def run_reset(**kwargs):
"""
Terminal reset
"""
os.system("reset")
session = kwargs.get("session")
console.print_banner(ver=session.version, exp_cnt=len(futil.list_exp()))
def run():
'''
start mec
'''
try:
os.system('clear')
if not os.path.isdir(core.MECROOT):
try:
# copy mec data from /usr/share, if installed via BlackArch package
shutil.copytree("/usr/share/massexpconsole", core.MECROOT)
except FileNotFoundError:
pass
except BaseException:
console.debug_except()
os.chdir(core.MECROOT)
console.print_banner(ver=core.get_version(),
exp_cnt=len(futil.list_exp()))
main()
except (EOFError, KeyboardInterrupt, SystemExit):
console.print_error('[-] Exiting...')
except FileNotFoundError:
console.debug_except()
sys.exit(1)
except BaseException:
console.print_error(
"[-] Seems like you've encountered an unhandled exception")
console.debug_except()
def run_clear(**kwargs):
"""
clear screen
"""
os.system("clear")
session = kwargs.get("session")
console.print_banner(ver=session.version, exp_cnt=len(futil.list_exp()))
def run_exploits(**kwargs):
"""
List all usable exploits
"""
do_print = kwargs.get("do_print", True)
exp_list = futil.list_exp()
if not do_print:
# pass this list to readline completer
return exp_list
colors.colored_print('[+] Available exploits: ', colors.CYAN)
for poc in exp_list:
colors.colored_print(poc, colors.BLUE)
return None
def run():
'''
start mec
'''
try:
os.system('clear')
os.chdir(core.MECROOT)
console.print_banner(ver=core.get_version(),
exp_cnt=len(futil.list_exp()))
main()
except (EOFError, KeyboardInterrupt, SystemExit):
console.print_error('[-] Exiting...')
except FileNotFoundError:
console.debug_except()
console.print_error("[-] Please run install.py first")
sys.exit(1)
except BaseException:
console.print_error(
"[-] Seems like you've encountered an unhandled exception")
console.debug_except()
def run_exploits(**kwargs):
"""
List all usable exploits
"""
do_print = kwargs.get("do_print", True)
exp_list = futil.list_exp()
if len(exp_list) == 0:
console.print_error("[-] No exploits found")
if console.yes_no("[?] Perhaps you need to check `info`?"):
run_info(session=kwargs.get("session"))
if not do_print:
return exp_list
colors.colored_print(f"[+] {len(exp_list)} available exploits: ",
colors.CYAN)
for poc in exp_list:
colors.colored_print(poc, colors.BLUE)
return None
def attack(self):
'''
handles attack command
'''
self.use_proxy = console.yes_no(
'[?] Do you wish to use proxy_pool/proxychains?')
if self.use_proxy:
if shutil.which("proxychains4") is None:
console.print_error("proxychains4 not found")
return
# sleep between two subprocess open
sleep_seconds = console.input_check("\n[?] Wait how many seconds" +
" before each process launch?\n" +
" (Set it to 0 when you want to use 100% CPU" +
" / bandwidth\n Recommened value: 0.1)\n" +
"\n[=] Your input: ",
check_type=float)
answ = console.input_check(
'\n[?] Do you wish to use\
\n\n [1] built-in exploits\
\n [2] or launch your own manually?\
\n\n[=] Your choice: ',
choices=['1', '2', 'built-in', 'manually'])
if answ in ['1', 'built-in']:
print(
colors.CYAN +
colors.BOLD +
'\n[?] Choose a module from: ' +
colors.END +
'\n')
colors.colored_print(futil.BUILT_IN, colors.GREEN)
module = console.input_check(
"[?] Choose your exploit module: ",
choices=futil.BUILT_IN.split('\n'),
allow_blank=False)
try:
scanner_instance = exploit_exec.EXPLOIT_DICT.get(module)(self)
if scanner_instance is None:
return
scanner_instance.sleep_seconds = sleep_seconds
scanner_instance.scan()
return
except (EOFError, KeyboardInterrupt, SystemExit):
return
# run custom exploits
print(
colors.CYAN +
colors.UNDERLINE +
colors.BOLD +
"\nWelcome, in here you can invoke your own exploit\n" +
colors.END)
cmd.run_exploits()
exploit = console.input_check(
"\n[*] Enter the path (eg. test/test) to your exploit: ",
choices=futil.list_exp())
jobs = int(
console.input_check("[?] How many processes each time? ", check_type=int))
custom_args = console.input_check(
"[*] Addtional args for this exploit (other than `-t <target>`): ").strip().split()
# parse user's exploit name
exec_path = exploit.split('/')[1:]
work_path = exploit.split('/')[:-1]
exec_path = '/'.join(exec_path)
work_path = '/'.join(work_path)
# args as parameter for scanner
scanner_instance = Scanner(work_path, exec_path,
custom_args,
jobs, sleep_seconds, self)
# start scanner
scanner_instance.scan()
def attack(self):
'''
handles attack command
'''
self.use_proxy = console.input_check(
'[?] Do you wish to use proxychains? [y/n] ',
choices=['y', 'n']) == 'y'
if self.use_proxy:
if shutil.which("proxychains4") is None:
console.print_error("proxychains4 not found")
return
cmd.cmd_handler(self, "proxy")
answ = console.input_check(
'\n[?] Do you wish to use\
\n\n [a] built-in exploits\
\n [m] or launch your own manually?\
\n\n[=] Your choice: ',
choices=['a', 'm'])
if answ == 'a':
print(
colors.CYAN +
colors.BOLD +
'\n[?] Choose a module from: ' +
colors.END +
'\n')
colors.colored_print(futil.BUILT_IN, colors.GREEN)
module = console.input_check(
"[?] Choose your exploit module: ",
choices=futil.BUILT_IN.split('\n'),
allow_blank=False)
try:
scanner_instance = exploit_exec.EXPLOIT_DICT.get(module)(self)
if scanner_instance is None:
return
scanner_instance.scan()
except (EOFError, KeyboardInterrupt, SystemExit):
return
elif answ == 'm':
print(
colors.CYAN +
colors.UNDERLINE +
colors.BOLD +
"\nWelcome, in here you can choose your own exploit\n" +
colors.END)
colors.colored_print(
'[*] Here are available exploits:\n', colors.CYAN)
for poc in futil.list_exp():
colors.colored_print(poc + colors.END, colors.BLUE)
exploit = console.input_check(
"\n[*] Enter the path (eg. joomla/rce.py) of your exploit: ",
choices=futil.list_exp())
jobs = int(
console.input_check("[?] How many processes each time? ", check_type=int))
custom_args = []
answ = console.input_check(
"[?] Do you need a reverse shell [y/n]? ", choices=['y', 'n'])
if answ == 'y':
lhost = console.input_check(
"[*] Where do you want me to send shells? ", allow_blank=False, ip_check=True)
lport = console.input_check(
"[*] and at what port?",
check_type=int)
custom_args = ['-l', lhost, '-p', lport]
else:
pass
custom_args += console.input_check(
"[*] args for this exploit: ").strip().split()
# parse user's exploit name
exec_path = exploit.split('/')[1:]
work_path = exploit.split('/')[:-1]
exec_path = '/'.join(exec_path)
work_path = '/'.join(work_path)
# let user check if there's anything wrong
print(
colors.BLUE +
'[*] Your exploit will be executed like\n' +
colors.END,
'proxychains4 -q -f proxy.conf {} -t <target ip>'.format(
exec_path),
' '.join(custom_args))
# args as parameter for scanner
scanner_instance = Scanner(work_path, exec_path,
custom_args,
jobs, self)
# start scanner
scanner_instance.scan()
else:
console.print_error('[-] Invalid input')
