• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Python checks.escaped_cmd函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Python中src.core.injections.controller.checks.escaped_cmd函数的典型用法代码示例。如果您正苦于以下问题:Python escaped_cmd函数的具体用法?Python escaped_cmd怎么用?Python escaped_cmd使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了escaped_cmd函数的19个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。

示例1: tfb_injection_handler


#.........这里部分代码省略.........

            try:    
              # Pseudo-Terminal shell
              go_back = False
              go_back_again = False
              while True:
                if go_back == True:
                  break
                question_msg = "Do you want a Pseudo-Terminal? [Y/n/q] > "
                sys.stdout.write(settings.print_question_msg(question_msg))
                gotshell = sys.stdin.readline().replace("\n","").lower()
                if gotshell in settings.CHOICE_YES:
                  print ""
                  print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                  if readline_error:
                    checks.no_readline_module()
                  while True:
                    if false_positive_warning:
                      warn_msg = "Due to unexpected time delays, it is highly "
                      warn_msg += "recommended to enable the 'reverse_tcp' option.\n"
                      sys.stdout.write("\r" + settings.print_warning_msg(warn_msg))
                      false_positive_warning = False
                    try:
                      # Tab compliter
                      if not readline_error:
                        readline.set_completer(menu.tab_completer)
                        # MacOSX tab compliter
                        if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                          readline.parse_and_bind("bind ^I rl_complete")
                        # Unix tab compliter
                        else:
                          readline.parse_and_bind("tab: complete")
                      cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                      cmd = checks.escaped_cmd(cmd)
                      if cmd.lower() in settings.SHELL_OPTIONS:
                        os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
                        if os_shell_option == False:
                          if no_result == True:
                            return False
                          else:
                            return True 
                        elif os_shell_option == "quit":  
                          # Delete previous shell (text) files (output) from temp.
                          delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)                          
                          sys.exit(0)
                        elif os_shell_option == "back":
                          go_back = True
                          break
                        elif os_shell_option == "os_shell": 
                            warn_msg = "You are already into an 'os_shell' mode."
                            print settings.print_warning_msg(warn_msg)+ "\n"
                        elif os_shell_option == "reverse_tcp":
                          settings.REVERSE_TCP = True
                          # Set up LHOST / LPORT for The reverse TCP connection.
                          reverse_tcp.configure_reverse_tcp()
                          if settings.REVERSE_TCP == False:
                            continue
                          while True:
                            if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
                              result = checks.check_reverse_tcp_options(settings.LHOST)
                            else:  
                              cmd = reverse_tcp.reverse_tcp_options()
                              result = checks.check_reverse_tcp_options(cmd)
                            if result != None:
                              if result == 0:
                                return False
开发者ID:dtrip,项目名称:commix,代码行数:67,代码来源:tfb_handler.py


示例2: tb_injection_handler


#.........这里部分代码省略.........
              cmd = menu.options.os_cmd
              check_how_long, output = tb_enumeration.single_os_cmd_exec(separator, maxlen, TAG, cmd, prefix, suffix, delay, http_request_method, url, vuln_parameter, alter_shell, filename, url_time_response)
              # Export injection result
              tb_injector.export_injection_results(cmd, separator, output, check_how_long)
              sys.exit(0)

            if not new_line :
              print ""

            # Pseudo-Terminal shell
            go_back = False
            go_back_again = False
            while True:
              if go_back == True:
                break 
              gotshell = raw_input(settings.QUESTION_SIGN + "Do you want a Pseudo-Terminal? [Y/n/q] > ").lower()
              if gotshell in settings.CHOICE_YES:
                print ""
                print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                if readline_error:
                  checks.no_readline_module()
                while True:
                  try:
                    # Tab compliter
                    if not readline_error:
                      readline.set_completer(menu.tab_completer)
                      # MacOSX tab compliter
                      if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                        readline.parse_and_bind("bind ^I rl_complete")
                      # Unix tab compliter
                      else:
                        readline.parse_and_bind("tab: complete")
                    cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                    cmd = checks.escaped_cmd(cmd)
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
                      if os_shell_option == False:
                        if no_result == True:
                          return False
                        else:
                          return True 
                      elif os_shell_option == "quit":                    
                        sys.exit(0)
                      elif os_shell_option == "back":
                        go_back = True
                        break
                      elif os_shell_option == "os_shell": 
                          print Fore.YELLOW + settings.WARNING_SIGN + "You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
                      elif os_shell_option == "reverse_tcp":
                        settings.REVERSE_TCP = True
                        # Set up LHOST / LPORT for The reverse TCP connection.
                        reverse_tcp.configure_reverse_tcp()
                        if settings.REVERSE_TCP == False:
                          continue
                        while True:
                          if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
                            result = checks.check_reverse_tcp_options(settings.LHOST)
                          else:  
                            cmd = reverse_tcp.reverse_tcp_options()
                            result = checks.check_reverse_tcp_options(cmd)
                          if result != None:
                            if result == 0:
                              return False
                            elif result == 1 or result == 2:
                              go_back_again = True
                              settings.REVERSE_TCP = False
开发者ID:0day29,项目名称:commix,代码行数:67,代码来源:tb_handler.py


示例3: getattr

 print ""
 print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
 if readline_error:
   checks.no_readline_module()
 while True:
   # Tab compliter
   if not readline_error:
     readline.set_completer(menu.tab_completer)
     # MacOSX tab compliter
     if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
       readline.parse_and_bind("bind ^I rl_complete")
     # Unix tab compliter
     else:
       readline.parse_and_bind("tab: complete")
   cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
   cmd = checks.escaped_cmd(cmd)
   if cmd.lower() in settings.SHELL_OPTIONS:
     os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
     if os_shell_option == False:
       return False
     elif os_shell_option == "quit": 
       # Delete previous shell (text) files (output)
       delete_previous_shell(separator, payload, TAG, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)         
       sys.exit(0)
     elif os_shell_option == "back":
       go_back = True
       break
     elif os_shell_option == "os_shell": 
         print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
     elif os_shell_option == "reverse_tcp":
       settings.REVERSE_TCP = True
开发者ID:x3omdax,项目名称:commix,代码行数:31,代码来源:fb_handler.py


示例4: cb_injection_handler


#.........这里部分代码省略.........

            # Pseudo-Terminal shell
            go_back = False
            go_back_again = False
            while True:
              if go_back == True:
                break 
              if not menu.options.batch:
                question_msg = "Do you want a Pseudo-Terminal shell? [Y/n] > "
                sys.stdout.write(settings.print_question_msg(question_msg))
                gotshell = sys.stdin.readline().replace("\n","").lower()
              else:
                gotshell = ""  
              if len(gotshell) == 0:
                 gotshell = "y"
              if gotshell in settings.CHOICE_YES:
                if not menu.options.batch:
                  print ""
                print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                if readline_error:
                  checks.no_readline_module()
                while True:
                  try:
                    if not readline_error:
                      # Tab compliter
                      readline.set_completer(menu.tab_completer)
                      # MacOSX tab compliter
                      if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                        readline.parse_and_bind("bind ^I rl_complete")
                      # Unix tab compliter
                      else:
                        readline.parse_and_bind("tab: complete")
                    cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                    cmd = checks.escaped_cmd(cmd)
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      go_back, go_back_again = shell_options.check_option(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, technique, go_back, no_result, timesec, go_back_again, payload, OUTPUT_TEXTFILE="")
                      if go_back and go_back_again == False:
                        break
                      if go_back and go_back_again:
                        return True 
                    else:
                      # Command execution results.
                      time.sleep(timesec)
                      response = cb_injector.injection(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename)
                      # Try target page reload (if it is required).
                      if settings.URL_RELOAD:
                        response = requests.url_reload(url, timesec)
                      if menu.options.ignore_session or \
                         session_handler.export_stored_cmd(url, cmd, vuln_parameter) == None:
                        # Evaluate injection results.
                        try:
                          shell = cb_injector.injection_results(response, TAG, cmd)
                          shell = "".join(str(p) for p in shell)
                        except:
                          print ""
                          continue  
                        if not menu.options.ignore_session :
                          session_handler.store_cmd(url, cmd, shell, vuln_parameter)
                      else:
                        shell = session_handler.export_stored_cmd(url, cmd, vuln_parameter)
                      if shell:
                        html_parser = HTMLParser.HTMLParser()
                        shell = html_parser.unescape(shell)
                        # Update logs with executed cmds and execution results.
                        logs.executed_command(filename, cmd, shell)
                      if shell != "":
开发者ID:security-geeks,项目名称:commix,代码行数:67,代码来源:cb_handler.py


示例5: tfb_injection_handler


#.........这里部分代码省略.........
                                        filename,
                                    )
                                    if menu.options.verbose:
                                        print ""
                                    if go_back == True:
                                        break
                                    gotshell = raw_input("(?) Do you want a Pseudo-Terminal? [Y/n/q] > ").lower()
                                    if gotshell in settings.CHOISE_YES:
                                        print ""
                                        print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                                        if readline_error:
                                            checks.no_readline_module()
                                        while True:
                                            try:
                                                # Tab compliter
                                                if not readline_error:
                                                    readline.set_completer(menu.tab_completer)
                                                    # MacOSX tab compliter
                                                    if getattr(
                                                        readline, "__doc__", ""
                                                    ) is not None and "libedit" in getattr(readline, "__doc__", ""):
                                                        readline.parse_and_bind("bind ^I rl_complete")
                                                    # Unix tab compliter
                                                    else:
                                                        readline.parse_and_bind("tab: complete")
                                                cmd = raw_input(
                                                    """commix("""
                                                    + Style.BRIGHT
                                                    + Fore.RED
                                                    + """os_shell"""
                                                    + Style.RESET_ALL
                                                    + """) > """
                                                )
                                                cmd = checks.escaped_cmd(cmd)
                                                if cmd.lower() in settings.SHELL_OPTIONS:
                                                    os_shell_option = checks.check_os_shell_options(
                                                        cmd.lower(), technique, go_back, no_result
                                                    )
                                                    if os_shell_option == False:
                                                        if no_result == True:
                                                            return False
                                                        else:
                                                            return True
                                                    elif os_shell_option == "quit":
                                                        # Delete previous shell (text) files (output) from temp.
                                                        delete_previous_shell(
                                                            separator,
                                                            payload,
                                                            TAG,
                                                            cmd,
                                                            prefix,
                                                            suffix,
                                                            http_request_method,
                                                            url,
                                                            vuln_parameter,
                                                            OUTPUT_TEXTFILE,
                                                            alter_shell,
                                                            filename,
                                                        )
                                                        sys.exit(0)
                                                    elif os_shell_option == "back":
                                                        go_back = True
                                                        break
                                                    elif os_shell_option == "os_shell":
                                                        print Fore.YELLOW + "(^) Warning: You are already into an 'os_shell' mode." + Style.RESET_ALL + "\n"
                                                    elif os_shell_option == "reverse_tcp":
开发者ID:aka99,项目名称:commix,代码行数:67,代码来源:tfb_handler.py


示例6: shellshock_handler


#.........这里部分代码省略.........
            shell, payload = cmd_exec(url, cmd, cve, check_header, filename)
            print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL 
            sys.exit(0)

          else:
            # Pseudo-Terminal shell
            go_back = False
            go_back_again = False
            while True:
              if go_back == True:
                break
              if settings.ENUMERATION_DONE == False and settings.FILE_ACCESS_DONE == False:
                if menu.options.verbose:
                  print ""
              question_msg = "Do you want a Pseudo-Terminal? [Y/n/q] > "
              gotshell = raw_input(settings.print_question_msg(question_msg)).lower()
              if gotshell in settings.CHOICE_YES:
                print ""
                print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                if readline_error:
                  checks.no_readline_module()
                while True:
                  try:
                    # Tab compliter
                    if not readline_error:
                      readline.set_completer(menu.tab_completer)
                      # MacOSX tab compliter
                      if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                        readline.parse_and_bind("bind ^I rl_complete")
                      # Unix tab compliter
                      else:
                        readline.parse_and_bind("tab: complete")
                    cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                    cmd = checks.escaped_cmd(cmd)
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
                      if os_shell_option == False:
                        if no_result == True:
                          return False
                        else:
                          return True 
                      elif os_shell_option == "quit":                    
                        sys.exit(0)
                      elif os_shell_option == "back":
                        go_back = True
                        break
                      elif os_shell_option == "os_shell": 
                          warn_msg = "You are already into an 'os_shell' mode."
                          print settings.print_warning_msg(warn_msg)+ "\n"
                      elif os_shell_option == "reverse_tcp":
                        # Set up LHOST / LPORT for The reverse TCP connection.
                        reverse_tcp.configure_reverse_tcp()
                        while True:
                          if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
                            result = checks.check_reverse_tcp_options(settings.LHOST)
                          else:  
                            cmd = reverse_tcp.reverse_tcp_options()
                            result = checks.check_reverse_tcp_options(cmd)
                          if result != None:
                            if result == 0:
                              return False
                            elif result == 1 or result == 2:
                              go_back_again = True
                              settings.REVERSE_TCP = False
                              break
                          # Command execution results.
开发者ID:ardiansn,项目名称:commix,代码行数:67,代码来源:shellshock.py


示例7: input_cmd

def input_cmd(http_request_method, url, vuln_parameter, ip_src, technique):
  # Pseudo-Terminal shell
  go_back = False
  go_back_again = False
  while True:
    if go_back == True:
      break
    gotshell = raw_input("\n(?) Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
    if gotshell in settings.CHOISE_YES:
      print "\nPseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
      while True:
        try:
          cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
          cmd = checks.escaped_cmd(cmd)
          if cmd.lower() in settings.SHELL_OPTIONS:
            if cmd.lower() == "quit" or cmd.lower() == "back":       
              print ""             
              os._exit(0)
            elif cmd.lower() == "?": 
              menu.shell_options()
            elif cmd.lower() == "os_shell": 
              print Fore.YELLOW + "(^) Warning: You are already into the 'os_shell' mode." + Style.RESET_ALL + "\n"
            elif cmd.lower() == "reverse_tcp":
              # Set up LHOST / LPORT for The reverse TCP connection.
              lhost, lport = reverse_tcp.configure_reverse_tcp()
              while True:
                if lhost and lport in settings.SHELL_OPTIONS:
                  result = checks.check_reverse_tcp_options(lhost)
                else:  
                  cmd = reverse_tcp.reverse_tcp_options(lhost, lport)
                  result = checks.check_reverse_tcp_options(cmd)
                if result != None:
                  if result == 0:
                    return False
                  elif result == 1 or result == 2:
                    go_back_again = True
                    break
                # Command execution results.    
                cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)
                if menu.options.verbose:
                  print ""
                print Back.RED + "(x) Error: The reverse TCP connection to the target host has been failed!" + Style.RESET_ALL
          else:
            # Command execution results.
            cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)

        except KeyboardInterrupt:
          print ""
          os._exit(0)
          
        except:
          print ""
          os._exit(0)

    elif gotshell in settings.CHOISE_NO:
      print ""
      os._exit(0)

    elif gotshell in settings.CHOISE_QUIT:
      print ""
      os._exit(0)

    else:
      if gotshell == "":
        gotshell = "enter"
      print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
      pass
开发者ID:jack51706,项目名称:commix,代码行数:67,代码来源:icmp_exfiltration.py


示例8: input_cmd

def input_cmd(http_request_method, url, vuln_parameter, ip_src, technique):

  err_msg = ""
  if menu.enumeration_options():
    err_msg += "enumeration"
  if menu.file_access_options():
    if err_msg != "":
      err_msg = err_msg + " and "
    err_msg = err_msg + "file-access"

  if err_msg != "":
    print Fore.YELLOW + settings.WARNING_SIGN + "The " + err_msg + " options are not supported by this module because of the structure of the exfiltrated data. Please try using any unix-like commands manually." + Style.RESET_ALL 
     
  # Pseudo-Terminal shell
  go_back = False
  go_back_again = False
  while True:
    if go_back == True:
      break
    gotshell = raw_input("\n" + settings.QUESTION_SIGN + "Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
    if gotshell in settings.CHOISE_YES:
      print "\nPseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
      if readline_error:
        checks.no_readline_module()
      while True:
        try:
          # Tab compliter
          if not readline_error:
            readline.set_completer(menu.tab_completer)
            # MacOSX tab compliter
            if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
              readline.parse_and_bind("bind ^I rl_complete")
            # Unix tab compliter
            else:
              readline.parse_and_bind("tab: complete")
          cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
          cmd = checks.escaped_cmd(cmd)
          if cmd.lower() in settings.SHELL_OPTIONS:
            if cmd.lower() == "quit" or cmd.lower() == "back":       
              print ""             
              os._exit(0)
            elif cmd.lower() == "?": 
              menu.shell_options()
            elif cmd.lower() == "os_shell": 
              print Fore.YELLOW + settings.WARNING_SIGN + "You are already into the 'os_shell' mode." + Style.RESET_ALL + "\n"
            elif cmd.lower() == "reverse_tcp":
              print Fore.YELLOW + settings.WARNING_SIGN + "This option is not supported by this module." + Style.RESET_ALL + "\n"
          else:
            # Command execution results.
            cmd_exec(http_request_method, cmd, url, vuln_parameter, ip_src)

        except KeyboardInterrupt:
          print ""
          os._exit(0)
          
        except:
          print ""
          os._exit(0)

    elif gotshell in settings.CHOISE_NO:
      print ""
      os._exit(0)

    elif gotshell in settings.CHOISE_QUIT:
      print ""
      os._exit(0)

    else:
      if gotshell == "":
        gotshell = "enter"
      print Back.RED + settings.ERROR_SIGN + "'" + gotshell + "' is not a valid answer." + Style.RESET_ALL + "\n"
      pass
开发者ID:hanshaze,项目名称:commix,代码行数:72,代码来源:icmp_exfiltration.py


示例9: fb_injection_handler


#.........这里部分代码省略.........

            try:
              # Pseudo-Terminal shell
              go_back = False
              go_back_again = False
              while True:
                # Delete previous shell (text) files (output)
                if settings.VERBOSITY_LEVEL >= 1:
                  print ""
                delete_previous_shell(separator, payload, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                if settings.VERBOSITY_LEVEL >= 1:
                  print "\n"
                if go_back == True:
                  break
                question_msg = "Do you want a Pseudo-Terminal? [Y/n/q] > "
                sys.stdout.write(settings.print_question_msg(question_msg))
                gotshell = sys.stdin.readline().replace("\n","").lower()
                if gotshell in settings.CHOICE_YES:
                  print ""
                  print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                  if readline_error:
                    checks.no_readline_module()
                  while True:
                    # Tab compliter
                    if not readline_error:
                      readline.set_completer(menu.tab_completer)
                      # MacOSX tab compliter
                      if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                        readline.parse_and_bind("bind ^I rl_complete")
                      # Unix tab compliter
                      else:
                        readline.parse_and_bind("tab: complete")
                    cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                    cmd = checks.escaped_cmd(cmd)
                    # if settings.VERBOSITY_LEVEL >= 1:
                    #   print ""
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
                      if os_shell_option == False:
                        return False
                      elif os_shell_option == "quit": 
                        # Delete previous shell (text) files (output)
                        delete_previous_shell(separator, payload, TAG, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)         
                        sys.exit(0)
                      elif os_shell_option == "back":
                        go_back = True
                        break
                      elif os_shell_option == "os_shell": 
                          warn_msg = "You are already into an 'os_shell' mode."
                          print settings.print_warning_msg(warn_msg)+ "\n"
                      elif os_shell_option == "reverse_tcp":
                        settings.REVERSE_TCP = True
                        # Set up LHOST / LPORT for The reverse TCP connection.
                        reverse_tcp.configure_reverse_tcp()
                        if settings.REVERSE_TCP == False:
                          continue
                        while True:
                          if settings.LHOST and settings.LPORT in settings.SHELL_OPTIONS:
                            result = checks.check_reverse_tcp_options(settings.LHOST)
                          else:  
                            cmd = reverse_tcp.reverse_tcp_options()
                            result = checks.check_reverse_tcp_options(cmd)
                          if result != None:
                            if result == 0:
                              return False
                            elif result == 1 or result == 2:
开发者ID:brianwrf,项目名称:commix,代码行数:67,代码来源:fb_handler.py


示例10: shellshock_handler


#.........这里部分代码省略.........
              else:
                if enumerate_again == "":
                  enumerate_again = "enter"
                print Back.RED + "(x) Error: '" + enumerate_again + "' is not a valid answer." + Style.RESET_ALL
                pass
          else:
            enumeration(url, cve, check_header, filename)

          # File access options.
          if settings.FILE_ACCESS_DONE == True :
            while True:
              file_access_again = raw_input("(?) Do you want to access files again? [Y/n/q] > ").lower()
              if file_access_again in settings.CHOISE_YES:
                file_access(url, cve, check_header, filename)
                break
              elif file_access_again in settings.CHOISE_NO: 
                break
              elif file_access_again in settings.CHOISE_QUIT:
                sys.exit(0)
              else:
                if file_access_again == "":
                  file_access_again  = "enter"
                print Back.RED + "(x) Error: '" + file_access_again  + "' is not a valid answer." + Style.RESET_ALL
                pass
          else:
            file_access(url, cve, check_header, filename)

          if menu.options.os_cmd:
            cmd = menu.options.os_cmd 
            shell = cmd_exec(url, cmd, cve, check_header, filename)
            print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL 
            sys.exit(0)

          else:
            # Pseudo-Terminal shell
            go_back = False
            while True:
              if go_back == True:
                break
              if settings.ENUMERATION_DONE == False and settings.FILE_ACCESS_DONE == False:
               	print ""
              gotshell = raw_input("(?) Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
              if gotshell in settings.CHOISE_YES:
                print ""
                print "Pseudo-Terminal (type '?' for shell options)"
                while True:
                  try:
                    cmd = raw_input("Shell > ")
                    cmd = checks.escaped_cmd(cmd)
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      if cmd.lower() == "?":
                        menu.shell_options()
                      elif cmd.lower() == "quit":
                        sys.exit(0)
                      elif cmd.lower() == "back":
                        go_back = True
                        if checks.next_attack_vector(technique, go_back) == True:
                          break
                        else:
                          if no_result == True:
                            return False 
                          else:
                            return True  
                      else:
                        pass

                    else: 
                      shell = cmd_exec(url, cmd, cve, check_header, filename)
                      print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL + "\n" 
                      
                  except KeyboardInterrupt:
                    raise

                  except:
                    print ""
                    sys.exit(0)

              elif gotshell in settings.CHOISE_NO:
                if checks.next_attack_vector(technique, go_back) == True:
                  break
                else:
                  if no_result == True:
                    return False 
                  else:
                    return True 

              elif gotshell in settings.CHOISE_QUIT:
                sys.exit(0)

              else:
                if gotshell == "":
                  gotshell = "enter"
                print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
                continue
              break
      else:
        continue

  except urllib2.HTTPError, err:
    print "\n" + Fore.YELLOW + "(^) Warning: " + str(err) + Style.RESET_ALL
开发者ID:tdr130,项目名称:commix,代码行数:101,代码来源:shellshock.py


示例11: shellshock_handler


#.........这里部分代码省略.........
            # Pseudo-Terminal shell
            print ""
            go_back = False
            go_back_again = False
            while True:
              if go_back == True:
                break
              if not menu.options.batch:
                question_msg = "Do you want a Pseudo-Terminal shell? [Y/n] > "
                sys.stdout.write(settings.print_question_msg(question_msg))
                gotshell = sys.stdin.readline().replace("\n","").lower()
              else:
                gotshell= ""  
              if len(gotshell) == 0:
                 gotshell= "y"
              if gotshell in settings.CHOICE_YES:
                if not menu.options.batch:
                  print ""
                print "Pseudo-Terminal (type '" + Style.BRIGHT + "?" + Style.RESET_ALL + "' for available options)"
                if readline_error:
                  checks.no_readline_module()
                while True:
                  try:
                    if not readline_error:
                      # Tab compliter
                      readline.set_completer(menu.tab_completer)
                      # MacOSX tab compliter
                      if getattr(readline, '__doc__', '') is not None and 'libedit' in getattr(readline, '__doc__', ''):
                        readline.parse_and_bind("bind ^I rl_complete")
                      # Unix tab compliter
                      else:
                        readline.parse_and_bind("tab: complete")
                    cmd = raw_input("""commix(""" + Style.BRIGHT + Fore.RED + """os_shell""" + Style.RESET_ALL + """) > """)
                    cmd = checks.escaped_cmd(cmd)
                    
                    if cmd.lower() in settings.SHELL_OPTIONS:
                      os_shell_option = checks.check_os_shell_options(cmd.lower(), technique, go_back, no_result) 
                      go_back, go_back_again = check_options(url, cmd, cve, check_header, filename, os_shell_option, http_request_method, go_back, go_back_again)

                      if go_back:
                        break
                    else: 
                      shell, payload = cmd_exec(url, cmd, cve, check_header, filename)
                      if shell != "":
                        # Update logs with executed cmds and execution results.
                        logs.executed_command(filename, cmd, shell)
                        print "\n" + Fore.GREEN + Style.BRIGHT + shell + Style.RESET_ALL + "\n"
                      else:
                        info_msg = "Executing the '" + cmd + "' command... "
                        if settings.VERBOSITY_LEVEL == 1:
                          sys.stdout.write(settings.print_info_msg(info_msg))
                          sys.stdout.flush()
                          sys.stdout.write("\n" + settings.print_payload(payload)+ "\n")

                        elif settings.VERBOSITY_LEVEL > 1:
                          sys.stdout.write(settings.print_info_msg(info_msg))
                          sys.stdout.flush()
                          sys.stdout.write("\n" + settings.print_payload(payload)+ "\n")
                        err_msg = "The '" + cmd + "' command, does not return any output."
                        print settings.print_critical_msg(err_msg) + "\n"

                  except KeyboardInterrupt:
                    raise

                  except SystemExit:
                    raise
开发者ID:security-geeks,项目名称:commix,代码行数:67,代码来源:shellshock.py


示例12: tfb_injection_handler


#.........这里部分代码省略.........
                    break
                  elif file_access_again in settings.CHOISE_QUIT:
                    # Delete previous shell (text) files (output) from /tmp
                    delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                    sys.exit(0)
                  else:
                    if file_access_again == "":
                      file_access_again = "enter"
                    print Back.RED + "(x) Error: '" + file_access_again + "' is not a valid answer." + Style.RESET_ALL
                    pass
              else:
                tfb_file_access.do_check(separator, maxlen, TAG, prefix, suffix, delay, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
              # Check if defined single cmd.
              if menu.options.os_cmd:
                check_how_long, output = tfb_enumeration.single_os_cmd_exec(separator, maxlen, TAG, cmd, prefix, suffix, delay, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                # Exploirt injection result
                tfb_injector.export_injection_results(cmd, separator, output, check_how_long)
                # Delete previous shell (text) files (output) from /tmp
                delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                sys.exit(0)    

              try:    
                # Pseudo-Terminal shell
                go_back = False
                while True:
                  # Delete previous shell (text) files (output) from /tmp
                  delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                  if menu.options.verbose:
                  	print ""
                  if go_back == True:
                    break
                  gotshell = raw_input("(?) Do you want a Pseudo-Terminal shell? [Y/n/q] > ").lower()
                  if gotshell in settings.CHOISE_YES:
                    print ""
                    print "Pseudo-Terminal (type '?' for shell options)"
                    while True:
                      try:
                        cmd = raw_input("Shell > ")
                        cmd = checks.escaped_cmd(cmd)
                        if cmd.lower() in settings.SHELL_OPTIONS:
                          if cmd == "?":
                            menu.shell_options()
                            continue
                          elif cmd.lower() == "quit":
                            # Delete previous shell (text) files (output) from /tmp
                            delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)                          
                            sys.exit(0)
                          elif cmd.lower() == "back":
                            go_back = True
                            if checks.next_attack_vector(technique, go_back) == True:
                              break
                            else:
                              if no_result == True:
                                return False 
                              else:
                                return True 
                          else:
                            pass
                        else:
                          print ""
                          # The main command injection exploitation.
                          check_how_long, output = tfb_injector.injection(separator, maxlen, TAG, cmd, prefix, suffix, delay, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                          # Exploirt injection result
                          tfb_injector.export_injection_results(cmd, separator, output, check_how_long)
                      except KeyboardInterrupt: 
                        # Delete previous shell (text) files (output) from /tmp
                        delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                        raise
                  elif gotshell in settings.CHOISE_NO:
                    if checks.next_attack_vector(technique, go_back) == True:
                      break
                    else:
                      if no_result == True:
                        return False 
                      else:
                        # Delete previous shell (text) files (output) from /tmp
                        delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                        return True  
                  elif gotshell in settings.CHOISE_QUIT:
                    # Delete previous shell (text) files (output) from /tmp
                    delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                    sys.exit(0)
                  else:
                    if gotshell == "":
                      gotshell = "enter"
                    print Back.RED + "(x) Error: '" + gotshell + "' is not a valid answer." + Style.RESET_ALL
                    pass
              except KeyboardInterrupt: 
                # Delete previous shell (text) files (output) from /tmp
                delete_previous_shell(separator, payload, TAG, cmd, prefix, suffix, http_request_method, url, vuln_parameter, OUTPUT_TEXTFILE, alter_shell, filename)
                raise   
            break
    
  if no_result == True:
    print ""
 

鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Python checks.next_attack_vector函数代码示例发布时间:2022-05-27
下一篇:
Python checks.continue_tests函数代码示例发布时间:2022-05-27
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap