From 579f22e4d39f7029d156e11e94992b156cfae6b4 Mon Sep 17 00:00:00 2001 From: David Date: Fri, 29 Mar 2024 18:04:29 -0700 Subject: [PATCH] Escape literal backslashes in f-strings to fix syntax warnings in current Python Also fix a few minor typos in comments, strings, and documentation --- README.md | 12 ++++++------ masky/core.py | 6 +++--- masky/lib/cert/auth.py | 2 +- masky/lib/smb.py | 12 ++++++------ masky/ui/main.py | 4 ++-- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 278f41e..b5a79b5 100644 --- a/README.md +++ b/README.md @@ -26,11 +26,11 @@ Masky has been designed as a Python library. Moreover, a command line interface For both usages, you need first to retrieve the FQDN of a `CA server` and its `CA name` deployed via an ADCS. This information can be easily retrieved via the `certipy find` option or via the Microsoft built-in `certutil.exe` tool. Make sure that the default `User` template is enabled on the targeted CA. -Warning: Masky deploys an executable on each target via a modification of the existing `RasAuto` service. Despite the automated roll-back of its intial `ImagePath` value, an unexpected error during Masky runtime could skip the cleanup phase. Therefore, do not forget to manually reset the original value in case of such unwanted stop. +Warning: Masky deploys an executable on each target via a modification of the existing `RasAuto` service. Despite the automated roll-back of its initial `ImagePath` value, an unexpected error during Masky runtime could skip the cleanup phase. Therefore, do not forget to manually reset the original value in case of such unwanted stop. ### Command line -The following demo shows a basic usage of Masky by targeting 4 remote systems. Its execution allows to collect NT hashes, CCACHE and PFX of 3 distincts domain users from the sec.lab testing domain. +The following demo shows a basic usage of Masky by targeting 4 remote systems. Its execution allows to collect NT hashes, CCACHE and PFX of 3 distinct domain users from the sec.lab testing domain.

Masky CLI demo @@ -107,15 +107,15 @@ def dump_nt_hashes(): target = "192.168.23.130" rslts = m.run(target) - # Check if Masky succesfully hijacked at least a user session - # or if an unexpected error occured + # Check if Masky successfully hijacked at least a user session + # or if an unexpected error occurred if not rslts: return False - # Loop on MaskyResult object to display hijacked users and to retreive their NT hashes + # Loop on MaskyResult object to display hijacked users and to retrieve their NT hashes print(f"Results from hostname: {rslts.hostname}") for user in rslts.users: - print(f"\t - {user.domain}\{user.name} - {user.nt_hash}") + print(f"\t - {user.domain}\\{user.name} - {user.nt_hash}") return True diff --git a/masky/core.py b/masky/core.py index c8e9487..98a53d5 100644 --- a/masky/core.py +++ b/masky/core.py @@ -105,15 +105,15 @@ def run(self, target): for user_data in rslt.users: logger.debug( - f"Start processing PFX of the user '{user_data.domain}\{user_data.name}'" + f"Start processing PFX of the user '{user_data.domain}\\{user_data.name}'" ) if not self.__process_certificate(user_data): logger.warn( - f"Fail to process gathered certificate related to the user '{user_data.domain}\{user_data.name}'" + f"Fail to process gathered certificate related to the user '{user_data.domain}\\{user_data.name}'" ) else: logger.debug( - f"End processing PFX of the user '{user_data.domain}\{user_data.name}'" + f"End processing PFX of the user '{user_data.domain}\\{user_data.name}'" ) return rslt diff --git a/masky/lib/cert/auth.py b/masky/lib/cert/auth.py index 67b3aea..a7ebb0e 100644 --- a/masky/lib/cert/auth.py +++ b/masky/lib/cert/auth.py @@ -425,7 +425,7 @@ def kerberos_authentication( if not is_key_credential: logger.result( - f"Gathered NT hash for the user '{domain}\{username}': {nt_hash}" + f"Gathered NT hash for the user '{domain}\\{username}': {nt_hash}" ) self.user.lm_hash = lm_hash self.user.nt_hash = nt_hash diff --git a/masky/lib/smb.py b/masky/lib/smb.py index 2ec7070..5730293 100644 --- a/masky/lib/smb.py +++ b/masky/lib/smb.py @@ -97,15 +97,15 @@ def exec_masky(self, target, ca, template): self.__command = f'{self.__masky_remote_path} /ca:"{ca}" /template:"{template}" /output:"{self.__results_remote_path}" /debug:"{self.__errors_remote_path}"' self.__upload_masky(target) logger.debug( - f"Masky agent was successfuly uploaded in: '{self.__masky_remote_path}'" + f"Masky agent was successfully uploaded in: '{self.__masky_remote_path}'" ) except Exception as e: err_msg = None if "STATUS_ACCESS_DENIED" in str(e): - err_msg = f"The user {self.__domain}\{self.__username} is not local administrator on this system" + err_msg = f"The user {self.__domain}\\{self.__username} is not local administrator on this system" logger.warn(err_msg) elif "STATUS_LOGON_FAILURE" in str(e): - err_msg = f"The provided credentials for the user '{self.__domain}\{self.__username}' are invalids or the user does not exist" + err_msg = f"The provided credentials for the user '{self.__domain}\\{self.__username}' are invalids or the user does not exist" logger.error(err_msg) else: err_msg = f"Fail to upload the agent ({str(e)})" @@ -118,11 +118,11 @@ def exec_masky(self, target, ca, template): if self.__stealth: self.__edit_svc() logger.debug( - f"The service '{self.__svc_name}' was successfuly modified" + f"The service '{self.__svc_name}' was successfully modified" ) else: self.__create_svc() - logger.debug(f"The service '{self.__svc_name}' was successfuly created") + logger.debug(f"The service '{self.__svc_name}' was successfully created") except Exception as e: err_msg = ( f"Fail to edit or create the '{self.__svc_name}' service via DCERPC" @@ -415,7 +415,7 @@ def __clean(self, target_host): except Exception as e: self.__tracker.svc_cleaning_success = False logger.warning( - f"An unknown error occured while trying to revert or remove '{self.__svc_name}' ({str(e)})" + f"An unknown error occurred while trying to revert or remove '{self.__svc_name}' ({str(e)})" ) try: scmr.hRControlService( diff --git a/masky/ui/main.py b/masky/ui/main.py index 6a72b97..a9eb55e 100644 --- a/masky/ui/main.py +++ b/masky/ui/main.py @@ -10,12 +10,12 @@ def print_banner(): print( - f""" + r""" __ __ _ | \/ | __ _ ___| | ___ _ | |\/| |/ _` / __| |/ / | | | | | | | (_| \__ \ <| |_| | - |_| |_|\__,_|___/_|\_\\__, | + |_| |_|\__,_|___/_|\_\__, |"""f""" v{VERSION} |___/ """ )