def __init__(self, connection, logfunction=None):
shellserver.__init__(self,
connection,
type="Active",
logfunction=logfunction)
devlog("phplistener", "New PHP listener connection:%s" % connection)
self.engine = None
self.sent_init_code = False
self.connection = connection #already done, but let's make it here as well
self.na = "This is a php listener - that command is not supported"
self.have_pcntl = False #assume true at first, then reset later if not true. (see dospawn)
self.next_socket_id = 0
self.SO_REUSEADDR = 5 #added
self.pid = ""
self.order = big_order
self.special_shellserver_send = True #modern version
self.safe_mode_possibly_on = True
self.broke_safemode = False
self.disable_functions = []
# these functions are enabled
self.php_shell_functions = {
"shell_exec": 1,
"exec": 1,
"passthru": 1,
"system": 1,
}
return
def __init__(self, shell, logfunction=None):
self.simpleShell = 0
self.started = 0
self.node = None
#Slower but more reliable
self.max_octects = 20
devlog("shelllistener", "[!] in main shell listener init!")
sock = shell.get_socket()
shellserver.__init__(self,
sock,
type="Active",
logfunction=logfunction)
self.shell = shell
self.prompt = get_random_letters(5)
self.localPrompt = "(CANVAS)"
#arrange to always have the same prompt
self.sendraw("/system/bin/sh -i\n")
time.sleep(1)
self.setProgress(20)
self.log("Setting prompt.")
self.sendraw("PS1=\"%s\" \n" % self.prompt)
time.sleep(1)
self.setProgress(30)
shell.read_until(self.prompt)
self.sendraw("export PS1\n")
time.sleep(1)
self.setProgress(40)
shell.read_until(self.prompt)
self.log("Setting paths.")
self.sendraw("PATH=\"/sbin:/system/bin:/system/xbin\"\n")
time.sleep(1)
shell.read_until(self.prompt)
self.sendraw("export PATH\n")
time.sleep(1)
self.log("Creating shelllistener, stage 1")
self.setProgress(50)
time.sleep(1)
self.log("Creating shelllistener, stage 2")
shell.read_until(self.prompt)
self.setProgress(80)
self.log("Creating shelllistener, done!")
self.sock = shell.get_socket()
self.setProgress(100)
return
def __init__(self, mysmbobj, node, logfunction=None):
shellserver.__init__(self,
None,
type="Active",
logfunction=logfunction)
self.node = node
node.shell = self
self.smbobj = mysmbobj
self.connection = self.smbobj.s #set this up for self.interact()
return
def __init__(self, connection, logfunction=None):
devlog("javalistener", "New Java listener connection:%s" % connection)
self.engine = None
self.sent_init_code = False
shellserver.__init__(self,
connection,
type="Active",
logfunction=logfunction)
self.connection = connection #already done, but let's make it here as well
self.na = "This is a Java listener - that command is not supported"
def __init__(self, shell, logfunction=None, crypto=True):
self.shell = shell
self.started = False
shellserver.__init__(self,
self.shell.get_socket(),
type='Active',
logfunction=logfunction)
self.encoder = Encoding()
self.prompt = '>>> '
if crypto == True:
self.init_crypto()
def __init__(self, mysmbobj, node, host, logfunction=None):
shellserver.__init__(self,
None,
type="Active",
logfunction=logfunction)
self.host = host
self.node = node
self.smbobj = mysmbobj
self.connection = self.smbobj.s # set this up for self.interact()
# We have to keep track of this here as remote server keeps no state
self.cwd = u'\\'
node.shell = self
def __init__(self, connection , logfunction=None):
logging.info("New Powershell listener connection: %s" % connection)
self.engine = None
self.sent_init_code = False
shellserver.__init__(self, connection, type="Active", logfunction=logfunction)
self.connection = connection # already done, but let's make it here as well
# Interpreter-backed shells are often slower than ones that use native code.
# If we don't have this, we risk the shell connection breaking due to a timeout.
if isinstance(self.connection, MOSDEFSock):
self.connection.timeout = 50
self.interactive = False
self.psprompt = "PS >"
self.prompt = "PSMOSDEF"
self.na = "This is a Powershell listener - that command is not supported"
def __init__(self, connection, logfunction=None):
devlog("phplistener", "New PHP listener connection:%s" % connection)
self.engine = None
self.sent_init_code = False
shellserver.__init__(self,
connection,
type="Active",
logfunction=logfunction)
self.connection = connection #already done, but let's make it here as well
self.na = "This is a php listener - that command is not supported"
self.have_pcntl = False #assume true at first, then reset later if not true. (see dospawn)
self.next_socket_id = 0
self.SO_REUSEADDR = 5 #added
self.pid = ""
self.order = big_order
self.special_shellserver_send = True #modern version
return
def __init__(self, shell, logfunction=None, simpleShell=0):
self.started = 0
self.node = None
#should never do this in the main thread!
#unless we are, of course, in the only thread from the commandline
threadchecknonMain()
devlog("shelllistener", "[!] in main shell listener init!")
sock = shell.get_socket()
shellserver.__init__(self,
sock,
type="Active",
logfunction=logfunction)
self.shell = shell
self.prompt = get_random_letters(5)
self.localPrompt = "(CANVAS)"
self.simpleShell = simpleShell
#arrange to always have the same prompt
if not simpleShell:
self.sendraw("/bin/sh -i\n")
self.setProgress(20)
time.sleep(1)
self.sendraw("stty -echo 2>/dev/null\n")
self.log("Setting prompt.")
#TODO: Some sort of bug here...breaks sadmind.
time.sleep(1)
self.setProgress(40)
self.sendraw("PS1=\"%s\" \n" % self.prompt)
self.log("Creating shelllistener, stage 1")
time.sleep(1)
self.setProgress(50)
shell.read_until(self.prompt)
time.sleep(1)
self.sendraw("export PS1\n")
self.setProgress(60)
self.log("Creating shelllistener, stage 2")
shell.read_until(self.prompt)
self.setProgress(80)
self.log("Creating shelllistener, done!")
self.sock = shell.get_socket()
self.setProgress(100)
#print "Self.sock= %s"%str(self.sock)
# for limited environments (like linksys embedded routers)
else:
devlog("shelllistener", "[!] in simple shell listener init...")
# this prompt can't have a $ in it because minix reduced shell echo does not
# handle "" strings, and will still escape the $, ie: echo "simpleShell$ "
# returns "simpleShell "
self.prompt = "simpleShell"
self.sendraw("\necho \"" + self.prompt + "\"\n")
shell.read_until(self.prompt)
self.log("Creating shelllistener, done!")
self.sock = shell.get_socket()
self.setProgress(100)
devlog("shellistener",
"[!] returning from simple shell listener init!")
return
def __init__(self, mysqlobj ,logfunction=None):
shellserver.__init__(self,mysqlobj._s,type="Active",logfunction=logfunction)
self.m=mysqlobj
self.na="This is a mysql listener, type sql command in Piped Command's box"
return