def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/local_file_inclusion",
'Authors': ['enty8080'],
'Description':
"Local File Inclusion in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'RFILE': {
'Description': "Remote file to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.config = config()
self.helper = helper()
self.details = {
'Name': "exploit/macos/safari_app/safari_reaper",
'Authors': ['enty8080'],
'Description': "macOS Safari.app crash.",
'Comments': ['']
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 80,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.helper = helper()
self.listener = listener()
self.plugin = plugin()
self.loader = loader()
self.details = {
'Name': "macos/reverse_tcp/zeterpreter",
'Authors': ['enty8080'],
'Description': "macOS implant written in golang and compiled for macOS.",
'Comment': "First macOS implant in history written in golang! Yay!"
}
self.options = {
'LHOST': {
'Description': 'Local host.',
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': 'Local port',
'Value': self.helper.lport,
'Required': True
},
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.details = {
'Name':
"exploit/multi/citrix_adc_netscaler/cve_2019_19781",
'Authors': ['enty8080', '__mn1__'],
'Description':
"Remote Code Execution in Citrix Application Delivery Controller and Citrix Gateway.",
'Comments': [
'Citrix ADC and Citrix Gateway version 13.0 all supported builds',
'Citrix ADC and NetScaler Gateway version 12.1 all supported builds',
'Citrix ADC and NetScaler Gateway version 12.0 all supported builds',
'Citrix ADC and NetScaler Gateway version 11.1 all supported builds',
'Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds'
]
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
}
}
def __init__(self):
self.io = io()
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/cve_2020_5902",
'Authors': [
'enty8080'
],
'Description': "Remote Code Execution in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Comments': [
''
]
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'RFILE': {
'Description': "File to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.io = io()
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.params = {"routestring": "ajax/render/widget_php"}
self.details = {
'Name': "exploit/multi/vbulletin_widget_php/cve_2019_16759",
'Authors': ['enty8080'],
'Description':
"vBulletin 5.0.0 till 5.5.4 widget_php Unauthenticated Remote Code Execution.",
'Comments': ['']
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
}
}
def __init__(self, client):
self.client = client
self.badges = badges()
self.helper = helper()
self.transfer = transfer(client)
self.handler = handler(client)
def __init__(self):
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.web_tools = web_tools()
self.dictionary = dictionary()
self.paths = self.dictionary.paths
self.details = {
'Name': "auxiliary/web/scanner/pma_scanner",
'Authors': ['enty8080'],
'Description': "Scan website PHP My Admin.",
'Dependencies': [''],
'Comments': [''],
'Risk': "medium"
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
}
}
def __init__(self):
self.db = db()
self.badges = badges()
self.local_storage = local_storage()
self.helper = helper()
self.config = config()
self.modules = modules()
self.exceptions = exceptions()
def __init__(self):
self.badges = badges()
self.helper = helper()
self.local_storage = local_storage()
self.jobs = jobs()
self.parser = parser()
self.tables = tables()
self.listener = listener()
self.controller = None
self.id_number = 0
self.sessions_id = dict()
self.sessions_info = dict()
self.details = {
'Name': "exploit/linux/stager/membrane_reverse_tcp",
'Authors': ['enty8080'],
'Description':
"Linux reverse TCP shell with full remote functionality.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 4444,
'Required': True
},
'FOREVER': {
'Description': "Start listener forever.",
'Value': "no",
'Required': False
}
}
self.commands = {
'close': {
'Description': "Close active session.",
'Usage': "close <session_id>",
'MinArgs': 1,
'Run': self.close
},
'sessions': {
'Description': "List all active sessions.",
'Usage': "list",
'MinArgs': 0,
'Run': self.sessions
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.pseudo_shell = pseudo_shell()
self.web_tools = web_tools()
self.details = {
'Name':
"exploit/multi/vbulletin_widget_php/template_code_execution",
'Authors': ['enty8080'],
'Description':
"vBulletin 5.5.4 till 5.6.2 widget_php widget_tabbedcontainer_tab_panel Remote Code Execution.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'PHP_METHOD': {
'Description': "PHP method to execute command.",
'Value': "shell_exec",
'Required': True
},
'INSTALL_URL': {
'Description': "URL to vBulletin installation.",
'Value': "/",
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self, local_host, local_port, client):
self.local_host = local_host
self.local_port = local_port
self.client = client
self.badges = badges()
self.helper = helper()
self.config = config()
self.terminator = terminator()
self.exceptions = exceptions()
self.first_stage = "uname -smp"
self.first_stage_size = self.helper.len_line(self.first_stage)
self.second_stage = self.config.path_config['base_paths']['data_path'] + "modules/exploit/linux/stager/zetant_reverse_tcp/bin/"
self.second_stage_size = self.helper.len_file(self.second_stage)
self.second_stage_path = "/private/var/tmp/." + self.terminator.generate_terminator()
def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.pseudo_shell = pseudo_shell()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/remote_code_execution",
'Authors': ['enty8080'],
'Description':
"Remote Code Execution in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Dependencies': ['requests'],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "whoami",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.handler = handler
self.details = {
'Name': "auxiliary/net/sniffer/user_agent_sniffer",
'Authors': [
'enty8080'
],
'Description': "Sniff User-Aget through URL.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "medium"
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 80,
'Required': True
},
'FOREVER': {
'Description': "Start http server forever.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.dictionary = dictionary()
self.details = {
'Name': "auxiliary/web/scanner/apache_users",
'Authors': ['enty8080'],
'Description': "Scan website apache users.",
'Comments': ['']
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.handler = handler
self.details = {
'Name': "exploit/iphoneos/mobile_safari_app/webkit_filter_dos",
'Authors': [
'enty8080'
],
'Description': "iPhoneOS 9.1 till 12.1 MobileSafari.app WebKit Filter DoS.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "high"
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 80,
'Required': True
},
'FOREVER': {
'Description': "Start http server forever.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.exceptions = exceptions()
self.helper = helper()
self.storage = storage()
self.jobs = jobs()
self.parser = parser()
self.listener = listener()
self.formatter = formatter()
self.process = None
self.controller = None
self.id_number = 0
self.sessions_id = dict()
self.sessions_info = dict()
self.ports_map = dict()
self.details = {
'Name': "exploit/linux/stager/zetant_reverse_tcp",
'Authors': ['enty8080'],
'Description':
"Linux reverse TCP shell with full remote functionality.",
'Comments': ['']
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 4444,
'Required': True
},
}
self.commands = {
'close': {
'Description': "Close active session.",
'Usage': "close <session_id>",
'ArgsCount': 1,
'NeedsArgs': True,
'Args': list(),
'Run': self.close
},
'stop': {
'Description': "Stop listener by port.",
'Usage': "stop <port>",
'ArgsCount': 1,
'NeedsArgs': True,
'Args': list(),
'Run': self.stop_listener
},
'sessions': {
'Description': "List all active sessions.",
'Usage': "list",
'ArgsCount': 0,
'NeedsArgs': False,
'Args': list(),
'Run': self.sessions
}
}
def __init__(self):
self.badges = badges()
self.helper = helper()
def __init__(self, ghost):
self.ghost = ghost
self.badges = badges()
self.helper = helper()
self.loader = loader(ghost)
def __init__(self, client):
self.client = client
self.helper = helper()
if acc > 0.7:
cnt += 1
if cnt >= min:
return True
print('選用失敗: {}'.format(cnt))
return False
OPT_MIN = 1
if __name__ == '__main__':
start_time = time.time()
project_path = os.path.dirname(os.path.abspath(__file__))
h = helper(project_path)
h.setup_adb_client()
temps = h.load_templates()
reqs = [ntpath.basename(path) for path in h.required_list]
opts = [ntpath.basename(path) for path in h.optional_list]
times = 1
ready = None
while ready != 'Y':
print('-----------------------------------------------')
print('必要:')
for i in range(len(reqs)):
print('{}'.format(reqs[i]))
print('選中:')
for i in range(len(opts)):
print('{}'.format(opts[i]))
def __init__(self, client):
self.client = client
self.helper = helper()
self.badges = badges()
self.fsmanip = fsmanip()
self.handler = handler(client)
