def run(self, frmwk, args):
passlist = {}
paths = list_dir(self.options['INPUT'])
for path in paths:
p = self.options['INPUT'] + '/' + path
frmwk.print_status('Sorting: ' + p)
data = read_from_file(full_path(p))
if p.find('withcount') == -1:
for d in data:
d = d.strip()
if d != '':
if d in passlist:
passlist[d] += 1
else:
passlist[d] = 1
else:
for d in data:
d = d.strip().split(' ', 1)
if len(d) == 2:
if d[1] in passlist:
passlist[d[1]] += int(d[0])
else:
passlist[d[1]] = int(d[0])
output = sorted([(v, k) for (k, v) in passlist.items()], reverse=True)
outpath = self.options['OUTPUT'] + '/out.lst'
frmwk.print_success('Output: ' + outpath)
write_to_file(full_path(outpath), (o[1] for o in output))
write_to_file(full_path(outpath + '.withcount'),
(str(o[0]) + ' ' + o[1] for o in output))
def run(self, frmwk, args):
self.frmwk = frmwk
# self.victim = HTTP(self.options['URL'], timeout = self.advanced_options['TIMEOUT'])
self.victim.storecookie = True
self.verbose = self.options['VERBOSE']
self.userlist = []
self.passlist = []
self.success = []
self.victim.headers.update({'Cookie': self.advanced_options['COOKIE']}
if self.advanced_options['COOKIE'] else {})
#######################################
if self.options['USERNAME']:
self.userlist = self.options['USERNAME'].split(',')
else:
self.userlist = read_from_file(full_path(self.options['USERLIST']))
if self.options['PASSWORD']:
self.passlist = self.options['PASSWORD'].split(',')
else:
self.passlist = read_from_file(full_path(self.options['PASSLIST']))
self.lenuser = len(self.userlist)
self.lenpass = len(self.passlist)
###############################################
listthread = []
if len(self.userlist) > 0:
self.temppass = []
for i in range(self.options['THREADS']):
t = Thread(target=self.worker)
listthread.append(t)
t.start()
try:
for t in listthread:
t.join()
except KeyboardInterrupt:
for t in listthread:
if t.isAlive():
t.terminate()
pass
##############################################
self.success = sorted(self.success)
self.frmwk.print_line()
self.frmwk.print_status("List login:\n-----------")
if len(self.success) > 0:
for u, p in self.success:
self.frmwk.print_success(
'SUCCESS: username: {0:<20} password: {1}'.format(
u, p))
self.frmwk.print_status("-----------")
else:
self.frmwk.print_status('Nothing to do!')
def run(self, frmwk, args):
listfile = []
listdir = []
if self.options['FILE']:
listfile.append(full_path(self.options['FILE']))
else:
files = list_dir(self.options['DIRECTORY'])
if f in files:
listfile.append(full_path(self.options['DIRECTORY'] + '/' + f))
for f in listfile:
frmwk.print_status('sorting : %s' % f)
write_to_file(f, sorted(list(set(read_from_file(f)))))
def run(self, frmwk, args):
self.frmwk = frmwk
hosts = []
hosts = self.options['RHOST'].split(
',') if self.options['RHOST'] else read_from_file(
full_path(self.advanced_options['HOSTLIST']))
for host in hosts:
if self.worker(host.strip()) and self.advanced_options['OUTPUT']:
output = full_path(self.advanced_options['OUTPUT'] + '/' +
self.ip + '.txt')
append_file(output, self.domains)
self.frmwk.print_line()
self.frmwk.print_success('Saved: ' + output)
def run(self, frmwk, args):
self.input = self.options['INPUT']
# self.cracked = self.options['CRACKED']
self.output = self.options['OUTPUT']
# f = open(self.output , "w+")
f = open(self.output, encoding='utf-8', mode='w+')
# User name: Administrator
# User principal name: [email protected]
# Administrator:$NT$50d45644293044783ffce8b109fb6ed2:::
case = 0
write_line = ''
for line in read_from_file(full_path(self.read_from_file)):
if case == 0:
if line.startswith('User name:'):
write_line = line.split(':')[1].strip()
case = 1
continue
elif case == 1:
if line.startswith('User principal name:'):
case = 0
# clear_pass = self.find_pass(write_line)
# if not clear_pass:
# continue
# + ':' + clear_pass
write_line += ':' + line.split(':')[1].strip()
f.write(write_line + '\n')
continue
else:
self.frmwk.print_error(
'error while find User principal name!')
return None
def complete_set(self, text, line, begidx, endidx):
try:
if self.frmwk.current_module:
options = self.frmwk.modules[self.frmwk.current_module].options
options = dict(
list(options.items()) + list(self.frmwk.modules[
self.frmwk.current_module].advanced_options.items()))
else:
options = dict(
list(self.frmwk.options.items()) +
list(self.frmwk.advanced_options.items()))
##################
cmd = line.split(' ', 3)
if len(cmd) < 3:
return [
i + ' ' for i in options.keys()
if i.startswith(text.upper())
]
else:
completes = options[cmd[1].strip().upper()][5]
if completes != None:
return [i for i in completes if i.startswith(cmd[2])]
elif options[cmd[1].strip().upper()][1] in ['file', 'dir']:
path = cmd[2].strip().rsplit('/', 1)
if len(path) == 1:
dir = ''
com = path[0]
else:
dir = path[0] + '/'
com = path[1]
dirs = os.listdir(full_path(dir))
completes = []
for c in dirs:
if os.path.isdir(full_path(dir + c)):
c = c + '/'
completes.append(c)
return [i for i in completes if i.startswith(com)]
else:
pass # get history
except Exception as ex:
print('\n')
print_exc()
pass
def run(self, frmwk, args):
self.frmwk = frmwk
self.domain = self.options['DOMAIN']
self.limit = self.options['LIMIT']
self.searcher = self.options['SEARCHER']
self.multithread = self.options['MULTITHREADS']
self.delay = self.options['DELAY']
self.subbrute = self.options['SUBLIST'] if self.options[
'SUBLIST'] else []
self.domainlist = self.advanced_options['DOMAINLIST']
self.output = self.advanced_options['OUTPUT']
self.brutethread = self.advanced_options['THREADS']
self.reverse_ip = self.advanced_options['REVERSEIP']
##################################################
self.type = 1
if self.options['TYPE'].strip().lower() == "fast":
self.type = 2
elif self.options['TYPE'].strip().lower() == "slow":
self.type = 0
##################################################
domains = []
# domain list
if not self.domain:
if self.domainlist:
domains = read_from_file(full_path(self.domainlist))
else:
self.frmwk.print_error(
'Nothing to do! Must set DOMAIN/DOMAINLIST options first')
return
else:
domains = self.domain.split(',')
for domain in domains:
domain = domain.replace('www.', '').strip()
self.worker(domain)
if self.output:
output = full_path(self.output + '/' + domain + '.txt')
append_file(output, self.emails)
def run(self, frmwk, args):
self.service, self.port = tuple(self.options['SERVICE'].split(':'))
self.threads = self.options['THREADS']
self.timeout = int(self.options['TIMEOUT'])
self.hydra = self.advanced_options['HYDRAPOPEN']
self.delay = self.advanced_options['DELAY']
###
self.frmwk = frmwk
self.result = []
self.ports = []
self.hosts = []
self.list_threads = []
self.lock = Lock()
self.thread_lock = Lock()
self.thread_flag = True
self.restore_file = 'hydra.restore'
self.accounts = full_path(self.options['ACCOUNT'])
try:
for host in self.options['HOSTS'].split(','):
if host.find('-') != -1:
r = host.split('-')
lr = r[0].rsplit('.', 1)
for i in range(int(lr[1]), int(r[1]) + 1):
self.hosts.append(lr[0] +'.'+ str(i))
else:
self.hosts.append(host)
self.lock.acquire()
for i in range(min(self.threads, len(self.hosts))):
self.threader()
self.lock.acquire()
except KeyboardInterrupt:
pass
###
self.ports = sorted(self.ports)
self.result = sorted(self.result)
self.frmwk.print_success("=============================================== [+]")
for port in self.ports:
self.frmwk.print_success(port)
self.frmwk.print_success("=============================================== [+]")
for host in self.result:
self.frmwk.print_success(host)
self.frmwk.print_success("=============================================== [+]")
def run(self, frmwk, args):
server = self.advanced_options['SMTPSERVER']
uname = self.advanced_options['USERNAME']
passwd = self.advanced_options['PASSWORD']
bcc = self.advanced_options['BCC']
tls = self.options['TLS']
delay = self.options['DELAY']
subject = self.options['SUBJECT']
attach = self.options['ATTACHFILE']
sender = self.options['SENDER']
content = self.options['CONTENT']
count = self.options['COUNT']
if self.options['TO']:
to = self.options['TO'].split(',')
elif self.options['TOLIST']:
to = read_from_file(full_path(self.options['TOLIST']))
else:
frmwk.print_error(
'Nothing to do! set TO/TOLIST value (advanced options)')
return
if server in ['127.0.0.1', 'localhost']:
uname = sender
frmwk.print_status('Init email sender!')
msg = MIMEMultipart()
msg['From'] = "\"%s\" <%s>" % (sender, uname)
# msg['To'] = '' #, '.join(to)
msg['Subject'] = Header(subject, 'utf-8')
msg.attach(MIMEText(content, 'html', 'UTF-8'))
if attach:
part = MIMEBase('application', 'octet-stream')
part.set_payload(open(attach, 'rb').read())
encoders.encode_base64(part)
part.add_header('Content-Disposition',
'attachment; filename="%s"' % basename(attach))
msg.attach(part)
frmwk.print_status('Login smtp server!')
try:
mailServer = SMTP(server)
mailServer.set_debuglevel(3)
if server not in ['127.0.0.1', 'localhost']:
mailServer.ehlo()
if tls:
mailServer.starttls()
mailServer.ehlo()
mailServer.login(uname, passwd)
else:
uname = sender
frmwk.print_status('Login success!\nStart send all email!')
except Exception as ex:
frmwk.print_error('Login error: %s' % ex)
return
try:
if bcc:
mailServer.sendmail(uname, [t[0], '', ', '.join(t[1:])],
msg.as_string())
else:
t = []
while len(to) > 0:
if len(t) == count:
mailServer.sendmail(uname, t, msg.as_string())
frmwk.print_status('Sent to ' + ', '.join(t))
t = []
sleep(delay)
else:
t.append(to.pop(0))
if len(t) > 0:
mailServer.sendmail(uname, t, msg.as_string())
frmwk.print_status('Sent to ' + ', '.join(t))
sleep(delay)
frmwk.print_success('Successful!')
except Exception as ex:
frmwk.print_error('Send mail error: %s' % ex.args)
pass
mailServer.close()
frmwk.print_status('Finished!')
def run(self, frmwk, args):
self.frmwk = frmwk
self.dirs = read_from_file(full_path(
self.options['DIRLIST'])) if self.options['DIRLIST'] else []
self.files = read_from_file(full_path(
self.options['FILELIST'])) if self.options['FILELIST'] else []
self.url = self.options['URL'] if self.options['URL'].endswith(
'/') else self.options['URL'] + '/'
self.type = self.options['TYPE']
self.thread = self.options['THREADS']
self.stop = self.options['STOP']
self.extension = self.options['EXTENSION'].split(',')
self.timeout = self.advanced_options['TIMEOUT']
self.into = self.advanced_options['INTO']
self.victim = HTTP(self.url, timeout=self.timeout)
self.victim.headers.update({'Cookie': self.advanced_options['COOKIE']}
if self.advanced_options['COOKIE'] else {})
self.success = []
self.tmp_dirs = self.dirs + []
self.current_dir = ''
self.locker = Lock()
if self.type in ['lenght', 'auto']:
victim = deepcopy(self.victim)
victim.redirect = False
self.frmwk.print_status('Init not found infomation')
victim.Request(self.url + 'ASDASdadhkjlhjfasdfawefa/', 'GET')
if self.type == 'auto':
# if victim.response.status == 404:
# self.type = 'status'
# self.frmwk.print_success('auto get type: error')
# el
if victim.response.status == 200:
self.type = 'lenght'
self.frmwk.print_success('auto get type: lenght')
else:
self.type = 'location'
self.frmwk.print_success('auto get type: location')
if self.type == 'lenght':
self.notfounddir = len(victim.result)
if self.type in ['lenght', 'location']:
self.notfoundfile = len(
victim.Request(
self.url + 'adfasdaszxcvzdczxfasASasda.' +
self.extension[0], 'GET'))
self.offset = self.advanced_options['OFFSET']
del victim
if self.type == 'location':
self.victim.redirect = False
self.frmwk.print_status('Starting scanner')
########check file in current path######
try:
if self.url.endswith('/'):
self.url = self.url[:-1]
self.filechecker(self.url)
if not self.url.endswith('/'):
self.url = self.url + '/'
########################################
threads = []
for i in range(self.thread):
t = Thread(target=self.worker)
threads.append(t)
t.start()
for t in threads:
t.join()
except KeyboardInterrupt:
for t in threads:
if t.isAlive():
t.terminate()
pass
if len(self.success) > 0:
self.frmwk.print_success('Found list:\n-----------')
for link in self.success:
self.frmwk.print_success(link)
else:
self.frmwk.print_error('---------\nNot Found!\n---------')
def __init__(self,
filename=CONFIG.DATA_PATH + '/user-agent/user-agents.txt'):
self.user_agents = []
for agent in read_from_file(full_path(filename)):
self.user_agents.append(agent)
self.user_agent = choice(self.user_agents)
def find_pass(self, user):
for line in read_from_file(full_path(write_to_file.cracked)):
if line.startswith(user):
return line.split(':', 2)[1]
return None