def print_menu(self): ordnance_helpers.title_screen() print("Veil-Ordnance Menu") print("\n\t" + helpers.color(len(self.active_shellcode)) + " payloads loaded") print("\t" + helpers.color(len(self.active_encoders)) + " encoders loaded\n") print("Available Commands:\n") for command in sorted(self.ordnance_main_menu_commands.keys()): print("\t" + helpers.color(command) + '\t\t\t' + self.ordnance_main_menu_commands[command]) print() return
def print_options_screen(self, pload_object): ordnance_helpers.title_screen() print("Payload: " + helpers.color(pload_object.cli_name) + " selected\n") print(helpers.color(" Required Options:\n")) print('{0: <16}'.format('Name') + '\t' + '{0: <8}'.format('Value') + '\t' + '{0: <8}'.format('Description')) print('{0: <16}'.format('----') + '\t' + '{0: <8}'.format('-----') + '\t' + '{0: <8}'.format('-----------')) for opt_name in sorted(pload_object.required_options.keys()): print('{0: <16}'.format(opt_name) + '\t' + '{0: <8}'.format(pload_object.required_options[opt_name][0]) + '\t' + pload_object.required_options[opt_name][1]) print() self.print_shellcode_option_commands() return
def use_payload(self, payload): while ordnance_helpers.loop_req_options(payload): # Soon as we load the payload, show options self.print_options_screen(payload) while True: comp = completer.OrdnanceCompleter(self.shellcode_option_commands, payload) readline.set_completer_delims(' \t\n;') readline.parse_and_bind("tab: complete") readline.set_completer(comp.complete) show_payload_menu = False shellcode_command = input("[" + payload.cli_name + ">>]: ").strip().lower() # Start logic for required option commands if shellcode_command.startswith("set"): if len(shellcode_command.split()) < 3 or len(shellcode_command.split()) > 3: print() print(helpers.color(" [!] ERROR: You did not provide the correct input for setting an option!", warning=True)) print(helpers.color(" [*] Ex: set LHOST 192.168.18.14", warning=True)) print() else: found_req_option = False for key, value in payload.required_options.items(): if shellcode_command.split()[1] == key.lower(): found_req_option = True value[0] = shellcode_command.split()[2] if not found_req_option: print() print(helpers.color(" [!] ERROR: You didn't provide a correct option to set, please retry!", warning=True)) print() elif shellcode_command.startswith("exit") or shellcode_command.startswith("quit"): sys.exit(0) elif shellcode_command.startswith("back") or shellcode_command.startswith("main") or shellcode_command.startswith("menu"): show_payload_menu = True break elif shellcode_command.startswith("list"): ordnance_helpers.title_screen() self.print_encoders() elif shellcode_command.startswith("gen") or shellcode_command.startswith("run"): lport_out = "" lhost_out = "" rhost_out = "" if ordnance_helpers.loop_req_options(payload): print() print(helpers.color(" [!] ERROR: You didn't provide all the required options!", warning=True)) print() else: safe_to_generate = True if "LHOST" in payload.required_options: if not ordnance_helpers.check_lhost(payload.required_options["LHOST"][0]): print() print(helpers.color(" [!] ERROR: You didn't provide a valid IP address!", warning=True)) print(helpers.color(" [!] ERROR: Try again :)", warning=True)) print() safe_to_generate = False if "LPORT" in payload.required_options: if not ordnance_helpers.check_lport(payload.required_options["LPORT"][0]): print() print(helpers.color(" [!] ERROR: You didn't provide a valid LPORT value!", warning=True)) print(helpers.color(" [!] ERROR: Try again :)", warning=True)) print() safe_to_generate = False if safe_to_generate: # Generate the shellcode payload.gen_shellcode() # Gather information to generate handler if requested self.final_shellcode = payload.customized_shellcode if "LHOST" in payload.required_options: lhost_out = payload.required_options["LHOST"][0] if "LPORT" in payload.required_options: lport_out = payload.required_options["LPORT"][0] if "RHOST" in payload.required_options: rhost_out = payload.required_options["RHOST"][0] if lhost_out: self.payload_options['LHOST'] = lhost_out if lport_out: self.payload_options['LPORT'] = lport_out if rhost_out: self.payload_options['RHOST'] = rhost_out # Check if encoder is needed if payload.required_options["Encoder"][0] is not "None": self.use_encoder(payload) self.final_shellcode = payload.customized_shellcode # Print banner & payload stats ordnance_helpers.title_screen() payload.payload_stats() # Did we come from Evasion? Or direct from Ordnance... if self.invoked: print('\nHalf way... ' + helpers.color('Shellcode generated with Veil-Ordnance!') + ' Returning to Veil-Evasion.') # Re-set settings if "LHOST" in payload.required_options: payload.required_options["LHOST"][0] = "" if "LPORT" in payload.required_options: payload.required_options["LPORT"][0] = "" else: dummy = input("\n" + helpers.color('Done!') + "Hit enter to continue...") show_payload_menu = True break elif shellcode_command.startswith("option"): # Reprint the shellcode options to console self.print_options_screen(payload) if show_payload_menu: if not self.invoked: self.print_menu() break return
def tool_main_menu(self, invoked=False): # This is the main function where everything is called from # Iterate over payloads and find the user selected payload module # invoked is used when another tool is calling this function ordnance_main_command = "" show_ordnance_menu = True # Called from another tool? if invoked: self.invoked = True while True: if show_ordnance_menu: self.print_menu() show_ordnance_menu = False ordnance_main_command = input('Veil/Ordnance>: ').strip().lower() # See if we're listing payloads or encoders if ordnance_main_command.startswith('list'): if len(ordnance_main_command.split()) == 1: print() print(helpers.color(" [!] ERROR: You did not provide what you want to list!", warning=True)) print(helpers.color(" [*] Ex: list payloads OR list encoders", warning=True)) print() elif len(ordnance_main_command.split()) == 2: list_selection = ordnance_main_command.split()[1].lower() # Check and see what we are listing # Payloads if list_selection.startswith('p'): ordnance_helpers.title_screen() self.print_payloads() # Encoders elif list_selection.startswith('e'): ordnance_helpers.title_screen() self.print_encoders() else: print() print(helpers.color(" [!] ERROR: You did not provide a valid item to list!", warning=True)) print(helpers.color(" [*] Ex: list payloads OR list encoders", warning=True)) print() elif ordnance_main_command.startswith("back") or ordnance_main_command.startswith("main") or ordnance_main_command.startswith("menu"): break elif ordnance_main_command.startswith("exit") or ordnance_main_command.startswith("quit"): sys.exit(0) elif ordnance_main_command.startswith('use'): if len(ordnance_main_command.split()) == 2: payload_selected = ordnance_main_command.split()[1].lower() selected_payload_module = self.return_payload_object(payload_selected) if not selected_payload_module: print() print(helpers.color(" [!] ERROR: You did not provide a valid payload selection!", warning=True)) print(helpers.color(" [*] Ex: use 2 OR use rev_http", warning=True)) print() else: self.use_payload(selected_payload_module) # If invoked, return the shellcode if self.invoked: return ## If not, show the menu else: show_evasion_menu = True else: print() print(helpers.color(" [!] ERROR: You did not provide a valid payload selection!", warning=True)) print(helpers.color(" [*] Ex: use 2 OR use rev_http", warning=True)) print() return
def use_payload(self, incoming_payload): shellcode_found = False for payload in self.active_shellcode.values(): if incoming_payload.lower() == payload.cli_name: shellcode_found = True while ordnance_helpers.loop_req_options(payload): self.print_options_screen(payload) while True: comp = completer.OrdnanceCompleter( self.shellcode_option_commands, payload) readline.set_completer_delims(' \t\n;') readline.parse_and_bind("tab: complete") readline.set_completer(comp.complete) breakout = False shellcode_command = input("[" + payload.cli_name + ">>]: ").lower().strip() # Start logic for required option commands if shellcode_command.startswith("set"): if len(shellcode_command.split()) < 3 or len( shellcode_command.split()) > 3: print( helpers.color( "[*] Error: You did not provide the correct input for setting an option!", warning=True)) print( helpers.color( "[*] Error: Ex: set LHOST 192.168.18.14" )) else: found_req_option = False for key, value in payload.required_options.items( ): if shellcode_command.split( )[1] == key.lower(): found_req_option = True value[0] = shellcode_command.split()[2] if not found_req_option: print( helpers.color( "[*] Error: You didn't provide a correct option to set, please retry!", warning=True)) elif shellcode_command == "exit": # Completely exit out of Veil print( helpers.color( "[*] You're rage quitting all of Veil!", warning=True)) sys.exit(0) elif shellcode_command == "back": # Go back to shellcode selection shellcode_command = '' breakout = True break elif shellcode_command == "generate": lport_out = '' lhost_out = '' rhost_out = '' if ordnance_helpers.loop_req_options(payload): print( helpers.color( "[*] Error: You didn't provide all the required options!", warning=True)) else: safe_to_generate = True if "LHOST" in payload.required_options: if not ordnance_helpers.check_lhost( payload.required_options["LHOST"] [0]): print( helpers.color( "[*] Error: You didn't provide a valid IP address!", warning=True)) print( helpers.color( "[*] Error: Try again :)", warning=True)) safe_to_generate = False if "LPORT" in payload.required_options: if not ordnance_helpers.check_lport( payload.required_options["LPORT"] [0]): print( helpers.color( "[*] Error: You didn't provide a valid LPORT value!", warning=True)) print( helpers.color( "[*] Error: Try again :)", warning=True)) safe_to_generate = False if safe_to_generate: # Generate the shellcode payload.gen_shellcode() # Gather information to generate handler if requested self.final_shellcode = payload.customized_shellcode if "LHOST" in payload.required_options: lhost_out = payload.required_options[ "LHOST"][0] if "LPORT" in payload.required_options: lport_out = payload.required_options[ "LPORT"][0] if "RHOST" in payload.required_options: rhost_out = payload.required_options[ "RHOST"][0] if lhost_out: self.payload_options[ 'LHOST'] = lhost_out if lport_out: self.payload_options[ 'LPORT'] = lport_out if rhost_out: self.payload_options[ 'RHOST'] = rhost_out # Check if encoder is needed if payload.required_options["Encoder"][ 0] is not "None": self.use_encoder(payload) self.final_shellcode = payload.customized_shellcode # Print payload stats payload.payload_stats() if self.invoked: dummy = input( '\nHit enter to return to Veil-Evasion... ' ) else: dummy2 = input( '\nHit enter to continue... ') shellcode_command = '' if "LHOST" in payload.required_options: payload.required_options["LHOST"][ 0] = '' if "LPORT" in payload.required_options: payload.required_options["LPORT"][ 0] = '' breakout = True break elif shellcode_command == "options": # Reprint the shellcode options to console self.print_options_screen(payload) if breakout: ordnance_helpers.title_screen() print("Veil-Ordnance Menu") print("\n\t" + helpers.color(len(self.active_shellcode)) + " payloads loaded") print("\t" + helpers.color(len(self.active_encoders)) + " encoders loaded\n") print("Available Commands:\n") for command in sorted( self.ordnance_main_menu_commands.keys()): print("\t" + helpers.color(command) + '\t\t\t' + self.ordnance_main_menu_commands[command]) print() break if not shellcode_found: print( helpers.color( "[*] Error: You did not provide a valid payload name, please try again!", warning=True)) return
def tool_main_menu(self, invoked=False): # This is the main function where everything is called from # Iterate over payloads and find the user selected payload module # invoked is used when another tool is calling this function ordnance_main_command = '' show_ordnance_menu = True if invoked: self.invoked = True while ordnance_main_command == '': if show_ordnance_menu: ordnance_helpers.title_screen() print("Veil-Ordnance Menu") print("\n\t" + helpers.color(len(self.active_shellcode)) + " payloads loaded") print("\t" + helpers.color(len(self.active_encoders)) + " encoders loaded\n") print("Available Commands:\n") for command in sorted(self.ordnance_main_menu_commands.keys()): print("\t" + helpers.color(command) + '\t\t\t' + self.ordnance_main_menu_commands[command]) print() show_ordnance_menu = True ordnance_main_command = input('Veil-Ordnance command: ').strip() # See if we're listing payloads or encoders if ordnance_main_command.lower().startswith('list'): if len(ordnance_main_command.split()) == 1: print() print( helpers.color( "[*] Error: You did not provide what you want to list!", warning=True)) print( helpers.color("[*] Ex: list payloads or list encoders", warning=True)) print() ordnance_main_command = '' show_ordnance_menu = False elif len(ordnance_main_command.split()) == 2: list_selection = ordnance_main_command.split()[1] # Check and see what we are listing if list_selection.lower() == 'payloads': ordnance_helpers.title_screen() self.print_payloads() show_ordnance_menu = False print() ordnance_main_command = '' elif list_selection.lower() == 'encoders': ordnance_helpers.title_screen() self.print_encoders() show_ordnance_menu = False print() ordnance_main_command = '' else: show_ordnance_menu = False print() print( helpers.color( "[*] Error: You did not provide a valid item to list!", warning=True)) print( helpers.color( "[*] Ex: list payloads or list encoders", warning=True)) print() ordnance_main_command = '' else: ordnance_main_command = '' elif ordnance_main_command.lower() == "help": ordnance_main_command = '' elif ordnance_main_command.lower() == "back": ordnance_main_command = '' break elif ordnance_main_command.lower() == "exit": if invoked: break else: sys.exit(0) elif ordnance_main_command.lower().startswith('payload'): if len(ordnance_main_command.split()) < 2: print( helpers.color( "[*] Error: You did not provide the payload to use!", warning=True)) print(helpers.color("[*] Ex: use rev_http", warning=True)) ordnance_main_command = '' elif len(ordnance_main_command.split()) > 2: print( helpers.color( "[*] Error: You provided too many options!", warning=True)) print(helpers.color("[*] Ex: use rev_http", warning=True)) else: self.selected_payload = ordnance_main_command.split( )[1].lower() self.use_payload(self.selected_payload) # If invoked, return the shellcode if self.invoked: return if self.final_shellcode == '': show_ordnance_menu = False self.selected_payload = '' ordnance_main_command = '' else: ordnance_main_command = '' return
def cli_menu(self, invoked=False): ordnance_helpers.title_screen() # Check to see if we're just listing payloads or encoders # If so, do that and then exit # --list-payloads if self.command_options.list_payloads: self.print_payloads() sys.exit() # --list-encoders elif self.command_options.list_encoders: self.print_encoders() sys.exit() # Now let's check for payloads we're doing # Missing --ordnance-payload ? if not self.command_options.ordnance_payload: print( helpers.color( " [!] ERROR: Missing ordnance-payload selection (--ordnance-payload <payload>). Try: -t Ordnance --list-payloads", warning=True)) else: payload_selected = self.command_options.ordnance_payload.lower() payload = self.return_payload_object(payload_selected) if not payload: print( helpers.color( " [!] ERROR: You specified a non-existent Ordnance payload!", warning=True)) sys.exit() else: if "LHOST" in payload.required_options: # Is --ip missing? if self.command_options.ip is None: print( helpers.color(" [!] ERROR: Missing --ip <value>", warning=True)) sys.exit() else: valid_ip = helpers.validate_ip(self.command_options.ip) valid_hostname = helpers.validate_hostname( self.command_options.ip) if valid_ip: payload.required_options["LHOST"][ 0] = self.command_options.ip elif valid_hostname: if payload.cli_name == 'rev_tcp_dns': payload.required_options["LHOST"][ 0] = self.command_options.ip else: print( helpers.color( " [!] ERROR: Invalid IP/Hostname specified!", warning=True)) sys.exit() else: print( helpers.color( " [!] ERROR: Invalid IP/Hostname specified!", warning=True)) sys.exit() if "LPORT" in payload.required_options: if 0 < self.command_options.port < 65535: payload.required_options["LPORT"][ 0] = self.command_options.port else: print( helpers.color( " [!] ERROR: Invalid port number provided!", warning=True)) print(helpers.color("[*] Try again?", warning=True)) sys.exit() # Generate the original shellcode payload.cli_gen_shellcode() self.final_shellcode = payload.customized_shellcode # Check if an encoder is being called by the user if self.command_options.encoder is not None: encoder_found_here = False if "BadChars" in payload.required_options: payload.required_options["BadChars"][ 0] = self.command_options.bad_chars for loaded_encoder in self.active_encoders.values(): if self.command_options.encoder.lower( ) == loaded_encoder.cli_name: encoder_found_here = True loaded_encoder.cli_encode(payload) if not encoder_found_here: print( helpers.color( " [!] ERROR: Encoder you specified was not found!", warning=True)) print(helpers.color("[*] Try again?", warning=True)) sys.exit() self.final_shellcode = payload.customized_shellcode if invoked: pass else: payload.payload_stats() return