Ejemplo n.º 1
0
    def __init__(self):
        self.parser = parser()
        self.config = config()
        self.badges = badges()
        self.colors = colors()

        self.colors_script = colors_script()
Ejemplo n.º 2
0
class HatSploitCommand(HatSploitCommand):
    config = config()
    local_storage = local_storage()

    history = config.path_config['base_paths']['history_path']
    storage_path = config.path_config['base_paths']['storage_path']

    global_storage = global_storage(storage_path)

    usage = ""
    usage += "history <option>\n\n"
    usage += "  -l, --list   List all history.\n"
    usage += "  -c, --clear  Clear all history.\n"
    usage += "  on/off       Turn history on/off.\n"

    details = {
        'Category': "developer",
        'Name': "history",
        'Description': "Manage HatSploit history.",
        'Usage': usage,
        'MinArgs': 1
    }

    def run(self, argc, argv):
        option = argv[0]
        if option == "on":
            self.local_storage.set("history", True)
            self.global_storage.set("history", True)
            self.badges.output_information("HatSploit history: on")
        elif option == "off":
            self.local_storage.set("history", False)
            self.global_storage.set("history", False)
            self.badges.output_information("HatSploit history: off")
        elif option in ['-c', '--clear']:
            readline.clear_history()
            with open(self.history, 'w') as history:
                history.write("")
        elif option in ['-l', '--list']:
            using_history = self.local_storage.get("history")
            if using_history:
                if readline.get_current_history_length() > 0:
                    self.badges.output_information("HatSploit history:")

                    history_file = open(self.history, 'r')
                    history = [x.strip() for x in history_file.readlines()]
                    history_file.close()
                    for line in history:
                        self.badges.output_empty("    * " + line)

                    for index in range(1,
                                       readline.get_current_history_length()):
                        self.badges.output_empty(
                            "    * " + readline.get_history_item(index))
                else:
                    self.badges.output_warning("HatSploit history empty.")
            else:
                self.badges.output_warning("No history detected.")
        else:
            self.badges.output_usage(self.details['Usage'])
Ejemplo n.º 3
0
    def __init__(self):
        self.db = db()
        self.badges = badges()
        self.local_storage = local_storage()
        self.config = config()
        self.modules = modules()
        self.exceptions = exceptions()

        self.tcp = tcp()
Ejemplo n.º 4
0
class HatSploitModule(HatSploitModule):
    config = config()

    http = http()

    details = {
        'Name': "Directory Scanner",
        'Module': "auxiliary/multi/scanner/directory_scanner",
        'Authors': ['enty8080'],
        'Description': "Website directory scanner.",
        'Dependencies': [''],
        'Comments': [''],
        'Risk': "medium"
    }

    options = {
        'URL': {
            'Description': "Target URL.",
            'Value': None,
            'Type': None,
            'Required': True
        }
    }

    def run(self):
        target_url = self.parser.parse_options(self.options)

        self.badges.output_process("Scanning " + target_url + "...")

        if not self.http.check_url_access(target_url):
            self.badges.output_error("Failed to scan!")
            return

        file = open(
            self.config.path_config['base_paths']['data_path'] +
            'modules/auxiliary/multi/scanner/directory_scanner/directories.txt'
        )
        directories = list(filter(None, file.read().split('\n')))
        file.close()

        for path in directories:
            response = self.http.http_request(method="HEAD",
                                              url=target_url,
                                              path=path)

            if response.status_code == 200:
                self.badges.output_success(
                    "[%s] ... [%s %s]" %
                    (path, response.status_code, response.reason))
            else:
                self.badges.output_warning(
                    "[%s] ... [%s %s]" %
                    (path, response.status_code, response.reason))
Ejemplo n.º 5
0
    def __init__(self):
        self.io = io()
        self.tip = tip()
        self.jobs = jobs()
        self.execute = execute()
        self.loader = loader()
        self.config = config()
        self.badges = badges()
        self.banner = banner()
        self.colors = colors()
        self.local_storage = local_storage()
        self.modules = modules()
        self.exceptions = exceptions()

        self.history = self.config.path_config['base_paths']['history_path']
Ejemplo n.º 6
0
    def __init__(self, local_host, local_port, client):
        self.local_host = local_host
        self.local_port = local_port
        self.client = client

        self.badges = badges()
        self.config = config()
        self.exceptions = exceptions()

        self.tcp = tcp()

        self.first_stage = "uname -smp"
        self.first_stage_size = self.helper.len_line(self.first_stage)

        self.second_stage = self.config.path_config['base_paths'][
            'data_path'] + "modules/exploit/linux/stager/membrane_reverse_tcp/bin/"
        self.second_stage_size = self.helper.len_file(self.second_stage)
        self.second_stage_path = "/private/var/tmp/." + binascii.hexlify(
            os.urandom(8)).decode()
Ejemplo n.º 7
0
# Copyright (c) 2020-2021 EntySec
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#

from core.base.config import config

config = config()
config.configure()

from tests.perform_tests import perform_tests

perform_tests = perform_tests()
perform_tests.perform_tests()
Ejemplo n.º 8
0
    def __init__(self):
        self.config = config()

        self.http_client = requests.request
        requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
Ejemplo n.º 9
0
 def __init__(self):
     self.badges = badges()
     self.importer = importer()
     self.config = config()
Ejemplo n.º 10
0
    def __init__(self):
        self.config = config()

        self.formats = {
            'elf': self.generate_elf,
            'macho': self.generate_macho,
            'c': self.generate_c
        }

        self.macho_templates = {
            'x64':
            self.config.path_config['base_paths']['data_path'] +
            "utils/payload/payload/templates/macho_x64.bin",
            'aarch64':
            self.config.path_config['base_paths']['data_path'] +
            "utils/payload/payload/templates/macho_aarch64.bin"
        }

        self.elf_headers = {
            'armle':
            (b"\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x02\x00\x28\x00\x01\x00\x00\x00\x54\x80\x00\x00\x34\x00\x00\x00"
             b"\x00\x00\x00\x00\x00\x00\x00\x00\x34\x00\x20\x00\x01\x00\x00\x00"
             b"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00"
             b"\x00\x80\x00\x00\xef\xbe\xad\xde\xef\xbe\xad\xde\x07\x00\x00\x00"
             b"\x00\x10\x00\x00"),
            'mipsbe':
            (b"\x7f\x45\x4c\x46\x01\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x00\x02\x00\x08\x00\x00\x00\x01\x00\x40\x00\x54\x00\x00\x00\x34"
             b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x34\x00\x20\x00\x01\x00\x00"
             b"\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x40\x00\x00"
             b"\x00\x40\x00\x00\xde\xad\xbe\xef\xde\xad\xbe\xef\x00\x00\x00\x07"
             b"\x00\x00\x10\x00"),
            'mipsle':
            (b"\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x02\x00\x08\x00\x01\x00\x00\x00\x54\x00\x40\x00\x34\x00\x00\x00"
             b"\x00\x00\x00\x00\x00\x00\x00\x00\x34\x00\x20\x00\x01\x00\x00\x00"
             b"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00"
             b"\x00\x00\x40\x00\xef\xbe\xad\xde\xef\xbe\xad\xde\x07\x00\x00\x00"
             b"\x00\x10\x00\x00"),
            'x86':
            (b"\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x02\x00\x03\x00\x01\x00\x00\x00\x54\x80\x04\x08\x34\x00\x00\x00"
             b"\x00\x00\x00\x00\x00\x00\x00\x00\x34\x00\x20\x00\x01\x00\x00\x00"
             b"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x80\x04\x08"
             b"\x00\x80\x04\x08\xef\xbe\xad\xde\xef\xbe\xad\xde\x07\x00\x00\x00"
             b"\x00\x10\x00\x00"),
            'aarch64':
            (b"\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x02\x00\xb7\x00\x00\x00\x00\x00\x78\x00\x00\x00\x00\x00\x00\x00"
             b"\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x00\x00\x00\x00\x40\x00\x38\x00\x01\x00\x00\x00\x00\x00\x00\x00"
             b"\x01\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\xef\xbe\xad\xde\x00\x00\x00\x00\xef\xbe\xad\xde\x00\x00\x00\x00"
             b"\x00\x10\x00\x00\x00\x00\x00\x00"),
            'x64':
            (b"\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x02\x00\x3e\x00\x01\x00\x00\x00\x78\x00\x40\x00\x00\x00\x00\x00"
             b"\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x00\x00\x00\x00\x40\x00\x38\x00\x01\x00\x00\x00\x00\x00\x00\x00"
             b"\x01\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
             b"\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00"
             b"\x41\x41\x41\x41\x41\x41\x41\x41\x42\x42\x42\x42\x42\x42\x42\x42"
             b"\x00\x10\x00\x00\x00\x00\x00\x00")
        }
Ejemplo n.º 11
0
class HatSploitCommand(HatSploitCommand):
    config = config()
        
    storage_path = config.path_config['base_paths']['storage_path']
        
    local_storage = local_storage()
    global_storage = global_storage(storage_path)
    
    usage = ""
    usage += "storage [global|local] <option> [arguments]\n\n"
    usage += "  -l, --list                List all storage variables.\n"
    usage += "  -v, --value <name>        Show specified storage variable value.\n"
    usage += "  -s, --set <name> <value>  Set storage veriable value.\n"
    usage += "  -d, --delete <name>       Delete storage variable.\n"

    details = {
        'Category': "developer",
        'Name': "storage",
        'Description': "Manage storage variables.",
        'Usage': usage,
        'MinArgs': 2
    }

    def run(self, argc, argv):
        type_of_storage = argv[0]
        if type_of_storage == "global":
            choice = argv[1]
            if choice in ['-l', '--list']:
                self.badges.output_information("Global storage variables:")
                for variable in self.global_storage.get_all():
                    if not str.startswith(variable, '__') and not str.endswith(variable, '__'):
                        self.badges.output_empty("    * " + variable)
            elif choice in ['-v', '--value']:
                if argc < 3:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    if argv[2] in self.global_storage.get_all():
                        self.badges.output_information(argv[2] + " = " + str(
                            self.global_storage.get(argv[2])))
            elif choice in ['-s', '--set']:
                if argc < 4:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    self.global_storage.set(argv[2], argv[3])
            elif choice in ['-d', '--delete']:
                if argc < 3:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    if argv[2] in self.global_storage.get_all():
                        self.global_storage.delete(argv[2])
                    else:
                        self.badges.output_error("Invalid storage variable name!")
            else:
                self.badges.output_usage(self.details['Usage'])
        elif type_of_storage == "local":
            choice = argv[1]
            if choice in ['-l', '--list']:
                self.badges.output_information("Local storage variables:")
                for variable in self.local_storage.get_all():
                    if not str.startswith(variable, '__') and not str.endswith(variable, '__'):
                        self.badges.output_empty("    * " + variable)
            elif choice in ['-v', '--value']:
                if argc < 3:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    if argv[2] in self.local_storage.get_all():
                        self.badges.output_information(argv[2] + " = " + str(
                            self.local_storage.get(argv[2])))
                    else:
                        self.badges.output_error("Invalid storage variable name!")
            elif choice in ['-s', '--set']:
                if argc < 4:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    self.local_storage.set(argv[2], argv[3])
            elif choice in ['-d', '--delete']:
                if argc < 3:
                    self.badges.output_usage(self.details['Usage'])
                else:
                    if argv[2] in self.local_storage.get_all():
                        self.local_storage.delete(argv[2])
                    else:
                        self.badges.output_error("Invalid storage variable name!")
            else:
                self.badges.output_usage(self.details['Usage'])
        else:
            self.badges.output_usage(self.details['Usage'])