From 655e964d0122833acd1f34aca8844e3db3dc5583 Mon Sep 17 00:00:00 2001 From: Erik Geiser Date: Thu, 9 Nov 2023 11:28:35 +0100 Subject: [PATCH] Fix API port --- examples/ntlmrelayx.py | 22 +++++++------------ .../ntlmrelayx/servers/socksserver.py | 11 ++++++---- 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/examples/ntlmrelayx.py b/examples/ntlmrelayx.py index 78920b2718..91676cec1d 100755 --- a/examples/ntlmrelayx.py +++ b/examples/ntlmrelayx.py @@ -57,10 +57,11 @@ RELAY_SERVERS = [] class MiniShell(cmd.Cmd): - def __init__(self, relayConfig, threads): + def __init__(self, relayConfig, threads, api_address): cmd.Cmd.__init__(self) self.prompt = 'ntlmrelayx> ' + self.api_address = api_address self.tid = None self.relayConfig = relayConfig self.intro = 'Type help for list of commands' @@ -108,7 +109,7 @@ def do_socks(self, line): ''' headers = ["Protocol", "Target", "Username", "AdminStatus", "Port"] - url = "http://localhost:9090/ntlmrelayx/api/v1.0/relays" + url = "http://{}/ntlmrelayx/api/v1.0/relays".format(self.api_address) try: proxy_handler = ProxyHandler({}) opener = build_opener(proxy_handler) @@ -305,7 +306,9 @@ def stop_servers(threads): 'SMB Server (16 hex bytes long. eg: 1122334455667788)') parser.add_argument('-socks', action='store_true', default=False, help='Launch a SOCKS proxy for the connection relayed') - parser.add_argument('-socks-address', default='127.0.0.1:1080', help='SOCKS5 server address, port or address:port, the address is also used for the HTTP API') + parser.add_argument('-socks-address', default='127.0.0.1', help='SOCKS5 server address (also used for HTTP API)') + parser.add_argument('-socks-port', default=1080, type=int, help='SOCKS5 server port') + parser.add_argument('-http-api-port', default=9090, type=int, help='SOCKS5 HTTP API port') parser.add_argument('-wh','--wpad-host', action='store',help='Enable serving a WPAD file for Proxy Authentication attack, ' 'setting the proxy host to the one supplied.') parser.add_argument('-wa','--wpad-auth-num', action='store', type=int, default=1, help='Prompt for authentication N times for clients without MS16-077 installed ' @@ -472,18 +475,9 @@ def stop_servers(threads): threads = set() socksServer = None if options.socks is True: - socks_address_parts = options.socks_address.split(":") - if len(socks_address_parts) == 1 and socks_address_parts[0].isdigit(): - socks_address = ("127.0.0.1", int(socks_address_parts[0])) - elif len(socks_address_parts) == 1 and not socks_address_parts[0].isdigit(): - socks_address = (socks_address_parts[0], 1080) - elif len(socks_address_parts) == 2 and socks_address_parts[1].isdigit(): - socks_address = (socks_address_parts[0], int(socks_address_parts[1])) - else: - raise ValueError(f"malformed SOCKS5 server address: {options.socks_address}") # Start a SOCKS proxy in the background - socksServer = SOCKS(server_address=socks_address) + socksServer = SOCKS(server_address=(options.socks_address, options.socks_port), api_port=options.api_port) socksServer.daemon_threads = True socks_thread = Thread(target=socksServer.serve_forever) socks_thread.daemon = True @@ -496,7 +490,7 @@ def stop_servers(threads): logging.info("Servers started, waiting for connections") try: if options.socks: - shell = MiniShell(c, threads) + shell = MiniShell(c, threads, api_address='{}:{}'.format(options.socks_address, options.api_port)) shell.cmdloop() else: sys.stdin.read() diff --git a/impacket/examples/ntlmrelayx/servers/socksserver.py b/impacket/examples/ntlmrelayx/servers/socksserver.py index cef5011fe9..53f8cd5bca 100644 --- a/impacket/examples/ntlmrelayx/servers/socksserver.py +++ b/impacket/examples/ntlmrelayx/servers/socksserver.py @@ -244,7 +244,7 @@ def activeConnectionsWatcher(server): client.killConnection() -def webService(addr): +def webService(addr, port): def _webService(server): from flask import Flask, jsonify @@ -274,7 +274,10 @@ def get_relays(): def get_info(relay): pass - app.run(host=addr, port=9090) + try: + app.run(host=addr, port=port) + except Exception as e: + raise Exception("{} The 'socks' command may yield unexpected results now.".format(e)) return _webService @@ -457,7 +460,7 @@ def handle(self): class SOCKS(socketserver.ThreadingMixIn, socketserver.TCPServer): - def __init__(self, server_address=('127.0.0.1', 1080), handler_class=SocksRequestHandler): + def __init__(self, server_address=('127.0.0.1', 1080), handler_class=SocksRequestHandler, api_port): LOG.info('SOCKS proxy started. Listening on %s:%d', server_address[0], server_address[1]) self.activeRelays = {} @@ -480,7 +483,7 @@ def __init__(self, server_address=('127.0.0.1', 1080), handler_class=SocksReques self.__timer = RepeatedTimer(KEEP_ALIVE_TIMER, keepAliveTimer, self) # Let's start our RESTful API - self.restAPI = Thread(target=webService(server_address[0]), args=(self, )) + self.restAPI = Thread(target=webService(server_address[0], api_port), args=(self, )) self.restAPI.daemon = True self.restAPI.start()