def _download_shellcode(cli,id,name):
if cli is True:
pass
else:
id = _input('%sshellcode_id%s' %
(color.color('blue'), color.color('yellow')), 'int', True)
url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php' % (str(id))
try:
if version() is 2:
data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0]
if version() is 3:
data = urlopen(url).read().decode('utf-8').rsplit('<pre>')[
1].rsplit('<body>')[0]
except:
warn('connection error\n')
return
write(_html_decode(data) + '\n\n')
if cli is False:
file_or_not = _input('Shellcode output to a .c file?(y or n)', 'any', True)
if file_or_not[0] == 'y':
target = _input('Target .c file?', 'any', True)
downloaded_file_output(target, _html_decode(data))
else:
if name != '':
downloaded_file_output(name, _html_decode(data))
def _download_shellcode(cli,id,name):
if cli is True:
pass
else:
id = _input('%sshellcode_id%s' %
(color.color('blue'), color.color('yellow')), 'int', True)
url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php' % (str(id))
try:
if version() is 2:
data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0]
if version() is 3:
data = urlopen(url).read().decode('utf-8').rsplit('<pre>')[
1].rsplit('<body>')[0]
except:
warn('connection error\n')
return
write(_html_decode(data) + '\n\n')
if cli is False:
file_or_not = _input('Shellcode output to a .c file?(y or n)', 'any', True)
if file_or_not[0] == 'y':
target = _input('Target .c file?', 'any', True)
downloaded_file_output(target, _html_decode(data))
else:
if name != '':
downloaded_file_output(name, _html_decode(data))
def start(content):
if '<?' in content or '?>' in content or '<?php' in content:
warn('We\'ve detected <? or ?> or <?php in your php code which if they wasn\'t comment, eval() will not work! so we suggest you to delete them.\n')
answer = _input('Would you let me to delete php tags for you [yes/no]? ','any',True)
if answer == 'yes' or answer == 'y':
content = content.replace('<?php','').replace('<?','').replace('?>','')
elif answer == 'no' or answer == 'n':
pass
else:
warn('You had to answer with yes or no, We count that as "no"\n')
return str(str('<?php \n/*\n')+str(content.replace('*/','*_/'))+str('\n*/') + str(encode(content))+str('\n'))
def _download_shellcode():
id = _input('%sshellcode_id%s'%(color.color('blue'),color.color('yellow')),'int',True)
url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php'%(str(id))
try:
if version() is 2:
data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0]
if version() is 3:
data = urlopen(url).read().decode('utf-8').rsplit('<pre>')[1].rsplit('<body>')[0]
except:
warn('connection error\n')
return
write(data)
def _download_shellcode():
id = _input("%sshellcode_id>%s " % (color.color("blue"), color.color("yellow")), "int", True)
url = "http://shell-storm.org/shellcode/files/shellcode-%s.php" % (str(id))
try:
if version() is 2:
data = urlopen(url).read().rsplit("<pre>")[1].rsplit("<body>")[0]
if version() is 3:
data = urlopen(url).read().decode("utf-8").rsplit("<pre>")[1].rsplit("<body>")[0]
except:
warn("connection error\n")
return
write(data)
def _download_shellcode():
id = _input(
'%sshellcode_id>%s ' % (color.color('blue'), color.color('yellow')),
'int', True)
url = 'http://shell-storm.org/shellcode/files/shellcode-%s.php' % (str(id))
try:
if version() is 2:
data = urlopen(url).read().rsplit('<pre>')[1].rsplit('<body>')[0]
if version() is 3:
data = urlopen(url).read().decode('utf-8').rsplit(
'<pre>')[1].rsplit('<body>')[0]
except:
warn('connection error\n')
return
write(data)
def _search_shellcode():
url = 'http://shell-storm.org/api/?s='
keyword = _input('%skeyword_to_search%s'%(color.color('blue'),color.color('yellow')),'any',True)
keyword=keyword.replace(' ','*')
try:
data = urlopen(url+keyword).read()
if version() is 3:
data = data.decode('utf-8')
except:
warn('connection error')
return
for shellcode_ in data.rsplit('\n'):
try:
shellcode_ = shellcode_.rsplit('::::')
info('author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n'%(shellcode_[0],shellcode_[3],shellcode_[1],shellcode_[2]))
except:
pass
write('\n')
def start(content):
if '<?' in content or '?>' in content or '<?php' in content:
warn(
'We\'ve detected <? or ?> or <?php in your php code which if they wasn\'t comment, eval() will not work! so we suggest you to delete them.\n'
)
answer = _input(
'Would you let me to delete php tags for you [yes/no]? ', 'any',
True)
if answer == 'yes' or answer == 'y':
content = content.replace('<?php',
'').replace('<?', '').replace('?>', '')
elif answer == 'no' or answer == 'n':
pass
else:
warn('You had to answer with yes or no, We count that as "no"\n')
return str(
str('<?php \n/*\n') + str(content.replace('*/', '*_/')) + str('\n*/') +
str(encode(content)) + str('\n'))
def _search_shellcode():
url = 'http://shell-storm.org/api/?s='
keyword = _input(
'%skeyword_to_search>%s ' %
(color.color('blue'), color.color('yellow')), 'any', True)
keyword = keyword.replace(' ', '*')
try:
data = urlopen(url + keyword).read()
if version() is 3:
data = data.decode('utf-8')
except:
warn('connection error')
return
for shellcode_ in data.rsplit('\n'):
try:
shellcode_ = shellcode_.rsplit('::::')
info('author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n' %
(shellcode_[0], shellcode_[3], shellcode_[1], shellcode_[2]))
except:
pass
write('\n')
def _search_shellcode():
url = "http://shell-storm.org/api/?s="
keyword = _input("%skeyword_to_search>%s " % (color.color("blue"), color.color("yellow")), "any", True)
keyword = keyword.replace(" ", "*")
try:
data = urlopen(url + keyword).read()
if version() is 3:
data = data.decode("utf-8")
except:
warn("connection error")
return
for shellcode_ in data.rsplit("\n"):
try:
shellcode_ = shellcode_.rsplit("::::")
info(
"author: %s\tshellcode_id: %s\tplathform: %s\ttitle: %s\n"
% (shellcode_[0], shellcode_[3], shellcode_[1], shellcode_[2])
)
except:
pass
write("\n")
def getcommand(commands):
exit_counter = 0
backup_commands = commands
crawler = 0
command_path = ["zsc"]
command = ""
while True:
try:
command = _input("/".join(command_path), "any", False)
if command is None:
_lets_error
except:
command = ""
warn('\nplease use "exit" or "quit" to exit software.\n')
exit_counter += 1
if exit_counter is 3:
error("\nExit\n")
sys.exit(0)
check = True
for option in commands:
if command == option:
crawler += 1
if crawler is 1:
commands = commands[option][1]
command_path.append(option)
if crawler is 2:
if command == "search":
_search_shellcode()
exec(_reset)
elif command == "download":
_download_shellcode()
exec(_reset)
elif command == "generate":
exec(_option_replace)
else:
while True:
filename = _input("filename", "any", True)
try:
content = open(filename, "rb").read()
break
except:
warn("sorry, cann't find file\n")
exec(_option_replace)
exec(_refresh)
t = True
while t:
encode = _input("encode", "any", True)
for en in commands:
if encode == en:
t = False
if t is True:
warn("please enter a valid encode name\n")
obf_code(option, encode, filename, content)
exec(_reset)
if crawler is 3:
os = option
exec(_option_replace)
if crawler is 4:
func = option
exec(_option_replace)
if crawler is 5:
data = []
backup_option = option
options = option.rsplit("&&")
for o in options:
if version() is 2:
data.append(raw_input("%s:" % o))
if version() is 3:
data.append(input("%s:" % o))
n = 0
write("\n")
for o in options:
info('%s set to "%s"\n' % (o, data[n]))
n += 1
run = getattr(__import__("lib.generator.%s.%s" % (os, func), fromlist=["run"]), "run")
shellcode = run(data)
write("\n")
for encode in backup_commands["shellcode"][1]["generate"][os][func][backup_option]:
info(encode + "\n")
write("\n\n")
info("enter encode type\n")
completer = autocomplete(backup_commands["shellcode"][1]["generate"][os][func][backup_option])
readline.set_completer(completer.complete)
readline.parse_and_bind("tab: complete")
try:
encode = _input("zsc", "any", False)
if encode is None:
_lets_error
except:
encode = "none"
warn('\n"none" encode selected\nplease use "exit" or "quit" to exit software.\n')
exit_counter += 1
if assembly_code is False:
write("\n" + op(encode_process(encode, shellcode, os, func), os) + "\n\n")
elif assembly_code is True:
write("\n" + encode_process(encode, shellcode, os, func) + "\n\n")
exec(_reset)
exec(_refresh)
check = False
if command == "exit":
write(color.color("reset"))
sys.exit("Exit")
elif command == "update":
_update(__version__)
exec(_reset)
elif command == "help":
exit_counter = 0
help_(help)
exec(_reset)
elif command == "restart":
exec(_reset)
elif command == "about":
about()
exec(_reset)
elif command == "version":
_version()
exec(_reset)
else:
if command != "" and check is True:
exit_counter = 0
info("Command not found!\n")
def getcommand(commands):
backup_commands = commands
crawler = 0
command_path = ['zsc']
command = ''
while True:
try:
command = _input('/'.join(command_path), 'any', False)
if command is None:
_lets_error
except:
warn('interrupted by user!\nExit\n')
sys.exit(0)
check = True
if command.startswith('#'): # allows for comments
continue
inContext = ['clear', 'help', 'about', 'version', 'back']
for option in commands:
if command == option and command not in inContext:
crawler += 1
if crawler is 1:
commands = commands[option][1]
command_path.append(option)
if crawler is 2:
if command == 'search':
_search_shellcode(False,0)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'download':
_download_shellcode(False,0,'')
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'shell_storm_list':
_grab_all()
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'generate':
commands = commands[option]
command_path.append(option)
else:
while True:
f = []
import os as OS
for (dirpath, dirnames, filenames) in OS.walk('.'):
f.extend(filenames)
break
completer = autocomplete(f)
readline.set_completer(completer.complete)
filename = _input('filename', 'any', True)
completer = autocomplete(commands)
readline.set_completer(completer.complete)
try:
content = open(filename, 'rb').read()
break
except:
warn('sorry, cann\'t find file\n')
commands = commands[option]
command_path.append(option)
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
t = True
while t:
encode = _input('encode', 'any', True)
for en in commands:
if encode == en:
t = False
if t is True:
warn('please enter a valid encode name\n')
obf_code(option, encode, filename, content,False)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
if crawler is 3:
os = option
commands = commands[option]
command_path.append(option)
if crawler is 4:
func = option
commands = commands[option]
command_path.append(option)
if crawler is 5:
data = []
backup_option = option
if option != '':
options = option.rsplit('&&')
for o in options:
data.append(_input(o,'any',True))
n = 0
write('\n')
for o in options:
info('%s set to "%s"\n' % (o, data[n]))
n += 1
run = getattr(
__import__('lib.generator.%s.%s' % (os, func),
fromlist=['run']),
'run')
shellcode = run(data)
write('\n')
for encode in backup_commands['shellcode'][1]['generate'][
os][func][backup_option]:
info(encode + '\n')
write('\n\n')
info('enter encode type\n')
completer = autocomplete(backup_commands['shellcode'][1][
'generate'][os][func][backup_option])
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
try:
encode = _input('/'.join(command_path) + "/encode_type", 'any', False)
if encode is None:
_lets_error
except:
encode = 'none'
warn(
'\n"none" encode selected\n')
write('\n')
assembly_code_or_not = _input(
'Output assembly code?(y or n)', 'any', True)
if assembly_code_or_not == 'y':
assembly_code = True
else:
assembly_code = False
if assembly_code is True:
write('\n'+encode_process(encode, shellcode, os, func) + '\n\n')
output_shellcode = _input('Output shellcode to screen?(y or n)', 'any', True)
shellcode_op = op( encode_process(encode, shellcode, os, func), os)
if output_shellcode == 'y':
info('Generated shellcode is:\n' + shellcode_op +'\n\n')
file_or_not = _input('Shellcode output to a .c file?(y or n)', 'any', True)
if file_or_not == 'y':
target = _input('Target .c file?', 'any', True)
file_output(target, func, data, os, encode, shellcode, shellcode_op)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
check = False
if command == 'exit' or command == 'quit':
write(color.color('reset'))
sys.exit('Exit')
elif command == 'update':
_update(__version__)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'help':
_help(help)
elif command == 'restart':
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'about':
about()
elif command == 'version':
_version()
elif command == 'clear':
_clear()
elif command == 'back':
if len(command_path) > 1:
command_path.pop()
commands = backup_commands
for option in command_path:
if option == 'zsc':
pass
elif option == command_path[1]:
commands = commands[option][1]
else:
commands = commands[option]
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler -= 1
else:
info('Can\'t go back from here!\n')
else:
if command != '' and check is True:
info('Command not found!\n')
def getcommand(commands):
exit_counter = 0
backup_commands = commands
crawler = 0
command_path = ['zsc']
command = ''
while True:
try:
command = _input('/'.join(command_path),'any',False)
if command is None:
_lets_error
except:
command = ''
warn('\nplease use "exit" or "quit" to exit software.\n')
exit_counter += 1
if exit_counter is 3:
error('\nExit\n')
sys.exit(0)
check = True
for option in commands:
if command == option:
crawler += 1
if crawler is 1:
commands = commands[option][1]
command_path.append(option)
if crawler is 2:
if command == 'search':
_search_shellcode()
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'download':
_download_shellcode()
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'generate':
commands = commands[option]
command_path.append(option)
else:
while True:
f = []
import os as OS
for (dirpath, dirnames, filenames) in OS.walk('.'):
f.extend(filenames)
break
completer = autocomplete(f)
readline.set_completer(completer.complete)
filename = _input('filename','any',True)
completer = autocomplete(commands)
readline.set_completer(completer.complete)
try:
content = open(filename,'rb').read()
break
except:
warn('sorry, cann\'t find file\n')
commands = commands[option]
command_path.append(option)
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
t = True
while t:
encode = _input('encode','any',True)
for en in commands:
if encode == en:
t = False
if t is True:
warn('please enter a valid encode name\n')
obf_code(option,encode,filename,content)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
if crawler is 3:
os = option
commands = commands[option]
command_path.append(option)
if crawler is 4:
func = option
commands = commands[option]
command_path.append(option)
if crawler is 5:
data = []
backup_option = option
options = option.rsplit('&&')
for o in options:
if version() is 2:
data.append(raw_input('%s:'%o))
if version() is 3:
data.append(input('%s:'%o))
n = 0
write('\n')
for o in options:
info('%s set to "%s"\n'%(o,data[n]))
n+=1
run = getattr(__import__('lib.generator.%s.%s'%(os,func), fromlist=['run']), 'run')
shellcode = run(data)
write('\n')
for encode in backup_commands['shellcode'][1]['generate'][os][func][backup_option]:
info(encode+'\n')
write('\n\n')
info('enter encode type\n')
completer = autocomplete(backup_commands['shellcode'][1]['generate'][os][func][backup_option])
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
try:
encode = _input('zsc','any',False)
if encode is None:
_lets_error
except:
encode = 'none'
warn('\n"none" encode selected\nplease use "exit" or "quit" to exit software.\n')
exit_counter += 1
if assembly_code is False:
write('\n'+op(encode_process(encode,shellcode,os,func),os)+'\n\n')
elif assembly_code is True:
write('\n'+encode_process(encode,shellcode,os,func)+'\n\n')
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
check = False
if command == 'exit':
write(color.color('reset'))
sys.exit('Exit')
elif command == 'update':
_update(__version__)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'help':
exit_counter = 0
_help(help)
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'restart':
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'about':
about()
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
elif command == 'version':
_version()
commands = backup_commands
completer = autocomplete(commands)
readline.set_completer(completer.complete)
readline.parse_and_bind('tab: complete')
crawler = 0
command_path = ['zsc']
else:
if command != '' and check is True:
exit_counter = 0
info('Command not found!\n')
