Package plugins :: Package attack :: Module davShell :: Class davShell

Class davShell

Exploit web servers that have unauthenticated DAV access.

Author: Andres Riancho ( andres.riancho@gmail.com )

Instance Methods

[hide private]

__init__(self)

fastExploit(self)
Exploits a web app with unauthenticated dav access.

getAttackType(self)
Returns the type of exploit, SHELL, PROXY, etc.

getVulnName2Exploit(self)
This method should return the vulnerability name (as saved in the kb) to exploit.

_generateShell(self, vuln)
Returns: The shell object based on the vulnerability that was passed as a parameter.

_verifyVuln(self, vuln)
This command verifies a vuln.

getOptions(self)
Returns: A list of option objects for this plugin.

setOptions(self, optionsMap)
This method sets all the options that are configured using the user interface generated by the framework using the result of getOptions().

getPluginDeps(self)
Returns: A list with the names of the plugins that should be runned before the current one.

getRootProbability(self)
Returns: This method returns the probability of getting a root shell using this attack plugin.

getLongDesc(self)
Returns: A DETAILED description of the plugin functions and features.

Inherited from core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin: GET2POST, canExploit, exploit, getExploitableVulns, getType

Inherited from core.controllers.basePlugin.basePlugin.basePlugin: __eq__, end, getDesc, getName, printUniq, setUrlOpener

Inherited from core.controllers.basePlugin.basePlugin.basePlugin (private): _analyzeResult, _sendMutant

Inherited from core.controllers.misc.commonAttackMethods.commonAttackMethods: getCut, setCut

Inherited from core.controllers.misc.commonAttackMethods.commonAttackMethods (private): _cut, _defineCut

Method Details

[hide private]

init(self)
(Constructor)

Overrides: core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin.__init__

fastExploit(self)

Exploits a web app with unauthenticated dav access.

Overrides: core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin.fastExploit

getAttackType(self)

Returns the type of exploit, SHELL, PROXY, etc.

Overrides: core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin.getAttackType: (inherited documentation)

getVulnName2Exploit(self)

This method should return the vulnerability name (as saved in the kb) to exploit. For example, if the audit.osCommanding plugin finds an vuln, and saves it as:

kb.kb.append( 'osCommanding' , 'osCommanding', vuln )

Then the exploit plugin that exploits osCommanding ( attack.osCommandingShell ) should return 'osCommanding' in this method.

Overrides: core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin.getVulnName2Exploit: (inherited documentation)

_generateShell(self, vuln)

Parameters:

vuln - The vuln to exploit.

Returns:

The shell object based on the vulnerability that was passed as a parameter.

Overrides: core.controllers.basePlugin.baseAttackPlugin.baseAttackPlugin._generateShell

_verifyVuln(self, vuln)

This command verifies a vuln. This is really hard work! :P

@return : True if vuln can be exploited.

getOptions(self)

This method returns an optionList containing the options objects that the configurable object has. Using this option list the framework will build a window, a menu, or some other input method to retrieve the info from the user.

This method MUST be implemented on every plugin.

Returns:: A list of option objects for this plugin.
Overrides: core.controllers.basePlugin.basePlugin.basePlugin.getOptions

setOptions(self, optionsMap)

This method sets all the options that are configured using the user interface generated by the framework using the result of getOptions().