Check whether the 'DAV RPC Service' pipe exists within the 'IPC$' share. This indicates that the WebClient service is running on the target.
(self, context, connection)
| 29 | self.output = module_options["MSG"] |
| 30 | |
| 31 | def on_login(self, context, connection): |
| 32 | """ |
| 33 | Check whether the 'DAV RPC Service' pipe exists within the 'IPC$' share. This indicates |
| 34 | that the WebClient service is running on the target. |
| 35 | """ |
| 36 | try: |
| 37 | remote_file = RemoteFile(connection.conn, "DAV RPC Service", "IPC$", access=FILE_READ_DATA) |
| 38 | remote_file.open_file() |
| 39 | |
| 40 | context.log.highlight(self.output.format(connection.conn.getRemoteHost())) |
| 41 | except SessionError as e: |
| 42 | if e.getErrorCode() == nt_errors.STATUS_OBJECT_NAME_NOT_FOUND: |
| 43 | return |
| 44 | elif e.getErrorCode() in nt_errors.ERROR_MESSAGES: |
| 45 | context.log.fail(f"Error enumerating WebDAV: {e.getErrorString()[0]}", color="magenta") |
| 46 | else: |
| 47 | context.log.debug(f"WebDAV SessionError (code={hex(e.getErrorCode())})") |
| 48 | except (BrokenPipeError, ConnectionResetError, NetBIOSError, OSError) as e: |
| 49 | context.log.debug(f"WebDAV check aborted due to transport error: {e.__class__.__name__}: {e}") |
| 50 | finally: |
| 51 | with contextlib.suppress(Exception): |
| 52 | remote_file.close() |