Exemple #1
0
def cmysql(run):
    global defaulthost, defaultport, defaultuser, defaultpass
    try:
        if run != 1:
            actions = raw_input(d.prompt("clt/sql"))
        else:
            actions = "run"
        if actions == "show options" or actions == "sop":
            d.option()
            d.descrip("target", "yes", "IP or DNS", defaulthost)
            d.descrip("port", "no", "Port of target", defaultport)
            d.descrip("user", "yes", "Username", defaultuser)
            d.descrip("pass", "yes", "Password", defaultpass)
            d.space()
            cmysql(0)
        elif actions[0:10] == "set target":
            defaulthost = defaulthost.replace("http://", "")
            defaulthost = ping.update(defaulthost, actions, "target")
            d.change("target", defaulthost)
        elif actions[0:8] == "set port":
            defaultport = ping.update(defaultport, actions, "port")
            d.change("port", defaultport)
        elif actions[0:8] == "set user":
            defaultuser = ping.update(defaultuser, actions, "user")
            d.change("user", defaultuser)
        elif actions[0:8] == "set pass":
            defaultpass = ping.update(defaultpass, actions, "pass")
            d.change("pass", defaultpass)
        elif actions == "exit" or actions == "x":
            d.goodbye()
            exit()
        elif actions == "help" or actions == "h":
            help.help()
        elif actions == "back" or actions == "b":
            return
        elif actions == "run" or actions == "r":
            d.run()
            try:
                ping.live(defaulthost, defaultport)
                if True:
                    try:
                        con = MySQLdb.connect(defaulthost, defaultuser, defaultpass, "")
                        if True:
                            try:
                                cmd = "nop"
                                print "\n " + Hlp + " SQL Client help\n"
                                print "  -------------------------------------------------------------------------------------------------------"
                                print "  |" + colors[6] + "Commd" + colors[0] + "            | " + colors[
                                    6
                                ] + "Description" + colors[0] + "     | " + colors[6] + "Examples" + colors[
                                    0
                                ] + "                                                        |"
                                print "  -------------------------------------------------------------------------------------------------------"
                                print "  |show databases   | list databases  | show databases                                                  |"
                                print "  |use	            | select database | use user_table                                                  |"
                                print "  |show tables	    | list tables     | show tables                                                     |"
                                print "  |create database  | create databases| create database USERS                                           | "
                                print "  |create table	    | create tables   | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20))      | "
                                print "  |drop database    | drop databases  | drop database USERS                                             | "
                                print "  |drop table       | drop tables     | drop table EMAIL                                                | "
                                print "  |insert	    | insert data     | insert into EMAILS values ( '2', '*****@*****.**' )               | "
                                print "  |update           | update data     | update EMAILS set name='Willy' where id=1                       | "
                                print "  |select           | select data     | select id, name from EMAILS                                     | "
                                print "  -------------------------------------------------------------------------------------------------------"
                                print ""
                                while cmd != "exit":
                                    cmd = raw_input(d.Client_prompt("sql"))
                                    cur = con.cursor()
                                    try:
                                        tor = cur.execute(cmd)
                                        if True:
                                            for x in range(tor):
                                                print cur.fetchone()
                                    except:
                                        print " " + Bad + " No command '" + cmd + "' found"
                            except:
                                Errors.Errors(event=sys.exc_info()[0], info=False)
                    except:
                        Errors.Errors(event=sys.exc_info(), info=defaulthost + ":" + defaultport)
            except:
                Errors.Errors(event=sys.exc_info()[0], info=defaulthost + ":" + defaultport)
        else:
            d.No_actions()
    except:
        Errors.Errors(event=sys.exc_info()[0], info=False)
    cmysql(0)
Exemple #2
0
def cmysql(run):
    global defaulthost, defaultport, defaultuser, defaultpass
    try:
        if run != 1:
            actions = raw_input(d.prompt("clt/sql"))
        else:
            actions = "run"
        if actions == "show options" or actions == "sop":
            d.option()
            d.descrip("target", "yes", "IP or DNS", defaulthost)
            d.descrip("port", "no", "Port of target", defaultport)
            d.descrip("user", "yes", "Username", defaultuser)
            d.descrip("pass", "yes", "Password", defaultpass)
            print ""
            cmysql(0)
        elif actions[0:10] == "set target":
            defaulthost = actions[11:]
            defaulthost = defaulthost.replace("http://", "")
            d.change("target", defaulthost)
            cmysql(0)
        elif actions[0:8] == "set port":
            defaultport = actions[9:]
            d.change("port", defaultport)
            cmysql(0)
        elif actions[0:8] == "set user":
            defaultuser = actions[9:]
            d.change("user", defaultuser)
            cmysql(0)
        elif actions[0:8] == "set pass":
            defaultpass = actions[9:]
            d.change("pass", defaultpass)
            cmysql(0)
        elif actions == "exit" or actions == "x":
            d.goodbye()
            exit()
        elif actions == "help" or actions == "h":
            help.help()
        elif actions == "back" or actions == "b":
            return
        elif actions == "run" or actions == "r":
            d.run()
            try:
                ping.live(defaulthost, defaultport)
                if True:
                    try:
                        con = MySQLdb.connect(defaulthost, defaultuser,
                                              defaultpass, "")
                        if True:
                            try:
                                cmd = "nop"
                                print "\n " + Hlp + " SQL Client help\n"
                                print "  -------------------------------------------------------------------------------------------------------"
                                print "  |" + colors[6] + "Commd" + colors[
                                    0] + "            | " + colors[
                                        6] + "Description" + colors[
                                            0] + "     | " + colors[
                                                6] + "Examples" + colors[
                                                    0] + "                                                        |"
                                print "  -------------------------------------------------------------------------------------------------------"
                                print "  |show databases   | list databases  | show databases                                                  |"
                                print "  |use	            | select database | use user_table                                                  |"
                                print "  |show tables	    | list tables     | show tables                                                     |"
                                print "  |create database  | create databases| create database USERS                                           | "
                                print "  |create table	    | create tables   | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20))      | "
                                print "  |drop database    | drop databases  | drop database USERS                                             | "
                                print "  |drop table       | drop tables     | drop table EMAIL                                                | "
                                print "  |insert	    | insert data     | insert into EMAILS values ( '2', '*****@*****.**' )               | "
                                print "  |update           | update data     | update EMAILS set name='Willy' where id=1                       | "
                                print "  |select           | select data     | select id, name from EMAILS                                     | "
                                print "  -------------------------------------------------------------------------------------------------------"
                                print ""
                                while (cmd != "exit"):
                                    cmd = raw_input(colors[1] + " CLT~" +
                                                    colors[3] + "sql/> " +
                                                    colors[0])
                                    cur = con.cursor()
                                    try:
                                        tor = cur.execute(cmd)
                                        if True:
                                            for x in range(tor):
                                                print cur.fetchone()
                                    except:
                                        print " [" + colors[1] + "-" + colors[
                                            0] + "] Error: command"
                            except (KeyboardInterrupt):
                                d.kbi()
                            except Exception, e:
                                print(
                                    " [" + colors[1] + "-" + colors[0] +
                                    "] Timeout.", e)
                    except:
                        d.nomatch()
            except:
                d.off()
        else:
            d.nocommand()
    except:
        d.kbi()
        exit()
    cmysql(0)
Exemple #3
0
def cmysql():
	try:
		global defaulthost,defaultport,defaultdat1,defaultdat2
		actions = raw_input(O+"     ktn/clt/sql > "+W)
		if actions == "show options":
			print ""
			print "     ["+R+"+"+W+"] options"
			print "     |host           : yes"
			print "     |port           : no/yes"
			print "     |username       : yes"
			print "     |password       : yes\n"
			print ""
			print "     ["+G+"+"+W+"] options current"
			print "     |host           : ",defaulthost
			print "     |port           : ",defaultport
			print "     |username       : "******"     |password       : "******""
			cmysql()
		elif actions[0:8] == "set host":
			defaulthost = actions[9:]
			print "     host           : "+defaulthost+" "+O+"     Saved!!!"+W
			cmysql()
		elif actions[0:8] == "set port":
			defaultport= actions[9:]
			print "     port           : "+defaultport+" "+O+"     Saved!!!"+W
			cmysql()
		elif actions[0:12] == "set username":
			defaultdat1 = actions[13:]
			print "     username       : "******" "+O+"     Saved!!!"+W
			cmysql()
		elif actions[0:12] == "set password":
			defaultdat2= actions[13:]
			print "     password       : "******" "+O+"     Saved!!!"+W
			cmysql()
		elif actions=="back":
			pass 
		elif actions=="exit":
			print C+"     GooD"+W+" bye."
			exit()
		elif actions == "help":
			help.help()
		elif actions == "run":
			print("\n     ["+O+"!"+W+"] Checking target")
			print "     ["+G+"+"+W+"] options current"
			print "     host           : ",defaulthost
			print "     port           : ",defaultport
			print "     username       : "******"     password       : "******""
			try:
				red=socket.socket(socket.AF_INET, socket.SOCK_STREAM)       
				red.connect((defaulthost, int(defaultport)))
				if True:
					try:
						print("     ["+G+"+"+W+"] host LIVE")
						print("     ["+G+"+"+W+"] Running")
						con=MySQLdb.connect(defaulthost,defaultdat1,defaultdat2,'')
						if True:
							try:
								cmd="nop"
								print "\n     ["+B+"*"+W+"] SQL Client help\n"
								print "          show databases: list databases      ex: show databases"    
								print "          use         	: select database     ex: use user_table" 
								print "          show tables	: list tables         ex: show tables" 
								print ""
								print "          create database: create databases    ex: create database USERS"
								print "          create table   : create tables       ex: create table EMAILS ( id INT PRIMARY KEY, name VARCHAR(20));" 
								print "          drop database  : drop databases      ex: drop database USERS"   
								print "          insert         : insert data         ex: insert into EMAILS values ( '2', 'Dean' )"
								print "          update         : update data         ex: update EMAILS set name='Willy' where id=1"
								print "          select         : select data         ex: select id, name from EMAILS;"   
								print ""
								while(cmd!="exit"):
									cmd = raw_input(O+" sql/> "+W)	
									cur=con.cursor() 
									try:
										tor=cur.execute(cmd)
										if True:
											for x in range(tor):
	   											print cur.fetchone()
	   								except:
	   									print "     ["+O+"!"+W+"] Error: Command"				
							except:
								print "Error"
					except(KeyboardInterrupt):
						print("\n     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
					except:
						print("     ["+R+"-"+W+"] username or password Wrong")
			except(KeyboardInterrupt):
				print("\n     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
			except:
				print("     ["+R+"-"+W+"] target off")
		else:
			print "     ["+O+"!"+W+"] command No Accept"+W
	except(KeyboardInterrupt):
		print("\n     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
	cmysql()
Exemple #4
0
def cmysql(run):
	global defaulthost,defaultport,defaultuser,defaultpass
	try:
		if run!=1:
			actions=raw_input(d.prompt("clt/sql"))
		else:
			actions="run"
		if actions == "show options" or actions == "sop":
			d.option()
			d.descrip("target","yes","IP or DNS",defaulthost)
			d.descrip("port","no","Port of target",defaultport)
 			d.descrip("user","yes","Username",defaultuser)
 			d.descrip("pass","yes","Password",defaultpass)
			print ""
			cmysql(0)
		elif actions[0:10] == "set target":
			defaulthost = actions[11:]
			defaulthost = defaulthost.replace("http://", "")
			d.change("target",defaulthost)
			cmysql(0)
		elif actions[0:8] == "set port":
			defaultport = actions[9:]
			d.change("port",defaultport)
			cmysql(0)
		elif actions[0:8] == "set user":
			defaultuser = actions[9:]
			d.change("user",defaultuser)
			cmysql(0)
		elif actions[0:8] == "set pass":
			defaultpass = actions[9:]
			d.change("pass",defaultpass)
			cmysql(0)
		elif actions=="exit" or actions=="x":
			d.goodbye()
			exit()
		elif actions=="help" or actions=="h":
			help.help()
		elif actions=="back" or actions=="b":
			return
		elif actions=="run"  or actions=="r":
			d.run()
			try:
				ping.live(defaulthost,defaultport)
				if True:
					try:
						con=MySQLdb.connect(defaulthost, defaultuser, defaultpass,"")
						if True:
							try:
								cmd="nop"
								print "\n "+Hlp+" SQL Client help\n"
								print "  -------------------------------------------------------------------------------------------------------"
								print "  |"+colors[6]+"Commd"+colors[0]+"            | "+colors[6]+"Description"+colors[0]+"     | "+colors[6]+"Examples"+colors[0]+"                                                        |"
								print "  -------------------------------------------------------------------------------------------------------"
								print "  |show databases   | list databases  | show databases                                                  |" 
								print "  |use	            | select database | use user_table                                                  |"
								print "  |show tables	    | list tables     | show tables                                                     |"
								print "  |create database  | create databases| create database USERS                                           | "
								print "  |create table	    | create tables   | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20))      | "
								print "  |drop database    | drop databases  | drop database USERS                                             | "
								print "  |drop table       | drop tables     | drop table EMAIL                                                | "
								print "  |insert	    | insert data     | insert into EMAILS values ( '2', '*****@*****.**' )               | "
								print "  |update           | update data     | update EMAILS set name='Willy' where id=1                       | "
								print "  |select           | select data     | select id, name from EMAILS                                     | "
								print "  -------------------------------------------------------------------------------------------------------"
								print ""
								while(cmd!="exit"):
									cmd = raw_input(colors[1]+" CLT~"+colors[3]+"sql/> "+colors[0])
									cur=con.cursor() 
									try:
										tor=cur.execute(cmd)
										if True:
											for x in range(tor):
	   											print cur.fetchone()
	   								except:
	   									print " ["+colors[1]+"-"+colors[0]+"] Error: command"				
							except(KeyboardInterrupt):
								d.kbi()
							except Exception,e:
								print(" ["+colors[1]+"-"+colors[0]+"] Timeout.", e)
					except:
						d.nomatch()
			except:
				d.off()
		else:
			d.nocommand()
	except:
		d.kbi()
		exit()
	cmysql(0)
Exemple #5
0
def tlogin():
	try:
		global defaulthost,defaultport,defaultdat1,defaultdat2
		actions = raw_input(O+"     ktn/mc/tlogin > "+W)
		if actions == "show options":
			print ""
			print "     ["+R+"+"+W+"] options"
			print "     |host           : yes"
			print "     |username       : yes"
			print "     |password       : yes\n"
			print ""
			print "     ["+G+"+"+W+"] options current"
			print "     |host           : ",defaulthost
			print "     |username       : "******"     |password       : "******""
			tlogin()
		elif actions[0:8] == "set host":
			defaulthost = actions[9:]
			print "     host           : "+defaulthost+" "+O+"     Saved!!!"+W
			tlogin()
		elif actions[0:12] == "set username":
			defaultdat1 = actions[13:]
			print "     username       : "******" "+O+"     Saved!!!"+W
			tlogin()
		elif actions[0:12] == "set password":
			defaultdat2= actions[13:]
			print "     password       : "******" "+O+"     Saved!!!"+W
			tlogin()
		elif actions=="back":
			return 
		elif actions=="exit":
			print C+"     GooD"+W+" bye."
			exit()
		elif actions == "help":
			help.help()
		elif actions == "run":
			print("\n     ["+O+"!"+W+"] Checking target")
			print "     ["+G+"+"+W+"] options current"
			print "     host           : ",defaulthost
			print "     username       : "******"     password       : "******""
			print("     ["+G+"+"+W+"] Running")
			try:
				print("     ["+O+"!"+W+"] Testing in MYsql    \t\t\t[3306]")
				MySQLdb.connect(defaulthost,defaultdat1,defaultdat2,'')
				if True:
					print("     ["+G+"+"+W+"] Logged with "+defaultdat1+"/"+defaultdat2+" in Mysql")
			except:
				print("     ["+R+"-"+W+"] Service Off or No Logged.")
			try:
				print("     ["+O+"!"+W+"] Testing in SSH    \t\t\t[20]")
				connect = pxssh.pxssh()
				connect.login(defaulthost,defaultdat1,defaultdat2)
				if True:
					print("     ["+G+"+"+W+"] Logged with "+defaultdat1+"/"+defaultdat2+" in SSH")
			except:
				print "     ["+R+"-"+W+"] Service Off or No Logged."
			try:
				print("     ["+O+"!"+W+"] Testing in FTP    \t\t\t[21]")
				ftp.login(defaultdat1,defaultdat2)
				if True:
					print("     ["+G+"+"+W+"] Logged with "+defaultdat1+"/"+defaultdat2+" in FTP")
			except:
				print "     ["+R+"-"+W+"] Service Off or No Logged."
			try:
				print("     ["+O+"!"+W+"] Testing in POP3    \t\t\t[21]")
				red=poplib.POP3(defaulthost, 110)
				red.user(defaultdat1+"@"+defaulthost)
				red.pass_(defaultdat2)
				if True:
					print("     ["+G+"+"+W+"] Logged with "+defaultdat1+"/"+defaultdat2+" in POP3")
			except:
				print "     ["+R+"-"+W+"] Service Off or No Logged."
		else:
			print "     ["+O+"!"+W+"] command No Accept"+W
	except(KeyboardInterrupt):
		print("\n     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
		return
	tlogin()
Exemple #6
0
def cmysql(run):
	global defaulthost,defaultport,defaultuser,defaultpass
	try:
		if run!=1:
			actions=raw_input(d.prompt("clt/sql"))
		else:
			actions="run"
		if actions == "show options" or actions == "sop":
			d.option()
			d.descrip("target","yes","IP or DNS",defaulthost)
			d.descrip("port","no","Port of target",defaultport)
 			d.descrip("user","yes","Username",defaultuser)
 			d.descrip("pass","yes","Password",defaultpass)
			d.space()
			cmysql(0)
		elif actions[0:10] == "set target":
			defaulthost=defaulthost.replace("http://", "")
			defaulthost=ping.update(defaulthost,actions,"target")
			d.change("target",defaulthost)
		elif actions[0:8] == "set port":
			defaultport=ping.update(defaultport,actions,"port")
			d.change("port",defaultport)
		elif actions[0:8] == "set user":
			defaultuser=ping.update(defaultuser,actions,"user")
			d.change("user",defaultuser)
		elif actions[0:8] == "set pass":
			defaultpass=ping.update(defaultpass,actions,"pass")
			d.change("pass",defaultpass)
		elif actions=="exit" or actions=="x":
			d.goodbye()
			exit()
		elif actions=="help" or actions=="h":
			help.help()
		elif actions=="back" or actions=="b":
			return
		elif actions=="run"  or actions=="r":
			d.run()
			try:
				ping.live(defaulthost,defaultport)
				if True:
					try:
						con=MySQLdb.connect(defaulthost, defaultuser, defaultpass,"")
						if True:
							try:
								cmd="nop"
								print "\n "+Hlp+" SQL Client help\n"
								print "  -------------------------------------------------------------------------------------------------------"
								print "  |"+colors[6]+"Commd"+colors[0]+"            | "+colors[6]+"Description"+colors[0]+"     | "+colors[6]+"Examples"+colors[0]+"                                                        |"
								print "  -------------------------------------------------------------------------------------------------------"
								print "  |show databases   | list databases  | show databases                                                  |" 
								print "  |use	            | select database | use user_table                                                  |"
								print "  |show tables	    | list tables     | show tables                                                     |"
								print "  |create database  | create databases| create database USERS                                           | "
								print "  |create table	    | create tables   | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20))      | "
								print "  |drop database    | drop databases  | drop database USERS                                             | "
								print "  |drop table       | drop tables     | drop table EMAIL                                                | "
								print "  |insert	    | insert data     | insert into EMAILS values ( '2', '*****@*****.**' )               | "
								print "  |update           | update data     | update EMAILS set name='Willy' where id=1                       | "
								print "  |select           | select data     | select id, name from EMAILS                                     | "
								print "  -------------------------------------------------------------------------------------------------------"
								print ""
								while(cmd!="exit"):
									cmd = raw_input(d.Client_prompt('sql'))
									cur=con.cursor() 
									try:
										tor=cur.execute(cmd)
										if True:
											for x in range(tor):
	   											print cur.fetchone()
	   								except:
	   									print " "+Bad+" No command '"+cmd+"' found"
							except:
								Errors.Errors(event=sys.exc_info()[0], info=False)
					except:
						Errors.Errors(event=sys.exc_info(), info=defaulthost+":"+defaultport)
			except:
				Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
		else:
			d.No_actions()
	except:
		Errors.Errors(event=sys.exc_info()[0], info=False)
	cmysql(0)
Exemple #7
0
def btsql():
	try:
		global defaulthost,defaultport,defaultdic1,defaultdic2
		actions = raw_input(O+"     ktn/bt/sql > "+W)
		if actions == "show options":
			print ""
			print "     ["+R+"+"+W+"] options"
			print "     |target         : yes"
			print "     |port           : no/yes"
			print "     |dictionaries   : no/yes\n"
			print ""
			print "     ["+G+"+"+W+"] options current"
			print "     |target         : ",defaulthost
			print "     |port           : ",defaultport
			print "     |dictionary_1   : ",defaultdic1
			print "     |dictionary_2   : ",defaultdic2
			print ""
			btsql()
		elif actions[0:10] == "set target":
			defaulthost = actions[11:]
			defaulthost = defaulthost.replace("http://", "")
			print "     target         : "+defaulthost+" "+O+"     Saved!!!"+W
			btsql()
		elif actions[0:8] == "set port":
			defaultport = actions[9:]
			print "     port           : "+defaultport+" "+O+"     Saved!!!"+W
			btsql()
		elif actions[0:16] == "set dictionary_1":
				defaultdic1 = actions[17:]
				print "     dictionary_1   : "+defaultdic1+" "+O+"     Saved!!!"+W
				btsql()
		elif actions[0:16] == "set dictionary_2":
				defaultdic2 = actions[17:]
				print "     dictionary_2   : "+defaultdic2+" "+O+"     Saved!!!"+W
				btsql()
		elif actions=="back":
			return 
		elif actions=="exit":
			print C+"     GooD"+W+" bye."
			exit()
		elif actions == "help":
			help.help()
		if actions == "run":
			print("\n     ["+O+"!"+W+"] Checking file")
			if True:
				if True:
					print "     ["+G+"+"+W+"] options current"
					print "     target         : ",defaulthost
					print "     port           : ",defaultport
					print "     dictionary_1   : ",defaultdic1
					print "     dictionary_2   : ",defaultdic2
					print ""
					try:
						red=socket.socket(socket.AF_INET, socket.SOCK_STREAM)       
						red.connect((defaulthost, int(defaultport)))
						if True:
							print("     ["+G+"+"+W+"] target LIVE")
							print("     ["+G+"+"+W+"] Running")
							try:
								with open(defaultdic1,'r') as user:
									for us in user: 
										with open(defaultdic2,'r') as passs:
											for ps in passs:
												us=us.replace("\n","")
												ps=ps.replace("\n","")
												try:
													MySQLdb.connect(defaulthost,us,ps,'')
													if True:
														log=open('core/logs/logsBruteForce.log','a')
														log.write('\n ===================================== ')
														log.write('\n Module  : BruteForceSQL')
														log.write('\n Data    : '+time.strftime('%c'))
														log.write('\n target  : '+defaulthost)
														log.write('\n port    : '+defaultport)
														log.write('\n Cracked : username : '******' , password : '+ps)
														log.close()
														print "     ["+G+"+"+W+"] Successfully with username : "******" , password : "******"\n"
														return
												except(KeyboardInterrupt, SystemExit):
													print("     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
												except:
													print "     ["+O+"!"+W+"] Checking with username : "******" , password : "******"     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
					except:
						print("     ["+R+"-"+W+"] target off")
		else:
			print "     ["+O+"!"+W+"] command No Accept"+W
	except(KeyboardInterrupt, SystemExit):
		print("     ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
	btsql()