This repository has been archived by the owner on Jan 15, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
exploit_configuration.py
80 lines (73 loc) · 3.16 KB
/
exploit_configuration.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
from read_configuration import *
from plugins_loader import *
from web_server_builder import *
from urllib import *
class ExploitConfiguration:
"""
Configure l'exploit avec le payload
"""
def __init__(self, exploit, payload, uri):
"""
Recupere les informations utiles
"""
pluginsloader = PluginsLoader('./plugins-enabled')
self.list_plugins = pluginsloader.load_plugins('')
self.Plugin = PluginLoader(self.list_plugins, '')
self.BaseConf = BaseConfiguration(exploit, True)
self.ExploitationConf = ExploitationConfiguration(exploit)
self.PayloadConf = PayloadConfiguration(payload, True, self.list_plugins)
self.url = self.ExploitationConf.read_url()
self.params = self.ExploitationConf.read_parameters()
self.uri = uri
self.construct_url()
self.compile_exploit_payload()
self.exploit()
def compile_exploit_payload(self):
if(self.BaseConf.read_type().lower() == "csrf"):
if(self.PayloadConf.read_type().lower() == "csrf"):
if(self.ExploitationConf.read_method().lower() == self.PayloadConf.read_method().lower()):
web_server = WebServer(8080,self.url, self.Plugin.load_func_parameters(self.params, self.ExploitationConf.read_method(), self.BaseConf.read_type()), self.PayloadConf.read_method().lower(), self.Plugin.load_func_payload(self.PayloadConf.read_payload(), self.ExploitationConf.read_method(), self.BaseConf.read_type()))
else:
print "The exploit and payload must use the same HTTP method!"
exit()
else:
print "The payload must be a CSRF type!"
exit()
else:
for key, value in self.params.items():
if(value == "[PAYLOAD]"):
self.params[key] = self.Plugin.load_func_payload(self.PayloadConf.read_payload(), self.ExploitationConf.read_method(), self.BaseConf.read_type())
self.params = self.Plugin.load_func_parameters(self.params, self.ExploitationConf.read_method(), self.BaseConf.read_type())
return self.params
def construct_url(self):
if(self.uri[len(self.uri)-1:] != '/' and self.url[0:1] != '/'):
self.url = self.uri+'/'+self.url
elif(self.uri[len(self.uri)-1:] == '/' and self.url[0:1] != '/' or self.uri[len(self.uri)-1:] != '/' and self.url[0:1] == '/'):
self.url = self.uri+self.url
else:
self.url = self.uri[:-1]+self.url
return self.url
def exploit(self):
if(self.Plugin.load_func_exploit(self.url, self.params, self.ExploitationConf.read_method(), self.BaseConf.read_type())):
Exploit(self.url, self.params, self.ExploitationConf.read_method(), self.BaseConf.read_type())
class Exploit:
"""
Lance l'exploitation
"""
def __init__(self, url, params, method, type_exploit = None):
if(type_exploit.lower() == "download"):
self.params = urlencode(params)
try:
urlretrieve(url+"?%s" % self.params, "./file_downloaded")
print "The file is downloaded in ./file_downloaded"
except:
print '[-] The connection could not be established!'
else:
self.params = urlencode(params)
try:
if(method.lower() == "get"):
urlopen(url+"?%s" % self.params)
elif(method.lower() == "post"):
urlopen(url, self.params)
except:
print '[-] The connection could not be established!'