def task(self, config):
""" prepare the shell """
ext = config["menu-sel"].replace(" ", "_")
serv = self._service_filter(config["service"])
proxychains = config["proxychains"]
auto_exec = config["autoexec"]
rhost = config["rhost"]
rport = config["rport"]
banner = config["banner"]
output_file = config["outfile"]
path_config = config["path_config"]
path_script = config["path_script"]
# fix ext
ext_i = ext.split("/")[:-1]
ext_i.append(serv)
ext_i.append(ext.split("/")[-1])
ext = '/'.join(ext_i)
scroller = Gtk.ScrolledWindow()
terminal = widgets.Terminal() #shell="/usr/bin/msfconsole")
scroller.add(terminal)
scroller.show()
status = terminal.status
pid = terminal.pid
startmsf = ""
if proxychains:
startmsf = "proxychains "
startmsf += "msfconsole -q\n"
terminal.feed_child(startmsf.encode())
terminal.feed_child(("use %s\n" % (ext)).encode())
terminal.feed_child(("set RHOSTS %s\n" % (rhost)).encode())
terminal.feed_child(("set RHOST %s\n" % (rhost)).encode())
terminal.feed_child(("set RPORT %s\n" % (rport)).encode())
if auto_exec:
terminal.feed_child(("run\n").encode())
terminal.feed_child(("exit\n").encode())
terminal.feed_child(("exit\n").encode())
terminal.connect("child_exited", self.task_terminated)
return scroller, pid
def task(self, config):
""" prepare the shell """
ext = config["menu-sel"] #.replace(" ","_")
serv = config["service"]
proxychains = config["proxychains"]
auto_exec = config["autoexec"]
rhost = config["rhost"]
rport = config["rport"]
banner = config["banner"]
output_file = config["outfile"]
path_config = config["path_config"]
path_script = config["path_script"]
cmd = self.config[serv][ext]
cmd = cmd.replace("$rhost", rhost).replace("$rport", str(rport))
cmd = cmd.replace('$domain', config["domain"])
cmd = cmd.replace('$wordlists', config["path_wordlist"])
cmd = cmd.replace('$scripts', config["path_script"])
cmd = cmd.replace('$banner', config["banner"])
if "$outfile" in cmd:
# set the output_file location string
cmd = cmd.replace("$outfile", output_file)
if proxychains:
cmd = "proxychains "+cmd
cmd += "; exit;"
if auto_exec:
cmd+="\n"
scroller = Gtk.ScrolledWindow()
terminal = widgets.Terminal()
scroller.add(terminal)
scroller.show()
status = terminal.status
pid = terminal.pid
terminal.feed_child(cmd.encode())
terminal.connect("child_exited", self.task_terminated)
return scroller, pid
def task(self, config):
""" WebSession task: a Gtk.Paned that contains mitmproxy and """
ext = config["menu-sel"].replace(" ", "_")
serv = config["service"]
proxychains = config["proxychains"]
auto_exec = config["autoexec"]
rhost = config["rhost"]
domain = config["domain"]
rport = config["rport"]
output_file = config["outfile"]
path_config = config["path_config"]
self.path_script = config["path_script"]
self.o_file = "/tmp/" + ''.join(
random.choice(string.ascii_uppercase + string.digits)
for _ in range(8)) + ".mitm"
if domain:
target = domain
else:
target = rhost
# proxy port
proxy_port = 8080
found = True
while found:
# search for an open port for mitm
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = sock.connect_ex(('127.0.0.1', proxy_port))
if result == 0:
proxy_port += 1
else:
found = False
cmd = "mitmproxy -p %d -w %s; exit;\n" % (
proxy_port, self.o_file) # --set console_focus_follow=true
if proxychains:
cmd = "proxychains %s" % cmd
terminal = widgets.Terminal()
terminal.feed_child(cmd.encode())
status = terminal.status
pid = terminal.pid
box = Gtk.Paned()
scroller = Gtk.ScrolledWindow()
scroller.add(terminal)
if "443" in rport:
url = "https://%s:%s" % (target, rport)
else:
url = "http://%s:%s" % (target, rport)
webview = widgets.WebView(url,
proxy="http://127.0.0.1:%d" % proxy_port)
webview_box = Gtk.Box(orientation=Gtk.Orientation.VERTICAL)
webview_box.show()
webview_box.add(webview.toolbar)
webview_box.add(webview)
webview_box.set_vexpand(True)
scroller.set_hexpand(True)
box.pack1(scroller, False, False)
box.pack2(webview_box, True, False)
scroller.set_property("width-request", 480)
terminal.set_hexpand(True)
box.set_vexpand(True)
box.show_all()
# add main window
builder = Gtk.Builder() # glade
builder.add_from_file(
os.path.dirname(os.path.abspath(__file__)) +
"/../../assets/ui/websession.glade")
main_win = builder.get_object('websession-main')
payloads_toolbar = builder.get_object('payloads-bar')
main_win.add(box)
for payload_cat in self.config_file:
if payload_cat != "DEFAULT":
catbtn = Gtk.MenuItem(payload_cat)
catbtn.show()
subcat = Gtk.Menu()
for payload_subcat in self.config_file[payload_cat]:
subcatbtn = Gtk.MenuItem(payload_subcat)
subcat.add(subcatbtn)
subcat.show_all()
payload_menu = Gtk.Menu()
for payload in self.config_file[payload_cat][
payload_subcat].split("\n"):
payloadbtn = Gtk.MenuItem(payload)
payload_menu.add(payloadbtn)
payload_menu.show_all()
payloadbtn.connect('activate', self.copy_payload,
payload)
subcatbtn.set_submenu(payload_menu)
catbtn.set_submenu(subcat)
payloads_toolbar.add(catbtn)
terminal.connect("child_exited", self.task_terminated, main_win)
return main_win, pid
def task(self, config):
serv = config["service"]
self.proxy = config["proxychains"]
auto_exec = config["autoexec"]
rhost = config["rhost"]
rport = config["rport"]
output_file = config["outfile"]
path_config = config["path_config"]
path_wordlist = config["path_wordlist"]
path_script = config["path_script"]
config_file = configparser.ConfigParser()
config_file.read(config["path_config"] + "/bruter.conf")
builder = Gtk.Builder() # glade
builder.add_from_file(
os.path.dirname(os.path.abspath(__file__)) +
"/../../assets/ui/bruter.glade")
self.running = False
self.bruter_box = builder.get_object("bruter-box")
self.bruter_host = builder.get_object("bruter-host")
self.bruter_port = builder.get_object("bruter-port")
self.bruter_threads = builder.get_object("bruter-threads")
self.bruter_terminal_loc = builder.get_object("bruter-terminal-loc")
self.bruter_start = builder.get_object("bruter-start")
self.bruter_service = builder.get_object("bruter-service")
self.bruter_user_box = builder.get_object("bruter-user-box")
self.bruter_user_checkbox = builder.get_object(
"bruter-user-wordlsit-checkbox")
self.bruter_user_wl_path = builder.get_object("bruter-user-wordlist")
self.bruter_pass_wl_path = builder.get_object("bruter-pass-wordlist")
self.bruter_user_wl_open = builder.get_object(
"bruter-user-wordlist-open")
self.bruter_pass_wl_open = builder.get_object(
"bruter-pass-wordlist-open")
self.bruter_reversed = builder.get_object("reversed")
self.bruter_login_as_pass = builder.get_object("login-as-pass")
self.bruter_blank_pass = builder.get_object("blank-pass")
self.bruter_use_ssl = builder.get_object("use-ssl")
self.bruter_exit_on_first = builder.get_object("exit-on-first-good")
self.bruter_terminal = widgets.Terminal()
self.bruter_terminal_loc.add(self.bruter_terminal)
self.bruter_user_checkbox_enabled = False
self.bruter_user_box.set_sensitive(True)
self.bruter_user_wl_path.set_sensitive(False)
self.bruter_user_wl_open.set_sensitive(False)
self.bruter_user_wl_open.connect("clicked", self.bruter_open_user_file)
self.bruter_pass_wl_open.connect("clicked", self.bruter_open_pass_file)
self.bruter_start.connect("clicked", self._bruter_start)
# filil the service combo-box
name_store = Gtk.ListStore(str)
hydra_services = [
"afp", "asterisk", "cisco-enable", "cisco", "cvs", "firebird",
"ftp", "http-proxy-urlenum", "http-proxy", "http-get", "http-head",
"https-get", "https-head", "icq", "imap", "irc", "ldap", "mssql",
"mysql", "ncp", "nntp", "oracle-listener", "oracle-sid", "oracle",
"pcanywhere", "pcnfs", "pop3", "postgres", "rdp", "redis", "rexec",
"rlogin", "rpcap", "rsh", "rtsp", "s7-300", "sapr3", "sip", "smb",
"smtp-enum", "smtp", "snmp", "socks5", "ssh", "ssh-key", "svn",
"teamspeak", "telnet", "time", "vmauthd", "vnc", "xmpp"
]
for service in hydra_services:
name_store.append([service])
vbox = Gtk.Box(orientation=Gtk.Orientation.VERTICAL, spacing=6)
self.bruter_service_combo = Gtk.ComboBox.new_with_model_and_entry(
name_store)
self.bruter_user_checkbox.connect("toggled", self._bruter_check_user)
self.bruter_service_combo.set_entry_text_column(0)
vbox.pack_start(self.bruter_service_combo, False, False, 0)
self.bruter_service.add(vbox)
# bruter wordlists
default_user_wordlist = config_file["default"][
"user_wordlist"].replace("$wordlists", path_wordlist)
defautl_pass_wordlist = config_file["default"][
"pass_wordlist"].replace("$wordlists", path_wordlist)
self.bruter_user_wl_path.set_text(default_user_wordlist)
self.bruter_pass_wl_path.set_text(defautl_pass_wordlist)
self.bruter_box.show_all()
status = self.bruter_terminal.status
self.pid = self.bruter_terminal.pid
self.bruter_terminal.connect("child_exited", self.task_terminated)
self.bruter_terminal.hide()
self.bruter_host.set_text(rhost)
self.bruter_port.set_text(rport)
# set default values
self.bruter_blank_pass.set_active(
config_file.getboolean("default", "blank_password"))
self.bruter_login_as_pass.set_active(
config_file.getboolean("default", "try_login_as_password"))
self.bruter_use_ssl.set_active(
config_file.getboolean("default", "use_ssl"))
self.bruter_exit_on_first.set_active(
config_file.getboolean("default", "exit_on_first_good"))
self.bruter_user_checkbox.set_active(
config_file.getboolean("default", "brute_force_user"))
self.bruter_threads.set_text(config_file["default"]["threads"])
self.bruter_user_box.set_text(config_file["default"]["user"])
service_model = self.bruter_service_combo.get_model()
iter1 = 0
for ser in service_model:
if ser[0] == config["service"]:
break
iter1 += 1
self.bruter_service_combo.set_active(iter1)
if config["autoexec"]:
self._bruter_start('test')
return self.bruter_box, self.pid
