def logo(): from core.alert import write_to_api_console from core import color from core.color import finish write_to_api_console(''' ______ __ _____ _____ / __ \ \ / /\ / ____| __ \ | | | \ \ /\ / / \ | (___ | |__) | | | | |\ \/ \/ / /\ \ \___ \| ___/ | |__| | \ /\ / ____ \ ____) | | {2}Version {0}{3} \____/ \/ \/_/ \_\_____/|_| {4}{1}{5} _ _ _ _ _ | \ | | | | | | | | {6}github.com/viraintel{7} | \| | ___| |_| |_ __ _ ___| | _____ _ __ {8}owasp.org{9} | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__| {10}viraintel.com{11} | |\ | __/ |_| || (_| | (__| < __/ | |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_| \n\n'''.format(__version__, __code_name__, color.color('red'), color.color('reset'), color.color('yellow'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'))) finish()
def logo(): """ OWASP Nettacker Logo """ from core.alert import write_to_api_console from core import color from core.color import reset_color from config import nettacker_paths from config import nettacker_user_application_config write_to_api_console( open( nettacker_paths()['logo_file'] ).read().format( version_info()[0], version_info()[1], color.color('red'), color.color('reset'), color.color('yellow'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset') ) ) reset_color()
def _download_shellcode(cli,id,name): if cli is True: pass else: id = _input('%sshellcode_id%s' % (color.color('blue'), color.color('yellow')), 'int', True) url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php' % (str(id)) try: if version() is 2: data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0] if version() is 3: data = urlopen(url).read().decode('utf-8').rsplit('<pre>')[ 1].rsplit('<body>')[0] except: warn('connection error\n') return write(_html_decode(data) + '\n\n') if cli is False: file_or_not = _input('Shellcode output to a .c file?(y or n)', 'any', True) if file_or_not[0] == 'y': target = _input('Target .c file?', 'any', True) downloaded_file_output(target, _html_decode(data)) else: if name != '': downloaded_file_output(name, _html_decode(data))
def inputcheck(): color.color(12) print ''' [+] Wrong input, Check Help Menu ,Execute: shellcoder -h ''' color.color(15) sig() sys.exit(0)
def about(): zcr(),'\n' developers = ['Ali Razmjoo | OWASP:Ali Razmjoo | Twitter: @Ali_Razmjo0 | z3r0d4y.com',] print color.color('red') + 'Project Coordinator: ' + color.color('cyan') + 'Ali Razmjoo\n\n' + color.color('yellow') + 'Developers:' sys.stdout.write(color.color('cyan')) for developer in developers: print developer sys.exit(sig())
def about(): zcr(),'\n' developers = ['All Developers: owasp-zsc-tool-project[at]lists.owasp.org','Ali Razmjoo | OWASP:Ali Razmjoo | Twitter: @Ali_Razmjo0 | z3r0d4y.com',] print (color.color('red') + 'Project Coordinator: ' + color.color('cyan') + 'Ali Razmjoo (Ali[dot]Razmjoo[at]owasp.org)\n\n' + color.color('yellow') + 'Developers:') sys.stdout.write(color.color('cyan')) for developer in developers: print (developer) sys.exit(sig())
def about(): zcr(),'\n' developers = ['Ali Razmjoo | http://z3r0d4y.com | [email protected] | Twitter: @Ali_Razmjo0',] print color.color('red') + 'Project Coordinator: ' + color.color('cyan') + 'Ali Razmjoo\n\n' + color.color('yellow') + 'Developers:' sys.stdout.write(color.color('cyan')) for developer in developers: print developer sys.exit(sig())
def check_prv(): try: if os.geteuid() is not 0: sys.exit(color.color('red')+'Sorry, you most run this file as root.'+color.color('reset')) except AttributeError: import ctypes if ctypes.windll.shell32.IsUserAnAdmin() != 1: sys.exit(color.color('red')+'Sorry, you most run this file as admin.'+color.color('reset'))
def types(value): val = value list = [ 'none', 'xor_random', 'xor_yourvalue', 'add_random', 'add_yourvalue', 'sub_random', 'sub_yourvalue', 'inc', 'inc_timesyouwant', 'dec', 'dec_timesyouwant', 'mix_all' ] if val is 1: color.color(11) for type in list: print '[+]', type sig() sys.exit(0) if val is not 1: exist = 0 if val == 'none': exist = 1 if val == 'xor_random': exist = 1 if val == 'add_random': exist = 1 if val == 'sub_random': exist = 1 if val == 'inc': exist = 1 if val == 'dec': exist = 1 if val == 'mix_all': exist = 1 if exist is not 1: if 'xor_' in val: val = val.replace('xor_', '') if len(str(val)) is 10: exist = 1 if 'add_' in val: val = val.replace('add_', '') if len(str(val)) is 10: exist = 1 if 'sub_' in val: val = val.replace('sub_', '') if len(str(val)) is 10: exist = 1 if 'inc_' in val: val = val.replace('inc_', '') try: val = int(val) exist = 1 except: exist = 0 if 'dec_' in str(val): val = val.replace('dec_', '') try: val = int(val) exist = 1 except: exist = 0 if exist is 1: return True
def about(): color.color(11) print zcr,'\n' color.color(13) developers = ['Ali Razmjoo | http://z3r0d4y.com | [email protected] | Twitter: @Ali_Razmjo0',] for developer in developers: print developer sig() sys.exit(0)
def types(value): val = value list = ['none','xor_random','xor_yourvalue','add_random', 'add_yourvalue','sub_random','sub_yourvalue','inc','inc_timesyouwant', 'dec','dec_timesyouwant','mix_all'] if val is 1: color.color(11) for type in list: print '[+]',type sig() sys.exit(0) if val is not 1: exist = 0 if val == 'none': exist = 1 if val == 'xor_random': exist = 1 if val == 'add_random': exist = 1 if val == 'sub_random': exist = 1 if val == 'inc': exist = 1 if val == 'dec': exist = 1 if val == 'mix_all': exist = 1 if exist is not 1: if 'xor_' in val: val = val.replace('xor_','') if len(str(val)) is 10: exist = 1 if 'add_' in val: val = val.replace('add_','') if len(str(val)) is 10: exist = 1 if 'sub_' in val: val = val.replace('sub_','') if len(str(val)) is 10: exist = 1 if 'inc_' in val: val = val.replace('inc_','') try: val = int(val) exist = 1 except: exist = 0 if 'dec_' in str(val): val = val.replace('dec_','') try: val = int(val) exist = 1 except: exist = 0 if exist is 1: return True
def linux_osx(): check_prv() executor = '''#!/bin/bash\npython /usr/share/owasp_zsc/zsc.py "$@"''' print (color.color('cyan')+'Building Commandline') commandline = open('/usr/bin/zsc','w') commandline.write(executor) commandline.close() print (color.color('green')+'Copying Files'+color.color('white')) os.system('rm -rf /usr/share/owasp_zsc && mkdir /usr/share/owasp_zsc && cp -r * /usr/share/owasp_zsc/ && chmod +x /usr/share/owasp_zsc/zsc.py && chmod +x /usr/bin/zsc') print (color.color('yellow') + '\nNow you can remove this folder\nfiles copied in /usr/share/owasp_zsc.\nto run zcr shellcoder please use "zsc" command line\n'+color.color('reset'))
def inputcheck(): print( color.color("yellow") + """ [+] Wrong input, Check Help Menu ,Execute: zsc """ + color.color("red") + "-h" + "\n" + color.color("reset") ) sys.exit(sig())
def about(): color.color(11) print zcr, '\n' color.color(13) developers = [ 'Ali Razmjoo | http://z3r0d4y.com | [email protected] | Twitter: @Ali_Razmjo0', ] for developer in developers: print developer sig() sys.exit(0)
def _download_shellcode(): id = _input("%sshellcode_id>%s " % (color.color("blue"), color.color("yellow")), "int", True) url = "http://shell-storm.org/shellcode/files/shellcode-%s.php" % (str(id)) try: if version() is 2: data = urlopen(url).read().rsplit("<pre>")[1].rsplit("<body>")[0] if version() is 3: data = urlopen(url).read().decode("utf-8").rsplit("<pre>")[1].rsplit("<body>")[0] except: warn("connection error\n") return write(data)
def __input_msg(content): """ build the input message to get input from users Args: content: content of the message Returns: the message in input structure """ return (color.color("yellow") + "[+] " + color.color("green") + six.text_type(content) + color.color("reset"))
def _download_shellcode(): id = _input('%sshellcode_id%s'%(color.color('blue'),color.color('yellow')),'int',True) url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php'%(str(id)) try: if version() is 2: data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0] if version() is 3: data = urlopen(url).read().decode('utf-8').rsplit('<pre>')[1].rsplit('<body>')[0] except: warn('connection error\n') return write(data)
def logo(): print(color.color('red') + ''' ______ __ _____ _____ ______ _____ _____ / __ \ \ / /\ / ____| __ \ |___ // ____|/ ____| | | | \ \ /\ / / \ | (___ | |__) | / /| (___ | | | | | |\ \/ \/ / /\ \ \___ \| ___/ / / \___ \| | | |__| | \ /\ / ____ \ ____) | | / /__ ____) | |____ \____/ \/ \/_/ \_\_____/|_| /_____|_____/ \_____| ''' + color.color('cyan') + '\t\t' + color.color( 'green') + 'OWASP' + color.color('cyan') + ' ZeroDay Cyber Research Shellcoder\n' + color.color('reset'))
def zcr(): print color.color('red') + ''' ___________ _____ |___ / ____| __ \ / / | | |__) | / /| | | _ / / /_| |____| | \ \ /_____\_____|_|__\_\ _ _ _____ ____ _____ ______ _____ _ / ____| | | ____| | | | / ____/ __ \| __ \| ____| __ \ | | | (___ | |__ | |__ | | | | | | | | | | | | | |__ | |__) | | | \___ \| '_ \| __| | | | | | | | | | | | | | __| | _ / | | ____) | | | | |____| |____| |___| |___| |__| | |__| | |____| | \ \ |_| |_____/|_| |_|______|______|______\_____\____/|_____/|______|_| \_\ (_) ''' + color.color('cyan') + '\t\t\t\tZeroDay Cyber Research Shellcoder\n' + color.color('reset')
def windows(): #check_prv() installing_path = str(sys.prefix) + str('\\Scripts\\zsc') try: os.mkdir(installing_path) except: pass print (color.color('green')+'Copying Files'+color.color('white')) tmp_copy = os.popen('xcopy /y /s /i . %s'%installing_path).read() print (color.color('cyan')+'Building Commandline') tmp_add_command_line = open('%s\\..\\zsc.bat'%installing_path,'w') tmp_add_command_line.write('@echo off\npython %s\\zsc.py'%installing_path) tmp_add_command_line.close() print (color.color('yellow') + '\nNow you can remove this folder\nfiles copied in %s.\nto run zcr shellcoder please use "zsc" command line\nNOTE: IF COMMAND LINE "zsc" NOT FOUND, PLEASE RE-OPEN YOUR CMD!\N'%installing_path+color.color('reset'))
def error(content): """ build the error message Args: content: content of the message Returns: the message in error structure - None """ data = (color.color("red") + "[{0}][X] ".format(now()) + color.color("yellow") + content + color.color("reset") + "\n") sys.stdout.buffer.write(data.encode("utf8")) sys.stdout.flush()
def start(): color.color(11) print zcr color.color(12) print ''' ZeroDay Cyber Research Shellcoder Please execute with -h|--h|-help|--help switch to see help menu. ''' color.color(15) sig() color.color(14) raw_input('\nPress "Enter" to continue') color.color(15) sys.exit(0)
def about(): zcr(), '\n' developers = [ 'All Developers: owasp-zsc-tool-project[at]lists.owasp.org', 'Ali Razmjoo | OWASP:Ali Razmjoo | Twitter: @Ali_Razmjo0 | z3r0d4y.com', ] print( color.color('red') + 'Project Coordinator: ' + color.color('cyan') + 'Ali Razmjoo (Ali[dot]Razmjoo[at]owasp.org)\n\n' + color.color('yellow') + 'Developers:') sys.stdout.write(color.color('cyan')) for developer in developers: print(developer) sys.exit(sig())
def _download_shellcode(): id = _input( '%sshellcode_id>%s ' % (color.color('blue'), color.color('yellow')), 'int', True) url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php' % (str(id)) try: if version() is 2: data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0] if version() is 3: data = urlopen(url).read().decode('utf-8').rsplit( '<pre>')[1].rsplit('<body>')[0] except: warn('connection error\n') return write(data)
def run(): counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv try: writer = open(sys.argv[filename_counter], 'w') writer.write('') writer.close() except: print color.color( 'red' ) + 'File is not writable, Try other name or change directory' + color.color( 'reset') sys.exit(start.sig()) os = sys.argv[os_counter] filename = sys.argv[filename_counter] encode = sys.argv[encode_counter] job = sys.argv[job_counter] content = os + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job return content
def start(): zcr() print (color.color('cyan') + 'Please execute with ' + color.color('red') + '-h' + color.color('cyan') + '|' + color.color('red') + '--h' + color.color('cyan') +'|'+color.color('red')+'-help'+color.color('cyan')+'|' + color.color('red') +'--help ' + color.color('cyan') + 'switch to see help menu.' + color.color('reset')) sig() try: if version is 2: raw_input('%sPress "%sEnter%s" to continue%s'%(color.color('green'),color.color('red'),color.color('green'),color.color('white'))) if version is 3: input('%sPress "%sEnter%s" to continue%s'%(color.color('green'),color.color('red'),color.color('green'),color.color('white'))) except: sys.exit(color.color('red')+'\n\nKeyboardInterrupt, aborted by user.\n'+color.color('reset')) sys.exit(0)
def _download_shellcode(): try: if version() is 3: id = input('%sshellcode_id>%s '%(color.color('blue'),color.color('yellow'))) if version() is 2: id = raw_input('%sshellcode_id>%s '%(color.color('blue'),color.color('yellow'))) except: return url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php'%(str(id)) try: data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0] except: warn('connection error') return write(data)
def res(PASS,shellcode,filename,os_name,job,encode_type,length,old_encode_type,NE): if PASS is False: sys.exit(color.color('red')+'Sorry, I\'ve got some error while processing, Please try same thing one more time \nAnd if you got same error please share us your problem with details. Thank you.\n'+color.color('reset')) if PASS is True: save = open(filename,'w') save.write(shellcode) save.close() print ('''%sYour Shellcode file generated! OS: %s%s%s Job: %s%s%s Encode: %s%s%s Length: %s%s%s Output: %s%s%s'''%(color.color('yellow'),color.color('blue'),os_name,color.color('yellow'),color.color('red'),job,color.color('yellow'),color.color('cyan'),encode_type,color.color('yellow'),color.color('green'),length,color.color('yellow'),color.color('purple'),filename,color.color('reset'))) if NE is True: print (color.color('red')+'Note: %s%s%s encode type module is not activated yet, so your shellcode generated with %snone%s encode type! Please Wait for update. To see available modules take a look at the %sfeatures_table.html%s file in software folder.'%(color.color('green'),old_encode_type,color.color('red'),color.color('cyan'),color.color('red'),color.color('white'),color.color('red')))
def zcr(): print color.color('red') + ''' ______ __ _____ _____ ___________ _____ / __ \ \ / /\ / ____| __ \ |___ / ____| __ \ | | | \ \ /\ / / \ | (___ | |__) | / / | | |__) | | | | |\ \/ \/ / /\ \ \___ \| ___/ / /| | | _ / | |__| | \ /\ / ____ \ ____) | | / /_| |____| | \ \ \____/ _ \/ _\/_/___ \_\_____/|_| ____/_____\_____|_|__\_\_ _____ _ / ____| | | | ____| | | | / ____/ __ \| __ \| ____| __ \ | | | (___ | |__| | |__ | | | | | | | | | | | | | |__ | |__) | | | \___ \| __ | __| | | | | | | | | | | | | | __| | _ / | | ____) | | | | |____| |____| |___| |___| |__| | |__| | |____| | \ \ |_| |_____/|_| |_|______|______|______\_____\____/|_____/|______|_| \_\ (_) ''' + color.color('cyan') + '\t\t\t'+color.color('green')+'OWASP' + color.color('cyan') + ' ZeroDay Cyber Research Shellcoder\n' + color.color('reset')
def logo(): print (color.color('red') + ''' ______ __ _____ _____ ___________ _____ / __ \ \ / /\ / ____| __ \ |___ / ____| __ \ | | | \ \ /\ / / \ | (___ | |__) | / / | | |__) | | | | |\ \/ \/ / /\ \ \___ \| ___/ / /| | | _ / | |__| | \ /\ / ____ \ ____) | | / /_| |____| | \ \ \____/ _ \/ _\/_/___ \_\_____/|_| ____/_____\_____|_|__\_\_ _____ _ / ____| | | | ____| | | | / ____/ __ \| __ \| ____| __ \ | | | (___ | |__| | |__ | | | | | | | | | | | | | |__ | |__) | | | \___ \| __ | __| | | | | | | | | | | | | | __| | _ / | | ____) | | | | |____| |____| |___| |___| |__| | |__| | |____| | \ \ |_| |_____/|_| |_|______|______|______\_____\____/|_____/|______|_| \_\ (_) ''' + color.color('cyan') + '\t\t\t'+color.color('green')+'OWASP' + color.color('cyan') + ' ZeroDay Cyber Research Shellcoder\n' + color.color('reset'))
def start(): zcr() print color.color('cyan') + 'Please execute with ' + color.color('red') + '-h' + color.color('cyan') + '|' + color.color('red') + '--h' + color.color('cyan') +'|'+color.color('red')+'-help'+color.color('cyan')+'|' + color.color('red') +'--help ' + color.color('cyan') + 'switch to see help menu.' + color.color('reset') sig() try: raw_input('%sPress "%sEnter%s" to continue%s'%(color.color('green'),color.color('red'),color.color('green'),color.color('white'))) except: sys.exit(color.color('red')+'\n\nKeyboardInterrupt, aborted by user.\n'+color.color('reset')) sys.exit(0)
def about(): write('\n') info = [ ['Code', 'https://github.com/Ali-Razmjoo/OWASP-ZSC'], [ 'Contributors', 'https://github.com/Ali-Razmjoo/OWASP-ZSC/graphs/contributors' ], ['API', 'http://api.z3r0d4y.com/'], ['Home', 'http://zsc.z3r0d4y.com/'], ['Mailing List', 'https://groups.google.com/d/forum/owasp-zsc'], ['Contact US Now', 'owasp-zsc[at]googlegroups[dot]com'] ] for section in info: write('%s%s%s: %s%s%s\n' % (color.color('red'), section[0], color.color('reset'), color.color('yellow'), section[1], color.color('reset'))) sig()
def sig(): print '''%s |----------------------------------------------------------------------------| |%sOWASP%s Page: https://www.%sowasp%s.org/index.php/OWASP_ZSC_Tool_Project ---------| |Author Website: http://%sz3r0d4y%s.com/ ----------------------------------------| |Project Home: http://%szsc%s.z3r0d4y.com/ --------------------------------------| |key: %s%s%s | version: %s%s%s | Release Date: %s%s%s --------------------| |----------------------------------------------------------------------------|'''%(color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),__key__,color.color('blue'),color.color('red'),__version__,color.color('blue'),color.color('red'),__release_date__,color.color('blue'))
def menu(): print ''' %sSwitches%s: %s-h%s, %s--h%s, %s-help%s, %s--help%s => to see this help guide %s-os%s => choose your os to create shellcode %s-oslist%s => list os for switch -os %s-o%s => output filename %s-job%s => what shellcode gonna do for you ? %s-joblist%s => list of -job switch %s-encode%s => generate shellcode with encode %s-types%s => types of encode for -encode switch %s-wizard%s => wizard mod %s-update%s => check for update %s-about%s => about software and %sdevelopers%s.'''%(color.color('yellow'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple'),color.color('red'),color.color('purple')) sys.exit(sig())
def sig(): print '''%s |----------------------------------------------------------------------------| |%sOWASP%s Page: https://www.%sowasp%s.org/index.php/OWASP_ZSC_Tool_Project ---------| |Author Website: http://%sz3r0d4y%s.com/ ----------------------------------------| |Project Home: http://%szsc%s.z3r0d4y.com/ --------------------------------------| |key: %s%s%s | version: %s%s%s | Release Date: %s%s%s -----------------| |----------------------------------------------------------------------------|'''%(color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),__key__,color.color('blue'),color.color('red'),__version__,color.color('blue'),color.color('red'),__release_date__,color.color('blue'))
def run(): counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv try: writer = open(sys.argv[filename_counter],'w') writer.write('') writer.close() except: print color.color('red')+'File is not writable, Try other name or change directory'+color.color('reset') sys.exit(start.sig()) os = sys.argv[os_counter] filename = sys.argv[filename_counter] encode = sys.argv[encode_counter] job = sys.argv[job_counter] content = os + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job return content
def oslist(value): val = value list = ['linux_x86','linux_x64','linux_arm','linux_mips', 'freebsd_x86','freebsd_x64','windows_x86','windows_x64', 'osx','solaris_x86','solaris_x64'] if val is 1: for os in list: print '%s[+]%s'%(color.color('yellow'),color.color('green')),os sig() sys.exit(0) if val is not 1: exist = 0 for os in list: if str(val) == str(os): exist = 1 if exist is 1: return True
def warn(content): """ build the warn message Args: content: content of the message Returns: the message in warn structure - None """ if not run_from_api(): sys.stdout.buffer.write( bytes( color.color("blue") + "[{0}][!] ".format(now()) + color.color("yellow") + content + color.color("reset") + "\n", "utf8", )) sys.stdout.flush()
def _search_shellcode(): url = 'http://shell-storm.org/api/?s=' keyword = _input('%skeyword_to_search%s'%(color.color('blue'),color.color('yellow')),'any',True) keyword=keyword.replace(' ','*') try: data = urlopen(url+keyword).read() if version() is 3: data = data.decode('utf-8') except: warn('connection error') return for shellcode_ in data.rsplit('\n'): try: shellcode_ = shellcode_.rsplit('::::') info('author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n'%(shellcode_[0],shellcode_[3],shellcode_[1],shellcode_[2])) except: pass write('\n')
def oslist(value): val = value list = ['linux_x86','linux_x64','linux_arm','linux_mips', 'freebsd_x86','freebsd_x64','windows_x86','windows_x64', 'osx','solaris_x86','solaris_x64'] if val is 1: color.color(11) for os in list: print '[+]',os sig() sys.exit(0) if val is not 1: exist = 0 for os in list: if str(val) == str(os): exist = 1 if exist is 1: return True
def sig(): print '''%s |----------------------------------------------------------------------------| |----------------------------------------------------------------------------| |Author Website: http://z3r0d4y.com/ ----------------------------------------| |Project URL: http://%szsc%s.z3r0d4y.com/ ---------------------------------------| |key: %s%s%s | version: %s%s%s | Release Date: %s%s%s ------------------| |----------------------------------------------------------------------------| |----------------------------------------------------------------------------|'''%(color.color('blue'),color.color('red'),color.color('blue'),color.color('red'),__key__,color.color('blue'),color.color('red'),__version__,color.color('blue'),color.color('red'),__release_date__,color.color('blue'))
def disable(os_name, job): print( color.color('red') + 'Note: %s%s%s function is not Activated for %s%s%s OS Yet, Please wait for update.\nTo see available modules take a look at the %sfeatures_table.html%s file in software folder.' % (color.color('cyan'), job, color.color('red'), color.color('blue'), os_name, color.color('red'), color.color('white'), color.color('red'))) return 0
def verbose_info(content): """ build the info message, log the message in database if requested, rewrite the thread temporary file Args: content: content of the message Returns: None """ if verbose_mode_is_enabled(): sys.stdout.buffer.write( bytes( color.color("yellow") + "[{0}][+] ".format(now()) + color.color("purple") + content + color.color("reset") + "\n", "utf8", )) sys.stdout.flush()
def logo(): """ OWASP Nettacker Logo """ import requests from core.alert import write_to_api_console from core import color from core.color import reset_color from config import nettacker_paths from config import nettacker_analytics from config import nettacker_user_application_config write_to_api_console( open(nettacker_paths()['logo_file']).read().format( version_info()[0], version_info()[1], color.color('red'), color.color('reset'), color.color('yellow'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'), color.color('cyan'), color.color('reset'))) reset_color() try: if nettacker_analytics()['new_relic_api_key']: requests.post( "https://log-api.eu.newrelic.com/log/v1", headers={ "X-License-Key": nettacker_analytics()['new_relic_api_key'], "Accept": "*/*", "Content-Type": "application/json", "User-Agent": nettacker_user_application_config()['user_agent'] }, json={ "ip": json.loads( requests.get('https://api64.ipify.org?format=json'). content)['ip'], "user_agent": nettacker_user_application_config()['user_agent'], "github_ci": os.environ.get('github_ci') == "true" }) except Exception: return None
def success_event_info(content): """ build the info message, log the message in database if requested, rewrite the thread temporary file Args: content: content of the message Returns: None """ if not run_from_api(): sys.stdout.buffer.write( bytes( color.color("red") + "[{0}][+++] ".format(now()) + color.color("cyan") + content + color.color("reset") + "\n", "utf8", )) sys.stdout.flush()
def run(filename,content,command): command = command.replace('[space]',' ') try: cont = binascii.b2a_hex(open(content).read()) except: from core import start sys.exit(color.color('red')+'Error, Cannot find/open the file %s'%(content)+color.color('reset')) l = len(cont) -1 n = 0 c = '\\x' for word in cont: c += word n+=1 if n is 2: n = 0 c += '\\x' c = c[:-2] command = 'echo -e "%s" > %s ; chmod 777 %s ; %s'%(str(c),str(filename),str(filename),str(command)) return template.sys(stack.generate(command.replace('[space]',' '),'%ecx','string'))
def oslist(value): val = value list = [ 'linux_x86', 'linux_x64', 'linux_arm', 'linux_mips', 'freebsd_x86', 'freebsd_x64', 'windows_x86', 'windows_x64', 'osx', 'solaris_x86', 'solaris_x64' ] if val is 1: color.color(11) for os in list: print '[+]', os sig() sys.exit(0) if val is not 1: exist = 0 for os in list: if str(val) == str(os): exist = 1 if exist is 1: return True
def logo(): print( color.color("red") + """ ______ __ _____ _____ ______ _____ _____ / __ \ \ / /\ / ____| __ \ |___ // ____|/ ____| | | | \ \ /\ / / \ | (___ | |__) | / /| (___ | | | | | |\ \/ \/ / /\ \ \___ \| ___/ / / \___ \| | | |__| | \ /\ / ____ \ ____) | | / /__ ____) | |____ \____/ \/ \/_/ \_\_____/|_| /_____|_____/ \_____| """ + color.color("cyan") + "\t\t" + color.color("green") + "OWASP" + color.color("cyan") + " ZeroDay Cyber Research Shellcoder\n" + color.color("reset") )
def _search_shellcode(): url = "http://shell-storm.org/api/?s=" keyword = _input("%skeyword_to_search>%s " % (color.color("blue"), color.color("yellow")), "any", True) keyword = keyword.replace(" ", "*") try: data = urlopen(url + keyword).read() if version() is 3: data = data.decode("utf-8") except: warn("connection error") return for shellcode_ in data.rsplit("\n"): try: shellcode_ = shellcode_.rsplit("::::") info( "author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n" % (shellcode_[0], shellcode_[3], shellcode_[1], shellcode_[2]) ) except: pass write("\n")
def verbose_event_info(content): """ build the info message, log the message in database if requested, rewrite the thread temporary file Args: content: content of the message Returns: None """ if (not run_from_api()) and (verbose_mode_is_enabled() or event_verbose_mode_is_enabled() ): # prevent to stdout if run from API sys.stdout.buffer.write( bytes( color.color("yellow") + "[{0}][+] ".format(now()) + color.color("green") + content + color.color("reset") + "\n", "utf8", )) sys.stdout.flush()
def _search_shellcode(): url = 'http://shell-storm.org/api/?s=' keyword = _input( '%skeyword_to_search>%s ' % (color.color('blue'), color.color('yellow')), 'any', True) keyword = keyword.replace(' ', '*') try: data = urlopen(url + keyword).read() if version() is 3: data = data.decode('utf-8') except: warn('connection error') return for shellcode_ in data.rsplit('\n'): try: shellcode_ = shellcode_.rsplit('::::') info('author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n' % (shellcode_[0], shellcode_[3], shellcode_[1], shellcode_[2])) except: pass write('\n')
def about(): write("\n") info = [ ["Code", "https://github.com/Ali-Razmjoo/OWASP-ZSC"], ["Contributors", "https://github.com/Ali-Razmjoo/OWASP-ZSC/graphs/contributors"], ["API", "http://api.z3r0d4y.com/"], ["Home", "http://zsc.z3r0d4y.com/"], ["Mailing List", "https://groups.google.com/d/forum/owasp-zsc"], ["Contact US Now", "owasp-zsc[at]googlegroups[dot]com"], ] for section in info: write( "%s%s%s: %s%s%s\n" % ( color.color("red"), section[0], color.color("reset"), color.color("yellow"), section[1], color.color("reset"), ) ) sig()
def warn(content): if "\n" in content: num_newline = len(content) - len(content.rstrip("\n")) sys.stdout.write(color.color('red') + '[!] ' + color.color('yellow') + content[:-num_newline] + color.color('reset') + "\n"*num_newline) else: sys.stdout.write(color.color('red') + '[!] ' + color.color('yellow') + content + color.color('reset') + "\n") return