Update DumpNTLMInfo.py: Allow non-default ports (#1730)

* Update DumpNTLMInfo.py: Allow non-default ports Remove restrictions on `-port` (can specify any port number). Add new `-protocol`, defaulting to SMB. If `-port 135` and `-protocol` isn't specified, assume RPC. * DumpNTLMInfo.py: Additional logging and handle SMB/RPC better
fortra · May 21, 2024 · ced688a · ced688a
1 parent 269ce69
commit ced688a
Showing 1 changed file with 21 additions and 7 deletions.
diff --git a/examples/DumpNTLMInfo.py b/examples/DumpNTLMInfo.py
@@ -479,16 +479,17 @@ def _get_my_name(self):
 
 
 class DumpNtlm:
-    def __init__(self, ip, hostname, port) -> None:
+    def __init__(self, ip, hostname, port, protocol) -> None:
         self.target     = ip
         self.hostname   = hostname
         self._sess_port = int(port)
+        self._protocol  = protocol
         self._timeout   = 60
 
     def DisplayInfo(self):
-        if self._sess_port in [139, 445]:
+        if self._protocol == 'SMB':
             self.DisplaySmbInfo()
-        elif  self._sess_port in [135]:
+        elif self._protocol == 'RPC':
             self.DisplayRpcInfo()
 
     def DisplayRpcInfo(self):
@@ -636,15 +637,27 @@ def __convert_size(self, size_bytes):
     parser.add_argument('-target-ip', action='store', metavar="ip address",
                        help='IP Address of the target machine. If omitted it will use whatever was specified as target. '
                             'This is useful when target is the NetBIOS name and you cannot resolve it')
-    parser.add_argument('-port', choices=['135', '139', '445'], nargs='?', default='445', metavar="destination port",
-                       help='Destination port to connect to SMB/RPC Server')
+    parser.add_argument('-port', type=int, default=445, metavar="destination port",
+                    help='Destination port to connect to SMB/RPC Server')
+    parser.add_argument('-protocol', choices=['SMB', 'RPC'], nargs='?', metavar="protocol",
+                        help='Protocol to use (SMB or RPC). Default is SMB, port 135 uses RPC normally.')
 
     if len(sys.argv) == 1:
         parser.print_help()
         sys.exit(1)
 
     options = parser.parse_args()
 
+    if options.port == 135:
+        if not options.protocol:
+            options.protocol = 'RPC'
+            logging.info("Port 135 specified; using RPC protocol by default. Use `-protocol SMB` to force SMB protocol.")
+        elif options.protocol == 'SMB':
+            logging.info("Port 135 specified with SMB protocol. Are you sure you don't want `-protocol RPC`?")
+    elif not options.protocol:
+        options.protocol = 'SMB'
+        logging.info("Defaulting to SMB protocol.")
+
     if options.debug is True:
         logging.getLogger().setLevel(logging.DEBUG)
         logging.debug(version.getInstallationPath())
@@ -653,9 +666,10 @@ def __convert_size(self, size_bytes):
 
     try:
         if options.target_ip is not None:
-            dumper = DumpNtlm(options.target_ip, options.target, int(options.port))
+            dumper = DumpNtlm(options.target_ip, options.target, int(options.port), options.protocol)
         else:
-            dumper = DumpNtlm(options.target, options.target, int(options.port))
+            dumper = DumpNtlm(options.target, options.target, int(options.port), options.protocol)
+        logging.info("Using target: %s, IP: %s, Port: %d, Protocol: %s" % (options.target, options.target_ip or options.target, options.port, options.protocol) )
         dumper.DisplayInfo()
     except Exception as e:
         if logging.getLogger().level == logging.DEBUG: