Пример #1
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.checkurl = 'http://localhost/test_net_proxy/check1.php'

        modules.loaded['net_proxy'].run_argv([ ])
Пример #2
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        # Create the folder tree
        self.folders_abs, self.folders_rel = self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
            self.folders_abs,
            ['executable', 'writable', 'write-executable', 'readable'])

        # Change mode of the first file to 777
        self.check_call(config.cmd_env_chmod_s_s % ('0777', self.files_abs[0]),
                        shell=True)

        # Get the epoch timestamp of file[0]
        self.files_times = [
            int(
                subprocess.check_output(
                    config.cmd_env_stat_time_modif_epoch_s %
                    (self.files_abs[0]),
                    shell=True))
        ]

        # Change mode of the forth file to -r--r--r-- 0444 read
        self.check_call(config.cmd_env_chmod_s_s % ('0444', self.files_abs[3]),
                        shell=True)

        # Change mode of the forth folder to --wx-wx-wx 0333 write & execute
        self.check_call(config.cmd_env_chmod_s_s %
                        ('0333', self.folders_abs[3]),
                        shell=True)

        self.run_argv = modules.loaded['file_check'].run_argv
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        fname = 'check.php'
        self.files = [
            os.path.join(config.script_folder, fname)
            ]

        self.check_call(
            config.cmd_env_content_s_to_s % ('<?php print_r(\$_SERVER);print_r(\$_REQUEST); ?>', self.files[0]),
            shell=True)

        self.urls = [ os.path.sep.join([
                            config.script_folder_url.rstrip('/'),
                            fname]
                            )
                    ]

        self.vector_list = [
            m for m in modules.loaded['net_curl'].vectors.get_names()
            if m not in config.curl_skip_vectors
        ]

        self.run_argv = modules.loaded['net_curl'].run_argv
Пример #4
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()

        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.folders_abs[0]),
            shell=True)

        # Change mode of the folders [1] and [3] to -r-xr-xr-x 0555 read & execute
        for fold in (self.folders_abs[1], self.folders_abs[3]):
            self.check_call(
                config.cmd_env_chmod_s_s % ('0555', fold),
                shell=True)

        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.folders_abs[2]),
            shell=True)

        self.filenames = []

        self.run_argv = modules.loaded['file_upload2web'].run_argv
Пример #5
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel = self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
            self.folders_abs,
            ['executable', 'writable', 'write-executable', 'readable'])

        # Change mode of the first file to ---x--x--x 0111 execute
        subprocess.check_call(config.cmd_env_chmod_s_s %
                              ('0111', self.files_abs[0]),
                              shell=True)

        # Change mode of the second file to --w--w--w- 0222 write
        subprocess.check_call(config.cmd_env_chmod_s_s %
                              ('0222', self.files_abs[1]),
                              shell=True)

        # Change mode of the third file to 0000
        subprocess.check_call(config.cmd_env_chmod_s_s %
                              ('0000', self.files_abs[2]),
                              shell=True)

        self.run_argv = modules.loaded['file_enum'].run_argv
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.checkurl = 'http://localhost/test_net_proxy/check1.php'

        modules.loaded['net_proxy'].run_argv([])
Пример #7
0
def main(arguments):

    if arguments.command == 'generate':

        obfuscated = generate.generate(password=arguments.password,
                                       obfuscator=arguments.obfuscator,
                                       agent=arguments.agent)

        generate.save_generated(obfuscated, arguments.path)

        log.info(
            messages.generate.generated_backdoor_with_password_s_in_s_size_i %
            (arguments.password, arguments.path, len(obfuscated)))

        return

    elif arguments.command == 'terminal':
        session = SessionURL(url=arguments.url, password=arguments.password)

    elif arguments.command == 'session':
        session = SessionFile(arguments.path)

    dlog.debug(pprint.pformat(session))

    modules.load_modules(session)

    if not arguments.cmd:
        Terminal(session).cmdloop()
    else:
        Terminal(session).onecmd(arguments.cmd)
Пример #8
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                self.folders_abs,
                                [ 'executable', 'writable', 'write-executable', 'readable' ]
                            )

        # Change mode of the first file to ---x--x--x 0111 execute
        subprocess.check_call(
            config.cmd_env_chmod_s_s % ('0111', self.files_abs[0]),
            shell=True)

        # Change mode of the second file to --w--w--w- 0222 write
        subprocess.check_call(
            config.cmd_env_chmod_s_s % ('0222', self.files_abs[1]),
            shell=True)

        # Change mode of the third file to 0000
        subprocess.check_call(
            config.cmd_env_chmod_s_s % ('0000', self.files_abs[2]),
            shell=True)

        self.run_argv = modules.loaded['file_enum'].run_argv
Пример #9
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.url = 'http://httpbin-inst'

        modules.loaded['net_proxy'].run_argv([ '-lhost', '0.0.0.0', '-lport', '8080' ])
Пример #10
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        fnames = ['check1.php', 'check2.html']

        self.files = [
            os.path.join(config.script_folder, fnames[0]),
            os.path.join(config.script_folder, fnames[1])
        ]

        self.check_call(config.cmd_env_content_s_to_s %
                        ('<?php print_r(\$_SERVER);print_r(\$_REQUEST); ?>',
                         self.files[0]),
                        shell=True)

        self.check_call(config.cmd_env_content_s_to_s % ('1', self.files[1]),
                        shell=True)

        self.urls = [
            os.path.sep.join([config.script_folder_url.rstrip('/'),
                              fnames[0]]),
            os.path.sep.join([config.script_folder_url.rstrip('/'), fnames[1]])
        ]

        self.vector_list = [
            m for m in modules.loaded['net_curl'].vectors.get_names()
            if m not in config.curl_skip_vectors
        ]

        self.run_argv = modules.loaded['net_curl'].run_argv
Пример #11
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                self.folders_abs,
                                [ 'executable', 'writable', 'write-executable', 'readable' ]
                            )

        # Change mode of the first file to 777
        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.files_abs[0]),
            shell=True)

        # Get the epoch timestamp of file[0]
        self.files_times = [
            int(subprocess.check_output(
                config.cmd_env_stat_time_modif_epoch_s % (self.files_abs[0]),
                shell=True))
        ]

        # Change mode of the forth file to -r--r--r-- 0444 read
        self.check_call(
            config.cmd_env_chmod_s_s % ('0444', self.files_abs[3]),
            shell=True)

        # Change mode of the forth folder to --wx-wx-wx 0333 write & execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0333', self.folders_abs[3]),
            shell=True)

        self.run_argv = modules.loaded['file_check'].run_argv
Пример #12
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                self.folders_abs,
                                [ 'string1', 'string12', 'string3', 'string4' ],
                                [ 'string1', 'string12', 'string3\nSTR33', 'string4' ]
                            )

        # Change mode of the third file to ---x--x--x 0111 execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0111', self.files_abs[3]),
            shell=True)

        self.vector_list = [
            m for m in modules.loaded['file_grep'].vectors.get_names()
        ]

        self.run_argv = modules.loaded['file_grep'].run_argv
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(self.session)

        self.vector_list = modules.loaded['shell_su'].vectors.get_names()

        self.run_argv = modules.loaded['shell_su'].run_argv
Пример #14
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(self.session)

        self.vector_list = modules.loaded['shell_su'].vectors.get_names()

        self.run_argv = modules.loaded['shell_su'].run_argv
Пример #15
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                self.folders_abs,
                                [ 'string1', 'string12', 'string3', 'string4' ],
                                [ 'string1', 'string12', 'string3\nSTR33', 'string4' ]
                            )

        # Change mode of the third file to ---x--x--x 0111 execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0111', self.files_abs[3]),
            shell=True)

        self.vector_list = [
            m for m in modules.loaded['file_grep'].vectors.get_names()
        ]

        self.run_argv = modules.loaded['file_grep'].run_argv
Пример #16
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self._recursive_folders()

        for folder_abs in self.folders_abs:
            subprocess.check_call(
                config.cmd_env_mkdir_s % (folder_abs),
                shell=True)

        files_names = [ 'test1', 'TEST1', 'TEST2', 'TEST3' ]

        # Add a file in every folder and save paths
        self.files_abs = []
        self.files_rel = []
        for folder_abs in self.folders_abs:
            self.files_abs.append(os.path.join(folder_abs, files_names.pop(0)))
            self.files_rel.append(self.files_abs[-1].replace(config.script_folder, ''))
            subprocess.check_call(
                config.cmd_env_content_s_to_s % ('1', self.files_abs[-1]),
                shell=True)

        self.run_argv = modules.loaded['find_name'].run_argv
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()

        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.folders_abs[0]),
            shell=True)

        # Change mode of the folders [1] and [3] to -r-xr-xr-x 0555 read & execute
        for fold in (self.folders_abs[1], self.folders_abs[3]):
            self.check_call(
                config.cmd_env_chmod_s_s % ('0555', fold),
                shell=True)

        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.folders_abs[2]),
            shell=True)

        self.filenames = []

        self.run_argv = modules.loaded['file_upload2web'].run_argv
Пример #18
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel = self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
            self.folders_abs,
            ['executable', 'writable', 'write-executable', 'readable'])

        # Change mode of the first file to ---x--x--x 0111 execute
        self.check_call(config.cmd_env_chmod_s_s % ('0111', self.files_abs[0]),
                        shell=True)

        # Change mode of the second file to --w--w--w- 0222 write
        self.check_call(config.cmd_env_chmod_s_s % ('0222', self.files_abs[1]),
                        shell=True)

        # Change mode of the third file to --wx-wx-wx 0333 write & execute
        self.check_call(config.cmd_env_chmod_s_s % ('0333', self.files_abs[2]),
                        shell=True)

        # Change mode of the forth file to -r--r--r-- 0444 read
        self.check_call(config.cmd_env_chmod_s_s % ('0444', self.files_abs[3]),
                        shell=True)

        # Change mode of the first folder to -rwxrwxrwx 0777 read, write, & execute
        self.check_call(config.cmd_env_chmod_s_s %
                        ('0777', self.folders_abs[1]),
                        shell=True)

        self.run_argv = modules.loaded['file_find'].run_argv
Пример #19
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)
        
        self.file_0_time = int(subprocess.check_output(
            'stat -c %%Y "%s"' % (os.path.join(config.base_folder, 'test_file_check/dir1/0777')),
            shell=True)
        )

        self.run_argv = modules.loaded['file_check'].run_argv
Пример #20
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        self.run_argv = modules.loaded['file_ls'].run_argv
Пример #21
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.filenames = [ 'ok.test' ]
        self.check_call(
            config.cmd_env_content_s_to_s % ('OK', os.path.join(config.script_folder, self.filenames[0])),
            shell=True)

        self.run_argv = modules.loaded['file_upload'].run_argv
Пример #22
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        self.run_argv = modules.loaded['file_enum'].run_argv
Пример #23
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.file_0_time = int(
            subprocess.check_output('stat -c %%Y "%s"' % (os.path.join(
                config.base_folder, 'test_file_check/dir1/0777')),
                                    shell=True))

        self.run_argv = modules.loaded['file_check'].run_argv
Пример #24
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.filenames = ['ok.test']
        subprocess.check_call(
            config.cmd_env_content_s_to_s %
            ('OK', os.path.join(config.script_folder, self.filenames[0])),
            shell=True)

        self.run_argv = modules.loaded['file_upload'].run_argv
Пример #25
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)

        modules.load_modules(self.session)

        self.folders, folders_rel = self.populate_folders()

        # Change mode of the last folder to 0
        self.check_call(config.cmd_env_chmod_s_s % ('0', self.folders[-1]),
                        shell=True)

        self.run_argv = modules.loaded['file_cd'].run_argv
Пример #26
0
    def setUp(self, log_captured):

        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.terminal = Terminal(session)

        self.brokensessionfiles = [
            '/nonexistent',
            '/tmp/sessionfile1',
            '/tmp/sessionfile2',
            '/tmp/sessionfile3'
        ]
Пример #27
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.file_ok = os.path.join(config.script_folder, "ok.test")
        self.check_call(config.cmd_env_content_s_to_s % ("OK", self.file_ok), shell=True)

        self.file_ko = os.path.join(config.script_folder, "ko.test")
        self.check_call(config.cmd_env_content_s_to_s % ("KO", self.file_ko), shell=True)
        # Set ko.test to ---x--x--x 0111 execute, should be no readable
        self.check_call(config.cmd_env_chmod_s_s % ("0111", self.file_ko), shell=True)

        self.run_argv = modules.loaded["file_download"].run_argv
Пример #28
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.url = 'http://httpbin-inst'

        self.vector_list = modules.loaded['net_curl'].vectors.get_names()
        
        # Install pecl_http is complex and php-version dependant, so
        # let's just skip this vector test. 
        self.vector_list.remove('php_httprequest1')

        self.run_argv = modules.loaded['net_curl'].run_argv
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_rel = [
            'test_file_upload2web/0777/', 'test_file_upload2web/0777/0555/',
            'test_file_upload2web/0777/0555/0777/',
            'test_file_upload2web/0777/0555/0777/0555'
        ]

        self.run_argv = modules.loaded['file_upload2web'].run_argv
Пример #30
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.url = 'http://httpbin-inst'

        self.vector_list = modules.loaded['net_curl'].vectors.get_names()

        # Install pecl_http is complex and php-version dependant, so
        # let's just skip this vector test.
        self.vector_list.remove('php_httprequest1')

        self.run_argv = modules.loaded['net_curl'].run_argv
Пример #31
0
    def test_run_wrong_url(self, log_captured):

        session = SessionURL(self.url + 'BOGUS', 'BOGUS', volatile=True)
        modules.load_modules(session)

        terminal = Terminal(session)
        line = 'echo 1'
        line = terminal.precmd(line)
        stop = terminal.onecmd(line)
        stop = terminal.postcmd(stop, line)

        # Test the behaviour when starting terminal on wrong remote URL
        self.assertTrue(log_captured.records[-1].msg.endswith(
            messages.terminal.backdoor_unavailable))
Пример #32
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.file_ok = os.path.join(config.script_folder, 'ok.test')
        self.check_call(config.cmd_env_content_s_to_s % ('OK', self.file_ok),
                        shell=True)

        self.file_ko = os.path.join(config.script_folder, 'ko.test')
        self.check_call(config.cmd_env_content_s_to_s % ('KO', self.file_ko),
                        shell=True)
        # Set ko.test to ---x--x--x 0111 execute, should be no readable
        self.check_call(config.cmd_env_chmod_s_s % ('0111', self.file_ko),
                        shell=True)

        self.run_argv = modules.loaded['file_download'].run_argv
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.urls = [
            config.base_url + '/test_net_curl/check1.php',
            config.base_url + '/test_net_curl/check2.html',
        ]

        self.vector_list = modules.loaded['net_curl'].vectors.get_names()
        
        # Install pecl_http is complex and php-version dependant, so
        # let's just skip this vector test. 
        self.vector_list.remove('php_httprequest1')

        self.run_argv = modules.loaded['net_curl'].run_argv
Пример #34
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        self.folders_abs = []
        self.folders_rel = []
        self.files_abs = []
        self.files_rel = []
        self.zips_abs = []
        self.zips_rel = []

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                    self.folders_abs,
                                    [ 'f1', 'f2', 'f3', 'f4' ]
                                )

        self.zips_rel.append('test_0.zip')
        self.zips_abs.append(os.path.join(config.script_folder, self.zips_rel[0]))

        self.check_call(config.cmd_env_cd_s_zip_s_s % (
            config.script_folder,
            self.zips_abs[0],
            self.folders_rel[0]
            )
        )

        # Other file for testing multiple file zipping
        self.other_file_rel = 'f5'
        self.other_file_abs = os.path.join(config.script_folder, self.other_file_rel)
        self.check_call(
            config.cmd_env_content_s_to_s % ('1', self.other_file_abs)
        )

        # Now remove the folder tree leaving the zip
        self._delete_tree()

        self.run_argv = modules.loaded['file_zip'].run_argv

        self.skip_deletion_teardown = False
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        self.folders_abs = []
        self.folders_rel = []
        self.files_abs = []
        self.files_rel = []
        self.tars_abs = []
        self.tars_rel = []

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                    self.folders_abs,
                                    [ 'f1', 'f2', 'f3', 'f4' ]
                                )

        self.tars_rel.append('test_0.tar')
        self.tars_abs.append(os.path.join(config.script_folder, self.tars_rel[0]))

        self.check_call(config.cmd_env_cd_s_tar_s_s % (
            config.script_folder,
            self.tars_abs[0],
            self.folders_rel[0]
            )
        )

        # Other file for testing multiple file tarping
        self.other_file_rel = 'f5'
        self.other_file_abs = os.path.join(config.script_folder, self.other_file_rel)
        self.check_call(
            config.cmd_env_content_s_to_s % ('1', self.other_file_abs)
        )

        # Now remove the folder tree leaving the tar
        self._delete_tree()

        self.run_argv = modules.loaded['file_tar'].run_argv

        self.skip_deletion_teardown = False
    def test_run_wrong_url(self, log_captured):

        session = SessionURL(self.url + 'BOGUS', 'BOGUS', volatile = True)
        modules.load_modules(session)

        terminal = Terminal(session)
        line = 'echo 1'
        line = terminal.precmd(line)
        stop = terminal.onecmd(line)
        stop = terminal.postcmd(stop, line)

        # Test the behaviour when starting terminal on wrong remote URL
        self.assertTrue(
            log_captured.records[-1].msg.endswith(
                messages.terminal.backdoor_unavailable
            )
        )
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        self.folders, folders_rel = self.populate_folders()
        
        # Change mode of the last folder to 0
        self.check_call(
            config.cmd_env_chmod_s_s % ('0', self.folders[-1]),
            shell=True)

        self.run_argv = modules.loaded['file_cd'].run_argv
Пример #38
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_rel = [
            'test_file_upload2web/0777/',
            'test_file_upload2web/0777/0555/',
            'test_file_upload2web/0777/0555/0777/',
            'test_file_upload2web/0777/0555/0777/0555'
        ]

        self.run_argv = modules.loaded['file_upload2web'].run_argv
Пример #39
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        modules.loaded['net_proxy'].run_argv([ ])

        fname = 'check1.php'

        self.file = os.path.join(config.script_folder, fname)

        self.check_call(
            config.cmd_env_content_s_to_s % ('<?php print_r(\$_SERVER);print_r(\$_REQUEST); ?>', self.file),
            shell=True)

        self.url = os.path.sep.join([
                config.script_folder_url.rstrip('/'),
                fname ]
        )
Пример #40
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        fname = 'check.php'
        self.files = [os.path.join(config.script_folder, fname)]

        subprocess.check_call(
            config.cmd_env_content_s_to_s %
            ('<?php print_r(\$_SERVER);print_r(\$_REQUEST); ?>',
             self.files[0]),
            shell=True)

        self.urls = [
            os.path.sep.join([config.script_folder_url.rstrip('/'), fname])
        ]

        self.run_argv = modules.loaded['net_curl'].run_argv
Пример #41
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.file_ok = os.path.join(config.script_folder, 'ok.test')
        subprocess.check_call(
            config.cmd_env_content_s_to_s % ('OK', self.file_ok),
            shell=True)

        self.file_ko = os.path.join(config.script_folder, 'ko.test')
        subprocess.check_call(
            config.cmd_env_content_s_to_s % ('KO', self.file_ko),
            shell=True)
        # Set ko.test to ---x--x--x 0111 execute, should be no readable
        subprocess.check_call(
            config.cmd_env_chmod_s_s % ('0111', self.file_ko),
            shell=True)

        self.run_argv = modules.loaded['file_read'].run_argv
Пример #42
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel =  self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
                                self.folders_abs,
                                [ 'executable', 'writable', 'write-executable', 'readable' ]
                            )

        # Change mode of the first file to ---x--x--x 0111 execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0111', self.files_abs[0]),
            shell=True)

        # Change mode of the second file to --w--w--w- 0222 write
        self.check_call(
            config.cmd_env_chmod_s_s % ('0222', self.files_abs[1]),
            shell=True)

        # Change mode of the third file to --wx-wx-wx 0333 write & execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0333', self.files_abs[2]),
            shell=True)

        # Change mode of the forth file to -r--r--r-- 0444 read
        self.check_call(
            config.cmd_env_chmod_s_s % ('0444', self.files_abs[3]),
            shell=True)

        # Change mode of the first folder to -rwxrwxrwx 0777 read, write, & execute
        self.check_call(
            config.cmd_env_chmod_s_s % ('0777', self.folders_abs[1]),
            shell=True)

        self.run_argv = modules.loaded['file_find'].run_argv
Пример #43
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders_abs, self.folders_rel = self.populate_folders()
        self.files_abs, self.files_rel = self.populate_files(
            self.folders_abs, ["executable", "writable", "write-executable", "readable"]
        )

        # Change mode of the first file to ---x--x--x 0111 execute
        self.check_call(config.cmd_env_chmod_s_s % ("0111", self.files_abs[0]), shell=True)

        # Change mode of the second file to --w--w--w- 0222 write
        self.check_call(config.cmd_env_chmod_s_s % ("0222", self.files_abs[1]), shell=True)

        # Change mode of the third file to 0000
        self.check_call(config.cmd_env_chmod_s_s % ("0000", self.files_abs[2]), shell=True)

        self.run_argv = modules.loaded["file_enum"].run_argv
Пример #44
0
def main(arguments):

    if arguments.command == 'generate':

        obfuscated = generate.generate(
            password = arguments.password,
            obfuscator = arguments.obfuscator,
            agent = arguments.agent
        )

        generate.save_generated(obfuscated, arguments.path)

        log.info(
        messages.generate.generated_backdoor_with_password_s_in_s_size_i %
        (arguments.path,
        arguments.password, len(obfuscated))
        )

        return

    elif arguments.command == 'terminal':
        session = SessionURL(
            url = arguments.url,
            password = arguments.password
        )

    elif arguments.command == 'session':
        session = SessionFile(arguments.path)

    dlog.debug(
        pprint.pformat(session)
    )

    modules.load_modules(session)

    if not arguments.cmd:
        Terminal(session).cmdloop()
    else:
        Terminal(session).onecmd(arguments.cmd)
Пример #45
0
    def setUp(self):
        self.session = SessionURL(
                    self.url,
                    self.password,
                    volatile = True
                    )

        modules.load_modules(self.session)

        # Create the folder tree
        self.folders =  self._recursive_folders()
        for folder in self.folders:
            subprocess.check_call(
                config.cmd_env_mkdir_s % (folder),
                shell=True)

        # Change mode of the last folder to 0
        subprocess.check_call(
            config.cmd_env_chmod_s_s % ('0', folder),
            shell=True)

        self.run_argv = modules.loaded['file_cd'].run_argv
Пример #46
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        subprocess.check_output("""
BASE_FOLDER="{config.base_folder}/test_file_bzip2/"
rm -rf "$BASE_FOLDER"

mkdir -p "$BASE_FOLDER/"

echo -n '\\xe0\\xf5\\xfe\\xe2\\xbd\\x0c\\xbc\\x9b\\xa0\\x8f\\xed?\\xa1\\xe1' > "$BASE_FOLDER/binfile0"
echo -n '\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x06\\x00\\x00\\x00' > "$BASE_FOLDER/binfile1"

bzip2 "$BASE_FOLDER/binfile0"
bzip2 "$BASE_FOLDER/binfile1"

chown www-data: -R "$BASE_FOLDER/"

    """.format(config=config),
                                shell=True)

        self.run_argv = modules.loaded['file_bzip2'].run_argv
Пример #47
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        # Create and bzip2 binary files for the test
        self.string = [
            "\\xe0\\xf5\\xfe\\xe2\\xbd\\x0c\\xbc\\x9b\\xa0\\x8f\\xed?\\xa1\\xe1",
            "\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x06\\x00\\x00\\x00",
        ]
        self.uncompressed = [
            os.path.join(config.script_folder, "binfile0"),
            os.path.join(config.script_folder, "binfile1"),
        ]
        self.compressed = [
            os.path.join(config.script_folder, "binfile0.bz2"),
            os.path.join(config.script_folder, "binfile1.bz2"),
        ]

        for index in range(0, len(self.string)):
            self.check_call(config.cmd_env_content_s_to_s % (self.string[index], self.uncompressed[index]))
            self.check_call(config.cmd_env_bzip2_s % (self.uncompressed[index]))

        self.run_argv = modules.loaded["file_bzip2"].run_argv
Пример #48
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        # Create and gzip binary files for the test
        self.string = [
            '\\xe0\\xf5\\xfe\\xe2\\xbd\\x0c\\xbc\\x9b\\xa0\\x8f\\xed?\\xa1\\xe1',
            '\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x06\\x00\\x00\\x00'
             ]
        self.uncompressed = [
            os.path.join(config.script_folder, 'binfile0'),
            os.path.join(config.script_folder, 'binfile1')
            ]
        self.compressed = [
            os.path.join(config.script_folder, 'binfile0.gz'),
            os.path.join(config.script_folder, 'binfile1.gz')
            ]

        for index in range(0, len(self.string)):
            self.check_call(config.cmd_env_content_s_to_s % (self.string[index], self.uncompressed[index]))
            self.check_call(config.cmd_env_gzip_s % (self.uncompressed[index]))

        self.run_argv = modules.loaded['file_gzip'].run_argv
Пример #49
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        subprocess.check_output("""
BASE_FOLDER="{config.base_folder}/test_file_gzip/"
rm -rf "$BASE_FOLDER"

mkdir -p "$BASE_FOLDER/"

echo -n '\\xe0\\xf5\\xfe\\xe2\\xbd\\x0c\\xbc\\x9b\\xa0\\x8f\\xed?\\xa1\\xe1' > "$BASE_FOLDER/binfile0"
echo -n '\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x06\\x00\\x00\\x00' > "$BASE_FOLDER/binfile1"

gzip "$BASE_FOLDER/binfile0"
gzip "$BASE_FOLDER/binfile1"

chown www-data: -R "$BASE_FOLDER/"

    """.format(
    config = config
    ), shell=True)

        self.run_argv = modules.loaded['file_gzip'].run_argv
Пример #50
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        # Create and bzip2 binary files for the test
        self.string = [
            '\\xe0\\xf5\\xfe\\xe2\\xbd\\x0c\\xbc\\x9b\\xa0\\x8f\\xed?\\xa1\\xe1',
            '\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x06\\x00\\x00\\x00'
             ]
        self.uncompressed = [
            os.path.join(config.script_folder, 'binfile0'),
            os.path.join(config.script_folder, 'binfile1')
            ]
        self.compressed = [
            os.path.join(config.script_folder, 'binfile0.bz2'),
            os.path.join(config.script_folder, 'binfile1.bz2')
            ]

        for index in range(0, len(self.string)):
            self.check_call(config.cmd_env_content_s_to_s % (self.string[index], self.uncompressed[index]))
            self.check_call(config.cmd_env_bzip2_s % (self.uncompressed[index]))

        self.run_argv = modules.loaded['file_bzip2'].run_argv
Пример #51
0
from core.terminal import Terminal
from core.weexceptions import FatalException
from core.loggers import log
from core.sessions import SessionURL, SessionFile
from core import modules
from core import messages
from core import config
import sys
import pprint

if __name__ == '__main__':

    try:
        if len(sys.argv) == 3 and sys.argv[1].startswith('http'):
            session = SessionURL(url=sys.argv[1], password=sys.argv[2])
        elif len(sys.argv) == 2:
            session = SessionFile(sys.argv[1])
        else:
            log.info(__doc__)
            raise FatalException(messages.generic.error_missing_arguments)

        log.debug(pprint.pformat(session))

        modules.load_modules(session)
        Terminal(session).cmdloop()

    except (KeyboardInterrupt, EOFError):
        log.info('Exiting.')
    except FatalException as e:
        log.critical('Exiting: %s' % e)
Пример #52
0
    def setUp(self):
        session = SessionURL(self.url, self.password, volatile = True)
        modules.load_modules(session)

        self.run_argv = modules.loaded['system_info'].run_argv
Пример #53
0
    def setUp(self, log_captured):

        session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(session)

        self.terminal = Terminal(session)
Пример #54
0
    def setUp(self):
        self.session = SessionURL(self.url, self.password, volatile=True)
        modules.load_modules(self.session)

        self.run_argv = modules.loaded['sql_console'].run_argv
        self.run_cmdline = modules.loaded['sql_console'].run_cmdline
from core import modules
from core import messages
from core import config
import sys
import pprint

if __name__ == '__main__':

    try:
        if len(sys.argv) == 3 and sys.argv[1].startswith('http'):
            session = SessionURL(
                url = sys.argv[1],
                password = sys.argv[2])
        elif len(sys.argv) == 2:
            session = SessionFile(sys.argv[1])
        else:
            log.info(__doc__)
            raise FatalException(messages.generic.error_missing_arguments)

        log.debug(
            pprint.pformat(session)
        )

        modules.load_modules(session)
        Terminal(session).cmdloop()

    except (KeyboardInterrupt, EOFError):
        log.info('Exiting.')
    except FatalException as e:
        log.critical('Exiting: %s' % e)