Refactoring related to #882

commixproject · Dec 28, 2023 · 1d9ad23 · 1d9ad23
1 parent 64d708f
commit 1d9ad23
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 128 deletions.
diff --git a/doc/THANKS.md b/doc/THANKS.md
@@ -7,6 +7,7 @@
 * Thanks [m3g9tr0n](https://twitter.com/m3g9tr0n) for a donation.
 
 ## List of individual contributors:
+* Thanks [anonymousdouble](https://github.com/anonymousdouble) for contributing code.
 * Thanks [n00b-bot](https://github.com/n00b-bot) for suggesting a feature.
 * Thanks [xerxoria](https://github.com/xerxoria) for reporting a bug and for suggesting a relevant fix.
 * Thanks [Kazgangap](https://github.com/Kazgangap) for contributing a Turkish translation of README.md.

diff --git a/src/core/injections/controller/checks.py b/src/core/injections/controller/checks.py
@@ -1911,11 +1911,10 @@ def print_hostname(shell, filename, _):
     info_msg = "Hostname: " +  str(shell)
     print(settings.print_bold_info_msg(info_msg))
     # Add infos to logs file.
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      info_msg = info_msg + "\n"
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        info_msg = info_msg + "\n"
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
   else:
     warn_msg = "Heuristics have failed to identify the hostname."
     print(settings.print_warning_msg(warn_msg))
@@ -1930,11 +1929,10 @@ def print_current_user(cu_account, filename, _):
     info_msg = "Current user: " +  str(cu_account)
     print(settings.print_bold_info_msg(info_msg))
     # Add infos to logs file.
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      info_msg = info_msg + "\n"
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        info_msg = info_msg + "\n"
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
   else:
     warn_msg = "Heuristics have failed to fetch the current user."
     print(settings.print_warning_msg(warn_msg))
@@ -1954,12 +1952,10 @@ def print_current_user_privs(shell, filename, _):
   info_msg = "Current user has excessive privileges: " +  str(priv)
   print(settings.print_bold_info_msg(info_msg))
   # Add infos to logs file.
-  output_file = open(filename, "a")
-  if not menu.options.no_logging:
-    info_msg = info_msg + "\n"
-    output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-  output_file.close()
-
+  with open(filename, 'a') as output_file:
+    if not menu.options.no_logging:
+      info_msg = info_msg + "\n"
+      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
 """
 Print OS info
 """
@@ -1970,11 +1966,10 @@ def print_os_info(target_os, target_arch, filename, _):
     info_msg = "Operating system: " +  str(target_os) + settings.SINGLE_WHITESPACE + str(target_arch)
     print(settings.print_bold_info_msg(info_msg))
     # Add infos to logs file.
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      info_msg = info_msg + "\n"
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        info_msg = info_msg + "\n"
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
   else:
     warn_msg = "Heuristics have failed to fetch underlying operating system information."
     print(settings.print_warning_msg(warn_msg))
@@ -2041,41 +2036,20 @@ def print_users(sys_users, filename, _, separator, TAG, cmd, prefix, suffix, whi
           info_msg += " [" + str(len(sys_users_list)) + "]:"
           print(settings.print_bold_info_msg(info_msg))
           # Add infos to logs file.
-          output_file = open(filename, "a")
-          if not menu.options.no_logging:
-            output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-          output_file.close()
+          with open(filename, 'a') as output_file:
+            if not menu.options.no_logging:
+              output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
           count = 0
           for user in range(0, len(sys_users_list)):
             count = count + 1
-            # if menu.options.privileges:
-            #   cmd = "powershell.exe -InputFormat none write-host (([string]$(net user " + sys_users_list[user] + ")[22..($(net user " + sys_users_list[user] + ").length-3)]).replace('Local Group Memberships','').replace('*','').Trim()).replace(' ','')"
-            #   if alter_shell:
-            #     cmd = escape_single_quoted_cmd(cmd)
-            #   cmd = "cmd /c " + cmd
-            #   from src.core.injections.results_based.techniques.classic import cb_injector
-            #   response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
-            #   check_privs = cb_injector.injection_results(response, TAG, cmd)
-            #   check_privs = "".join(str(p) for p in check_privs).strip()
-            #   check_privs = re.findall(r"(.*)", check_privs)
-            #   check_privs = "".join(str(p) for p in check_privs).strip()
-            #   check_privs = check_privs.split()
-            #   if "Admin" in check_privs[0]:
-            #     is_privileged = Style.RESET_ALL + "is" +  Style.BRIGHT + " admin user"
-            #     is_privileged_nh = " is admin user "
-            #   else:
-            #     is_privileged = Style.RESET_ALL + "is" +  Style.BRIGHT + " regular user"
-            #     is_privileged_nh = " is regular user "
-            # else :
             is_privileged = is_privileged = ""
             print(settings.SUB_CONTENT_SIGN + "(" +str(count)+ ") '" + Style.BRIGHT +  sys_users_list[user] + Style.RESET_ALL + "'" + Style.BRIGHT + is_privileged + Style.RESET_ALL)
             # Add infos to logs file.
-            output_file = open(filename, "a")
-            if not menu.options.no_logging:
-              if count == 1 :
-                output_file.write("\n")
-              output_file.write("(" +str(count)+ ") '" + sys_users_list[user] + is_privileged + "'\n" )
-            output_file.close()
+            with open(filename, 'a') as output_file:
+              if not menu.options.no_logging:
+                if count == 1 :
+                  output_file.write("\n")
+                output_file.write("(" +str(count)+ ") '" + sys_users_list[user] + is_privileged + "'\n" )
       else:
         # print(settings.SINGLE_WHITESPACE)
         warn_msg = "It seems that you don't have permissions to enumerate operating system users."
@@ -2104,10 +2078,9 @@ def print_users(sys_users, filename, _, separator, TAG, cmd, prefix, suffix, whi
           print(settings.print_warning_msg(warn_msg))
           sys_users = " ".join(str(p) for p in sys_users).strip()
           print(sys_users)
-          output_file = open(filename, "a")
-          if not menu.options.no_logging:
-            output_file.write("      " + sys_users)
-          output_file.close()
+          with open(filename, 'a') as output_file:
+            if not menu.options.no_logging:
+              output_file.write("      " + sys_users)
         else:
           sys_users_list = []
           for user in range(0, len(sys_users), 3):
@@ -2120,10 +2093,9 @@ def print_users(sys_users, filename, _, separator, TAG, cmd, prefix, suffix, whi
             info_msg += " [" + str(len(sys_users_list)) + "]:"
             print(settings.print_bold_info_msg(info_msg))
             # Add infos to logs file.
-            output_file = open(filename, "a")
-            if not menu.options.no_logging:
-              output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-            output_file.close()
+            with open(filename, 'a') as output_file:
+              if not menu.options.no_logging:
+                output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
             count = 0
             for user in range(0, len(sys_users_list)):
               sys_users = sys_users_list[user]
@@ -2160,23 +2132,21 @@ def print_users(sys_users, filename, _, separator, TAG, cmd, prefix, suffix, whi
                   is_privileged_nh = ""
                 print(settings.SUB_CONTENT_SIGN + "(" +str(count)+ ") '" + Style.BRIGHT + fields[0] + Style.RESET_ALL + "' " + Style.BRIGHT + is_privileged + Style.RESET_ALL + "(uid=" + fields[1] + "). Home directory is in '" + Style.BRIGHT + fields[2]+ Style.RESET_ALL + "'.")
                 # Add infos to logs file.
-                output_file = open(filename, "a")
-                if not menu.options.no_logging:
-                  if count == 1 :
-                    output_file.write("\n")
-                  output_file.write("(" +str(count)+ ") '" + fields[0] + "' " + is_privileged_nh + "(uid=" + fields[1] + "). Home directory is in '" + fields[2] + "'.\n" )
-                output_file.close()
+                with open(filename, 'a') as output_file:
+                  if not menu.options.no_logging:
+                    if count == 1 :
+                      output_file.write("\n")
+                    output_file.write("(" +str(count)+ ") '" + fields[0] + "' " + is_privileged_nh + "(uid=" + fields[1] + "). Home directory is in '" + fields[2] + "'.\n" )
               except ValueError:
                 if count == 1 :
                   warn_msg = "It seems that '" + settings.PASSWD_FILE + "' file is not in the "
                   warn_msg += "appropriate format. Thus, it is expoted as a text file."
                   print(settings.print_warning_msg(warn_msg))
                 sys_users = " ".join(str(p) for p in sys_users.split(":"))
                 print(sys_users)
-                output_file = open(filename, "a")
-                if not menu.options.no_logging:
-                  output_file.write("      " + sys_users)
-                output_file.close()
+                with open(filename, 'a') as output_file:
+                  if not menu.options.no_logging:
+                    output_file.write("      " + sys_users)
       else:
         # print(settings.SINGLE_WHITESPACE)
         warn_msg = "It seems that you don't have permissions to read the '"
@@ -2206,10 +2176,9 @@ def print_passes(sys_passes, filename, _, alter_shell):
       info_msg += " password hashes [" + str(len(sys_passes)) + "]:"
       print(settings.print_bold_info_msg(info_msg))
       # Add infos to logs file.
-      output_file = open(filename, "a")
-      if not menu.options.no_logging:
-        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg )
-      output_file.close()
+      with open(filename, 'a') as output_file:
+        if not menu.options.no_logging:
+          output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg )
       count = 0
       for line in sys_passes:
         count = count + 1
@@ -2219,23 +2188,21 @@ def print_passes(sys_passes, filename, _, alter_shell):
             if not "*" in fields[1] and not "!" in fields[1] and fields[1] != "":
               print("  (" +str(count)+ ") " + Style.BRIGHT + fields[0] + Style.RESET_ALL + " : " + Style.BRIGHT + fields[1]+ Style.RESET_ALL)
               # Add infos to logs file.
-              output_file = open(filename, "a")
-              if not menu.options.no_logging:
-                if count == 1 :
-                  output_file.write("\n")
-                output_file.write("(" +str(count)+ ") " + fields[0] + " : " + fields[1] + "\n")
-              output_file.close()
+              with open(filename, 'a') as output_file:
+                if not menu.options.no_logging:
+                  if count == 1 :
+                    output_file.write("\n")
+                  output_file.write("(" +str(count)+ ") " + fields[0] + " : " + fields[1] + "\n")
         # Check for appropriate '/etc/shadow' format.
         except IndexError:
           if count == 1 :
             warn_msg = "It seems that '" + settings.SHADOW_FILE + "' file is not "
             warn_msg += "in the appropriate format. Thus, it is expoted as a text file."
             print(settings.print_warning_msg(warn_msg))
           print(fields[0])
-          output_file = open(filename, "a")
-          if not menu.options.no_logging:
-            output_file.write("      " + fields[0])
-          output_file.close()
+          with open(filename, 'a') as output_file:
+            if not menu.options.no_logging:
+              output_file.write("      " + fields[0])
     else:
       warn_msg = "It seems that you don't have permissions to read the '"
       warn_msg += settings.SHADOW_FILE + "' file."
@@ -2375,12 +2342,11 @@ def file_read_status(shell, file_to_read, filename):
   if shell:
     _ = "Fetched file content"
     print(settings.print_retrieved_data(_, shell))
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      info_msg = "Extracted content of the file '"
-      info_msg += file_to_read + "' : " + shell + "\n"
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        info_msg = "Extracted content of the file '"
+        info_msg += file_to_read + "' : " + shell + "\n"
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + info_msg)
   else:
     warn_msg = "It seems that you don't have permissions "
     warn_msg += "to read the content of the file '" + file_to_read + "'."

diff --git a/src/utils/logs.py b/src/utils/logs.py
@@ -104,23 +104,21 @@ def create_log_file(url, output_dir):
   # The logs filename construction.
   filename = logs_path + settings.OUTPUT_FILE
   try:
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      output_file.write("\n" + "=" * 37)
-      output_file.write("\n" + "| Started in " + \
-        str(date.today()) + \
-        " at " + datetime.now().strftime("%H:%M:%S") + " |")
-      output_file.write("\n" + "=" * 37)
-      output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Tested URL : " + url)
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        output_file.write("\n" + "=" * 37)
+        output_file.write("\n" + "| Started in " + \
+          str(date.today()) + \
+          " at " + datetime.now().strftime("%H:%M:%S") + " |")
+        output_file.write("\n" + "=" * 37)
+        output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Tested URL : " + url)
   except IOError as err_msg:
     try:
       error_msg = str(err_msg.args[0]).split("] ")[1] + "."
     except:
       error_msg = str(err_msg.args[0]) + "."
     print(settings.print_critical_msg(error_msg))
     raise SystemExit()
-
   return filename
 
 """
@@ -130,53 +128,49 @@ def add_type_and_technique(export_injection_info, filename, injection_type, tech
 
   if export_injection_info == False:
     settings.SHOW_LOGS_MSG = True
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Type: " + injection_type.title())
-      output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Technique: " + technique.title())
-    output_file.close()
-    export_injection_info = True
-
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Type: " + injection_type.title())
+        output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Technique: " + technique.title())
+      export_injection_info = True
   return export_injection_info
 
 """
 Add the vulnerable parameter in log files.
 """
 def add_parameter(vp_flag, filename, the_type, header_name, http_request_method, vuln_parameter, payload):
-  output_file = open(filename, "a")
-  if not menu.options.no_logging:
-    if header_name[1:] == "cookie":
-      header_name = " ("+ header_name[1:] + ") " + vuln_parameter
-    if header_name[1:] == "":
-      header_name = " ("+ http_request_method + ") " + vuln_parameter
-    output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + the_type[1:].title() + ": " + header_name[1:])
-    vp_flag = False
-    output_file.write("\n")
-  output_file.close()
+  with open(filename, 'a') as output_file:
+    if not menu.options.no_logging:
+      if header_name[1:] == "cookie":
+        header_name = " ("+ header_name[1:] + ") " + vuln_parameter
+      if header_name[1:] == "":
+        header_name = " ("+ http_request_method + ") " + vuln_parameter
+      output_file.write("\n" + re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + the_type[1:].title() + ": " + header_name[1:])
+      vp_flag = False
+      output_file.write("\n")
+
 
 """
 Add any payload in log files.
 """
 def update_payload(filename, counter, payload):
-  output_file = open(filename, "a")
-  if not menu.options.no_logging:
-    if "\n" in payload:
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Used payload: " + re.sub("%20", settings.SINGLE_WHITESPACE, _urllib.parse.unquote_plus(payload.replace("\n", "\\n"))) + "\n")
-    else:
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Used payload: " + payload.replace("%20", settings.SINGLE_WHITESPACE) + "\n")
-  output_file.close()
+  with open(filename, 'a') as output_file:
+    if not menu.options.no_logging:
+      if "\n" in payload:
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Used payload: " + re.sub("%20", settings.SINGLE_WHITESPACE, _urllib.parse.unquote_plus(payload.replace("\n", "\\n"))) + "\n")
+      else:
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Used payload: " + payload.replace("%20", settings.SINGLE_WHITESPACE) + "\n")
 
 """
 Add any executed command and
 execution output result in log files.
 """
 def executed_command(filename, cmd, output):
   try:
-    output_file = open(filename, "a")
-    if not menu.options.no_logging:
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Executed command: " +  cmd + "\n")
-      output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_SIGN) + "Execution output: " + output.encode(settings.DEFAULT_CODEC).decode() + "\n")
-    output_file.close()
+    with open(filename, 'a') as output_file:
+      if not menu.options.no_logging:
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_BOLD_SIGN) + "Executed command: " +  cmd + "\n")
+        output_file.write(re.compile(re.compile(settings.ANSI_COLOR_REMOVAL)).sub("",settings.INFO_SIGN) + "Execution output: " + output.encode(settings.DEFAULT_CODEC).decode() + "\n")
   except TypeError:
     pass
 

diff --git a/src/utils/settings.py b/src/utils/settings.py
@@ -247,7 +247,7 @@ def sys_argv_errors():
 DESCRIPTION = "The command injection exploiter"
 AUTHOR  = "Anastasios Stasinopoulos"
 VERSION_NUM = "3.9"
-REVISION = "40"
+REVISION = "41"
 STABLE_RELEASE = False
 VERSION = "v"
 if STABLE_RELEASE: