def html_to_shellcode(self, link): # Fetch webpage html = urlopen(link).read() # Extract text soup = BeautifulSoup(html, "html.parser") for script in soup(["script", "style"]): script.extract() text = soup.get_text() lines = (line.strip() for line in text.splitlines()) chunks = (phrase.strip() for line in lines for phrase in line.split(" ")) text = '\n'.join(chunk for chunk in chunks if chunk) # Extract shellcode shellcode = [] for i, line in enumerate(text.split("\n")): if "\"\\x" in line: line = self.delete_comments(line) line = line[line.find("\"\\x"):] shellcode.append(line) # Clean Shellcode final_shellcode = ''.join(shellcode) final_shellcode = final_shellcode.replace("\"", "") final_shellcode = final_shellcode.replace(";", "") final_shellcode = final_shellcode.replace(" ", "") final_shellcode = final_shellcode.replace("\t", "") final_shellcode = final_shellcode.replace("\n", "") print("{0} {1}\n".format(yellow("Shellcode:"), final_shellcode)) # Return shellcode as string, not bytes self.shellcode = final_shellcode.replace("\\x", "\\\\x") return self.shellcode
def dialogue(self, command, nb_of_recv=1): """ Exchange with the server Sends 'commands' and waits for 'nb_of_recv' messages back :param command: message to send :param nb_of_recv: Number of messages to try to read :returns: The received data """ self.writeln(command) return "{0}: {1}".format(yellow("Answer"), self.read(nb_of_recv))
def handle_shelllist(response_text): response_text_list = [x for x in response_text.split("\n") if x] shellist = [] print("\n") if len(response_text_list) < 1: fail("No shellcode found for these parameters.") return # Please do NOT change the API... for i, line in enumerate(response_text_list): # Get shellcode architecture architecture = line[line.find("::::") + 4:find_nth(line, "::::", 1)] # Get shellcode's name title = line[find_nth(line, "::::", 1) + 4:find_nth(line, "::::", 2)] # Get shellcode's link link = line[find_nth(line, "::::", 3) + 4:] # Add to list entry = "({0}) {1}".format(architecture, cyan(title)) shellist.append(link) print("{0}: {1}".format(i, entry)) user_choice = 0 while 1: user_choice = input(yellow("Selection: ")) if int(user_choice) < 0: continue try: print("Your choice: {0}".format(shellist[int(user_choice)])) break except IndexError: continue # Return selected shellcode return shellist[int(user_choice)]
def html_to_shellcode(self, link): """ Fetch HTML page from shell-storm and recover the shellcode """ # Fetch webpage html = urlopen(link).read() # Extract text soup = BeautifulSoup(html, "html.parser") for script in soup(["script", "style"]): script.extract() text = soup.get_text() lines = (line.strip() for line in text.splitlines()) chunks = (phrase.strip() for line in lines for phrase in line.split(" ")) text = "\n".join(chunk for chunk in chunks if chunk) # Extract shellcode shellcode = [] for i, line in enumerate(text.split("\n")): if '"\\x' in line: line = self.delete_comments(line) line = line[line.find('"\\x') :] shellcode.append(line) # Clean Shellcode final_shellcode = "".join(shellcode) final_shellcode = final_shellcode.replace('"', "") final_shellcode = final_shellcode.replace(";", "") final_shellcode = final_shellcode.replace(" ", "") final_shellcode = final_shellcode.replace("\t", "") final_shellcode = final_shellcode.replace("\n", "") print("{0} {1}\n".format(yellow("Shellcode:"), final_shellcode)) # In case there are multiple occurences of the shellcode in the page final_shellcode = self.principal_period(final_shellcode) # Return shellcode as string, not bytes self.shellcode = final_shellcode return self.shellcode
def dialogue(self, command, nb_of_recv=1): self.writeln(command) return "{0}: {1}".format(yellow("Answer"), self.read(nb_of_recv))
def handle_shelllist(self, response_text): """ Print shellcodes in database that match given keywords VERY HACKY - Didn't find any clean way to parse this, and I FREAKIN HATE parsing. So let's just hope the API won't change """ response_text_list = [x for x in response_text.split("\n") if x] shellist = [] print("\n") if len(response_text_list) < 1: fail("No shellcode found for these parameters.") return None # Please do NOT change the API... i = 0 for line in response_text_list: # Check shellcode length (strict=True) if self.strict: try: length = re.search('\d[\d ]*bytes', line).group() length = re.search('\d*', length).group() if int(length) > self.maximum_shellcode_length: continue except Exception as e: # Shellcode has no length - Skip it continue # Get shellcode architecture architecture = line[line.find("::::") + 4:find_nth(line, "::::", 1)] # Get shellcode's name title = line[find_nth(line, "::::", 1) + 4:find_nth(line, "::::", 2)] # Get shellcode's link link = re.search('http://.*\.php', line).group() # Add to list entry = "({0}) {1}".format(architecture, cyan(title)) shellist.append(link) print("{0}: {1}".format(i, entry)) i += 1 if self.script_index > -1: try: sh = shellist[self.script_index] return sh except IndexError as e: print(e) user_choice = 0 while 1: user_choice = input(yellow("Selection: ")) if int(user_choice) < 0: continue try: print("Your choice: {0}".format(shellist[int(user_choice)])) break except IndexError as e: print(e) continue # Return selected shellcode return shellist[int(user_choice)]
def handle_shelllist(self, response_text): """ Print shellcodes in database that match given keywords VERY HACKY - Didn't find any clean way to parse this, and I FREAKIN HATE parsing. So let's just hope the API won't change """ response_text_list = [x for x in response_text.split("\n") if x] shellist = [] print("\n") if len(response_text_list) < 1: fail("No shellcode found for these parameters.") return None # Please do NOT change the API... i = 0 for line in response_text_list: # Check shellcode length (strict=True) if self.strict: try: length = re.search("\d[\d ]*bytes", line).group() length = re.search("\d*", length).group() if int(length) > self.maximum_shellcode_length: continue except Exception as e: # Shellcode has no length - Skip it continue # Get shellcode architecture architecture = line[line.find("::::") + 4 : find_nth(line, "::::", 1)] # Get shellcode's name title = line[find_nth(line, "::::", 1) + 4 : find_nth(line, "::::", 2)] # Get shellcode's link link = re.search("http://.*\.php", line).group() # Add to list entry = "({0}) {1}".format(architecture, cyan(title)) shellist.append(link) print("{0}: {1}".format(i, entry)) i += 1 if self.script_index > -1: try: sh = shellist[self.script_index] return sh except IndexError as e: print(e) user_choice = 0 while 1: user_choice = input(yellow("Selection: ")) if int(user_choice) < 0: continue try: print("Your choice: {0}".format(shellist[int(user_choice)])) break except IndexError as e: print(e) continue # Return selected shellcode return shellist[int(user_choice)]