def exec(self, func_name, *args): print(utils.titlify('help')) print( utils.green_bold('usage: ') + self.command_map['executors']['usage']) r = [] for key, value in self.executors_map.items(): id = value['id'] cmd_count = str(len(value['cmd_list'])) r.append([str(id), key, cmd_count]) h = [ utils.white_bold_underline('id'), utils.white_bold_underline('name'), utils.white_bold_underline('commands') ] print(utils.titlify('executors')) print(tabulate(r, h, tablefmt="simple"))
def resume_emulation(self, address=None, skip_bp=0): if address is not None: self.current_address = address self.skip_bp_count = skip_bp if self.exit_point is not None: print( utils.white_bold("emulation") + " started at " + utils.green_bold(hex(self.current_address))) if len(self.entry_context) == 0: # store the initial memory context for the restart self.entry_context = {'memory': {}, 'regs': {}} map_list = self.get_module('mappings_module').get_mappings() for map in map_list: map_address = int(map[1], 16) map_len = map[2] self.entry_context['memory'][map_address] = bytes( self.emu_instance.mem_read(map_address, map_len)) # registers const = utils.get_arch_consts(self.arch) regs = [ k for k, v in const.__dict__.items() if not k.startswith("__") and "_REG_" in k and not "INVALID" in k ] for r in regs: try: self.entry_context['regs'][ r] = self.emu_instance.reg_read(getattr(const, r)) except Exception as ex: pass # print("Ignoring reg: {} ({})".format(r, ex)) -> Ignored UC_X86_REG_MSR start_addr = self.current_address if self.is_thumb: start_addr = start_addr | 1 self.emu_instance.emu_start(start_addr, self.exit_point) else: print( 'please use \'set exit_point *offset\' to define an exit point' )
def new_exec(self, func_name, *args): key = input('executor name: ') id = len(self.executors_id_map) print('creating executor ' + utils.green_bold(str(id)) + '. add 1 command per line. type "end" to save') cmd_arr = [] while True: p = input('') if p == 'end': break else: if p: cmd_arr.append(p) if len(cmd_arr) > 0: executor = { 'id': id, 'cmd_list': cmd_arr } self.executors_map[key] = executor self.executors_id_map[id] = key
def print_command_list(self, com_obj): """ print the command list of the com_obj reference passed (could be root or even a sub_command reference) :param com_obj: command object reference :return: """ try: com_array = [] for com in com_obj: # if a short reference is present print (short) # if the command is a ref, ignore it if "ref" not in com_obj[com]: com_array.append(com) # sort the list of commands and print it com_array.sort() command_table_arr = [] for com in com_array: com_t = [utils.green_bold(com)] have_shorts = "short" in com_obj[com] if have_shorts: com_t.append(com_obj[com]["short"]) else: com_t.append('') com_t.append(self.print_usage(com_obj[com], only_get=True)) command_table_arr.append(com_t) print(utils.titlify('help')) print( tabulate(command_table_arr, [ utils.white_bold_underline('command'), utils.white_bold_underline('short'), utils.white_bold_underline('usage') ], tablefmt="simple")) except Exception as e: print(utils.error_format('print_command_list', str(e)))
def batch_execute(self, commands_arr): """ batch execute a list of commands :param commands_arr: array with commands :return: """ try: l = len(commands_arr) if l > 0: for com in commands_arr: self.parse_command(com) print('executed ' + utils.green_bold(str(l) + ' commands') + '.') else: raise Exception except Exception as e: print(MENU_APIX + " " + colored("FAILED", 'red', attrs=['underline', 'bold']) + " " + colored("batch execution of " + str(len(commands_arr)) + " commands", 'white', attrs=['underline', 'bold']))
def resume_emulation(self, address=0x0, skip_bp=0): if address > 0x0: self.current_address = address self.skip_bp_count = skip_bp if self.exit_point > 0x0: print( utils.white_bold("emulation") + " started at " + utils.green_bold(hex(self.current_address))) if len(self.entry_context) == 0: # store the initial memory context for the restart self.entry_context = {'memory': {}, 'regs': {}} map_list = self.get_module('mappings_module').get_mappings() for map in map_list: map_address = int(map[1], 16) map_len = map[2] self.entry_context['memory'][map_address] = bytes( self.emu_instance.mem_read(map_address, map_len)) # registers const = utils.get_arch_consts(self.arch) regs = [ k for k, v in const.__dict__.items() if not k.startswith("__") and k.index("_REG_") > 0 ] for r in regs: self.entry_context['regs'][r] = \ self.emu_instance.reg_read(getattr(const, r)) start_addr = self.current_address if self.is_thumb: start_addr = start_addr | 1 self.emu_instance.emu_start(start_addr, self.exit_point) else: print( 'please use \'set exit_point *offset\' to define an exit point' )
def print_usage(self, command, only_get=False): """ utils function to check (if exist) and print the command usage :param command: command of which to print usage description :param only_get: if True he will not print the usage but only returns it :return: """ if isinstance(command, dict): com = command else: com = self.core_instance.commands_map[command] try: if "usage" in com: if only_get is False: print(utils.green_bold("usage: ") + com["usage"]) return com["usage"] else: return None except Exception as e: return None
def disassemble(self, func_name, *args): p = bytes.fromhex(args[0]) off = 0x00 if len(args) == 1: self.internal_disassemble(p, off) else: try: arch = getattr(capstone.__all__, 'CS_ARCH_' + str(args[0]).upper()) except Exception as e: raise Exception('arch not found') mode = self.core_instance.get_cs_mode() if len(args) > 2: try: arch = getattr(capstone.__all__, 'CS_MODE_' + str(args[0]).upper()) except Exception as e: raise Exception('mode not found') cs = capstone.Cs(arch, mode) for i in cs.disasm(p, off): a = hex(i.address) print( utils.green_bold(a) + "\t%s\t%s" % (i.mnemonic, i.op_str))
def print_arm_registers(self): r0 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R0) r1 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R1) r2 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R2) r3 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R3) r4 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R4) r5 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R5) r6 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R6) r7 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R7) r8 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R8) r9 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R9) r10 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R10) r11 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R11) r12 = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_R12) sp = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_SP) pc = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_PC) lr = self.core_instance.get_emu_instance() \ .reg_read(arm_const.UC_ARM_REG_LR) r = [[utils.green_bold("r0"), hex(r0), r0], [utils.green_bold("r1"), hex(r1), r1], [utils.green_bold("r2"), hex(r2), r2], [utils.green_bold("r3"), hex(r3), r3], [utils.green_bold("r4"), hex(r4), r4], [utils.green_bold("r5"), hex(r5), r5], [utils.green_bold("r6"), hex(r6), r6], [utils.green_bold("r7"), hex(r7), r7], [utils.green_bold("r8"), hex(r8), r8], [utils.green_bold("r9"), hex(r9), r9], [utils.green_bold("r10"), hex(r10), r10], [utils.green_bold("r11"), hex(r11), r11], [utils.green_bold("r12"), hex(r12), r12], [utils.green_bold("sp"), hex(sp), sp], [utils.green_bold("pc"), hex(pc), pc], [utils.green_bold("lr"), hex(lr), lr]] h = [ utils.white_bold_underline('register'), utils.white_bold_underline('hex'), utils.white_bold_underline('decimal') ] print(tabulate(r, h, tablefmt="simple"))
utils.error("found multiple (%d) machines for searchkey \"%s\"" % (len(matches), searchkey)) else: for entry in matches: utils.to_json(self.htbapi.vm_vip_remove(entry["id"])) def htb_todo(self, searchkey): for entry in [x["id"] for x in self._filter_machines([searchkey], infrastructure="htb")]: self.htbapi.machines_todo_update(entry) self.htb_todos() def thm_stats(self): utils.to_json(self.thmapi.stats_global()) if __name__ == "__main__": parser = argparse.ArgumentParser(description="%s (v%s): Command-line interface for %s, %s and %s machines." % (utils.blue_bold("machinescli"), utils.green_bold("0.1"), utils.magenta_bold("HackTheBox"), utils.cyan_bold("TryHackMe"), utils.yellow_bold("VulnHub"))) # global flag to switch output mode; useful for debugging with jq ggroup = parser.add_mutually_exclusive_group() ggroup.add_argument('-j', '--jsonify', required=False, action='store_true', default=False, help='show raw json output (disable default tabular output)') ggroup.add_argument('-g', '--gsheet', required=False, action='store_true', default=False, help='show ghseet csv output (disable default tabular output)') ggroup.add_argument('-t', '--showttps', required=False, action='store_true', default=False, help='show ttps if machine writeup is available') mcgroup = parser.add_mutually_exclusive_group() # update htb|vh|oscplike stats # will perform live api querying for htb, web crawls for vh and oscplike lists mcgroup.add_argument('--update', required=False, action='store_true', default=False, help='update local stats file %s' % (utils.black_bold("(takes time)"))) # localized querying and listing of results from stats file (covers all supported platforms and lists (htb|vh and oscplike as of v0.1) # results could differ from htbgroup calls if local stats file has not been updated in a while