def main(): ''' handles user interface ''' colors.colored_print("[*] Default target list is ./data/ip_list.txt", colors.CYAN) SESSION.ip_list = SESSION.init_dir + '/data/ip_list.txt' futil.write_file(text=f"{os.getpid()}", filepath=SESSION.pidfile) while True: try: if os.getcwd() != core.MECROOT: os.chdir(core.MECROOT) input_cmd = rlinit.prompt(session=SESSION) try: cmd.cmd_handler(SESSION, input_cmd) except (KeyboardInterrupt, EOFError, SystemExit): sys.exit(0) except FileNotFoundError: console.print_error(f"[-] {core.MECROOT} not found???") sys.exit(1) except KeyboardInterrupt: answ = console.yes_no("\n[?] Are you sure to exit?") if answ: futil.check_kill_process('ss-proxy') sys.exit(0) else: continue
def main(): ''' handles user interface ''' rlinit.CMD_LIST = rlinit.readline_init(SESSION) answ = str( input(colors.CYAN + '[?] Use ip_list.txt as target list? [y/n] ' + colors.END)).strip() if answ.lower() == 'n': os.system("ls ~/.mec/data") SESSION.ip_list = SESSION.init_dir + '/data/' + \ console.input_check( '[=] Choose your target IP list, eg. ip_list.txt ', choices=os.listdir(core.MECROOT + '/data')) while True: try: input_cmd = input(colors.CYAN + colors.BOLD + "\nmec > " + colors.END) try: cmd.cmd_handler(SESSION, input_cmd) except (KeyboardInterrupt, EOFError, SystemExit): sys.exit(0) except KeyboardInterrupt: try: answ = input("\n[?] Are you sure to exit? [y/n] ") except KeyboardInterrupt: print("\n[-] Okay okay, exiting immediately...") futil.check_kill_process('ss-proxy') sys.exit(0) if answ.lower() == 'y': futil.check_kill_process('ss-proxy') sys.exit(0) else: continue
def command(self, user_cmd): ''' passes to cmd handler ''' cmd.cmd_handler(self, user_cmd)
def attack(self): ''' handles attack command ''' self.use_proxy = console.yes_no('[?] Do you wish to use proxychains?') if self.use_proxy: if shutil.which("proxychains4") is None: console.print_error("proxychains4 not found") return cmd.cmd_handler(self, "proxy") answ = console.input_check('\n[?] Do you wish to use\ \n\n [1] built-in exploits\ \n [2] or launch your own manually?\ \n\n[=] Your choice: ', choices=['1', '2', 'built-in', 'manually']) if answ in ['1', 'built-in']: print(colors.CYAN + colors.BOLD + '\n[?] Choose a module from: ' + colors.END + '\n') colors.colored_print(futil.BUILT_IN, colors.GREEN) module = console.input_check("[?] Choose your exploit module: ", choices=futil.BUILT_IN.split('\n'), allow_blank=False) try: scanner_instance = exploit_exec.EXPLOIT_DICT.get(module)(self) if scanner_instance is None: return scanner_instance.scan() return except (EOFError, KeyboardInterrupt, SystemExit): return # run custom exploits print(colors.CYAN + colors.UNDERLINE + colors.BOLD + "\nWelcome, in here you can call your own exploit\n" + colors.END) cmd.run_exploits() exploit = console.input_check( "\n[*] Enter the path (eg. test/test) to your exploit: ", choices=futil.list_exp()) jobs = int( console.input_check("[?] How many processes each time? ", check_type=int)) custom_args = console.input_check( "[*] Addtional args for this exploit (other than `-t <target>`): " ).strip().split() # parse user's exploit name exec_path = exploit.split('/')[1:] work_path = exploit.split('/')[:-1] exec_path = '/'.join(exec_path) work_path = '/'.join(work_path) # args as parameter for scanner scanner_instance = Scanner(work_path, exec_path, custom_args, jobs, self) # start scanner scanner_instance.scan()
def attack(self): ''' handles attack command ''' self.use_proxy = console.input_check( '[?] Do you wish to use proxychains? [y/n] ', choices=['y', 'n']) == 'y' if self.use_proxy: if shutil.which("proxychains4") is None: console.print_error("proxychains4 not found") return cmd.cmd_handler(self, "proxy") answ = console.input_check( '\n[?] Do you wish to use\ \n\n [a] built-in exploits\ \n [m] or launch your own manually?\ \n\n[=] Your choice: ', choices=['a', 'm']) if answ == 'a': print( colors.CYAN + colors.BOLD + '\n[?] Choose a module from: ' + colors.END + '\n') colors.colored_print(futil.BUILT_IN, colors.GREEN) module = console.input_check( "[?] Choose your exploit module: ", choices=futil.BUILT_IN.split('\n'), allow_blank=False) try: scanner_instance = exploit_exec.EXPLOIT_DICT.get(module)(self) if scanner_instance is None: return scanner_instance.scan() except (EOFError, KeyboardInterrupt, SystemExit): return elif answ == 'm': print( colors.CYAN + colors.UNDERLINE + colors.BOLD + "\nWelcome, in here you can choose your own exploit\n" + colors.END) colors.colored_print( '[*] Here are available exploits:\n', colors.CYAN) for poc in futil.list_exp(): colors.colored_print(poc + colors.END, colors.BLUE) exploit = console.input_check( "\n[*] Enter the path (eg. joomla/rce.py) of your exploit: ", choices=futil.list_exp()) jobs = int( console.input_check("[?] How many processes each time? ", check_type=int)) custom_args = [] answ = console.input_check( "[?] Do you need a reverse shell [y/n]? ", choices=['y', 'n']) if answ == 'y': lhost = console.input_check( "[*] Where do you want me to send shells? ", allow_blank=False, ip_check=True) lport = console.input_check( "[*] and at what port?", check_type=int) custom_args = ['-l', lhost, '-p', lport] else: pass custom_args += console.input_check( "[*] args for this exploit: ").strip().split() # parse user's exploit name exec_path = exploit.split('/')[1:] work_path = exploit.split('/')[:-1] exec_path = '/'.join(exec_path) work_path = '/'.join(work_path) # let user check if there's anything wrong print( colors.BLUE + '[*] Your exploit will be executed like\n' + colors.END, 'proxychains4 -q -f proxy.conf {} -t <target ip>'.format( exec_path), ' '.join(custom_args)) # args as parameter for scanner scanner_instance = Scanner(work_path, exec_path, custom_args, jobs, self) # start scanner scanner_instance.scan() else: console.print_error('[-] Invalid input')