mirror of
https://github.com/trustedsec/social-engineer-toolkit
synced 2024-11-26 22:40:18 +00:00
fix typo
This commit is contained in:
parent
edaa7a7927
commit
5c107ec67b
4 changed files with 35 additions and 28 deletions
|
@ -1,3 +1,11 @@
|
|||
~~~~~~~~~~~~~~~~
|
||||
version 7.3.12
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
||||
* added prompt before brute forcing
|
||||
* removed nmap depend and used standard sockets for tcp connect
|
||||
* reduced connect time for mssql
|
||||
|
||||
~~~~~~~~~~~~~~~~
|
||||
version 7.3.11
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
|
|
@ -98,7 +98,7 @@ try:
|
|||
if "/" in str(range):
|
||||
iprange = printCIDR(range)
|
||||
iprange = iprange.split(",")
|
||||
pool = ThreadPool(200)
|
||||
pool = ThreadPool(30)
|
||||
sqlport = pool.map(get_sql_port, iprange)
|
||||
pool.close()
|
||||
pool.join()
|
||||
|
@ -154,10 +154,10 @@ try:
|
|||
sql_servers = sql_servers.split(",")
|
||||
# start loop and brute force
|
||||
|
||||
print_status("The following SQL servers and associated ports were identified; ")
|
||||
print_status("The following SQL servers and associated ports were identified: ")
|
||||
for sql in sql_servers:
|
||||
if sql != "":
|
||||
print "SQL Server:" + sql
|
||||
print(sql)
|
||||
print_status("By pressing enter, you will begin the brute force process on all SQL accounts identified in the list above.")
|
||||
test = input("Press {enter} to begin the brute force process.")
|
||||
for servers in sql_servers:
|
||||
|
@ -195,9 +195,6 @@ try:
|
|||
if sql_servers:
|
||||
print_warning(
|
||||
"Sorry. Unable to locate or fully compromise a MSSQL Server on the following SQL servers: ")
|
||||
for line in sql_servers:
|
||||
if line != "":
|
||||
print("SQL Server: " + line.rstrip())
|
||||
|
||||
else:
|
||||
print_warning(
|
||||
|
|
|
@ -1 +1 @@
|
|||
7.3.11
|
||||
7.3.12
|
||||
|
|
|
@ -18,6 +18,7 @@ import base64
|
|||
from src.core import dictionaries
|
||||
import io
|
||||
import trace
|
||||
|
||||
#python 2 and 3 compatibility
|
||||
try:
|
||||
from urllib.request import urlopen
|
||||
|
@ -1764,30 +1765,31 @@ def get_sql_port(host):
|
|||
s.settimeout(.2)
|
||||
|
||||
# Attempt to query UDP:1434 and return MSSQL running port
|
||||
try:
|
||||
sql_port = None
|
||||
try:
|
||||
port = 1434
|
||||
msg = "\x02\x41\x41\x41\x41"
|
||||
s.sendto(msg, (host, port))
|
||||
d = s.recvfrom(1024)
|
||||
|
||||
sql_port = d[0].split(";")[9]
|
||||
if sql_port != None:
|
||||
return host + ": " + sql_port
|
||||
else:
|
||||
proc = subprocess.Popen("nmap -v -sT -p1433 %s" %
|
||||
(host), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
output = proc.communicate()[0].split("\n")
|
||||
result = ""
|
||||
counter = 0
|
||||
for result in output:
|
||||
if "Discovered open port" in result:
|
||||
result = result.split("on ")[1]
|
||||
counter = 1
|
||||
return host + ":" + "1433"
|
||||
if counter == 0:
|
||||
return None
|
||||
|
||||
# if we have an exception, udp 1434 isnt there could be firewalled off so we need to check 1433 just in case
|
||||
except:
|
||||
sql_port = "1433"
|
||||
pass
|
||||
|
||||
try:
|
||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
s.settimeout(.2)
|
||||
s.connect((host, int(sql_port)))
|
||||
return host + ":" + sql_port
|
||||
|
||||
# if port is closed
|
||||
except: return None
|
||||
|
||||
except Exception as err:
|
||||
print str(err)
|
||||
pass
|
||||
|
||||
# capture output from a function
|
||||
|
|
Loading…
Reference in a new issue