Skip to content

More updates #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Ekultek wants to merge 3 commits into from
Closed

More updates #29

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c06714c
moved modules.txt into the etc folder, also created a file containing…
Feb 5, 2018
0e8a52f
made a few changes, the options are now stored in a dict for easy acc…
Feb 5, 2018
fd2723c
moved file
Feb 5, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 23 additions & 50 deletions autosploit.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,13 @@
local_host = ""
configured = False
toolbar_width = 60
modules_path = "%s/etc/modules.txt" % os.getcwd()
usage_path = "%s/etc/usage" % os.getcwd()
autosploit_options = {
1: "Usage", 2: "Gather Hosts",
3: "View Hosts", 4: "Exploit",
5: "Quit"
}


# Logo
Expand All @@ -36,44 +43,11 @@ def logo():

# Usage and legal.
def usage():
global usage_path
os.system("clear")
logo()
print """
+-----------------------------------------------------------------------+
| AutoSploit General Usage and Information |
+-----------------------------------------------------------------------+
|As the name suggests AutoSploit attempts to automate the exploitation |
|of remote hosts. Targets are collected by employing the Shodan.io API. |
| |
|The 'Gather Hosts' option will open a dialog from which you can |
|enter platform specific search queries such as 'Apache' or 'IIS'. |
|Upon doing so a list of candidates will be retrieved and saved to |
|hosts.txt in the current working directory. |
|After this operation has been completed the 'Exploit' option will |
|go about the business of attempting to exploit these targets by |
|running a range of Metasploit modules against them. |
| |
|Workspace, local host and local port for MSF facilitated |
|back connections are configured through the dialog that comes up |
|before the 'Exploit' module is started. |
| |
+------------------+----------------------------------------------------+
| Option | Summary |
+------------------+----------------------------------------------------+
|1. Usage | Display this informational message. |
|2. Gather Hosts | Query Shodan for a list of platform specific IPs. |
|3. View Hosts | Print gathered IPs/RHOSTS. |
|4. Exploit | Configure MSF and Start exploiting gathered targets|
|5. Quit | Exits AutoSploit. |
+------------------+----------------------------------------------------+
| Legal Disclaimer |
+-----------------------------------------------------------------------+
| Usage of AutoSploit for attacking targets without prior mutual consent|
| is illegal. It is the end user's responsibility to obey all applicable|
| local, state and federal laws. Developers assume no liability and are |
| not responsible for any misuse or damage caused by this program! |
+-----------------------------------------------------------------------+
"""
with open(usage_path) as usage_retval:
print(usage_retval.read())


# Function that allows us to store system command
Expand All @@ -91,6 +65,7 @@ def exploit(query):
global workspace
global local_port
global local_host
global modules_path

os.system("clear")
logo()
Expand All @@ -106,7 +81,7 @@ def exploit(query):
sys.stdout.flush()
sys.stdout.write("\b" * (toolbar_width + 1))

with open("modules.txt", "rb") as infile:
with open(modules_path, "rb") as infile:
for i in xrange(toolbar_width):
time.sleep(0.1)
for lines in infile:
Expand Down Expand Up @@ -224,16 +199,15 @@ def settings():
os.system("clear")
logo()

print "[" + t.green("+") + "]MSF Settings\n"
print "In order to proceed with the exploit module some MSF"
print "[" + t.green("+") + "]Metasploit Settings:"
print "In order to proceed with the exploit module some metasploit"
print "settings need to be configured."
time.sleep(1.5)

print "\n[" + t.green("+") + "]Note.\n"
print "Please make sure your Network is configured properly.\n"
print "\n[" + t.green("+") + "]Note:"
print "Please make sure your Network is configured properly."
print "In order to handle incoming Reverse Connections"
print "your external Facing IP & Port need to be reachable..."
time.sleep(1.5)
time.sleep(3)

workspace = raw_input("\n[" + t.magenta("?") + "]Please set the Workspace name: ")
if not workspace == "":
Expand Down Expand Up @@ -282,6 +256,7 @@ def main():
global query
global configured
global api
global autosploit_options

try:
api = shodan.Shodan(SHODAN_API_KEY)
Expand All @@ -299,11 +274,9 @@ def main():
settings()

print "\n[" + t.green("+") + "]Welcome to AutoSploit. Please select an action."
print """

1. Usage 3. View Hosts 5. Quit
2. Gather Hosts 4. Exploit
"""

for i in autosploit_options.keys():
print("%d. %s" % (i, autosploit_options[i]))

action = raw_input("\n<" + t.cyan("AUTOSPLOIT") + ">$ ")

Expand Down Expand Up @@ -332,8 +305,8 @@ def main():
time.sleep(2)

with open("hosts.txt", "rb") as infile:
for line in infile:
print "[" + t.cyan("-") + "]" + line
for i, line in enumerate(infile, start=1):
print "[" + t.cyan(str(i)) + "]" + line.strip()

print "[" + t.green("+") + "]Done.\n"

Expand Down
0 modules.txt → etc/modules.txt
View file
Open in desktop
File renamed without changes.
34 changes: 34 additions & 0 deletions etc/usage
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
+------------------------------------------------------------------------+
| AutoSploit General Usage and Information |
+------------------------------------------------------------------------+
| As the name suggests AutoSploit attempts to automate the exploitation |
| of remote hosts. Targets are collected by employing the Shodan.io API. |
| |
| The 'Gather Hosts' option will open a dialog from which you can |
| enter platform specific search queries such as 'Apache' or 'IIS'. |
| Upon doing so a list of candidates will be retrieved and saved to |
| hosts.txt in the current working directory. |
| After this operation has been completed the 'Exploit' option will |
| go about the business of attempting to exploit these targets by |
| running a range of Metasploit modules against them. |
| |
| Workspace, local host and local port for MSF facilitated |
| back connections are configured through the dialog that comes up |
| before the 'Exploit' module is started. |
| |
+------------------+-----------------------------------------------------+
| Option | Summary |
+------------------+-----------------------------------------------------+
| 1. Usage | Display this informational message. |
| 2. Gather Hosts | Query Shodan for a list of platform specific IPs. |
| 3. View Hosts | Print gathered IPs/RHOSTS. |
| 4. Exploit | Configure MSF and Start exploiting gathered targets|
| 5. Quit | Exits AutoSploit. |
+------------------+-----------------------------------------------------+
| Legal Disclaimer |
+------------------------------------------------------------------------+
| Usage of AutoSploit for attacking targets without prior mutual consent |
| is illegal. It is the end user's responsibility to obey all applicable |
| local, state and federal laws. Developers assume no liability and are |
| not responsible for any misuse or damage caused by this program! |
+------------------------------------------------------------------------+