소스 검색

added documentation to attack constructors

Roey Regev 6 년 전
부모
커밋
efd0e46940
4개의 변경된 파일9개의 추가작업 그리고 5개의 파일을 삭제
  1. 4 2
      code/Attack/FTPWinaXeExploit.py
  2. 1 1
      code/Attack/PortscanAttack.py
  3. 3 1
      code/Attack/SMBLorisAttack.py
  4. 1 1
      code/Attack/SMBScanAttack.py

+ 4 - 2
code/Attack/FTPWinaXeExploit.py

@@ -19,10 +19,11 @@ ftp_port = 21
 class FTPWinaXeExploit(BaseAttack.BaseAttack):
     def __init__(self):
         """
-        Creates a new instance of the FTPWinaXeExploit.
+        Creates a new instance of the FTPExploit.
+        This attack injects a buffer overflow for the WinaXe FTP-client into the output pcap file.
         """
         # Initialize attack
-        super(FTPWinaXeExploit, self).__init__("FTPWinaXe Exploit", "Injects an WinaXe 7.7 FTP Exploit.",
+        super(FTPWinaXeExploit, self).__init__("FTPWinaXe Exploit", "Injects a WinaXe 7.7 FTP buffer overflow.",
                                                "Privilege elevation")
 
         # Define allowed parameters and their type
@@ -157,6 +158,7 @@ class FTPWinaXeExploit(BaseAttack.BaseAttack):
 
         custom_payload_file = self.get_param_value(atkParam.Parameter.CUSTOM_PAYLOAD_FILE)
 
+        # Generation of payload of the FTP exploit packet
         if custom_payload == '':
             if custom_payload_file == '':
                 payload = Util.get_rnd_bytes(custom_payload_limit, Util.forbidden_chars)

+ 1 - 1
code/Attack/PortscanAttack.py

@@ -17,7 +17,7 @@ class PortscanAttack(BaseAttack.BaseAttack):
     def __init__(self):
         """
         Creates a new instance of the PortscanAttack.
-        This Attack injects TCP Syn Requests into the pcap and simulate related response to the output pcap.
+        This attack injects TCP Syn-requests and respective responses into the output pcap file.
         """
         # Initialize attack
         super(PortscanAttack, self).__init__("Portscan Attack", "Injects a nmap 'regular scan'",

+ 3 - 1
code/Attack/SMBLorisAttack.py

@@ -18,6 +18,8 @@ class SMBLorisAttack(BaseAttack.BaseAttack):
     def __init__(self):
         """
         Creates a new instance of the SMBLorisAttack.
+        This attack injects special SMB-packets, which exploit the SMBLoris DoS vulnerability, into the output pcap
+        file.
         """
         # Initialize attack
         super(SMBLorisAttack, self).__init__("SMBLoris Attack", "Injects an SMBLoris (D)DoS Attack",
@@ -182,7 +184,7 @@ class SMBLorisAttack(BaseAttack.BaseAttack):
                 timestamp_next_pkt = Util.update_timestamp(timestamp_next_pkt, pps)
                 self.packets.append(ack)
 
-                # send NBT session header paket with maximum LENGTH-field
+                # send NBT session header packet with maximum LENGTH-field
                 req_tcp = inet.TCP(sport=sport, dport=SMBLib.smb_port, seq=attacker_seq, ack=victim_seq, flags='AP',
                                    window=source_win_value, options=[('MSS', source_mss_value)])
                 req_payload = NBTSession(TYPE=0x00, LENGTH=0x1FFFF)

+ 1 - 1
code/Attack/SMBScanAttack.py

@@ -20,7 +20,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
         """
         Creates a new instance of the SMBScanAttack.
         This Attack injects TCP Syn Requests to the port 445 of several ips and related response into the output
-        pcap.
+        pcap file.
         If port 445 is open, it will simulate and inject the SMB Protocol Negotiation too.
         """
         # Initialize attack