NetExec/cme/first_run.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import os
import errno
import sqlite3
import shutil
import cme
import configparser
from configparser import ConfigParser, NoSectionError, NoOptionError
from cme.paths import CME_PATH, CONFIG_PATH, CERT_PATH, TMP_PATH
from cme.cmedb import initialize_db
from subprocess import check_output, PIPE
import sys


def first_run_setup(logger):
    if not os.path.exists(TMP_PATH):
        os.mkdir(TMP_PATH)

    if not os.path.exists(CME_PATH):
        logger.info('First time use detected')
        logger.info('Creating home directory structure')
        os.mkdir(CME_PATH)

    folders = ['logs', 'modules', 'protocols', 'workspaces', 'obfuscated_scripts', 'screenshots']
    for folder in folders:
        if not os.path.exists(os.path.join(CME_PATH, folder)):
            logger.info("Creating missing folder {}".format(folder))
            os.mkdir(os.path.join(CME_PATH, folder))

    initialize_db(logger)

    if not os.path.exists(CONFIG_PATH):
        logger.info('Copying default configuration file')
        default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')
        shutil.copy(default_path, CME_PATH)
    else:
        # This is just a quick check to make sure the config file isn't the old 3.x format
        try:
            config = configparser.ConfigParser()
            config.read(CONFIG_PATH)
            config.get('CME', 'workspace')
            config.get('CME', 'pwn3d_label')
            config.get('CME', 'audit_mode')
            config.get('BloodHound', 'bh_enabled')
            config.get('CME', 'log_mode')
        except (NoSectionError, NoOptionError):
            logger.info('Old configuration file detected, replacing with new version')
            default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')
            shutil.copy(default_path, CME_PATH)

    # if not os.path.exists(CERT_PATH):
    #     logger.info('Generating SSL certificate')
    #     try:
    #         check_output(['openssl', 'help'], stderr=PIPE)
    #         if os.name != 'nt':
    #             os.system('openssl req -new -x509 -keyout {path} -out {path} -days 365 -nodes -subj "/C=US" > /dev/null 2>&1'.format(path=CERT_PATH))
    #         else:
    #             os.system('openssl req -new -x509 -keyout {path} -out {path} -days 365 -nodes -subj "/C=US"'.format(path=CERT_PATH))
    #     except OSError as e:
    #         if e.errno == errno.ENOENT:
    #             logger.error('OpenSSL command line utility is not installed, could not generate certificate, using default certificate')
    #             default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'default.pem')
    #             shutil.copy(default_path, CERT_PATH)                
    #         else:
    #             logger.error('Error while generating SSL certificate: {}'.format(e))
    #             sys.exit(1)
Adding shebang and encoding utf-8 for all python files 2022-07-18 23:59:14 +00:00			`#!/usr/bin/env python3`
			`# -- coding: utf-8 --`

Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00			`import os`
Add more compatibility for windows exe - decrease winrm timeout to 3 seconds so @IppSec 's videos tlast less time :) -- add ico to cme exe -- add option smb-server-port to make cme compatible with windows 2020-07-30 13:14:31 +00:00			`import errno`
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00			`import sqlite3`
Some code cleanup, bug fixes and re-added the config file * For some reason the config file got lost in between version bumps, re-added it * Improved the logic in first_run.py, it will now autodetect missing files and will copy/generate them accordinglu * Code cleanup in cmedb.py and bug fixes in crackmapexec.py 2016-06-09 03:44:45 +00:00			`import shutil`
			`import cme`
start python3 migration 2019-11-10 21:42:04 +00:00			`import configparser`
			`from configparser import ConfigParser, NoSectionError, NoOptionError`
refactor: centralize shared path variables and improve cmedb intialization 2023-03-02 16:01:29 +00:00			`from cme.paths import CME_PATH, CONFIG_PATH, CERT_PATH, TMP_PATH`
fix: correct cmedb import 2023-03-03 14:50:43 +00:00			`from cme.cmedb import initialize_db`
Some code cleanup, bug fixes and re-added the config file * For some reason the config file got lost in between version bumps, re-added it * Improved the logic in first_run.py, it will now autodetect missing files and will copy/generate them accordinglu * Code cleanup in cmedb.py and bug fixes in crackmapexec.py 2016-06-09 03:44:45 +00:00			`from subprocess import check_output, PIPE`
Added Termux support 2022-04-21 17:36:19 +00:00			`import sys`
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00
Fixed up @aj-cgtech changes 2018-03-01 19:36:17 +00:00
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00			`def first_run_setup(logger):`
Initial implementation of module chaining Oook, this commit is basicallu just so I can start tracking (and testing) all of the changes made so far: - All execution methods are now completely fileless, all output and/or batch files get outputted/hosted locally on a SMB server that gets spun up on runtime - Module structure has been modified for module chaining - Module chaining implementation is currently very hacky, I definitly have to figure out something more elegant but for now it works. Module chaining is performed via the -MC flag and has it's own mini syntax (will be adding it to the wiki) - You can now specify credential ID ranges using the -id flag - Added the eventvwr_bypass and rundll32_exec modules - Renamed a lot of the modules for naming consistency TODO: - Launchers/Payloads need to be escaped before being generated when module chaining - Add check for modules 'required_server' attribute - Finish modifying the functions in the Connection object so they return the results 2016-09-12 06:52:50 +00:00			`if not os.path.exists(TMP_PATH):`
			`os.mkdir(TMP_PATH)`

Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00			`if not os.path.exists(CME_PATH):`
Some code cleanup, bug fixes and re-added the config file * For some reason the config file got lost in between version bumps, re-added it * Improved the logic in first_run.py, it will now autodetect missing files and will copy/generate them accordinglu * Code cleanup in cmedb.py and bug fixes in crackmapexec.py 2016-06-09 03:44:45 +00:00			`logger.info('First time use detected')`
Initial commit for v4.0 Just fyi for anyone reading this, it's not even close to being finished. The amount of changes are pretty insane, this commit is to serve as a refrence point for myself. Highlights for v4.0: - The whole codebase has been re-written from scratch - Codebase has been cut around 2/4 - Protocols are now modular! In theory we could use CME for everything - Module chaining has been removed for now, still trying to figure out a more elegant solution - Workspaces have implemented in cmedb - The smb protocol's database schema has been changed to support storing users, groups and computers with their respective memberships and relations. - I'm in the process of re-writing most of the modules, will re-add them once i've finished 2016-12-15 07:28:00 +00:00			`logger.info('Creating home directory structure')`
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00			`os.mkdir(CME_PATH)`
Initial 4.0 pre-release 2017-03-27 21:09:36 +00:00
Add screenshot option for RDP protocol 2022-03-13 12:01:04 +00:00			`folders = ['logs', 'modules', 'protocols', 'workspaces', 'obfuscated_scripts', 'screenshots']`
Initial 4.0 pre-release 2017-03-27 21:09:36 +00:00			`for folder in folders:`
			`if not os.path.exists(os.path.join(CME_PATH, folder)):`
refactor: centralize shared path variables and improve cmedb intialization 2023-03-02 16:01:29 +00:00			`logger.info("Creating missing folder {}".format(folder))`
Fixed up @aj-cgtech changes 2018-03-01 19:36:17 +00:00			`os.mkdir(os.path.join(CME_PATH, folder))`
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00
refactor: centralize shared path variables and improve cmedb intialization 2023-03-02 16:01:29 +00:00			`initialize_db(logger)`
Second round of refactoring for packaging 2016-06-04 05:42:26 +00:00
Some code cleanup, bug fixes and re-added the config file * For some reason the config file got lost in between version bumps, re-added it * Improved the logic in first_run.py, it will now autodetect missing files and will copy/generate them accordinglu * Code cleanup in cmedb.py and bug fixes in crackmapexec.py 2016-06-09 03:44:45 +00:00			`if not os.path.exists(CONFIG_PATH):`
			`logger.info('Copying default configuration file')`
			`default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')`
			`shutil.copy(default_path, CME_PATH)`
Takes care of issue #190 and #191, initial SSH protocol implementation - Passing --ntds will automatically use the drsuapi method (DCSync) - Initial implementation of the SSH protocol and the mimipenguin module (This is very much still not finished, lots of stuff missing) - Added check to make sure existing config file is in the 4.x format - Added splinter and paramiko to dep requirements - Updated Impacket to latest commit - HTTP protocol now also returns server version in output 2017-07-10 05:44:58 +00:00			`else:`
			`# This is just a quick check to make sure the config file isn't the old 3.x format`
			`try:`
start python3 migration 2019-11-10 21:42:04 +00:00			`config = configparser.ConfigParser()`
Takes care of issue #190 and #191, initial SSH protocol implementation - Passing --ntds will automatically use the drsuapi method (DCSync) - Initial implementation of the SSH protocol and the mimipenguin module (This is very much still not finished, lots of stuff missing) - Added check to make sure existing config file is in the 4.x format - Added splinter and paramiko to dep requirements - Updated Impacket to latest commit - HTTP protocol now also returns server version in output 2017-07-10 05:44:58 +00:00			`config.read(CONFIG_PATH)`
Fixed up @aj-cgtech changes 2018-03-01 19:36:17 +00:00			`config.get('CME', 'workspace')`
			`config.get('CME', 'pwn3d_label')`
Add check for audit mode #523 2022-02-07 21:19:46 +00:00			`config.get('CME', 'audit_mode')`
			`config.get('BloodHound', 'bh_enabled')`
Improve logging file 2023-02-21 19:40:52 +00:00			`config.get('CME', 'log_mode')`
Fixed up @aj-cgtech changes 2018-03-01 19:36:17 +00:00			`except (NoSectionError, NoOptionError):`
			`logger.info('Old configuration file detected, replacing with new version')`
Takes care of issue #190 and #191, initial SSH protocol implementation - Passing --ntds will automatically use the drsuapi method (DCSync) - Initial implementation of the SSH protocol and the mimipenguin module (This is very much still not finished, lots of stuff missing) - Added check to make sure existing config file is in the 4.x format - Added splinter and paramiko to dep requirements - Updated Impacket to latest commit - HTTP protocol now also returns server version in output 2017-07-10 05:44:58 +00:00			`default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')`
			`shutil.copy(default_path, CME_PATH)`
Some code cleanup, bug fixes and re-added the config file * For some reason the config file got lost in between version bumps, re-added it * Improved the logic in first_run.py, it will now autodetect missing files and will copy/generate them accordinglu * Code cleanup in cmedb.py and bug fixes in crackmapexec.py 2016-06-09 03:44:45 +00:00
Remove openssl requirement 2023-01-02 11:55:03 +00:00			`# if not os.path.exists(CERT_PATH):`
			`# logger.info('Generating SSL certificate')`
			`# try:`
			`# check_output(['openssl', 'help'], stderr=PIPE)`
			`# if os.name != 'nt':`
			`# os.system('openssl req -new -x509 -keyout {path} -out {path} -days 365 -nodes -subj "/C=US" > /dev/null 2>&1'.format(path=CERT_PATH))`
			`# else:`
			`# os.system('openssl req -new -x509 -keyout {path} -out {path} -days 365 -nodes -subj "/C=US"'.format(path=CERT_PATH))`
			`# except OSError as e:`
			`# if e.errno == errno.ENOENT:`
			`# logger.error('OpenSSL command line utility is not installed, could not generate certificate, using default certificate')`
			`# default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'default.pem')`
			`# shutil.copy(default_path, CERT_PATH)`
			`# else:`
			`# logger.error('Error while generating SSL certificate: {}'.format(e))`
			`# sys.exit(1)`