mirror of
https://github.com/Ekultek/Zeus-Scanner.git
synced 2026-03-11 08:55:51 +00:00
patches an issue where the target refuses the connection (issue #97), also creates a way to run against the IP addresses of the hostname instead
This commit is contained in:
parent
37f1669596
commit
21398eaf8a
3 changed files with 39 additions and 5 deletions
|
|
@ -1,4 +1,5 @@
|
|||
import json
|
||||
import socket
|
||||
import re
|
||||
|
||||
import requests
|
||||
|
|
@ -8,6 +9,7 @@ from lib.core.settings import (
|
|||
proxy_string_to_dict,
|
||||
logger, set_color,
|
||||
DEFAULT_USER_AGENT,
|
||||
replace_http
|
||||
)
|
||||
from var.auto_issue.github import request_issue_creation
|
||||
|
||||
|
|
@ -17,7 +19,7 @@ def __get_auth_headers(target, port=16992, source=None, agent=None, proxy=None):
|
|||
logger.info(set_color(
|
||||
"header value not established, attempting to get bypass..."
|
||||
))
|
||||
source = requests.get("http://{0}:{1}/index.htm".format(target, port), headers={
|
||||
source = requests.get("http://{0}:{1}/index.htm".format(target, port), timeout=10, headers={
|
||||
'connection': 'close', 'user-agent': agent
|
||||
}, proxies=proxy)
|
||||
return source
|
||||
|
|
@ -91,9 +93,29 @@ def __get_hardware(target, agent=None, proxy=None):
|
|||
return json.dumps(data)
|
||||
|
||||
|
||||
def main_intel_amt(url, agent=None, proxy=None):
|
||||
def main_intel_amt(url, agent=None, proxy=None, **kwargs):
|
||||
do_ip_address = kwargs.get("do_ip", False)
|
||||
proxy = proxy_string_to_dict(proxy) or None
|
||||
agent = agent or DEFAULT_USER_AGENT
|
||||
if do_ip_address:
|
||||
logger.warning(set_color(
|
||||
"running against IP addresses may result in the targets refusing the connection...", level=30
|
||||
))
|
||||
logger.info(set_color(
|
||||
"will run against IP address instead of hostname..."
|
||||
))
|
||||
try:
|
||||
url = replace_http(url)
|
||||
url = socket.gethostbyname(url)
|
||||
logger.info(set_color(
|
||||
"discovered IP address {}...".format(url)
|
||||
))
|
||||
except Exception as e:
|
||||
logger.error(set_color(
|
||||
"failed to gather IP address from hostname '{}', received an error '{}'. "
|
||||
"will just run against hostname...".format(url, e), level=40
|
||||
))
|
||||
url = url
|
||||
logger.info(set_color(
|
||||
"attempting to connect to '{}' and get hardware info...".format(url)
|
||||
))
|
||||
|
|
@ -111,6 +133,17 @@ def main_intel_amt(url, agent=None, proxy=None):
|
|||
for item in json_data[key]:
|
||||
print(" - {}: {}".format(item.capitalize(), json_data[key][item]))
|
||||
print("-" * 40)
|
||||
except requests.exceptions.ConnectionError as e:
|
||||
if "Max retries exceeded with url" in str(e):
|
||||
logger.error(set_color(
|
||||
"failed connection, target machine is actively refusing the connection, skipping...", level=40
|
||||
))
|
||||
pass
|
||||
else:
|
||||
logger.error(set_color(
|
||||
"failed connection with '{}', skipping...", level=40
|
||||
))
|
||||
pass
|
||||
except Exception as e:
|
||||
if "Temporary failure in name resolution" in str(e):
|
||||
logger.error(set_color(
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ except NameError:
|
|||
# clone link
|
||||
CLONE = "https://github.com/ekultek/zeus-scanner.git"
|
||||
# current version <major.minor.commit.patch ID>
|
||||
VERSION = "1.0.46"
|
||||
VERSION = "1.0.47.dcf0"
|
||||
# colors to output depending on the version
|
||||
VERSION_TYPE_COLORS = {"dev": 33, "stable": 92, "other": 30}
|
||||
# version string formatting
|
||||
|
|
|
|||
5
zeus.py
5
zeus.py
|
|
@ -100,6 +100,8 @@ if __name__ == "__main__":
|
|||
help="Show all connections made during the admin panel search")
|
||||
attacks.add_option("--tamper", dest="tamperXssPayloads", metavar="TAMPER-SCRIPT",
|
||||
help="Send the XSS payloads through tampering before sending to the target")
|
||||
attacks.add_option("--run-ip-address", dest="runAgainstIpAddress", action="store_true",
|
||||
help="Run the Intel ME AMT exploit against the found host IP address instead of the hostname")
|
||||
attacks.add_option("--thread", dest="threadPanels", action="store_true",
|
||||
help=optparse.SUPPRESS_HELP)
|
||||
attacks.add_option("--auto", dest="autoStartSqlmap", action="store_true",
|
||||
|
|
@ -432,7 +434,7 @@ if __name__ == "__main__":
|
|||
url = get_true_url(url)
|
||||
return intel_me.main_intel_amt(
|
||||
url, agent=agent_to_use,
|
||||
proxy=proxy_to_use
|
||||
proxy=proxy_to_use, do_ip=opt.runAgainstIpAddress
|
||||
)
|
||||
elif admin:
|
||||
main(
|
||||
|
|
@ -669,7 +671,6 @@ if __name__ == "__main__":
|
|||
"it seems that your firefox version is not compatible with the geckodriver "
|
||||
"version. please update firefox and try again...", level=50
|
||||
))
|
||||
shutdown()
|
||||
else:
|
||||
logger.info(set_color(
|
||||
"kill off the open sessions of firefox and re-run Zeus..."
|
||||
|
|
|
|||
Loading…
Reference in a new issue