示例#1
0
    def use_payload(self, selected_payload):
        # Tab completion, thanks Will :)
        comp = completer.PayloadCompleter(self.payload_option_commands, selected_payload)
        readline.set_completer_delims(' \t\n;')
        readline.parse_and_bind("tab: complete")
        readline.set_completer(comp.complete)

        self.display_payload_options(selected_payload)

        payload_options_cmd = ""
        evasion_helpers.print_dict_message(self.payload_option_commands, show_title=False)

        while True:
            payload_options_cmd = input("\n[" + selected_payload.path + ">>] ").strip()

            if payload_options_cmd.lower() == "back" or payload_options_cmd.lower() == "main":
                payload_options_cmd = ""
                break

            elif payload_options_cmd.lower() == "generate":
                # Checking for Ruby specific payloads because of dumbass sleep check
                if selected_payload.language == 'ruby' and selected_payload.required_options["SLEEP"][0] != "X" and selected_payload.required_options["USERNAME"][0] == "X" and selected_payload.required_options["DOMAIN"][0] == "X" and selected_payload.required_options["HOSTNAME"][0] == "X":
                    print(helpers.color("[*] If using SLEEP check with Ruby, you must also provide an additional check (like HOSTNAME)!", warning=True))
                    payload_options_cmd = ""
                else:
                    selected_payload.generate()
                    if not outfile.compiler(selected_payload):
                        payload_options_cmd = ""
                    else:
                        payload_options_cmd = ""
                        break

            elif payload_options_cmd.lower() == "exit":
                sys.exit(0)

            elif payload_options_cmd.lower() == "help" or payload_options_cmd.lower() == "options":
                self.print_options_screen(selected_payload)
                evasion_helpers.print_dict_message(self.payload_option_commands, show_title=False)
                payload_options_cmd = ""

            elif payload_options_cmd.lower().startswith("set"):
                if len(payload_options_cmd.split()) == 3:
                    set_command, key, value = payload_options_cmd.split()
                    # Make sure it is uppercase
                    key = key.upper()
                    if key in selected_payload.required_options:
                        # Validate LHOST value
                        if key is "LHOST":
                            if helpers.validate_ip(value):
                                selected_payload.required_options[key][0] = value
                            else:
                                print()
                                print(helpers.color("[*] Error: You did not provide a valid IP!", warning=True))
                                print()
                                payload_options_cmd = ''
                        # Validate LPORT
                        elif key is "LPORT":
                            if helpers.validate_port(value):
                                selected_payload.required_options[key][0] = value
                            else:
                                print()
                                print(helpers.color("[*] Error: You did not provide a valid port number!", warning=True))
                                print()
                                payload_options_cmd = ''

                        else:
                            # Set other options
                            selected_payload.required_options[key][0] = value
                    else:
                        print()
                        print(helpers.color("[*] Error: You did not provide a valid option!", warning=True))
                        print(helpers.color("[*] Ex: set LHOST 8.8.8.8", warning=True))
                        print()

                else:
                    print()
                    print(helpers.color("[*] Error: You did not provide a valid amount of arguments!", warning=True))
                    print(helpers.color("[*] Ex: set DOMAIN christest.com", warning=True))
                    print()
                payload_options_cmd = ''

            else:
                # Not a real command
                evasion_helpers.print_dict_message(self.payload_option_commands)
                payload_options_cmd = ""

        return
示例#2
0
    def cli_menu(self, invoked=False):
        if self.command_options.list_payloads:
            self.list_loaded_payloads()

        # check if a payload is provided, and if so, start the generation
        # process
        elif self.command_options.p:
            user_cli_payload = self.return_payload_object(self.command_options.p)
            if not user_cli_payload:
                print(helpers.color("[*] Error: You did not provide a valid payload selection!", warning=True))
                print(helpers.color("[*] Ex: info 2 or info lua/shellcode_inject/flat.py", warning=True))
                sys.exit()
            if self.command_options.ip is None and ("meterpreter" in user_cli_payload.path or "shellcode_inject" in user_cli_payload.path):
                print(helpers.color("[*] Error: You did not provide an IP/domain to connect to/bind on", warning=True))
                sys.exit()

            # Make sure IP is valid
            if self.command_options.ip is not None:
                valid_ip = helpers.validate_ip(self.command_options.ip)
                valid_hostname = helpers.validate_hostname(self.command_options.ip)

                if not valid_ip and not valid_hostname:
                    print(helpers.color("[*] Error: You did not provide a valid ip/domain!", warning=True))
                    print(helpers.color("[*] Please specify the correct value", warning=True))
                    sys.exit()

            # Determine if using Ordnance or MSFVenom for shellcode generation
            if self.command_options.ordnance_payload is None and self.command_options.msfvenom is None and "meterpreter" not in user_cli_payload.path:
                print(helpers.color("[*] Error: You did not provide a shellcode option to use!", warning=True))
                sys.exit()

            # Check if using a pure payload (shellcodeless)
            if "meterpreter" in user_cli_payload.path or "shellcode_inject" in user_cli_payload.path:
                if "meterpreter" in user_cli_payload.path:
                    # Check for where the IP is being stored
                    if "LHOST" in user_cli_payload.required_options:
                        user_cli_payload.required_options["LHOST"][0] = self.command_options.ip
                    elif "RHOST" in user_cli_payload.required_options:
                        user_cli_payload.required_options["RHOST"][0] = self.command_options.ip
                    # Store the LPORT value in the payload
                    if "LPORT" in user_cli_payload.required_options:
                        user_cli_payload.required_options["LPORT"][0] = self.command_options.port
                else:
                    # If ordnance, generate shellcode through it
                    if self.command_options.ordnance_payload is not None:
                        Ordnance_object = Ordnance_Import.Tools(self.command_options)
                        Ordnance_object.cli_menu(invoked=True)
                        cli_shellcode = Ordnance_object.final_shellcode
                    # Or if msfvenom, get that code
                    elif self.command_options.msfvenom is not None:
                        cli_shellcode = shellcode_help.cli_msf_shellcode_gen(self.command_options)
                    # This could be the future area for adding custom shellcode. If there
                    # is a need I can add it in

                    # Set the shellcode in the Evasion payload
                    user_cli_payload.cli_shellcode = cli_shellcode

            # Loop over setting required options
            if self.command_options.c is not None:
                for payload_option in self.command_options.c:
                    if payload_option is not '':
                        if "=" not in payload_option:
                            print(helpers.color(" [!] Payload option not entered in correct syntax.\n", warning=True))
                            sys.exit()
                        else:
                            key = payload_option.split('=')[0].upper()
                            value = payload_option.split('=')[1]
                            if key in user_cli_payload.required_options:
                                user_cli_payload.required_options[key][0] = value
                            else:
                                print(helpers.color(" [!] The option " + key + " does not exist for the selected payload!.\n", warning=True))
                                sys.exit()

            # Generate the payload code
            # source code stored in user_cli_payload.source_code
            user_cli_payload.generate()

            # figure out how to compile the code
            outfile.compiler(user_cli_payload, invoked=True, cli_object=self.command_options)

        return