Skip to content

Commit

Permalink
misc: refactored Loot object to contain target (preparing for multi-m…
Browse files Browse the repository at this point in the history 
…ode #3)
  • Loading branch information
@evilsocket
evilsocket committed Nov 4, 2023
1 parent 5f0739a commit a9043c9
Show file tree
Hide file tree
Showing 27 changed files with 278 additions and 6,246 deletions.
1 change: 1 addition & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 1 addition & 3 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ ahash = "0.8.3"
ansi_term = "0.12.1"
async-channel = "1.9.0"
async-trait = "0.1.73"
chrono = { version = "0.4.31", features = ["serde"] }
clap = { version = "4.4.4", features = ["derive"] }
ctor = "0.2.4"
ctrlc = "3.4.1"
Expand All @@ -30,7 +31,6 @@ rand = "0.8.5"
env_logger = "0.10.0"
memory-stats = "1.1.0"
human_bytes = "0.4.3"

url = { version = "2.4.1", optional = true }
regex = { version = "1.9.5", optional = true }
reqwest = { version = "0.11.20", features = [
Expand Down Expand Up @@ -63,7 +63,6 @@ ldap3 = { version = "0.11.3", optional = true }
kerberos_crypto = { version = "0.3.6", optional = true }
kerberos_asn1 = { version = "0.2.1", optional = true }
kerberos_constants = { version = "0.0.9", optional = true }
chrono = { version = "0.4.31", optional = true }
vnc-rs = { version = "0.5.1", optional = true }
mongodb = { version = "2.7.0", optional = true }
sibyl = { version = "0.6.16", optional = true, features = [
Expand Down Expand Up @@ -118,7 +117,6 @@ kerberos = [
"dep:kerberos_crypto",
"dep:kerberos_asn1",
"dep:kerberos_constants",
"dep:chrono",
]
vnc = ["dep:vnc-rs"]
mongodb = ["dep:mongodb"]
Expand Down
11 changes: 7 additions & 4 deletions src/plugins/amqp/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,10 +108,13 @@ impl Plugin for AMQP {
stream.read(&mut buffer).await.map_err(|e| e.to_string())?;

if buffer[0] == 0x01 {
Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
])))
Ok(Some(Loot::from(
&self.address,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
)))
} else {
Ok(None)
}
Expand Down
25 changes: 14 additions & 11 deletions src/plugins/dns/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,17 +88,20 @@ impl Plugin for DNS {
if let Ok(response) = self.resolver.as_ref().unwrap().lookup_ip(&subdomain).await {
let addresses: Vec<IpAddr> = response.iter().filter(|ip| !ip.is_loopback()).collect();
if !addresses.is_empty() {
return Ok(Some(Loot::from([
("subdomain".to_owned(), subdomain),
(
"addresses".to_owned(),
addresses
.iter()
.map(|a| a.to_string())
.collect::<Vec<String>>()
.join(", "),
),
])));
return Ok(Some(Loot::from(
"",
[
("subdomain".to_owned(), subdomain),
(
"addresses".to_owned(),
addresses
.iter()
.map(|a| a.to_string())
.collect::<Vec<String>>()
.join(", "),
),
],
)));
}
}

Expand Down
11 changes: 7 additions & 4 deletions src/plugins/ftp/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,10 +53,13 @@ impl Plugin for FTP {
.map_err(|e| e.to_string())?;

if stream.login(&creds.username, &creds.password).await.is_ok() {
Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
])))
Ok(Some(Loot::from(
&self.address,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
)))
} else {
Ok(None)
}
Expand Down
28 changes: 17 additions & 11 deletions src/plugins/http/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,11 +279,14 @@ impl HTTP {
"".to_owned()
};
Ok(if self.is_success(res).await.is_some() {
Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
("cookie".to_owned(), cookie),
]))
Some(Loot::from(
&self.target,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
("cookie".to_owned(), cookie),
],
))
} else {
None
})
Expand Down Expand Up @@ -324,12 +327,15 @@ impl HTTP {
Err(e) => Err(e.to_string()),
Ok(res) => {
if let Some(success) = self.is_success(res).await {
Ok(Some(Loot::from([
("page".to_owned(), url),
("status".to_owned(), success.status.to_string()),
("size".to_owned(), success.content_length.to_string()),
("type".to_owned(), success.content_type),
])))
Ok(Some(Loot::from(
&self.target,
[
("page".to_owned(), url),
("status".to_owned(), success.status.to_string()),
("size".to_owned(), success.content_length.to_string()),
("type".to_owned(), success.content_type),
],
)))
} else {
Ok(None)
}
Expand Down
11 changes: 7 additions & 4 deletions src/plugins/imap/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,13 @@ impl Plugin for IMAP {
let stream = crate::utils::net::async_tcp_stream(&self.address, timeout, true).await?;
let client = async_imap::Client::new(stream);
if client.login(&creds.username, &creds.password).await.is_ok() {
return Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
])));
return Ok(Some(Loot::from(
&self.address,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
)));
}

Ok(None)
Expand Down
42 changes: 27 additions & 15 deletions src/plugins/kerberos/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,11 @@ impl Kerberos {
true,
true,
Some(
Loot::from([("username".to_owned(), creds.username.to_owned())])
.set_partial(),
Loot::from(
&self.server.to_string(),
[("username".to_owned(), creds.username.to_owned())],
)
.set_partial(),
),
);
}
Expand All @@ -70,10 +73,13 @@ impl Kerberos {
true,
false,
Some(
Loot::from([
("username".to_owned(), creds.username.to_owned()),
("expired_password".to_owned(), creds.password.to_owned()),
])
Loot::from(
&self.server.to_string(),
[
("username".to_owned(), creds.username.to_owned()),
("expired_password".to_owned(), creds.password.to_owned()),
],
)
.set_partial(),
),
);
Expand All @@ -84,10 +90,13 @@ impl Kerberos {
true,
false,
Some(
Loot::from([
("username".to_owned(), creds.username.to_owned()),
("revoked_password".to_owned(), creds.password.to_owned()),
])
Loot::from(
&self.server.to_string(),
[
("username".to_owned(), creds.username.to_owned()),
("revoked_password".to_owned(), creds.password.to_owned()),
],
)
.set_partial(),
),
);
Expand All @@ -105,11 +114,14 @@ impl Kerberos {
if AsRep::parse(raw).is_ok() {
return (
true,
Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
// ("ticket".to_owned(), format!("{:?}", &as_rep.ticket)),
])),
Some(Loot::from(
&self.server.to_string(),
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
// ("ticket".to_owned(), format!("{:?}", &as_rep.ticket)),
],
)),
);
}

Expand Down
11 changes: 7 additions & 4 deletions src/plugins/ldap/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,10 +81,13 @@ impl Plugin for LDAP {
.await
{
return Ok(if res.success().is_ok() {
Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
]))
Some(Loot::from(
&self.url,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
))
} else {
None
});
Expand Down
46 changes: 23 additions & 23 deletions src/plugins/manager.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,29 @@ pub(crate) fn setup(options: &Options) -> Result<&'static mut dyn Plugin, Error>
Ok(plugin)
}

pub(crate) async fn run(
plugin: &'static mut dyn Plugin,
session: Arc<Session>,
) -> Result<(), Error> {
// spawn worker threads
for _ in 0..session.options.concurrency {
task::spawn(worker(plugin, session.clone()));
}

// loop credentials for this session
for creds in session.combinations(plugin)? {
// exit on ctrl-c if we have to, otherwise send the new credentials to the workers
if session.is_stop() {
log::debug!("exiting loop");
return Ok(());
} else if let Err(e) = session.dispatch_new_credentials(creds).await {
log::error!("{}", e.to_string());
}
}

Ok(())
}

async fn worker(plugin: &dyn Plugin, session: Arc<Session>) {
log::debug!("worker started");

Expand Down Expand Up @@ -129,26 +152,3 @@ async fn worker(plugin: &dyn Plugin, session: Arc<Session>) {

log::debug!("worker exit");
}

pub(crate) async fn run(
plugin: &'static mut dyn Plugin,
session: Arc<Session>,
) -> Result<(), Error> {
// spawn worker threads
for _ in 0..session.options.concurrency {
task::spawn(worker(plugin, session.clone()));
}

// loop credentials for this session
for creds in session.combinations(plugin)? {
// exit on ctrl-c if we have to, otherwise send the new credentials to the workers
if session.is_stop() {
log::debug!("exiting loop");
return Ok(());
} else if let Err(e) = session.dispatch_new_credentials(creds).await {
log::error!("{}", e.to_string());
}
}

Ok(())
}
13 changes: 8 additions & 5 deletions src/plugins/mongodb/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,11 +63,14 @@ impl Plugin for MongoDB {
let dbs = cli.list_database_names(None, None).await;

if let Ok(dbs) = dbs {
Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
("databases".to_owned(), dbs.join(", ")),
])))
Ok(Some(Loot::from(
&self.address,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
("databases".to_owned(), dbs.join(", ")),
],
)))
} else {
Ok(None)
}
Expand Down
11 changes: 7 additions & 4 deletions src/plugins/mssql/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,10 +150,13 @@ impl Plugin for MSSQL {
.map_err(|e| e.to_string())?;

if resp.len() > 10 && resp[8] == 0xe3 {
Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
])))
Ok(Some(Loot::from(
&self.address,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
)))
} else {
Ok(None)
}
Expand Down
11 changes: 7 additions & 4 deletions src/plugins/oracle/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,13 @@ impl Plugin for Oracle {
// timeout
Err("timed out".to_owned())
} else if let Ok(_) = op.unwrap() {
Ok(Some(Loot::from([
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
])))
Ok(Some(Loot::from(
&self.host,
[
("username".to_owned(), creds.username.to_owned()),
("password".to_owned(), creds.password.to_owned()),
],
)))
} else {
Ok(None)
}
Expand Down
Loading

0 comments on commit a9043c9

Please sign in to comment.