Open main menu
Posts
Gists
Guilds
Users
Decipher
Docs
Open user menu
Log in
Sign up
Create a new gist
Posts
Gists
Guilds
Users
Decipher
Docs
Files
scan.src
scan.src
map = function(list, func)
result = list[0:] //list copy.
for i in indexes(list)
result[i] = func(result[i])
end for
return result
end function
_or = function(value1, value2)
if value1 == null or value1 == false then
return value2
end if
return value1
end function
// converts scan_address output to a list easier to process
// usage example:
// mem_scan = metaxploit.scan_address(metaLib, entry)
// mem_scan = mem_scan_exploits(mem_scan)
mem_scan_exploits = function(mem_scan)
ex_list = []
while true
ex_mark = mem_scan.indexOf("<b>")
if ex_mark == null then break
// get exploit value
ex_mark_end = mem_scan.indexOf("</b>")
value = slice(mem_scan, ex_mark+3, ex_mark_end)
// get requirements
mem_scan = mem_scan[ex_mark_end+5:]
mem_scan = mem_scan[mem_scan.indexOf(".")+1:]
mem_scan_lines = mem_scan.split("\n")[1:]
if mem_scan_lines[0].indexOf("*") != null then
req = mem_scan_lines[:mem_scan_lines.indexOf("")]
else
req = []
end if
if req.len >= 1 then
mem_scan = mem_scan[mem_scan.indexOf(req[-1])+req[-1].len+1:]
end if
exploit = [value, req]
//["exploit_name": ["requirement", "requirement"]]
ex_list.push(exploit)
end while
return ex_list
//[
// {"exploit_name": ["requirement", "requirement"]},
// {"exploit_name": ["requirement", "requirement"]}
//]
end function
ScanExploit = {}
ScanExploit.address = null
// "0x62AC77E1"
ScanExploit.value = null
// "applyund"
ScanExploit.requirements = null
// ["* req1", "* req2"]
ScanExploit.result = null
// shell, computer, number, null, file object
ScanExploit.result_info = null
// string with description why the exploit failed
Scan = {}
Scan.ip = null
// string ip "17.233.32.41"
Scan.port = null
// int port 22
Scan.metaxploit = null
// include_lib metaxploit
Scan.lib_path = null
Scan.extra_param = null
Scan.show_null = false
Scan.lib_file = null
Scan.net_session = null
Scan.shell = get_shell
Scan.computer = Scan.shell.host_computer
Scan.meta_lib = null
Scan.lib_name = null
Scan.lib_version = null
Scan.exploits = []
Scan.init = function()
if self.ip != null then
self.net_session = _or(self.metaxploit.net_use(self.ip, self.port), self.metaxploit.net_use(self.ip))
else
self.lib_file = self.computer.File(self.lib_path)
end if
end function
Scan.execute = function()
if self.lib_file != null then
self.meta_lib = metaxploit.load(self.lib_file.path)
else
self.meta_lib = self.net_session.dump_lib
end if
self.lib_name = self.meta_lib.lib_name
self.lib_version = self.meta_lib.version
self.addresses = self.metaxploit.scan(self.meta_lib)
// ["0x62AC77E1", "0x50D166E8", "0x611B6063", "0x1A9FD00C"]
self.get_exploits
end function
Scan.get_exploits = function()
get_values = function(address)
exploits_text = self.metaxploit.scan_address(self.meta_lib, address)
exploits_values = mem_scan_exploits(exploits_text)
return [address, exploits_values]
end function
self.exploits = map(self.addresses, @get_values)
// [[0x611B6063, [[applyund, [* req1, * req2]], ...], ...], ...]
result = []
for exploit_values in self.exploits
print(exploit_values)
for value in exploit_values[1]
exploit = new ScanExploit
exploit.address = exploit_values[0]
exploit.value = value[0]
end for
return exploit
end for
self.exploits = []
end function
Scan.ip = "17.226.32.49"
Scan.port = 80
Scan.metaxploit = include_lib("/lib/metaxploit.so")
Scan.init
Scan.execute
print(Scan.exploits)