Skip to content

Commit

Permalink
Include target in report; fix report overwrites (#71)
Browse files Browse the repository at this point in the history 
This also clears the SQLITE database before writing new results,
harmonizing the behavior to the XLSX and JSON cases.
  • Loading branch information
@AdrianVollmer
AdrianVollmer authored Dec 24, 2023
1 parent 9005e7b commit 26188de
Show file tree
Hide file tree
Showing 5 changed files with 63 additions and 50 deletions.
30 changes: 16 additions & 14 deletions coercer/__main__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,13 +213,14 @@ def main():
if not "msrpc" in options.filter_transport_name or try_login(credentials, target, verbose=options.verbose):
# Starting action
action_scan(target, available_methods, options, credentials, reporter)
# Reporting results
if options.export_json is not None:
reporter.exportJSON(options.export_json)
if options.export_xlsx is not None:
reporter.exportXLSX(options.export_xlsx)
if options.export_sqlite is not None:
reporter.exportSQLITE(target, options.export_sqlite)

# Reporting results
if options.export_json is not None:
reporter.exportJSON(options.export_json)
if options.export_xlsx is not None:
reporter.exportXLSX(options.export_xlsx)
if options.export_sqlite is not None:
reporter.exportSQLITE(options.export_sqlite)

elif options.mode == "fuzz":
reporter.print_info("Starting fuzz mode")
Expand All @@ -234,13 +235,14 @@ def main():
if not "msrpc" in options.filter_transport_name or try_login(credentials, target, verbose=options.verbose):
# Starting action
action_fuzz(target, available_methods, options, credentials, reporter)
# Reporting results
if options.export_json is not None:
reporter.exportJSON(options.export_json)
if options.export_xlsx is not None:
reporter.exportXLSX(options.export_xlsx)
if options.export_sqlite is not None:
reporter.exportSQLITE(target, options.export_sqlite)

# Reporting results
if options.export_json is not None:
reporter.exportJSON(options.export_json)
if options.export_xlsx is not None:
reporter.exportXLSX(options.export_xlsx)
if options.export_sqlite is not None:
reporter.exportSQLITE(options.export_sqlite)

print("[+] All done! Bye Bye!")

Expand Down
77 changes: 41 additions & 36 deletions coercer/core/Reporter.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,19 +43,21 @@ def print_warn(self, message):
def print_verbose(self, message):
print("[debug]",message)

def report_test_result(self, uuid, version, namedpipe, msprotocol_rpc_instance, result, exploitpath):
def report_test_result(self, target, uuid, version, namedpipe, msprotocol_rpc_instance, result, exploitpath):
function_name = msprotocol_rpc_instance.function["name"]
if uuid not in self.test_results.keys():
self.test_results[uuid] = {}
if version not in self.test_results[uuid].keys():
self.test_results[uuid][version] = {}
if function_name not in self.test_results[uuid][version].keys():
self.test_results[uuid][version][function_name] = {}
if namedpipe not in self.test_results[uuid][version][function_name].keys():
self.test_results[uuid][version][function_name][namedpipe] = []
if target not in self.test_results.keys():
self.test_results[target] = {}
if uuid not in self.test_results[target].keys():
self.test_results[target][uuid] = {}
if version not in self.test_results[target][uuid].keys():
self.test_results[target][uuid][version] = {}
if function_name not in self.test_results[target][uuid][version].keys():
self.test_results[target][uuid][version][function_name] = {}
if namedpipe not in self.test_results[target][uuid][version][function_name].keys():
self.test_results[target][uuid][version][function_name][namedpipe] = []

# Save result to database
self.test_results[uuid][version][function_name][namedpipe].append({
self.test_results[target][uuid][version][function_name][namedpipe].append({
"function": msprotocol_rpc_instance.function,
"protocol": msprotocol_rpc_instance.protocol,
"testresult": result.name,
Expand Down Expand Up @@ -102,21 +104,22 @@ def exportXLSX(self, filename):
worksheet = workbook.add_worksheet()

header_format = workbook.add_format({'bold': 1})
header_fields = ["Interface UUID", "Interface version", "SMB named pipe", "Protocol long name", "Protocol short name", "RPC function name", "Operation number", "Result", "Working path"]
header_fields = ["Target", "Interface UUID", "Interface version", "SMB named pipe", "Protocol long name", "Protocol short name", "RPC function name", "Operation number", "Result", "Working path"]
for k in range(len(header_fields)):
worksheet.set_column(k, k + 1, len(header_fields[k]) + 3)
worksheet.set_row(0, 60, header_format)
worksheet.write_row(0, 0, header_fields)

row_id = 1
for uuid in self.test_results.keys():
for version in self.test_results[uuid].keys():
for function_name in self.test_results[uuid][version].keys():
for namedpipe in self.test_results[uuid][version][function_name].keys():
for test_result in self.test_results[uuid][version][function_name][namedpipe]:
data = [uuid, version, namedpipe, test_result["protocol"]["longname"], test_result["protocol"]["shortname"], test_result["function"]["name"], test_result["function"]["opnum"], test_result["testresult"], test_result["exploitpath"]]
worksheet.write_row(row_id, 0, data)
row_id += 1
for target in self.test_results.keys():
for uuid in self.test_results[target].keys():
for version in self.test_results[target][uuid].keys():
for function_name in self.test_results[target][uuid][version].keys():
for namedpipe in self.test_results[target][uuid][version][function_name].keys():
for test_result in self.test_results[target][uuid][version][function_name][namedpipe]:
data = [target, uuid, version, namedpipe, test_result["protocol"]["longname"], test_result["protocol"]["shortname"], test_result["function"]["name"], test_result["function"]["opnum"], test_result["testresult"], test_result["exploitpath"]]
worksheet.write_row(row_id, 0, data)
row_id += 1
worksheet.autofilter(0, 0, row_id, len(header_fields) - 1)
workbook.close()
self.print_info("Results exported to XLSX in '%s'" % path_to_file)
Expand All @@ -136,7 +139,7 @@ def exportJSON(self, filename):
f.close()
self.print_info("Results exported to JSON in '%s'" % path_to_file)

def exportSQLITE(self, target, filename):
def exportSQLITE(self, filename):
basepath = os.path.dirname(filename)
filename = os.path.basename(filename)
if basepath not in [".", ""]:
Expand All @@ -151,23 +154,25 @@ def exportSQLITE(self, target, filename):
# Creating a cursor object using the cursor() method
cursor = conn.cursor()
cursor.execute("CREATE TABLE IF NOT EXISTS results(target VARCHAR(255), uuid VARCHAR(255), version VARCHAR(255), named_pipe VARCHAR(255), protocol_shortname VARCHAR(255), protocol_longname VARCHAR(512), function_name VARCHAR(255), result VARCHAR(255), path VARCHAR(512));")
for uuid in self.test_results.keys():
for version in self.test_results[uuid].keys():
for function_name in self.test_results[uuid][version].keys():
for named_pipe in self.test_results[uuid][version][function_name].keys():
for test_result in self.test_results[uuid][version][function_name][named_pipe]:
cursor.execute("INSERT INTO results VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)", (
target,
uuid,
version,
named_pipe,
test_result["protocol"]["shortname"],
test_result["protocol"]["longname"],
function_name,
test_result["testresult"],
str(bytes(test_result["exploitpath"], 'utf-8'))[2:-1].replace('\\\\', '\\')
cursor.execute("DELETE FROM results;")
for target in self.test_results.keys():
for uuid in self.test_results[target].keys():
for version in self.test_results[target][uuid].keys():
for function_name in self.test_results[target][uuid][version].keys():
for named_pipe in self.test_results[target][uuid][version][function_name].keys():
for test_result in self.test_results[target][uuid][version][function_name][named_pipe]:
cursor.execute("INSERT INTO results VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)", (
target,
uuid,
version,
named_pipe,
test_result["protocol"]["shortname"],
test_result["protocol"]["longname"],
function_name,
test_result["testresult"],
str(bytes(test_result["exploitpath"], 'utf-8'))[2:-1].replace('\\\\', '\\')
)
)
)
# Commit your changes in the database
conn.commit()
# Closing the connection
Expand Down
2 changes: 2 additions & 0 deletions coercer/core/modes/coerce.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ def action_coerce(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe="",
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down Expand Up @@ -201,6 +202,7 @@ def action_coerce(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe=namedpipe,
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down
2 changes: 2 additions & 0 deletions coercer/core/modes/fuzz.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ def action_fuzz(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe=namedpipe,
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down Expand Up @@ -247,6 +248,7 @@ def action_fuzz(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe=namedpipe,
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down
2 changes: 2 additions & 0 deletions coercer/core/modes/scan.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@ def action_scan(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe=namedpipe,
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down Expand Up @@ -202,6 +203,7 @@ def action_scan(target, available_methods, options, credentials, reporter):
)

reporter.report_test_result(
target=target,
uuid=uuid, version=version, namedpipe=namedpipe,
msprotocol_rpc_instance=msprotocol_rpc_instance,
result=result,
Expand Down

0 comments on commit 26188de

Please sign in to comment.