From 8fb9bc0d75d030cf39fa21a9e61c9b7051910a67 Mon Sep 17 00:00:00 2001 From: wumb0 Date: Sun, 28 Apr 2024 12:39:11 -0400 Subject: [PATCH 1/3] add multi-file put, keeping compatibiltiy with old format (tuple) - Pennyw0rth/NetExec#281 --- nxc/protocols/smb.py | 18 +++++++++++++----- nxc/protocols/smb/proto_args.py | 2 +- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/nxc/protocols/smb.py b/nxc/protocols/smb.py index d8c289ff1..c89a85e7e 100755 --- a/nxc/protocols/smb.py +++ b/nxc/protocols/smb.py @@ -1246,14 +1246,22 @@ def rid_brute(self, max_rid=None): dce.disconnect() return entries - def put_file(self): - self.logger.display(f"Copying {self.args.put_file[0]} to {self.args.put_file[1]}") - with open(self.args.put_file[0], "rb") as file: + def put_file_single(self, src, dst): + self.logger.display(f"Copying {src} to {dst}") + with open(src, "rb") as file: try: - self.conn.putFile(self.args.share, self.args.put_file[1], file.read) - self.logger.success(f"Created file {self.args.put_file[0]} on \\\\{self.args.share}\\{self.args.put_file[1]}") + self.conn.putFile(self.args.share, dst, file.read) + self.logger.success(f"Created file {src} on \\\\{self.args.share}\\{dst}") except Exception as e: self.logger.fail(f"Error writing file to share {self.args.share}: {e}") + + def put_file(self): + files = self.args.put_file + if isinstance(files, list): + for src, dest in files: + self.put_file_single(src, dest) + else: + self.put_file_single(*files) def get_file(self): share_name = self.args.share diff --git a/nxc/protocols/smb/proto_args.py b/nxc/protocols/smb/proto_args.py index 164c03cae..f878fe78e 100644 --- a/nxc/protocols/smb/proto_args.py +++ b/nxc/protocols/smb/proto_args.py @@ -59,7 +59,7 @@ def proto_args(parser, std_parser, module_parser): sgroup.add_argument("--only-files", action="store_true", help="only spider files") tgroup = smb_parser.add_argument_group("Files", "Options for put and get remote files") - tgroup.add_argument("--put-file", nargs=2, metavar="FILE", help="Put a local file into remote target, ex: whoami.txt \\\\Windows\\\\Temp\\\\whoami.txt") + tgroup.add_argument("--put-file", action="append", nargs=2, metavar="FILE", help="Put a local file into remote target, ex: whoami.txt \\\\Windows\\\\Temp\\\\whoami.txt") tgroup.add_argument("--get-file", nargs=2, metavar="FILE", help="Get a remote file, ex: \\\\Windows\\\\Temp\\\\whoami.txt whoami.txt") tgroup.add_argument("--append-host", action="store_true", help="append the host to the get-file filename") From fe1064b3339399f33f75fb171f6ca11759363fdf Mon Sep 17 00:00:00 2001 From: wumb0 Date: Sun, 28 Apr 2024 12:46:13 -0400 Subject: [PATCH 2/3] also added multi-file get --- nxc/protocols/smb.py | 12 +++++++++--- nxc/protocols/smb/proto_args.py | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/nxc/protocols/smb.py b/nxc/protocols/smb.py index c89a85e7e..ebc399414 100755 --- a/nxc/protocols/smb.py +++ b/nxc/protocols/smb.py @@ -1263,10 +1263,8 @@ def put_file(self): else: self.put_file_single(*files) - def get_file(self): + def get_file_single(self, remote_path, download_path): share_name = self.args.share - remote_path = self.args.get_file[0] - download_path = self.args.get_file[1] self.logger.display(f'Copying "{remote_path}" to "{download_path}"') if self.args.append_host: download_path = f"{self.hostname}-{remote_path}" @@ -1279,6 +1277,14 @@ def get_file(self): if os.path.getsize(download_path) == 0: os.remove(download_path) + def get_file(self): + files = self.args.get_file + if isinstance(files, list): + for src, dest in files: + self.get_file_single(src, dest) + else: + self.get_file_single(*files) + def enable_remoteops(self): try: self.remote_ops = RemoteOperations(self.conn, self.kerberos, self.kdcHost) diff --git a/nxc/protocols/smb/proto_args.py b/nxc/protocols/smb/proto_args.py index f878fe78e..678702560 100644 --- a/nxc/protocols/smb/proto_args.py +++ b/nxc/protocols/smb/proto_args.py @@ -60,7 +60,7 @@ def proto_args(parser, std_parser, module_parser): tgroup = smb_parser.add_argument_group("Files", "Options for put and get remote files") tgroup.add_argument("--put-file", action="append", nargs=2, metavar="FILE", help="Put a local file into remote target, ex: whoami.txt \\\\Windows\\\\Temp\\\\whoami.txt") - tgroup.add_argument("--get-file", nargs=2, metavar="FILE", help="Get a remote file, ex: \\\\Windows\\\\Temp\\\\whoami.txt whoami.txt") + tgroup.add_argument("--get-file", action="append", nargs=2, metavar="FILE", help="Get a remote file, ex: \\\\Windows\\\\Temp\\\\whoami.txt whoami.txt") tgroup.add_argument("--append-host", action="store_true", help="append the host to the get-file filename") cgroup = smb_parser.add_argument_group("Command Execution", "Options for executing commands") From abfd76cf4f61bbf6a9d147d4e2895d5e7eb4f8fe Mon Sep 17 00:00:00 2001 From: wumb0 Date: Mon, 29 Apr 2024 09:10:39 -0400 Subject: [PATCH 3/3] remove uneeded logic from put_file and get_file --- nxc/protocols/smb.py | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/nxc/protocols/smb.py b/nxc/protocols/smb.py index ebc399414..e0890aceb 100755 --- a/nxc/protocols/smb.py +++ b/nxc/protocols/smb.py @@ -1256,12 +1256,8 @@ def put_file_single(self, src, dst): self.logger.fail(f"Error writing file to share {self.args.share}: {e}") def put_file(self): - files = self.args.put_file - if isinstance(files, list): - for src, dest in files: - self.put_file_single(src, dest) - else: - self.put_file_single(*files) + for src, dest in self.args.put_file: + self.put_file_single(src, dest) def get_file_single(self, remote_path, download_path): share_name = self.args.share @@ -1278,12 +1274,8 @@ def get_file_single(self, remote_path, download_path): os.remove(download_path) def get_file(self): - files = self.args.get_file - if isinstance(files, list): - for src, dest in files: - self.get_file_single(src, dest) - else: - self.get_file_single(*files) + for src, dest in self.args.get_file: + self.get_file_single(src, dest) def enable_remoteops(self): try: