Merge branch 'master' into dev

sensepost · Mar 23, 2017 · 1b16fbf · 1b16fbf
2 parents 53402ea + 24875e4
commit 1b16fbf
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 0 deletions.
diff --git a/_config.yml b/_config.yml
@@ -0,0 +1 @@
+theme: jekyll-theme-hacker
diff --git a/autodiscover/brute.go b/autodiscover/brute.go
@@ -229,6 +229,7 @@ func readFile(filename string) []string {
 
 func connect(autodiscoverURL, user, password string, basic, insecure bool) Result {
 	result := Result{user, password, -1, -1, nil}
+
 	cookie, _ := cookiejar.New(nil)
 	client := http.Client{}
 	if basic == false {

diff --git a/http-ntlm/ntlmtransport.go b/http-ntlm/ntlmtransport.go
@@ -55,6 +55,7 @@ func (t NtlmTransport) RoundTrip(req *http.Request) (res *http.Response, err err
 	}
 
 	client := http.Client{Transport: tr, Timeout: time.Minute, Jar: t.CookieJar}
+
 	resp, err := client.Do(r)
 
 	if err != nil {

diff --git a/rpc-http/rpctransport.go b/rpc-http/rpctransport.go
@@ -148,6 +148,7 @@ func setupHTTP(rpctype string, URL string, ntlmAuth bool, full bool) (net.Conn,
 		request = fmt.Sprintf("%sAuthorization: Basic %s\r\n\r\n", request, utils.EncBase64([]byte(fmt.Sprintf("%s\\%s:%s", AuthSession.Domain, AuthSession.User, AuthSession.Pass))))
 	}
 
+
 	if cookiestr != "" {
 		request = fmt.Sprintf("%sCookie: %s\r\n", request, cookiestr)
 	}

diff --git a/ruler.go b/ruler.go
@@ -208,6 +208,34 @@ func connect(c *cli.Context) error {
 	config.Verbose = c.GlobalBool("verbose")
 	config.Admin = c.GlobalBool("admin")
 	config.RPCEncrypt = c.GlobalBool("encrypt")
+	config.CookieJar, _ = cookiejar.New(nil)
+
+	//add supplied cookie to the cookie jar
+	if c.GlobalString("cookie") != "" {
+		//split into cookies and then into name : value
+		cookies := strings.Split(c.GlobalString("cookie"), ";")
+		var cookieJarTmp []*http.Cookie
+		var cdomain string
+		//split and get the domain from the email
+		if eparts := strings.Split(c.GlobalString("email"), "@"); len(eparts) == 2 {
+			cdomain = eparts[1]
+		} else {
+			return fmt.Errorf("[x] Invalid email address")
+		}
+
+		for _, v := range cookies {
+			cookie := strings.Split(v, "=")
+			c := &http.Cookie{
+				Name:   cookie[0],
+				Value:  cookie[1],
+				Path:   "/",
+				Domain: cdomain,
+			}
+			cookieJarTmp = append(cookieJarTmp, c)
+		}
+		u, _ := url.Parse(fmt.Sprintf("https://%s/", cdomain))
+		config.CookieJar.SetCookies(u, cookieJarTmp)
+	}
 
 	config.CookieJar, _ = cookiejar.New(nil)