fix: try/except updating the database on spoolers and zerologon modules

2023-03-09 18:38:42 -05:00 · 2023-03-09 18:38:42 -05:00 · e6022139aa
parent cbd312eb21
commit e6022139aa
2 changed files with 11 additions and 4 deletions
--- a/cme/modules/spooler.py
+++ b/cme/modules/spooler.py
@ -92,8 +92,11 @@ class CMEModule:
                    logging.debug("          %s" % binding)
                logging.debug("")
                context.log.highlight('Spooler service enabled')
+                try:
                    host = context.db.get_computers(connection.host)[0]
                    context.db.add_computer(host.ip, host.hostname, host.domain, host.os, host.smbv1, host.signing, spooler=True)
+                except Exception as e:
+                    logging.debug(f"Error updating spooler status in database")
                break

        if entries:
--- a/cme/modules/zerologon.py
+++ b/cme/modules/zerologon.py
@ -12,6 +12,7 @@ from impacket import crypto
 import hmac, hashlib, struct, sys, socket, time
 from binascii import hexlify, unhexlify
 from subprocess import check_call
+import logging

 # Give up brute-forcing after this many attempts. If vulnerable, 256 attempts are expected to be neccessary on average.
 MAX_ATTEMPTS = 2000 # False negative chance: 0.04%
@ -34,8 +35,11 @@ class CMEModule:
        if perform_attack('\\\\' + connection.hostname, connection.host, connection.hostname):
            context.log.highlight("VULNERABLE")
            context.log.highlight("Next step: https://github.com/dirkjanm/CVE-2020-1472")
+            try:
                host = context.db.get_computers(connection.host)[0]
                context.db.add_computer(host.ip, host.hostname, host.domain, host.os, host.smbv1, host.signing, zerologon=True)
+            except Exception as e:
+                logging.debug(f"Error updating zerologon status in database")


 def fail(msg):