crash.software
Projects
Pull Requests
Issues
Builds
aardwolf
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY aardwolf Commits 94a914d0
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■
    aardwolf/_version.py
    1 1   
    2  -__version__ = "0.0.5"
     2 +__version__ = "0.0.6"
    3 3  __banner__ = \
    4 4  """
    5 5  # aardwolf %s
    skipped 2 lines
  • ■ ■ ■ ■ ■ ■
    aardwolf/authentication/credssp/native.py
    skipped 17 lines
    18 18   self.__internal_auth_continue = True
    19 19   self.seqno = 0
    20 20   
     21 + def get_extra_info(self):
     22 + return self.auth_ctx.get_extra_info()
     23 + 
    21 24   async def authenticate(self, token, flags = None, pubkey = None, remote_credguard = False):
    22 25   try:
    23 26   # currently only SSPI supported
    skipped 122 lines
  • ■ ■ ■ ■ ■ ■
    aardwolf/authentication/ntlm/native.py
    skipped 3 lines
    4 4  import copy
    5 5  import hashlib
    6 6   
     7 +from aardwolf.authentication.ntlm.structures.serverinfo import NTLMServerInfo
    7 8  from aardwolf.authentication.ntlm.templates.server import NTLMServerTemplates
    8 9  from aardwolf.authentication.ntlm.templates.client import NTLMClientTemplates
    9 10  from aardwolf.authentication.ntlm.structures.negotiate_flags import NegotiateFlags
    skipped 143 lines
    153 154   def is_extended_security(self):
    154 155   return NegotiateFlags.NEGOTIATE_EXTENDED_SESSIONSECURITY in self.ntlmChallenge.NegotiateFlags
    155 156  
    156  - #def get_extra_info(self):
    157  - # self.extra_info = NTLMServerInfo.from_challenge(self.ntlmChallenge)
    158  - # return self.extra_info
     157 + def get_extra_info(self):
     158 + self.extra_info = NTLMServerInfo.from_challenge(self.ntlmChallenge)
     159 + return self.extra_info
    159 160  
    160 161   def MAC(self, handle, signingKey, seqNum, message):
    161 162   if self.is_extended_security() == True:
    skipped 298 lines
  • ■ ■ ■ ■ ■ ■
    aardwolf/authentication/ntlm/structures/serverinfo.py
     1 + 
     2 +from aardwolf.authentication.ntlm.structures.avpair import AVPAIRType
     3 +import datetime
     4 +import json
     5 + 
     6 +NTLMSERVERINFO_TSV_HDR = ['domainname', 'computername', 'dnsforestname', 'dnscomputername', 'dnsdomainname', 'local_time', 'os_major_version', 'os_minor_version', 'os_build', 'os_guess' ]
     7 + 
     8 + 
     9 +import datetime
     10 +import io
     11 + 
     12 +# https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/2c57429b-fdd4-488f-b5fc-9e4cf020fcdf
     13 +class FILETIME:
     14 + def __init__(self):
     15 + self.dwLowDateTime = None
     16 + self.dwHighDateTime = None
     17 +
     18 + self.datetime = None
     19 + @staticmethod
     20 + def from_bytes(data):
     21 + return FILETIME.from_buffer(io.BytesIO(data))
     22 + 
     23 + def calc_dt(self):
     24 + if self.dwHighDateTime == 4294967295 and self.dwLowDateTime == 4294967295:
     25 + self.datetime = self.datetime = datetime.datetime(3000, 1, 1, 0, 0)
     26 + else:
     27 + ft = (self.dwHighDateTime << 32) + self.dwLowDateTime
     28 + if ft == 0:
     29 + self.datetime = datetime.datetime(1970, 1, 1, 0, 0)
     30 + else:
     31 + self.datetime = datetime.datetime.utcfromtimestamp((ft - 116444736000000000) / 10000000)
     32 +
     33 + @staticmethod
     34 + def from_dict(d):
     35 + t = FILETIME()
     36 + t.dwLowDateTime = d['dwLowDateTime']
     37 + t.dwHighDateTime = d['dwHighDateTime']
     38 + t.calc_dt()
     39 + return t
     40 + 
     41 + @staticmethod
     42 + def from_buffer(buff):
     43 + t = FILETIME()
     44 + t.dwLowDateTime = int.from_bytes(buff.read(4), byteorder='little', signed = False)
     45 + t.dwHighDateTime = int.from_bytes(buff.read(4), byteorder='little', signed = False)
     46 + t.calc_dt()
     47 + return t
     48 + 
     49 + 
     50 + 
     51 +class NTLMServerInfo:
     52 + def __init__(self):
     53 + self.domainname = None
     54 + self.computername = None
     55 + self.dnscomputername = None
     56 + self.dnsdomainname = None
     57 + self.local_time = None
     58 + self.dnsforestname = None
     59 + self.os_major_version = None
     60 + self.os_minor_version = None
     61 + self.os_build = None
     62 + self.os_guess = None
     63 +
     64 + @staticmethod
     65 + def from_challenge(challenge):
     66 + si = NTLMServerInfo()
     67 + ti = challenge.TargetInfo
     68 + for k in ti:
     69 + if k == AVPAIRType.MsvAvNbDomainName:
     70 + si.domainname = ti[k]
     71 + elif k == AVPAIRType.MsvAvNbComputerName:
     72 + si.computername = ti[k]
     73 + elif k == AVPAIRType.MsvAvDnsDomainName:
     74 + si.dnsdomainname = ti[k]
     75 + elif k == AVPAIRType.MsvAvDnsComputerName:
     76 + si.dnscomputername = ti[k]
     77 + elif k == AVPAIRType.MsvAvDnsTreeName:
     78 + si.dnsforestname = ti[k]
     79 + elif k == AVPAIRType.MsvAvTimestamp:
     80 + if isinstance(ti[k], bytes):
     81 + si.local_time = FILETIME.from_bytes(ti[k]).datetime
     82 + elif isinstance(ti[k], datetime):
     83 + si.local_time = ti[k]
     84 +
     85 + if challenge.Version is not None:
     86 + if challenge.Version.ProductMajorVersion is not None:
     87 + si.os_major_version = challenge.Version.ProductMajorVersion
     88 + if challenge.Version.ProductMinorVersion is not None:
     89 + si.os_minor_version = challenge.Version.ProductMinorVersion
     90 + if challenge.Version.ProductBuild is not None:
     91 + si.os_build = challenge.Version.ProductBuild
     92 + if challenge.Version.WindowsProduct is not None:
     93 + si.os_guess = challenge.Version.WindowsProduct
     94 +
     95 + return si
     96 + 
     97 + def to_dict(self):
     98 + t = {
     99 + 'domainname' : self.domainname,
     100 + 'computername' : self.computername,
     101 + 'dnscomputername' : self.dnscomputername,
     102 + 'dnsdomainname' : self.dnsdomainname,
     103 + 'local_time' : self.local_time,
     104 + 'dnsforestname' : self.dnsforestname,
     105 + 'os_build' : self.os_build,
     106 + 'os_guess' : self.os_guess,
     107 + 'os_major_version' : None,
     108 + 'os_minor_version' : None,
     109 + }
     110 + if self.os_major_version is not None:
     111 + t['os_major_version'] = self.os_major_version.name
     112 + if self.os_minor_version is not None:
     113 + t['os_minor_version'] = self.os_minor_version.name
     114 + return t
     115 + 
     116 + def to_tsv(self, separator = '\t'):
     117 + def vn(x):
     118 + if x is None:
     119 + return ''
     120 + return str(x)
     121 + 
     122 + d = self.to_dict()
     123 + return separator.join([ vn(d[x]) for x in NTLMSERVERINFO_TSV_HDR])
     124 +
     125 + def __str__(self):
     126 + t = '=== Server Info ====\r\n'
     127 + for k in self.__dict__:
     128 + t += '%s: %s\r\n' % (k, self.__dict__[k])
     129 +
     130 + return t
     131 + 
     132 + def to_json(self):
     133 + return json.dumps(self.to_dict())
     134 + 
     135 + def to_grep(self):
     136 + t = ''
     137 + t += '[domainname,%s]' % self.domainname
     138 + t += '[computername,%s]' % self.computername
     139 + t += '[dnscomputername,%s]' % self.dnscomputername
     140 + t += '[dnsdomainname,%s]' % self.dnsdomainname
     141 + t += '[dnsforestname,%s]' % self.dnsforestname
     142 + t += '[os_build,%s]' % self.os_build
     143 + t += '[os_guess,%s]' % self.os_guess
     144 + if self.local_time is not None:
     145 + t += '[local_time,%s]' % self.local_time.isoformat()
     146 + if self.os_major_version is not None:
     147 + t += '[os_major,%s]' % self.os_major_version.value
     148 + if self.os_minor_version is not None:
     149 + t += '[os_minor,%s]' % self.os_minor_version.value
     150 +
     151 + return t
  • ■ ■ ■ ■ ■ ■
    aardwolf/commons/authbuilder.py
    skipped 76 lines
    77 77   raise Exception('NTLM authentication requres password!')
    78 78  
    79 79   if creds.secret_type == RDPCredentialsSecretType.NT:
     80 + if isinstance(creds.secret, str) is True and len(creds.secret) != 32:
     81 + raise Exception('This is not an NT hash!')
    80 82   ntlmcred.nt_hash = creds.secret
    81 83   elif creds.secret_type == RDPCredentialsSecretType.PASSWORD:
    82 84   ntlmcred.password = creds.secret
    skipped 293 lines
  • ■ ■ ■ ■ ■ ■
    aardwolf/connection.py
    skipped 267 lines
    268 268   self.disconnected_evt.set()
    269 269   return None, e
    270 270  
     271 + def get_extra_info(self):
     272 + ntlm_data = self.authapi.get_extra_info()
     273 + if ntlm_data is not None:
     274 + return ntlm_data.to_dict()
     275 + return None
     276 +
     277 +
    271 278   async def credssp_auth(self):
    272 279   try:
    273 280   #constructing authentication API is not specified
    skipped 915 lines
  • ■ ■ ■ ■ ■
    aardwolf/examples/aardpcapscan.py
    1 1   
    2 2  import asyncio
    3 3  import enum
     4 +import traceback
    4 5  import uuid
    5 6  import logging
    6 7  import json
    skipped 430 lines
  • ■ ■ ■ ■ ■
    aardwolf/examples/aardploginscan.py
    skipped 57 lines
    58 58  class RDPLoginScanner:
    59 59   def __init__(self, rdp_url, iosettings:RDPIOSettings, worker_count = 10, out_file = None, out_format = 'str', show_pbar = True, task_q = None, ext_result_q = None):
    60 60   self.target_gens = []
    61  - self.rdp_mgr = RDPConnectionURL(rdp_url)
     61 + self.rdp_mgr = rdp_url
     62 + if isinstance(rdp_url, RDPConnectionURL) is False:
     63 + self.rdp_mgr = RDPConnectionURL(rdp_url)
    62 64   self.worker_count = worker_count
    63 65   self.task_q = task_q
    64 66   self.res_q = None
    skipped 301 lines
  • ■ ■ ■ ■ ■ ■
    aardwolf/examples/aardpscreenshot.py
    skipped 38 lines
    39 39  class RDPScreenGrabberScanner:
    40 40   def __init__(self, rdp_url, iosettings, worker_count = 10, out_dir = None, screentime = 5, show_pbar = True, task_q = None, res_q = None, ext_result_q = None):
    41 41   self.target_gens = []
    42  - self.rdp_mgr = RDPConnectionURL(rdp_url)
     42 + self.rdp_mgr = rdp_url
     43 + if isinstance(rdp_url, RDPConnectionURL) is False:
     44 + self.rdp_mgr = RDPConnectionURL(rdp_url)
    43 45   self.worker_count = worker_count
    44 46   self.task_q = task_q
    45 47   self.res_q = res_q
    skipped 25 lines
    71 73   return None, None
    72 74   
    73 75   except Exception as e:
     76 + print(e)
    74 77   return None, e
    75 78  
    76 79   connection = None
    skipped 7 lines
    84 87   
    85 88   try:
    86 89   await asyncio.wait_for(get_image(buffer, connection.ext_out_queue), self.screentime)
    87  - except:
     90 + except Exception as e:
    88 91   pass
    89 92  
    90 93   if self.ext_result_q is None:
    skipped 246 lines
  • ■ ■ ■ ■ ■ ■
    setup.py
    skipped 59 lines
    60 60   
    61 61   
    62 62   install_requires=[
    63  - 'minikerberos>=0.2.15',
     63 + 'minikerberos>=0.2.17',
    64 64   'winsspi>=0.0.9',
    65  - 'asysocks>=0.1.6',
     65 + 'asysocks>=0.1.7',
    66 66   'tqdm',
    67 67   'colorama',
    68 68   'asn1crypto',
    skipped 23 lines
Please wait...
Page is in error, reload to recover