Fixing undefined names (#434)

2ee21d01 · Marcin Bury · GitHub · 5ea63d0e · 2ee21d01 · 2ee21d01
Unverified Commit 2ee21d01 authored 6 years ago by Marcin Bury Committed by GitHub 6 years ago
11 changed files
--- a/routersploit/core/exploit/printer.py
+++ b/routersploit/core/exploit/printer.py
@@ -39,7 +39,6 @@ def __cprint(*args, **kwargs):
    if not kwargs.pop("verbose", True):
        return

-    color = kwargs.get("color", None)
    sep = kwargs.get("sep", " ")
    end = kwargs.get("end", "\n")
    thread = threading.current_thread()
@@ -48,11 +47,6 @@ def __cprint(*args, **kwargs):
    except IndexError:
        file_ = kwargs.get("file", sys.stdout)

-    if color:
-        printer_queue.put(PrintResource(content="\033[{}m".format(colors[color]), end="", file=file_, sep=sep, thread=thread))
-        printer_queue.put(PrintResource(content=args, end="", file=file_, sep=sep, thread=thread))  # TODO printing text that starts from newline
-        printer_queue.put(PrintResource(content="\033[0m", sep=sep, end=end, file=file_, thread=thread))
-    else:
    printer_queue.put(PrintResource(content=args, sep=sep, end=end, file=file_, thread=thread))



--- a/routersploit/core/exploit/utils.py
+++ b/routersploit/core/exploit/utils.py
@@ -8,7 +8,7 @@ from functools import wraps
 import routersploit.modules as rsf_modules
 import routersploit.resources.wordlists as wordlists

-from routersploit.core.exploit.printer import print_error
+from routersploit.core.exploit.printer import print_error, print_info
 from routersploit.core.exploit.exceptions import RoutersploitException

 MODULES_DIR = rsf_modules.__path__[0]

--- a/routersploit/core/telnet/telnet_client.py
+++ b/routersploit/core/telnet/telnet_client.py
@@ -95,7 +95,7 @@ class TelnetClient(Exploit):

        return None

-    def telnet_close(self, telnete_client):
+    def telnet_close(self, telnet_client):
        if telnet_client:
            telnet_client.close()


--- a/routersploit/modules/exploits/routers/billion/5200w_rce.py
+++ b/routersploit/modules/exploits/routers/billion/5200w_rce.py
--- a/routersploit/modules/exploits/routers/billion/7700nr4_password_disclosure.py
+++ b/routersploit/modules/exploits/routers/billion/7700nr4_password_disclosure.py
--- a/tests/exploits/routers/belkin/test_n750_twonky_rce.py
+++ b/tests/exploits/routers/belkin/test_n750_twonky_rce.py
-from unittest import mock
-from flask import request
-#from routersploit.modules.exploits.routers.belkin.n750_twonky_rce import Exploit
-
-
-def apply_response(*args, **kwargs):
-    return (
-        """
-        TEST
-        root:x:0:0:root:/root:/bin/bash
-        daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
-        bin:x:2:2:bin:/bin:/usr/sbin/nologin
-        sys:x:3:3:sys:/dev:/usr/sbin/nologin
-        sync:x:4:65534:sync:/bin:/bin/sync
-        games:x:5:60:games:/usr/games:/usr/sbin/nologin
-        man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
-        lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
-        mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
-        news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
-        uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
-        proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
-        www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
-        backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
-        list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
-        irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
-        gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
-        nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
-        systemd-timesync:x:100:102:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
-        systemd-network:x:101:103:systemd Network Management,,,:/run/systemd/netif:/usr/sbin/nologin
-        systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd/resolve:/usr/sbin/nologin
-        systemd-bus-proxy:x:103:105:systemd Bus Proxy,,,:/run/systemd:/usr/sbin/nologin
-        _apt:x:104:65534::/nonexistent:/usr/sbin/nologin
-        mysql:x:105:109:MySQL Server,,,:/nonexistent:/bin/false
-        epmd:x:106:110::/var/run/epmd:/usr/sbin/nologin
-        Debian-exim:x:107:111::/var/spool/exim4:/usr/sbin/nologin
-        uuidd:x:108:113::/run/uuidd:/usr/sbin/nologin
-        rwhod:x:109:65534::/var/spool/rwho:/usr/sbin/nologin
-        redsocks:x:110:114::/var/run/redsocks:/usr/sbin/nologin
-        usbmux:x:111:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
-        miredo:x:112:65534::/var/run/miredo:/usr/sbin/nologin
-        Debian-snmp:x:113:115::/var/lib/snmp:/bin/false
-        ntp:x:114:116::/nonexistent:/usr/sbin/nologin
-        stunnel4:x:115:118::/var/run/stunnel4:/usr/sbin/nologin
-        rtkit:x:116:119:RealtimeKit,,,:/proc:/usr/sbin/nologin
-        postgres:x:117:120:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
-        dnsmasq:x:118:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin
-        messagebus:x:119:121::/var/run/dbus:/usr/sbin/nologin
-        iodine:x:120:65534::/var/run/iodine:/usr/sbin/nologin
-        arpwatch:x:121:123:ARP Watcher,,,:/var/lib/arpwatch:/bin/sh
-        sslh:x:122:127::/nonexistent:/usr/sbin/nologin
-        gluster:x:123:129::/var/lib/glusterd:/usr/sbin/nologin
-        couchdb:x:124:130:CouchDB Administrator,,,:/var/lib/couchdb:/bin/bash
-        avahi:x:125:133:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/usr/sbin/nologin
-        sshd:x:126:65534::/run/sshd:/usr/sbin/nologin
-        colord:x:127:134:colord colour management daemon,,,:/var/lib/colord:/usr/sbin/nologin
-        saned:x:128:136::/var/lib/saned:/usr/sbin/nologin
-        speech-dispatcher:x:129:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/false
-        pulse:x:130:137:PulseAudio daemon,,,:/var/run/pulse:/usr/sbin/nologin
-        Debian-gdm:x:131:139:Gnome Display Manager:/var/lib/gdm3:/bin/false
-        king-phisher:x:132:140::/var/lib/king-phisher:/usr/sbin/nologin
-        dradis:x:133:141::/var/lib/dradis:/usr/sbin/nologin
-        beef-xss:x:134:142::/var/lib/beef-xss:/usr/sbin/nologin
-        TEST
-        """
-    ), 200
-
-
-#@mock.patch("routersploit.modules.exploits.routers.belkin.n750_twonky_rce.shell")
-#def test_check_success(mocked_shell, target)
-def test_check_success(target):
-    """ Test scenario - successful check """
-
-    route_mock = target.get_route_mock("/twonky_cmd.cgi", methods=["GET"])
-    route_mock.side_effect = apply_response
-
-    return
-
-    exploit = Exploit()
-    exploit.target = target.host
-    exploit.port = target.port
-
-    assert exploit.check()
-    assert exploit.run() is None
--- a/tests/exploits/routers/billion/test_billion_7700n4_password_disclosure.py
+++ b/tests/exploits/routers/billion/test_billion_7700n4_password_disclosure.py
-#from routersploit.modules.exploits.routers.billion.7700nr4_password_disclosure import Exploit
+from routersploit.modules.exploits.routers.billion.billion_7700nr4_password_disclosure import Exploit


 def test_check_success(target):
    """ Test scenario - successful check """

-    return
-
    route_mock = target.get_route_mock("/backupsettings.conf", methods=["GET"])
    route_mock.return_value = (
        "test"

--- a/tests/exploits/routers/dlink/test_dir_8xx_auth_bypass_info_disclosure.py
+++ b/tests/exploits/routers/dlink/test_dir_8xx_auth_bypass_info_disclosure.py
-from flask import request
-#from routersploit.modules.exploits.routers.dlink.dir_8xx_auth_bypass_info_disclosure import Exploit
-
-
-def apply_response():
-    """ Response for exploit requests """
-
-    if "A" not in request.args.keys():
-        response = "<html><body><div>Authentication Fail!</div></body></html>"
-    else:
-        response = """
-<html>
-    <script type="text/javascript" charset="utf-8" src="/js/configuration/DeviceConfig.js"></script>
-    <script>
-        function GetLangcode()
-        {
-            var langcode = "";
-            document.getElementById("langcode").innerHTML = (langcode=="")? "en":langcode;
-        }
-        function toHex( n )
-        {
-            var digitArray = new Array('0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f');
-            var result = ''
-            var start = true;
-            for (var i=32; i>0;)
-            {
-                i -= 4;
-                var digit = ( n >> i ) & 0xf;
-                if (!start || digit != 0)
-                {
-                    start = false;
-                    result += digitArray[digit];
-                }
-            }
-            return ( result == '' ? '0' : result );
-        }
-        function pad( str, len, pad )
-        {
-            var result = str;
-            for (var i=str.length; i<len; i++)
-            {
-                result = pad + result;
-            }
-            return  result;
-        }
-        function EncodeHex()
-        {
-            var str = "2016 11 29 12 04";
-            var result = "";
-            for (var i=0; i<str.length; i++)
-            {
-                if (str.substring(i,i+1).match(/[^\\x00-\\xff]/g) != null)
-                {
-                    result += escape(str.substring(i,i+1), 1).replace(/%/g,'\\\\');
-                }
-                else
-                {
-                    result += pad(toHex(str.substring(i,i+1).charCodeAt(0)&0xff),2,'0');
-                }
-            }
-            document.getElementById("checksum").innerHTML = result.substring(result.length-8,result.length);
-        }
-        function GetQueryUrl()
-        {
-            var fwsrv = "wrpd.dlink.com";
-            var fwpath= "/router/firmware/query.aspx";
-            var model = "DIR-885L";
-            var fwver = "1.13";
-            var hwstr = "";
-            var hwver = "Ax";
-            if (hwstr == "")
-            {
-                hwstr = "A2";
-            }
-            function removeSymbol(input, symbol)
-            {
-                var ary = input.split(symbol);
-                var res = "";
-                for (var i=0;i<ary.length;i++)
-                {
-                    res += ary[i];
-                }
-                return res;
-            }
-            var mac = removeSymbol("10:62:eb:99:e9:5c", ":");
-            fwver =removeSymbol(fwver,".");
-            if (fwver.length == 3)
-                fwver = "0"+fwver;
-            else if(fwver.length > 3)
-                fwver = "0" + fwver.substring(0,3);
-            //get fw check parameter add by sam_pan
-            var fwcheckparameter = "";
-            // Get hw revision
-            for(i=0; i<hwstr.length; i++)
-            {
-                char_code = hwstr.charAt(i);
-                if ((char_code >= 'a' && char_code <= 'z') ||
-                        (char_code >= 'A' && char_code <= 'Z'))
-                {
-                    hwver=char_code.toUpperCase()+"x";
-                    break;
-                }
-            }
-            if(fwcheckparameter == "")
-            {
-                fwcheckparameter =     hwver+"_Default";
-            }
-            else
-            {
-                fwcheckparameter = hwver+"_"+fwcheckparameter;
-            }
-            document.getElementById("fwq").innerHTML = "http:\\/\\/"+fwsrv+fwpath+"?model="+model+"_"+fwcheckparameter+"_FW_"+fwver+"_"+mac;
-        }
-        function Configured()
-        {
-            document.getElementById("configured").innerHTML = "0(Not default)";
-        }
-        function OnLoad()
-        {
-            GetLangcode();
-            EncodeHex();
-            GetQueryUrl();
-            Configured();
-            document.getElementById("fw_gui_ver").innerHTML = GUIVersion;
-        }
-    </script>
-    <body onload="OnLoad();">
-        <div">
-            <h1>Version</h1>
-            <div class="emptyline"></div>
-            <div class="info">
-                <span class="name">Firmware External Version :</span>
-                <span class="value">V1.13</span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Firmware External Revision :</span>
-                <span class="value">b03</span>
-            </div>
-            <div class="info">
-                <span class="name">Firmware Internal Version :</span>
-                <span class="value" style="text-transform:uppercase;">V1.13b03</span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Firmware GUI Version :</span>
-                <span class="value" style="text-transform:uppercase;" id="fw_gui_ver"></span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Language Package :</span>
-                <span class="value" id="langcode"></span>
-            </div>
-            <div class="info">
-                <span class="name">Date :</span>
-                <span class="value">29, Nov, 2016</span>
-            </div>
-            <div class="info">
-                <span class="name">CheckSum :</span>
-                <span class="value" id="checksum"></span>
-            </div>
-            <div class="info">
-                <span class="name">2.4GHz regulation domain :</span>
-                <span class="value">
-                  EU<br>&nbsp;&nbsp;1,2,3,4,5,6,7,8,9,10,11,12,13
-                </span>
-            </div>
-            <div class="info"  >
-                <span class="name">5GHz country code :</span>
-                <span class="value">
-                  EU/GB<br>&nbsp;&nbsp;36,40,44,48,
-                </span>
-            </div>
-            <div class="info"  >
-                <span class="name">5GHz DFS Channel :</span>
-                <span class="value">
-                </span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">802.11 country code :</span>
-                <span class="value">
-                  UK
-                </span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Bootcode Version :</span>
-                <span class="value">1232</span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Kernel :</span>
-                <span class="value">Linux version 2.6.36.4brcmarm+ </span>
-            </div>
-            <div class="info">
-                <span class="name">Firmware Query :</span>
-                <span class="value" id="fwq"></span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">Apps :</span>
-                <span class="value">Tue 29 Nov 2016</span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">WLAN Driver :</span>
-                <span class="value">BGN band: BCM4331 + AC band: BCM4360</span>
-            </div>
-            <div class="info" >
-                <span class="name">LAN MAC :</span>
-                <span class="value">10:62:eb:99:e9:5c</span>
-            </div>
-            <div class="info" style="display:none;">
-                <span class="name">WAN MAC :</span>
-                <span class="value">10:62:eb:99:e9:5f</span>
-            </div>
-            <div class="info">
-                <span class="name">2.4GHz WLAN MAC :</span>
-                <span class="value">10:62:eb:99:e9:5c</span>
-            </div>
-            <div class="info"  >
-                <span class="name">5GHz WLAN MAC :</span>
-                <span class="value">
-                10:62:eb:99:e9:5e</span>
-            </div>
-            <div class="info" style="display:none;" >
-                <span class="name">5GHz WLAN MAC2 :</span>
-                <span class="value">
-                </span>
-            </div>
-            <div class="info">
-                <span class="name">SSID (2.4G) :</span>
-                <pre style="font-family:Tahoma"><span class="value">dlink-E95C</span></pre>
-            </div>
-            <div class="info"  >
-                <span class="name">SSID (5G) :</span>
-                <pre style="font-family:Tahoma"><span class="value">dlink-E95C</span></pre>
-            </div>
-            <div class="info" style="display:none;" >
-                <span class="name">SSID (Secondary 5G) :</span>
-                <pre style="font-family:Tahoma"><span class="value">dlink</span></pre>
-            </div>
-            <div class="info">
-                <span class="name">Factory Default :</span>
-                <span class="value" id="configured"></span>
-            </div>
-            <div class="gap"></div>
-            <div class="info">
-                <span class="name"></span>
-                <span class="value">
-                    <input type="button" value="Continue" onClick='self.location.href="Home.html";' />
-                </span>
-            </div>
-            <div class="emptyline"></div>
-        </div>
-    </body>
-</html>
-"""
-    return response, 200
-
-
-def test_exploit_successful(target):
-    return
-    """ Test scenario - successful exploitation """
-
-    cgi_mock = target.get_route_mock("/version.php", methods=["GET", "POST"])
-    cgi_mock.side_effect = apply_response
-
-    exploit = Exploit()
-    exploit.target = target.host
-    exploit.port = target.port
-
-    assert exploit.check()
-    assert exploit.run() is None
--- a/tests/exploits/routers/dlink/test_dlink_auth_bypass.py
+++ b/tests/exploits/routers/dlink/test_dlink_auth_bypass.py
-#from routersploit.modules.exploits.routers.dlink.dlink_auth_bypass import Exploit
-
-
-def test_check_success(target):
-    return
-
-    """ Test scenario - successful check """
-
-    cgi_mock = target.get_route_mock("/", methods=["GET"])
-    cgi_mock.return_value = (
-        "test"
-        "Home/bsc_internet.htm"
-        "test"
-        "/public/logout.htm"
-        "test"
-    )
-
-    exploit = Exploit()
-    exploit.target = target.host
-    exploit.port = target.port
-
-    assert exploit.check()
-    assert exploit.run() is None
--- a/tests/exploits/routers/dlink/test_multi_hnap_rce_exploit.py
+++ b/tests/exploits/routers/dlink/test_multi_hnap_rce_exploit.py
-from flask import request
-#from routersploit.modules.exploits.routers.dlink.multi_hnap_rce_exploit import Exploit
-
-payload = None
-
-def apply_response(*args, **kwargs):
-    global payload
-    payload = request.headers['SOAPAction'] 
-
-    return "TEST", 200
-
-def response_func(*args, **kwargs):
-    global payload
-    return payload, 200
-
-def test_check_success(target):
-    return
-
-    """ Test scenario - successful check """
-
-    global payload
-    cgi_mock1 = target.get_route_mock("/HNAP1/", methods=["POST"])
-    cgi_mock1.side_effect = apply_response
-
-    cgi_mock2 = target.get_route_mock("/HNAP1/<path:dummy>", methods=["GET"])
-    cgi_mock2.side_effect = response_func 
-
-    exploit = Exploit()
-    exploit.target = target.host
-    exploit.port = target.port
-
-    assert exploit.check()
-    assert exploit.run() is None
--- a/tests/exploits/routers/netgear/test_dgn1000_dgn2200_rce.py
+++ b/tests/exploits/routers/netgear/test_dgn1000_dgn2200_rce.py
-from flask import request
-#from routersploit.modules.exploits.routers.netgear.dgn1000_dgn2200_rce import Exploit
-
-
-def apply_response(*args, **kwargs):
-    res = request.args['cmd']
-    data = "TEST" + res + "TEST"
-    return data, 200
-
-
-def test_check_success(target):
-    return
-
-    """ Test scenario - successful check """
-
-    route_mock = target.get_route_mock("/setup.cgi", methods=["GET"])
-    route_mock.side_effect = apply_response
-
-    exploit = Exploit()
-    exploit.target = target.host
-    exploit.port = target.port
-
-    assert exploit.check()
-    assert exploit.run() is None