString["ilo"] != null) { strILO = "10.249.237.144"; } Variables oVariable = new Variables(intEnvironment); int intLogging = 0; byte[] byt; string str; Models oModel = new Models(0, dsn); ModelsProperties oModelsProperties = new ModelsProperties(0, dsn); Servers oServer = new Servers(0, dsn); Settings oSetting = new Settings(0, dsn); OnDemand oOnDemand = new OnDemand(0, dsn); Log oEventLog = new Log(0, dsn); SshShell oSSHshell = new SshShell(strILO, oVariable.SolarisUsername(), oVariable.SolarisPassword()); oSSHshell.RemoveTerminalEmulationCharacters = true; oSSHshell.Connect(); Response.Write("Connected to " + strILO + "...sending commands..." + "<br/>"); CombinedStream oSSHstream = (CombinedStream)(oSSHshell.GetStream()); int intStep = 1; if (Request.QueryString["none"] == null) { byt = new byte[100]; str = "" + strSSH_Carriage; byt = System.Text.ASCIIEncoding.ASCII.GetBytes(str); if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true) { oSSHstream.Write(byt); } } int bt = 0; int intMinutePrevious = 0; bool boolProcessing = false; while (bt != -1 && oSSHshell.Connected == true && oSSHshell.ShellOpened == true) { bt = oSSHstream.ReadByte(); // Strip the processing cursor -\|/-\|/ from the output if (bt == 8) // 8 = backspace { // Check to see if previous characters were a processing character as well char chrSSH = strSSH[strSSH.Length - 1]; int intSymbol = (int)chrSSH; while (IsGarbageChar(intSymbol) == true) { if (intLogging > 1) { Response.Write("The symbol [" + chrSSH.ToString() + "] is a garbage character and must be removed" + "<br/>"); } strSSH = strSSH.Substring(0, strSSH.Length - 1); chrSSH = strSSH[strSSH.Length - 1]; intSymbol = (int)chrSSH; } // Set processing to true to exclude future characters boolProcessing = true; } if (boolProcessing == true && IsGarbageChar(bt) == false) { boolProcessing = false; } if (boolProcessing == false) { strSSH += (char)bt; } string strReadSSH = ""; string strWriteSSH = ""; switch (intStep) { case 1: strReadSSH = "-sc>"; strWriteSSH = "poweron"; break; case 2: strReadSSH = "-sc>"; strWriteSSH = "showpower"; break; case 3: strReadSSH = "-sc>"; break; } if (strReadSSH != "" && strSSH.EndsWith(strReadSSH) == true) { try { Response.Write("SSH output ends with [" + strReadSSH + "] : " + strSSH + "<br/>"); } catch { } if (intStep == 3) { break; } // Execute next command byt = new byte[100]; str = strWriteSSH + strSSH_Carriage; byt = System.Text.ASCIIEncoding.ASCII.GetBytes(str); if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true) { try { Response.Write("Sending command [" + strWriteSSH + "] : " + strSSH + "<br/>"); } catch { } oSSHstream.Write(byt); } intStep++; } else { } } Response.Write(strSSH); oSSHstream.Close(); oSSHshell.Close(); }
public bool Parse() { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "Parse()"); Assembly a; /* A way for loading XMLfile */ XPathNavigator nav; XPathNavigator nav1; XPathDocument docNav; XPathNodeIterator NodeIter1; String strExpression1; a = Assembly.GetExecutingAssembly(); Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "ARACHNI Assembly location = " + a.Location); /* Name of XML result */ string file; file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode()); Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file)); /* SSH instructions & declarations */ //HARDCODED int port = 22; string address, username, password; string prompt; address = "192.168.1.2"; //TODO Hardcoded username = "******"; password = "******"; prompt = "root"; //@backtrack:"; //Kali... SshShell sshShell; sshShell = new SshShell(address, username, password); sshShell.RemoveTerminalEmulationCharacters = true; Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Connecting to ARACHNI server at {1}", m_jobId, address)); try{ sshShell.Connect(port); //sshShell.Expect(prompt+"~#"); sshShell.Expect(prompt);// + "~$"); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} ConnectingERROR to ARACHNI server at {1} : " + ex.Message + " " + ex.InnerException, m_jobId, address)); address = "192.168.1.2"; //TODO hardcoded username = "******"; password = "******"; prompt = "root";//@backtrack:"; sshShell = new SshShell(address, username, password); sshShell.RemoveTerminalEmulationCharacters = true; Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Connecting to ARACHNI server at {1}", m_jobId, address)); try { sshShell.Connect(port); sshShell.Expect(prompt);// + "~$"); } catch (Exception ex2) { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} ConnectingERROR to ARACHNI server at {1} : " + ex2.Message + " " + ex2.InnerException, m_jobId, address)); } } Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Successfully connected to ARACHNI server", m_jobId)); //string output; string stdout = ""; //string stderr = ""; /* Command 1 */ string cmd1; /* See for provider m_model */ /* For an URL */ cmd1 = string.Format("arachni {1} --report='xml:outfile={2}'", m_policy, m_target, file); Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1)); sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId)); Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", stdout); string localOutputFile; localOutputFile = Path.GetTempFileName(); // HACK : // outputfile = "634244542240861588_39608125_output"; Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("Downloading results via SFTP to [{0}]", localOutputFile)); try { Sftp ftp; ftp = new Sftp(address, username, password); ftp.OnTransferStart += new FileTransferEvent(ftp_OnTransferStart); ftp.OnTransferProgress += new FileTransferEvent(ftp_OnTransferProgress); ftp.OnTransferEnd += new FileTransferEvent(ftp_OnTransferEnd); ftp.Connect(port); ftp.Get("/" + file, localOutputFile); ftp.Close(); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("Exception = {0} / {1}", ex.Message, ex.InnerException == null ? "" : ex.InnerException.Message)); return(false); } Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "Loading the xml document"); /* SAMPLE of XML structure * * <?xml version=" * <arachni_report> * <title>...</title> * <generated_on>...</generated_on> * <report_false_positives>http://github.com/Zapotek/arachni/issues</report_false_positives> * <system> * <version...</version> * <revision>...</revision> * <start_datetime>...</start_datetime> * <finish_datetime>...</finish_datetime> * <delta_time>...</delta_time> * <url>...</url> * <user_agent>...</user_agent> * <audited_elements> * <element>...</element> * </audited_elements> * <modules> * <module name="..."/> * </modules> * <filters> * <exclude> * </exclude> * <include> * <regexp>...</regexp> * </include> * <redundant> * </redundant> * </filters> * <cookies> * <cookie name="..." value="..." /> * </cookies> * </system> * <issues> * <issue> * <name>...</name> * <url>...</url> * <element>...</element> * <method>...</method> * <tags> * <tag name="..." /> * </tags> * <variable>..</variable> * <description>...</description> * <manual_verification...</manual_verification> * <references> * <reference name="..." url="..." /> * </references> * <variations> * <variation> * <url>...</url> * <injected>...</injected> * <regexp_match>...</regexp_match> * <headers> * <request> * <field name="..." value="..." /> * </request> * <response> * <field name="..." value="..." /> * </response> * </headers> * <html>...</html> * <variation> * <variations> * ... * </arachni_report> */ try { docNav = new XPathDocument(localOutputFile); // for test : result_634521969362210000_41014879.xml || URL file : file nav = docNav.CreateNavigator(); nav1 = docNav.CreateNavigator(); // If all is OK! Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} Successfully loaded XML file : [{1}] ", m_jobId, file)); // Go to parse try { // For read all plugin's strExpression1 = "/arachni_report/title | /arachni_report/generated_on | /arachni_report/report_false_positives | /arachni_report/system/start_datetime | /arachni_report/system/finish_datetime | /arachni_report/system/delta_time | /arachni_report/system/url | /arachni_report/system/audited_elements/element | /arachni_report/issues/issue/name | /arachni_report/issues/issue/url | /arachni_report/issues/issue/element | /arachni_report/issues/issue/method | /arachni_report/issues/issue/tags/tag/@name | /arachni_report/issues/issue/variable | /arachni_report/issues/issue/description | /arachni_report/issues/issue/manual_verification | /arachni_report/issues/issue/references/reference/@name | /arachni_report/issues/issue/references/reference/@url | /arachni_report/issues/issue/variations/variation/url | /arachni_report/issues/issue/variations/variation/injected | /arachni_report/issues/issue/variations/variation/regexp_match | /arachni_report/issues/issue/variations/variation/headers/request/field/@name | /arachni_report/issues/issue/variations/variation/headers/request/field/@value | /arachni_report/issues/issue/variations/variation/headers/response/field/@value | /arachni_report/issues/issue/variations/variation/headers/response/field/@name | /arachni_report/issues/issue/variations/variation/html"; NodeIter1 = nav1.Select(strExpression1); while (NodeIter1.MoveNext()) { switch ((string)NodeIter1.Current.Name) { case "title": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - TITLE : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "generated_on": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - GENERATED-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "report_false_positives": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - REPORT : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "start_datetime": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - START-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "finish_datetime": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - FINISH-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "delta_time": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - DELTA-TIME : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "element": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ELEMENT : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "name": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-NAME : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "url": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-URL : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "method": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - ISSUE-METHOD : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; case "modules": Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE - MODULE : [{1}] ", m_jobId, NodeIter1.Current.Value)); break; } list_parse.Add((string)NodeIter1.Current.Value); } ; } catch (System.Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "JobID:" + m_jobId + "Exception Parsing XML PLUGIN'S = " + ex.Message + " " + ex.InnerException); } } catch (System.Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", "JobID:" + m_jobId + "Exception LOADING XML = " + ex.Message + " " + ex.InnerException); } Utils.Helper_Trace("XORCISM PROVIDER ARACHNI", string.Format("JobID: {0} XML PARSE successfull for file : [{1}] ", m_jobId, file)); aff_list(); // Pause Console.ReadLine(); sshShell.Close(); sshShell = null; return(true); }
public void ExecutionDeviceClose() { sshShell.Close(); isConnect = false; }
public bool Parse() { Assembly a; a = Assembly.GetExecutingAssembly(); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", "WHATWEB Assembly location = " + a.Location); /* Name of XML result */ string file; file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode()); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file)); /* SSH instructions & declarations */ int port = 22; string address, username, password; string prompt; /* * address = "192.168.79.129"; //111.222.333.444 * username = "******"; //jerome * password = "******"; //jerome * //prompt = "root@ubuntu:~#"; */ /* * //OVH * address = "111.222.333.444"; * username = "******"; * password = "******"; * prompt = "root@xmachine:"; */ address = "111.222.333.444"; username = "******"; password = "******"; prompt = "root"; //@backtrack:"; SshShell sshShell; sshShell = new SshShell(address, username, password); sshShell.RemoveTerminalEmulationCharacters = true; Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Connecting to WHATWEB server at {1}", m_jobId, address)); try { sshShell.Connect(port); //sshShell.Expect(prompt+"~#"); sshShell.Expect(prompt);// + "~$"); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ConnectingERROR to WHATWEB server at {1} : " + ex.Message + " " + ex.InnerException, m_jobId, address)); address = "111.222.333.444"; username = "******"; password = "******"; //prompt = "root@backtrack:"; sshShell = new SshShell(address, username, password); sshShell.RemoveTerminalEmulationCharacters = true; Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Connecting to WHATWEB server at {1}", m_jobId, address)); try { sshShell.Connect(port); sshShell.Expect(prompt);// + "~$"); } catch (Exception ex2) { Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ConnectingERROR to WHATWEB server at {1} : " + ex2.Message + " " + ex2.InnerException, m_jobId, address)); } } Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Successfully connected to WHATWEB server", m_jobId)); //string output; string stdout = ""; //string stderr = ""; /* Command 1 */ string cmd1; //cmd1 = "cd /home/tools/whatweb-0.4.7"; cmd1 = "cd /home/root/tools/whatweb-0.4.7/"; sshShell.WriteLine(cmd1); //prompt = prompt+"/home/tools/whatweb-0.4.7#"; //prompt = "root";//@backtrack:~/tools/whatweb-0.4.7$"; //prompt = "tools/whatweb-0.4.7"; stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId)); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout); cmd1 = "sudo /usr/local/rvm/bin/rvm use 1.8.7"; sshShell.WriteLine(cmd1); Thread.Sleep(2000); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT02", m_jobId)); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout); sshShell.WriteLine(password); Thread.Sleep(2000); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT03", m_jobId)); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout); /* See for provider m_model */ /* For an URL */ /* * AGGRESSION LEVELS: * --aggression, -a=LEVEL The aggression level controls the trade-off between * speed/stealth and reliability. Default: 1 * Aggression levels are: * 1 (Passive) Make one HTTP request per target. Except for redirects. * 2 (Polite) Reserved for future use * 3 (Aggressive) Triggers aggressive plugin functions only when a * plugin matches passively. * 4 (Heavy) Trigger aggressive functions for all plugins. Guess a * lot of URLs like Nikto. */ string agressionlevel = "1"; if (m_policy == "Moderate") { agressionlevel = "3"; } if (m_policy == "Intrusive") { agressionlevel = "4"; } if (m_policy == "PCI DSS") { agressionlevel = "3"; } cmd1 = string.Format("sudo ./whatweb -r -a {0} {1} --log-xml={2}", agressionlevel, m_target, file); Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1)); sshShell.WriteLine(cmd1); Thread.Sleep(2000); stdout = ""; string localOutputFile; localOutputFile = Path.GetTempFileName(); //ON ATTEND PLUS LE PROMPT CAR DES FOIS CA VIENT PAS - DEBUG A VOIR Thread.Sleep(60000); /* * stdout = sshShell.Expect(prompt); * * Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT04", m_jobId)); * Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout); * //whatweb: command not found * //http://www.marocannonces.com/ ERROR: Timed out execution expired * * // HACK : * // outputfile = "634244542240861588_39608125_output"; * * if (stdout.Contains("bson_ext gem is in your load path")) * { * Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} ExecutingAGAIN command [{1}]", m_jobId, cmd1)); * //We were not root? * sshShell.WriteLine(cmd1); * Thread.Sleep(2000); * stdout = sshShell.Expect(prompt); * * Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", string.Format("JobID: {0} START DUMP STDOUT05", m_jobId)); * Utils.Helper_Trace("XORCISM PROVIDER WHATWEB", stdout); * } */ if (stdout.Contains("bson_ext gem is in your load path")) { //TODO: voir cette erreur } else { whatweb_get_result(m_jobId, file, localOutputFile, 1); } // aff_list(); // Pause Console.ReadLine(); sshShell.Close(); sshShell = null; return(true); }
public void Batch(string Url, string parameters) { /* * Usage: python ./sqlmap.py [options] * * Options: * --version show program's version number and exit * -h, --help show this help message and exit * -v VERBOSE Verbosity level: 0-6 (default 1) * * Target: * At least one of these options has to be specified to set the source to * get target urls from. * * -d DIRECT Direct connection to the database * -u URL, --url=URL Target url * -l LIST Parse targets from Burp or WebScarab proxy logs * -r REQUESTFILE Load HTTP request from a file * -g GOOGLEDORK Process Google dork results as target urls * -c CONFIGFILE Load options from a configuration INI file * * Request: * These options can be used to specify how to connect to the target url. * * --data=DATA Data string to be sent through POST * --cookie=COOKIE HTTP Cookie header * --cookie-urlencode URL Encode generated cookie injections * --drop-set-cookie Ignore Set-Cookie header from response * --user-agent=AGENT HTTP User-Agent header * --random-agent Use randomly selected HTTP User-Agent header * --referer=REFERER HTTP Referer header * --headers=HEADERS Extra HTTP headers newline separated * --auth-type=ATYPE HTTP authentication type (Basic, Digest or NTLM) * --auth-cred=ACRED HTTP authentication credentials (name:password) * --auth-cert=ACERT HTTP authentication certificate (key_file,cert_file) * --proxy=PROXY Use a HTTP proxy to connect to the target url * --proxy-cred=PCRED HTTP proxy authentication credentials (name:password) * --ignore-proxy Ignore system default HTTP proxy * --delay=DELAY Delay in seconds between each HTTP request * --timeout=TIMEOUT Seconds to wait before timeout connection (default 30) * --retries=RETRIES Retries when the connection timeouts (default 3) * --scope=SCOPE Regexp to filter targets from provided proxy log * --safe-url=SAFURL Url address to visit frequently during testing * --safe-freq=SAFREQ Test requests between two visits to a given safe url * * Optimization: * These options can be used to optimize the performance of sqlmap. * * -o Turn on all optimization switches * --predict-output Predict common queries output * --keep-alive Use persistent HTTP(s) connections * --null-connection Retrieve page length without actual HTTP response body * --threads=THREADS Max number of concurrent HTTP(s) requests (default 1) * * Injection: * These options can be used to specify which parameters to test for, * provide custom injection payloads and optional tampering scripts. * * -p TESTPARAMETER Testable parameter(s) * --dbms=DBMS Force back-end DBMS to this value * --os=OS Force back-end DBMS operating system to this value * --prefix=PREFIX Injection payload prefix string * --suffix=SUFFIX Injection payload suffix string * --tamper=TAMPER Use given script(s) for tampering injection data * * Detection: * These options can be used to specify how to parse and compare page * content from HTTP responses when using blind SQL injection technique. * * --level=LEVEL Level of tests to perform (1-5, default 1) * --risk=RISK Risk of tests to perform (0-3, default 1) * --string=STRING String to match in page when the query is valid * --regexp=REGEXP Regexp to match in page when the query is valid * --text-only Compare pages based only on the textual content * * Techniques: * These options can be used to tweak testing of specific SQL injection * techniques. * * --technique=TECH SQL injection techniques to test for (default BEUST) * --time-sec=TIMESEC Seconds to delay the DBMS response (default 5) * --union-cols=UCOLS Range of columns to test for UNION query SQL injection * --union-char=UCHAR Character to use for bruteforcing number of columns * Fingerprint: * -f, --fingerprint Perform an extensive DBMS version fingerprint * * Enumeration: * These options can be used to enumerate the back-end database * management system information, structure and data contained in the * tables. Moreover you can run your own SQL statements. * * -b, --banner Retrieve DBMS banner * --current-user Retrieve DBMS current user * --current-db Retrieve DBMS current database * --is-dba Detect if the DBMS current user is DBA * --users Enumerate DBMS users * --passwords Enumerate DBMS users password hashes * --privileges Enumerate DBMS users privileges * --roles Enumerate DBMS users roles * --dbs Enumerate DBMS databases * --tables Enumerate DBMS database tables * --columns Enumerate DBMS database table columns * --dump Dump DBMS database table entries * --dump-all Dump all DBMS databases tables entries * --search Search column(s), table(s) and/or database name(s) * -D DB DBMS database to enumerate * -T TBL DBMS database table to enumerate * -C COL DBMS database table column to enumerate * -U USER DBMS user to enumerate * --exclude-sysdbs Exclude DBMS system databases when enumerating tables * --start=LIMITSTART First query output entry to retrieve * --stop=LIMITSTOP Last query output entry to retrieve * --first=FIRSTCHAR First query output word character to retrieve * --last=LASTCHAR Last query output word character to retrieve * --sql-query=QUERY SQL statement to be executed * --sql-shell Prompt for an interactive SQL shell * * Brute force: * These options can be used to run brute force checks. * * --common-tables Check existence of common tables * --common-columns Check existence of common columns * * User-defined function injection: * These options can be used to create custom user-defined functions. * --udf-inject Inject custom user-defined functions * --shared-lib=SHLIB Local path of the shared library * * File system access: * These options can be used to access the back-end database management * system underlying file system. * * --file-read=RFILE Read a file from the back-end DBMS file system * --file-write=WFILE Write a local file on the back-end DBMS file system * --file-dest=DFILE Back-end DBMS absolute filepath to write to * * Operating system access: * These options can be used to access the back-end database management * system underlying operating system. * * --os-cmd=OSCMD Execute an operating system command * --os-shell Prompt for an interactive operating system shell * --os-pwn Prompt for an out-of-band shell, meterpreter or VNC * --os-smbrelay One click prompt for an OOB shell, meterpreter or VNC * --os-bof Stored procedure buffer overflow exploitation * --priv-esc Database process' user privilege escalation * --msf-path=MSFPATH Local path where Metasploit Framework 3 is installed * --tmp-path=TMPPATH Remote absolute path of temporary files directory * * Windows registry access: * These options can be used to access the back-end database management * system Windows registry. * * --reg-read Read a Windows registry key value * --reg-add Write a Windows registry key value data * --reg-del Delete a Windows registry key value * --reg-key=REGKEY Windows registry key * --reg-value=REGVAL Windows registry key value * --reg-data=REGDATA Windows registry key value data * --reg-type=REGTYPE Windows registry key value type * * General: * These options can be used to set some general working parameters. * -t TRAFFICFILE Log all HTTP traffic into a textual file * -s SESSIONFILE Save and resume all data retrieved on a session file * --flush-session Flush session file for current target * --fresh-queries Ignores query results stored in session file * --eta Display for each output the estimated time of arrival * --update Update sqlmap * --save Save options on a configuration INI file * --batch Never ask for user input, use the default behaviour * * Miscellaneous: * --beep Alert when sql injection found * --check-payload IDS detection testing of injection payloads * --cleanup Clean up the DBMS by sqlmap specific UDF and tables * --forms Parse and test forms on target url * --gpage=GOOGLEPAGE Use Google dork results from specified page number * --page-rank Display page rank (PR) for Google dork results * --parse-errors Parse DBMS error messages from response pages * --replicate Replicate dumped data into a sqlite3 database * --tor Use default Tor (Vidalia/Privoxy/Polipo) proxy address * --wizard Simple wizard interface for beginner users */ int port; string address, username, password; //HARDCODED port = 22; address = "111.222.333.444"; username = "******"; password = "******"; SshShell sshShell; sshShell = new SshShell(address, username, password); sshShell.RemoveTerminalEmulationCharacters = true; string prompt; prompt = "root@xmachine:~#"; //exec.Connect(address); //exec.Login(username, password); sshShell.Connect(port); sshShell.Expect(prompt); string stdout = ""; //string stderr = ""; string cmd1 = "cd /home/root/tools/sqlmap"; //Hardcoded //string prompt1 = "root@xmachine:/home/tools/sqlmap#"; string prompt1 = "root@backtrack:~/tools/sqlmap$"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); //============================================== cmd1 = "svn update"; //Hardcoded sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); //"./sqlmap.py -u http://10.13.102.203/login.php --forms --batch" cmd1 = "./sqlmap.py -u " + Url + " " + parameters + " --level=3 --batch"; sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt1); Console.WriteLine(stdout); string webos = string.Empty; string webapptechno = string.Empty; string mysgbd = string.Empty; string[] myLines = stdout.Split(new char[] { '\n' }); for (int cpt = 1; cpt < myLines.Length - 1; cpt++) { if (myLines[cpt].Contains("web server operating system:")) //Hardcoded { webos = myLines[cpt].Replace("web server operating system:", "").Trim(); Console.WriteLine("webos:" + webos); //Windows } if (myLines[cpt].Contains("web application technology:")) { webapptechno = myLines[cpt].Replace("web application technology:", "").Trim(); Console.WriteLine("webapptechno:" + webapptechno); //PHP 5.3.5, Apache 2.2.17 } if (myLines[cpt].Contains("back-end DBMS:")) { mysgbd = myLines[cpt].Replace("back-end DBMS:", "").Trim(); Console.WriteLine("mysgbd:" + mysgbd); //MySQL 5.0 } } sshShell.Close(); }
public bool Parse() { Assembly a; /* A way for loading XMLfile */ a = Assembly.GetExecutingAssembly(); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", "NIKTO Assembly location = " + a.Location); /* Name of XML result */ string file; file = string.Format("result_{0}_{1}.xml", DateTime.Now.Ticks, this.GetHashCode()); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Results will be stored in file [{1}]", m_jobId, file)); /* SSH instructions & declarations */ int port = 22; string address, username, password; string prompt; /* * address = "111.222.333.444"; * username = "******"; * password = "******"; * prompt = "root@xmachine:"; */ //HARDCODED address = "111.222.333.444"; username = "******"; password = "******"; prompt = "root"; //@backtrack: SshShell sshShell; sshShell = new SshShell(address, username, password); // sshShell.RemoveTerminalEmulationCharacters = true; Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Connecting to NIKTO server at {1}", m_jobId, address)); try { sshShell.Connect(port); //sshShell.Expect(prompt+"~#"); sshShell.Expect(prompt);// + "~$"); } catch (Exception ex) { Utils.Helper_Trace("XORCISM PROVIDER NIKTO", "Error in sshconnection to " + address + " " + ex.Message + " " + ex.InnerException); } // if ssh connection if (sshShell.Connected) { Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Successfully connected to NIKTO server", m_jobId)); //string output; string stdout = ""; /* Command 1 */ string cmd1; //cmd1 = "cd /home/tools/nikto-2.1.4"; cmd1 = "cd /home/root/tools/nikto-2.1.4"; //HARDCODED sshShell.WriteLine(cmd1); //prompt = prompt+"/home/tools/nikto-2.1.4#"; //prompt = "tools/nikto-2.1.4$"; stdout = sshShell.Expect(prompt); /* See for provider m_model */ /* For an URL */ /* * @ -T => tunning or strategy * @ -C all => to force check all possible dirs */ //cmd1 = string.Format("nikto -Format XML -o {2} -host {1} -T {3} -C all", m_policy, m_target, file, m_strategy); //-g -e 6 cmd1 = string.Format("./nikto.pl -Format XML -o {2} -host {1} -C all", m_policy, m_target, file); //-g -e 6 //HARDCODED Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Executing command [{1}]", m_jobId, cmd1)); sshShell.WriteLine(cmd1); stdout = sshShell.Expect(prompt); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} START DUMP STDOUT01", m_jobId)); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", stdout); string localOutputFile; localOutputFile = Path.GetTempFileName(); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("Downloading results via SFTP to [{0}]", localOutputFile)); nikto_get_result(file, localOutputFile); Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} XML PARSE successfull for file : [{1}] ", m_jobId, file)); //aff_list(); // Pause Console.ReadLine(); sshShell.Close(); sshShell = null; return(true); } else { Utils.Helper_Trace("XORCISM PROVIDER NIKTO", string.Format("JobID: {0} Connection failed to NIKTO server", m_jobId)); return(false); } }
protected void Page_Load(object sender, EventArgs e) { Models oModel = new Models(0, dsn); Solaris oSolaris = new Solaris(0, dsn); Variables oVariables = new Variables((int)CurrentEnvironment.PNCNT_QA); string strMAC = ""; string strUsername = oVariables.NexusUsername(); string strPassword = oVariables.NexusPassword(); string strExpects = "#"; string strLine = "show int eth 102/1/24 br"; //SshShell oSSHshell = new SshShell("P-PRDC-ZA08A-1", strUsername, strPassword); //oSSHshell.RemoveTerminalEmulationCharacters = true; //oSSHshell.Connect(); //if (oSSHshell.Connected == true && oSSHshell.ShellOpened == true) //{ // // Wait for "sc>" // string strBanner = oSSHshell.Expect(strExpects); // // Send Command : showsc sys_enetaddr // oSSHshell.WriteLine(strLine); // //WriteLine(oSSHshell, strLine); // // Wait for "sc>" // strMAC = oSSHshell.Expect(strExpects); // //strMAC = oSolaris.ParseOutput(strMAC, "macaddress = ", Environment.NewLine); //} //oSSHshell.Close(); //Response.Write("<p>" + strMAC + "</p>"); //SshExec oSSH = new SshExec("P-PRDC-ZA08A-1", strUsername, strPassword); //oSSH.Connect(); //string strMAC2 = oSSH.RunCommand(strLine); //oSSH.Close(); //Response.Write("<p>" + strMAC2 + "</p>"); //SshExec oSSHa = new SshExec("10.49.254.229", "admin", "nccSAN03"); //oSSHa.Connect(); //string strResult = oSSHa.RunCommand("config t"); //Response.Write(strResult); ////Response.Write(ExecuteSSH("config t", oSSHa)); //oSSHa.Close(); string strName = "HEALYTEST"; StringBuilder strSAN = new StringBuilder(); SshShell oSSHshellb = new SshShell("10.49.254.230", "admin", "nccSAN03"); oSSHshellb.RemoveTerminalEmulationCharacters = true; oSSHshellb.Connect(); if (oSSHshellb.Connected == true && oSSHshellb.ShellOpened == true) { string strBanner = oSSHshellb.Expect("#"); strSAN.Append("10.49.254.230..."); strSAN.Append(ExecuteSSH("config t", oSSHshellb)); strSAN.Append(ExecuteSSH("device-alias database", oSSHshellb)); strSAN.Append(ExecuteSSH("device-alias name " + strName + "b pwwn 50:06:0b:00:00:c3:5a:36", oSSHshellb)); strSAN.Append(ExecuteSSH("exit", oSSHshellb)); strSAN.Append(ExecuteSSH("device-alias commit", oSSHshellb)); System.Threading.Thread.Sleep(20000); // wait 20 seconds strSAN.Append(ExecuteSSH("zoneset name eng_cert vsan 1101", oSSHshellb)); strSAN.Append(ExecuteSSH("zone name " + strName + "b_vmax0425_01h1", oSSHshellb)); strSAN.Append(ExecuteSSH("member device-alias " + strName + "b", oSSHshellb)); strSAN.Append(ExecuteSSH("member device-alias vmax0425_01h1", oSSHshellb)); strSAN.Append(ExecuteSSH("exit", oSSHshellb)); strSAN.Append(ExecuteSSH("member " + strName + "b_vmax0425_01h1", oSSHshellb)); strSAN.Append(ExecuteSSH("exit", oSSHshellb)); strSAN.Append(ExecuteSSH("zoneset activate name eng_cert vsan 1101", oSSHshellb)); System.Threading.Thread.Sleep(10000); // wait 10 seconds strSAN.Append(ExecuteSSH("zone commit vsan 1101", oSSHshellb)); System.Threading.Thread.Sleep(20000); // wait 20 seconds strSAN.Append(ExecuteSSH("end", oSSHshellb)); strSAN.Append(ExecuteSSH("exit", oSSHshellb)); } oSSHshellb.Close(); Response.Write("<p>" + strSAN + "</p>"); }