From 29d6f2d94954692c24e9805034faac44fc3b1961 Mon Sep 17 00:00:00 2001 From: "nils.diefenbach" Date: Wed, 3 Oct 2018 07:40:04 +0200 Subject: [PATCH] Add PY3 compatibility using six. --- detect_doublepulsar_rdp.py | 15 ++++++++------- detect_doublepulsar_smb.py | 10 +++++----- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/detect_doublepulsar_rdp.py b/detect_doublepulsar_rdp.py index 55f3867..cfa8760 100644 --- a/detect_doublepulsar_rdp.py +++ b/detect_doublepulsar_rdp.py @@ -6,6 +6,7 @@ import threading import ssl +from six import print_ # Packets ssl_negotiation_request = binascii.unhexlify("030000130ee000000000000100080001000000") @@ -39,7 +40,7 @@ def print_status(ip, message): global print_lock with print_lock: - print "[*] [%s] %s" % (ip, message) + print_("[*] [%s] %s" % (ip, message)) def check_ip(ip): @@ -91,7 +92,7 @@ def check_ip(ip): # Server requires NLA which implant does not support elif len(negotiation_response) >= 19 and negotiation_response[11] == "\x03" and negotiation_response[15] == "\x05": with print_lock: - print "[-] [%s] Server requires NLA, which DOUBLEPULSAR does not support" % ip + print_("[-] [%s] Server requires NLA, which DOUBLEPULSAR does not support" % ip) s.close() return @@ -115,13 +116,13 @@ def check_ip(ip): with print_lock: if len(ping_response) == 288: - print "[+] [%s] DOUBLEPULSAR RDP IMPLANT DETECTED!!!" % ip + print_("[+] [%s] DOUBLEPULSAR RDP IMPLANT DETECTED!!!" % ip) else: - print "[-] [%s] Status Unknown - Response received but length was %d not 288" % (ip, len(ping_response)) + print_("[-] [%s] Status Unknown - Response received but length was %d not 288" % (ip, len(ping_response))) s.close() except socket.error as e: with print_lock: - print "[-] [%s] No presence of DOUBLEPULSAR RDP implant" % ip + print_("[-] [%s] No presence of DOUBLEPULSAR RDP implant" % ip) def threaded_check(ip_address): @@ -131,7 +132,7 @@ def threaded_check(ip_address): check_ip(ip_address) except Exception as e: with print_lock: - print "[ERROR] [%s] - %s" % (ip_address, e) + print_("[ERROR] [%s] - %s" % (ip_address, e)) finally: semaphore.release() @@ -151,7 +152,7 @@ def threaded_check(ip_address): network = IPNetwork(net) for addr in network: # Skip the network and broadcast addresses - if ((network.size != 1) and ((addr == network.network) or (addr == network.broadcast))): + if network.size != 1 and ((addr == network.network) or (addr == network.broadcast)): continue semaphore.acquire() ip_address = str(addr) diff --git a/detect_doublepulsar_smb.py b/detect_doublepulsar_smb.py index 95fc675..b4cd806 100755 --- a/detect_doublepulsar_smb.py +++ b/detect_doublepulsar_smb.py @@ -55,7 +55,7 @@ def print_status(ip, message): global print_lock with print_lock: - print "[*] [%s] %s" % (ip, message) + print_("[*] [%s] %s" % (ip, message)) def check_ip(ip): @@ -123,7 +123,7 @@ def check_ip(ip): key = calculate_doublepulsar_xor_key(signature_long) arch = calculate_doublepulsar_arch(signature_long) with print_lock: - print "[+] [%s] DOUBLEPULSAR SMB IMPLANT DETECTED!!! Arch: %s, XOR Key: %s" % (ip, arch, hex(key)) + print_("[+] [%s] DOUBLEPULSAR SMB IMPLANT DETECTED!!! Arch: %s, XOR Key: %s" % (ip, arch, hex(key))) if uninstall: # Update MID and op code via timeout @@ -141,11 +141,11 @@ def check_ip(ip): uninstall_response = s.recv(1024) if uninstall_response[34] == "\x52": with print_lock: - print "[+] [%s] DOUBLEPULSAR uninstall successful" % ip + print_("[+] [%s] DOUBLEPULSAR uninstall successful" % ip) else: with print_lock: - print "[-] [%s] No presence of DOUBLEPULSAR SMB implant" % ip + print_("[-] [%s] No presence of DOUBLEPULSAR SMB implant" % ip) s.close() @@ -157,7 +157,7 @@ def threaded_check(ip_address): check_ip(ip_address) except Exception as e: with print_lock: - print "[ERROR] [%s] - %s" % (ip_address, e) + print_("[ERROR] [%s] - %s" % (ip_address, e)) finally: semaphore.release()