Fixed up @aj-cgtech changes
parent
5fd4aa716c
commit
f3465ef008
|
@ -43,11 +43,11 @@ Please see the installation wiki page [here](https://github.com/byt3bl33d3r/Crac
|
||||||
|
|
||||||
# How to fund my tea & sushi reserve
|
# How to fund my tea & sushi reserve
|
||||||
|
|
||||||
BTC: 1ER8rRE6NTZ7RHN88zc6JY87LvtyuRUJGU
|
BTC: `1ER8rRE6NTZ7RHN88zc6JY87LvtyuRUJGU`
|
||||||
|
|
||||||
ETH: 0x91d9aDCf8B91f55BCBF0841616A01BeE551E90ee
|
ETH: `0x91d9aDCf8B91f55BCBF0841616A01BeE551E90ee`
|
||||||
|
|
||||||
LTC: LLMa2bsvXbgBGnnBwiXYazsj7Uz6zRe4fr
|
LTC: `LLMa2bsvXbgBGnnBwiXYazsj7Uz6zRe4fr`
|
||||||
|
|
||||||
# To do
|
# To do
|
||||||
- Kerberos support
|
- Kerberos support
|
||||||
|
|
|
@ -44,10 +44,10 @@ def main():
|
||||||
|
|
||||||
cme_path = os.path.expanduser('~/.cme')
|
cme_path = os.path.expanduser('~/.cme')
|
||||||
|
|
||||||
config = ConfigParser({'pwn3d_label': 'Pwn3d!'})
|
config = ConfigParser()
|
||||||
config.read(os.path.join(cme_path, 'cme.conf'))
|
config.read(os.path.join(cme_path, 'cme.conf'))
|
||||||
|
|
||||||
module = None
|
module = None
|
||||||
module_server = None
|
module_server = None
|
||||||
targets = []
|
targets = []
|
||||||
jitter = None
|
jitter = None
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
[CME]
|
[CME]
|
||||||
workspace=default
|
workspace=default
|
||||||
last_used_db=
|
last_used_db=
|
||||||
|
pwn3d_label=Pwn3d!
|
||||||
|
|
||||||
[Empire]
|
[Empire]
|
||||||
api_host=127.0.0.1
|
api_host=127.0.0.1
|
||||||
|
|
|
@ -2,18 +2,18 @@ import os
|
||||||
import sqlite3
|
import sqlite3
|
||||||
import shutil
|
import shutil
|
||||||
import cme
|
import cme
|
||||||
from ConfigParser import ConfigParser, NoSectionError
|
from ConfigParser import ConfigParser, NoSectionError, NoOptionError
|
||||||
from cme.helpers.logger import highlight
|
|
||||||
from cme.loaders.protocol_loader import protocol_loader
|
from cme.loaders.protocol_loader import protocol_loader
|
||||||
from subprocess import check_output, PIPE
|
from subprocess import check_output, PIPE
|
||||||
from sys import exit
|
from sys import exit
|
||||||
|
|
||||||
CME_PATH = os.path.expanduser('~/.cme')
|
CME_PATH = os.path.expanduser('~/.cme')
|
||||||
TMP_PATH = os.path.join('/tmp', 'cme_hosted')
|
TMP_PATH = os.path.join('/tmp', 'cme_hosted')
|
||||||
WS_PATH = os.path.join(CME_PATH, 'workspaces')
|
WS_PATH = os.path.join(CME_PATH, 'workspaces')
|
||||||
CERT_PATH = os.path.join(CME_PATH, 'cme.pem')
|
CERT_PATH = os.path.join(CME_PATH, 'cme.pem')
|
||||||
CONFIG_PATH = os.path.join(CME_PATH, 'cme.conf')
|
CONFIG_PATH = os.path.join(CME_PATH, 'cme.conf')
|
||||||
|
|
||||||
|
|
||||||
def first_run_setup(logger):
|
def first_run_setup(logger):
|
||||||
|
|
||||||
if not os.path.exists(TMP_PATH):
|
if not os.path.exists(TMP_PATH):
|
||||||
|
@ -27,13 +27,13 @@ def first_run_setup(logger):
|
||||||
folders = ['logs', 'modules', 'protocols', 'workspaces', 'obfuscated_scripts']
|
folders = ['logs', 'modules', 'protocols', 'workspaces', 'obfuscated_scripts']
|
||||||
for folder in folders:
|
for folder in folders:
|
||||||
if not os.path.exists(os.path.join(CME_PATH, folder)):
|
if not os.path.exists(os.path.join(CME_PATH, folder)):
|
||||||
os.mkdir(os.path.join(CME_PATH,folder))
|
os.mkdir(os.path.join(CME_PATH, folder))
|
||||||
|
|
||||||
if not os.path.exists(os.path.join(WS_PATH, 'default')):
|
if not os.path.exists(os.path.join(WS_PATH, 'default')):
|
||||||
logger.info('Creating default workspace')
|
logger.info('Creating default workspace')
|
||||||
os.mkdir(os.path.join(WS_PATH, 'default'))
|
os.mkdir(os.path.join(WS_PATH, 'default'))
|
||||||
|
|
||||||
p_loader = protocol_loader()
|
p_loader = protocol_loader()
|
||||||
protocols = p_loader.get_protocols()
|
protocols = p_loader.get_protocols()
|
||||||
for protocol in protocols.keys():
|
for protocol in protocols.keys():
|
||||||
try:
|
try:
|
||||||
|
@ -67,16 +67,17 @@ def first_run_setup(logger):
|
||||||
try:
|
try:
|
||||||
config = ConfigParser()
|
config = ConfigParser()
|
||||||
config.read(CONFIG_PATH)
|
config.read(CONFIG_PATH)
|
||||||
current_workspace = config.get('CME', 'workspace')
|
config.get('CME', 'workspace')
|
||||||
except NoSectionError:
|
config.get('CME', 'pwn3d_label')
|
||||||
logger.info('v3.x configuration file detected, replacing with new version')
|
except (NoSectionError, NoOptionError):
|
||||||
|
logger.info('Old configuration file detected, replacing with new version')
|
||||||
default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')
|
default_path = os.path.join(os.path.dirname(cme.__file__), 'data', 'cme.conf')
|
||||||
shutil.copy(default_path, CME_PATH)
|
shutil.copy(default_path, CME_PATH)
|
||||||
|
|
||||||
if not os.path.exists(CERT_PATH):
|
if not os.path.exists(CERT_PATH):
|
||||||
logger.info('Generating SSL certificate')
|
logger.info('Generating SSL certificate')
|
||||||
try:
|
try:
|
||||||
out = check_output(['openssl', 'help'], stderr=PIPE)
|
check_output(['openssl', 'help'], stderr=PIPE)
|
||||||
except OSError as e:
|
except OSError as e:
|
||||||
if e.errno == os.errno.ENOENT:
|
if e.errno == os.errno.ENOENT:
|
||||||
logger.error('OpenSSL command line utility is not installed, could not generate certificate')
|
logger.error('OpenSSL command line utility is not installed, could not generate certificate')
|
||||||
|
|
|
@ -171,13 +171,10 @@ class mssql(connection):
|
||||||
self.db.add_admin_user('plaintext', domain, username, password, self.host)
|
self.db.add_admin_user('plaintext', domain, username, password, self.host)
|
||||||
|
|
||||||
out = u'{}{}:{} {}'.format('{}\\'.format(domain.decode('utf-8')) if self.args.auth_type is 'windows' else '',
|
out = u'{}{}:{} {}'.format('{}\\'.format(domain.decode('utf-8')) if self.args.auth_type is 'windows' else '',
|
||||||
username.decode('utf-8'),
|
username.decode('utf-8'),
|
||||||
password.decode('utf-8'),
|
password.decode('utf-8'),
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')') if self.admin_privs else '')
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
|
||||||
|
|
||||||
|
|
||||||
self.logger.success(out)
|
self.logger.success(out)
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def hash_login(self, domain, username, ntlm_hash):
|
def hash_login(self, domain, username, ntlm_hash):
|
||||||
|
@ -207,7 +204,7 @@ class mssql(connection):
|
||||||
out = u'{}\\{} {} {}'.format(domain.decode('utf-8'),
|
out = u'{}\\{} {} {}'.format(domain.decode('utf-8'),
|
||||||
username.decode('utf-8'),
|
username.decode('utf-8'),
|
||||||
ntlm_hash,
|
ntlm_hash,
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')') if self.admin_privs else '')
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
|
||||||
|
|
||||||
self.logger.success(out)
|
self.logger.success(out)
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,6 @@ from cme.protocols.smb.passpol import PassPolDump
|
||||||
from cme.helpers.logger import highlight
|
from cme.helpers.logger import highlight
|
||||||
from cme.helpers.misc import *
|
from cme.helpers.misc import *
|
||||||
from cme.helpers.powershell import create_ps_command
|
from cme.helpers.powershell import create_ps_command
|
||||||
from ConfigParser import ConfigParser
|
|
||||||
from pywerview.cli.helpers import *
|
from pywerview.cli.helpers import *
|
||||||
from pywerview.requester import RPCRequester
|
from pywerview.requester import RPCRequester
|
||||||
from time import time
|
from time import time
|
||||||
|
@ -91,6 +90,7 @@ def requires_smb_server(func):
|
||||||
|
|
||||||
return wraps(func)(_decorator)
|
return wraps(func)(_decorator)
|
||||||
|
|
||||||
|
|
||||||
class smb(connection):
|
class smb(connection):
|
||||||
|
|
||||||
def __init__(self, args, db, host):
|
def __init__(self, args, db, host):
|
||||||
|
@ -260,7 +260,7 @@ class smb(connection):
|
||||||
out = u'{}\\{}:{} {}'.format(domain.decode('utf-8'),
|
out = u'{}\\{}:{} {}'.format(domain.decode('utf-8'),
|
||||||
username.decode('utf-8'),
|
username.decode('utf-8'),
|
||||||
password.decode('utf-8'),
|
password.decode('utf-8'),
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')') if self.admin_privs else '')
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
|
||||||
|
|
||||||
self.logger.success(out)
|
self.logger.success(out)
|
||||||
return True
|
return True
|
||||||
|
@ -304,7 +304,7 @@ class smb(connection):
|
||||||
out = u'{}\\{} {} {}'.format(domain.decode('utf-8'),
|
out = u'{}\\{} {} {}'.format(domain.decode('utf-8'),
|
||||||
username.decode('utf-8'),
|
username.decode('utf-8'),
|
||||||
ntlm_hash,
|
ntlm_hash,
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')') if self.admin_privs else '')
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
|
||||||
|
|
||||||
self.logger.success(out)
|
self.logger.success(out)
|
||||||
return True
|
return True
|
||||||
|
|
|
@ -60,7 +60,7 @@ class ssh(connection):
|
||||||
|
|
||||||
self.logger.success(u'{}:{} {}'.format(username.decode('utf-8'),
|
self.logger.success(u'{}:{} {}'.format(username.decode('utf-8'),
|
||||||
password.decode('utf-8'),
|
password.decode('utf-8'),
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')') if self.admin_privs else ''))
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else '')))
|
||||||
|
|
||||||
return True
|
return True
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
|
@ -120,7 +120,7 @@ class winrm(connection):
|
||||||
self.logger.success(u'{}\\{}:{} {}'.format(self.domain.decode('utf-8'),
|
self.logger.success(u'{}\\{}:{} {}'.format(self.domain.decode('utf-8'),
|
||||||
username.decode('utf-8'),
|
username.decode('utf-8'),
|
||||||
password.decode('utf-8'),
|
password.decode('utf-8'),
|
||||||
highlight('('+self.config.get('CME','pwn3d_label')+')')))
|
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else '')))
|
||||||
|
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit f2fae367d3ac2abc3ed6fe9c7c17e6ffbac69e67
|
Subproject commit 354b1cd49e1a28839832463abf691d9fff1f8e6f
|
Loading…
Reference in New Issue