Open main menu
Posts
Gists
Guilds
Users
Decipher
Docs
Open user menu
Log in
Sign up
Create a new gist
Posts
Gists
Guilds
Users
Decipher
Docs
Files
cli.src
libs/list.src
libs/scan.src
cli.src
import_code("/home/me/h/libs/list.src") // exports Lst
import_code("/home/me/h/libs/disk.src") // exports Disk
import_code("/home/me/h/libs/nmap.src") // exports Nmap
import_code("/home/me/h/libs/scan.src") // exports Scan
Disk.init("/home/me/h/disks", "passwords")
// this will get more complicated later on, i want to choose a port that i have the most change of getting in
// so i can check a database of exploits see or see the local ip with most ports open etc
pick_a_service = function(nmap)
if nmap.len == 1 then return nmap[0]
if nmap.len == 0 then return null
with_smallest_version = nmap[0]
for service in nmap[1:]
if Nmap.service_version_to_int(service) < Nmap.service_version_to_int(with_smallest_version) then
with_smallest_version = service
end if
end for
return with_smallest_version
end function
scan
Vega = {}
Vega.vega_sig = {}
Vega.vega_sig["description"] = "auto hacking tool"
Vega.vega_sig["args"] = ["ip*", "port"]
Vega.vega_sig["options"] = [{["-v", "--verbose"]: "print more logs"}]
Vega.vega = function(args = [], options = {})
ip = args[0]
port = args[1]
has_verbose = options["-v"]
Nmap.init(ip)
nmap = Nmap.ports
print(
pick_a_service(nmap))
if (not port) then port =
pick_a_service(nmap)
.port
if (typeof(port) == "string") then port = port.to_int
f = function(o)
return o.port == port
end function
service = Lst.find(nmap, @f)
print(port)
print(service)
Scan.metaxploit = include_lib("/lib/metaxploit.so")
Scan.init(ip, port)
Scan.execute
print(Scan.get_exploits
)
end function
import_code("/home/me/h/libs/thor.src") //depends on listlib, exports Thor
Thor.init(Vega, "vega")
libs/list.src
Lst = {}
Lst.to_list = function(map, shallow = false)
list = []
for i in map.indexes
if typeof(map[i]) == "map" then
if shallow == true then
list.push([i, map[i]])
else
list.push([i, Lst.to_list(map[i])])
end if
else
list.push([i, map[i]])
end if
end for
return list
end function
Lst.to_map = function(list)
l = list[0:]
map = {}
for i in indexes(l)
if typeof(l[i][1]) == "list" and l[i][1].len == 2 and typeof(l[i][1][0]) == "string" then
map[l[i][0]] = Lst.to_map(l[i][1])
else
map[l[i][0]] = l[i][1]
end if
end for
return map
end function
Lst.each = function(obj, func)
if typeof(obj) == "map" then
list = Lst.to_list(obj, true)
else
list = obj
end if
result = list[0:] //list copy.
for i in indexes(list)
if typeof(obj) == "map" then
func(result[i][0], result[i][1])
else
func(result[i])
end if
end for
end function
Lst.map = function(list, func)
result = list[0:] //list copy.
for i in indexes(list)
result[i] = func(result[i])
end for
return result
end function
Lst.reject = function(list, func)
result = list[0:] //list copy.
i = 0
while i < result.len
if func(result[i]) == true then
result.remove(i)
continue
end if
i = i + 1
end while
return result
end function
Lst.select = function(list, func)
result = list[0:] //list copy.
i = 0
while i < result.len
if func(result[i]) == false then
result.remove(i)
continue
end if
i = i + 1
end while
return result
end function
Lst.find = function(list, func)
for i in list
if (func(i)) then
return i
end if
end for
return null
end function
// do not rename funcc to to func it will infinite loop
Lst.lsort = function(list, funcc)
f = function(i)
return Lst.to_map([["sort_key", funcc(i)], ["obj", i]])
end function
result = Lst.map(list, @f)
result = result.sort("sort_key")
f = function(i)
return i["obj"]
end function
return Lst.map(result, @f)
end function
Lst.flat = function(list)
result = []
for i in list
if typeof(i) == "list" then
result = result + Lst.flat(i)
else
result.push(i)
end if
end for
return result
end function
Lst.uniq = function(list)
result = []
for i in list
if result.indexOf(i) == null then result.push(i)
end for
return result
end function
Lst.has_any = function(list, value)
for i in list
if i == value then return true
end for
return false
end function
Lst.min = function(list)
min = list[0]
for item in list
if item < min then
min = item
end if
end for
return min
end function
Lst.max = function(list)
max = list[0]
for item in list
if item < max then
max = item
end if
end for
return max
end function
libs/scan.src
map = function(list, func)
result = list[0:] //list copy.
for i in indexes(list)
result[i] = func(result[i])
end for
return result
end function
_or = function(value1, value2)
if value1 == null or value1 == false then
return value2
end if
return value1
end function
// converts scan_address output to a list easier to process
// usage example:
// mem_scan = metaxploit.scan_address(metaLib, entry)
// mem_scan = mem_scan_exploits(mem_scan)
mem_scan_exploits = function(mem_scan)
ex_list = []
while true
ex_mark = mem_scan.indexOf("<b>")
if ex_mark == null then break
// get exploit value
ex_mark_end = mem_scan.indexOf("</b>")
value = slice(mem_scan, ex_mark+3, ex_mark_end)
// get requirements
mem_scan = mem_scan[ex_mark_end+5:]
mem_scan = mem_scan[mem_scan.indexOf(".")+1:]
mem_scan_lines = mem_scan.split(char(10))[1:]
if mem_scan_lines[0].indexOf("*") != null then
req = mem_scan_lines[:mem_scan_lines.indexOf("")]
else
req = []
end if
if req.len >= 1 then
mem_scan = mem_scan[mem_scan.indexOf(req[-1])+req[-1].len+1:]
end if
exploit = [value, req]
//["exploit_name": ["requirement", "requirement"]]
ex_list.push(exploit)
end while
return ex_list
//[
// {"exploit_name": ["requirement", "requirement"]},
// {"exploit_name": ["requirement", "requirement"]}
//]
end function
ScanExploit = {}
ScanExploit.address = null
// "0x62AC77E1"
ScanExploit.value = null
// "applyund"
ScanExploit.requirements = null
// ["* req1", "* req2"]
ScanExploit.result = null
// shell, computer, number, null, file object
ScanExploit.result_info = null
// string with description why the exploit failed
Scan = {}
Scan.ip = null
// string ip "17.233.32.41"
Scan.port = null
// int port 22
Scan.metaxploit = null
// include_lib metaxploit
Scan.lib_path = null
Scan.extra_param = null
Scan.show_null = false
Scan.lib_file = null
Scan.net_session = null
Scan.shell = get_shell
Scan.computer = Scan.shell.host_computer
Scan.meta_lib = null
Scan.lib_name = null
Scan.lib_version = null
Scan.exploits = []
Scan.init = function(ip, port)
self.ip = ip
self.port = port
if self.ip != null then
self.net_session = _or(self.metaxploit.net_use(self.ip, self.port), self.metaxploit.net_use(self.ip))
else
self.lib_file = self.computer.File(self.lib_path)
end if
end function
Scan.execute = function()
if self.lib_file != null then
self.meta_lib = metaxploit.load(self.lib_file.path)
else
self.meta_lib = self.net_session.dump_lib
end if
self.lib_name = self.meta_lib.lib_name
self.lib_version = self.meta_lib.version
self.addresses = self.metaxploit.scan(self.meta_lib)
// ["0x62AC77E1", "0x50D166E8", "0x611B6063", "0x1A9FD00C"]
self.get_exploits
end function
Scan.get_exploits = function()
get_values = function(address)
exploits_text = self.metaxploit.scan_address(self.meta_lib, address)
exploits_values = mem_scan_exploits(exploits_text)
return [address, exploits_values]
end function
self.exploits = map(self.addresses, @get_values)
// [
[
0x611B6063, [[applyund, [* req1, * req2]], ...], ...], ...]
// [0x611B6063, [[applyund, [* req1, * req2]], ...], ...], ...
}
]
result = []
for exploit_values in self.exploits
print(exploit_values)
for value in exploit_values[1]
exploit = new ScanExploit
exploit.address = exploit_values[0]
exploit.value = value[0]
exploit.requirements = value[1]
result.push(exploit)
end for
return exploit
//
return exploit
end for
self.exploits = []
return result
//
self.exploits = []
end function