Files

secure.src farRepo.src wifi.src mapLAN.src corrupt.src getUser.src getShell.src
secure.src
  • //secure system
  • if params.len > 0 then i1 = params[0] else exit("usage: sec [home/h] or [server/s] or [remote/r]")
  • if i1 == "home" or i1 == "h" then home = true else home = null
  • if params.len > 1 then i2 = params[1] else i2 = null
  • if i2 == "server" or i2 == "s" then server = true else server = null
  • if params.len > 2 then i3 = params[2] else i3 = null
  • if i3 == "remote" or i3 == "r" then remote = true else remote = null
  • funct = ""
  • if home then
  • funct = "[home]"
  • else if server then
  • funct = "[server]"
  • else if remote then
  • funct = "[remote]"
  • end if
  • passFileCheck = function(folder)
  • if folder.name == "etc" then
  • print("checking /etc")
  • for file in folder.get_files
  • if file.name == "passwd" then
  • passFile = get_shell.host_computer.File("/etc/passwd")
  • del = passFile.delete
  • if del == "" then print("/etc/passwd removed") else print(del)
  • end if
  • end for
  • end if
  • if folder.name == "root" then
  • print("checking /root/Config")
  • for file in folder.get_folders
  • if file.name == "Config" then
  • cFiles = get_shell.host_computer.File("/root/Config").get_files
  • for cFile in cFiles
  • if cFile.name != "Map.conf" then del = cFile.delete else del = null
  • if del != null then
  • if del == "" then print(cFile.name + " removed") else print(del)
  • end if
  • end for
  • end if
  • end for
  • end if
  • end function
  • main = get_shell.host_computer.File("/")
  • if i2 then main = i2.File("/")
  • folders = main.get_folders
  • files = main.get_files
  • main.set_group("root",1)
  • main.set_owner("root",1)
  • print("\nsecuring <b>" + funct + "</b>")
  • if folders then
  • for folder in folders
  • fpath = folder.path
  • folder.set_group("root",1)
  • folder.set_owner("root",1)
  • folder.chmod("g+rwx", 1)
  • folder.chmod("o+rwx", 1)
  • folder.chmod("u+rwx", 1)
  • print("resetting perms in " + fpath)
  • if home then
  • folder.chmod("o-rwx", 1)
  • folder.chmod("g-rwx", 1)
  • folder.chmod("u-rwx", 1)
  • if fpath == "/bin" or fpath == "/usr" or fpath == "/home" then
  • folder.chmod("g-rwx", 1)
  • folder.chmod("g+rx",1)
  • end if
  • folder.chmod("u+rwx", 1)
  • if folder.name == "home" then
  • homeFolders = folder.get_folders
  • for homeFolder in homeFolders
  • if homeFolder.name == "guest" then
  • guestDel = homeFolder.delete
  • if guestDel == 1 then print("guest folder removed") else print(guestDel)
  • end if
  • end for
  • end if
  • passFileCheck(folder)
  • else if server then
  • folder.chmod("g-rwx", 1)
  • folder.chmod("o-rwx", 1)
  • folder.chmod("u-rwx", 1)
  • if folder.name == "home" then
  • homeFolders = folder.get_folders
  • for homeFolder in homeFolders
  • if homeFolder.name == "guest" then
  • guestDel = homeFolder.delete
  • if guestDel == 1 then print("guest folder removed") else print(guestDel)
  • end if
  • end for
  • end if
  • passFileCheck(folder)
  • else if remote then
  • main.set_group("other",1)
  • main.set_owner("other",1)
  • folder.chmod("g+rwx", 1)
  • folder.chmod("o+rwx", 1)
  • folder.chmod("u+rwx", 1)
  • end if
  • end for
  • else
  • print("can't access folders")
  • end if
farRepo.src
  • //connecting to a computer and running far
  • shell=get_shell.connect_service("IP",port,"root","password","ssh")
  • if shell then
  • //launch far with repository settings
  • path="/root/far"
  • args="0.0.0.0:22:password"
  • shell.launch(path,args)
  • end if
wifi.src
  • cryptools = include_lib("/lib/crypto.so")
  • thisComp = get_shell.host_computer
  • interface = thisComp.network_devices.split(" ")[0]
  • cryptools.airmon("start", interface)
  • networks = thisComp.wifi_networks(interface)
  • outPrint = ""
  • c = 0
  • for net in networks
  • c = c + 1
  • netsp = net.split(" ")
  • outPrint = outPrint + "\n" + c + ". " + netsp[1] + " " + netsp[2]
  • end for
  • print("\n<color=white>" + outPrint)
  • input = user_input("\n<color=#505050>[network# maxAcks]\n<color=#505050><i>ie: [2 15000] (maxAcks optional. default: 10k)\n<color=white><b>></b>")
  • c = 0
  • if input.len > 1 then
  • max = input.split(" ")[1].to_int
  • input = input.split(" ")[0]
  • else
  • max = 10000
  • end if
  • for net in networks
  • c = c + 1
  • if c == input.to_int then
  • netsp = net.split(" ")
  • print("\nconnecting to " + netsp[2])
  • bssid = netsp[0]
  • essid = netsp[2]
  • result = cryptools.aireplay(bssid, essid, max)
  • file = thisComp.File(parent_path(program_path) + "/file.cap")
  • pass = cryptools.aircrack(file.path)
  • if file then del = file.delete else print("can't find " + parent_path(program_path) + "/file.cap")
  • if del == "" then print("file.cap removed") else print(file.delete)
  • print("found password: " + pass)
  • if pass != null then connect = thisComp.connect_wifi(interface, bssid, essid, pass)
  • if connect == 1 then
  • print("***connected to " + netsp[2] + "***")
  • else if connect == null then
  • print("can't find network")
  • else
  • print(connect)
  • end if
  • end if
  • end for
mapLAN.src
  • //scans local network
  • //use 'lan' to display all connections with ports
  • //use 'lan all' to display all connections regardless of port status
  • c = get_shell.host_computer
  • r = get_router
  • devices = r.devices_lan_ip
  • deviceList = []
  • if params.len > 0 then i1 = params[0] else i1 = null
  • print("\n")
  • for device in devices
  • lanDevice = get_router(device)
  • if lanDevice then
  • if deviceList.indexOf(lanDevice.local_ip) == null then deviceList.push(lanDevice.local_ip)
  • end if
  • end for
  • for device in devices
  • ports = null
  • if get_switch(device) == null and get_router != null then
  • deviceInfo = "router"
  • else
  • deviceInfo = "switch"
  • end if
  • lanDevice = get_router(device)
  • if lanDevice then
  • if device == c.local_ip then device = "<color=green>" + device + "</color>"
  • firewall_rules = lanDevice.firewall_rules
  • if firewall_rules and firewall_rules.len > 0 then firewall = "(firewall)" else firewall = ""
  • print("<b>[" + device + "]</b> " + deviceInfo + " " + firewall)
  • for subDevice in lanDevice.devices_lan_ip
  • if deviceList.indexOf(subDevice) == null then
  • ports = lanDevice.device_ports(subDevice)
  • if ports.len > 0 or i1 == "all" then
  • if subDevice == c.local_ip then subDevice = "<color=green>" + subDevice + "</color>"
  • print("<b> [" + subDevice + "]")
  • portPrint = ""
  • for port in ports
  • if lanDevice.port_info(port) != null then info = lanDevice.port_info(port).split(" ")[0] else info = null
  • if info != null then
  • if port.is_closed then
  • port_status = "-"
  • else
  • port_status = "o"
  • end if
  • portPrint = portPrint + ("<i> " + port_status + " " + port.port_number + " " + info + " " + "\n")
  • end if
  • end for
  • if portPrint != "<i> [" then print(portPrint)
  • end if
  • end if
  • end for
  • end if
  • end for
corrupt.src
  • c = get_shell.host_computer
  • var = c.File("/var/")
  • print("\naccessing logs...")
  • c.touch("/var","system.bak")
  • file = c.File("/var/system.log")
  • if file then file.delete
  • bak = c.File("/var/system.bak")
  • if bak then
  • bak.set_content("\n\n\n\n\n\n\n :)")
  • bak.move("/var", "system.log")
  • end if
  • wait(.2)
  • file = c.File("/var/system.log")
  • if file then
  • if file.size < 1000 then
  • print("\n*logs corrupted*\n")
  • file.chmod("u+rw", 1)
  • file.chmod("g+rw", 1)
  • file.chmod("o+rw", 1)
  • else
  • ("\nlog **corruption failed**\n")
  • end if
  • end if
getUser.src
  • //pass overflow obj as result to receive name of user (root/username/guest). May not work with player edited permissions.
  • //******accurate 99.9999999999% of the time <3
  • checkUser = function(result)
  • user = ""
  • rfile = null
  • if typeof(result) == "computer" then
  • file = result.File("/home")
  • rfile = result.File("/root")
  • else if typeof(result) == "shell" then
  • file = result.host_computer.File("/home")
  • rfile = result.host_computer.File("/root")
  • end if
  • if rfile and rfile.has_permission("r") then
  • user = "root"
  • else if rfile then
  • for folder in file.get_folders
  • if folder.has_permission("r") and folder.name != "guest" then user = folder.name
  • end for
  • end if
  • if typeof(result) == "file" then
  • file = result
  • if file.name != "/" then
  • file = file.parent
  • while file.name != "/"
  • file = file.parent
  • end while
  • end if
  • for folder in file.get_folders
  • if folder.name == "root" then
  • if folder.has_permission("r") then user = "root"
  • end if
  • if folder.name == "home" and user != "root" then
  • for sub in folder.get_folders
  • if sub.has_permission("r") and sub.name != "guest" then user = sub.name
  • end for
  • end if
  • end for
  • end if
  • if user == "" then user = "guest"
  • return user
  • end function
getShell.src
  • //shell attack
  • if params.len > 0 then ipAddress = params[0] else exit("<color=white>usage: atk <b>[ip] [port(opt)] [passwd(opt)]\n<color=white> -empty port for router attack\n<color=white> -will find all shell objects")
  • if params.len > 1 then attackPort = params[1].to_int else attackPort = null
  • if params.len > 2 then passwd = params[2] else passwd = ""
  • metaxploit = include_lib("/lib/metaxploit.so")
  • if not metaxploit then
  • metaxploit = include_lib(parent_path(program_path) + "/metaxploit.so")
  • end if
  • metaLib = null
  • libName = null
  • libVer = null
  • net_session = null
  • file = null
  • changePass = null
  • thisComp = get_shell.host_computer
  • if ipAddress == thisComp.local_ip or ipAddress == thisComp.public_ip then isMyIp = true else isMyIp = false
  • memory = null
  • if is_lan_ip(passwd) and not isMyIp then
  • print("<color=#75808A>attacking: " + ipAddress + "\n" + " lan: " + globals.deviceMap["d" + d])
  • else
  • print("\n<color=#75808A>attacking: " + ipAddress + ":" + attackPort + "...")
  • end if
  • if isMyIp and not attackPort then
  • print("\n")
  • path = user_input("<color=#75808A>[/library/path.so]\n<color=white><b>></b>")
  • if metaxploit then
  • if file.has_permission("r") then
  • metaLib = metaxploit.load(path)
  • else
  • print("<color=white>bad permissions")
  • end if
  • else
  • print("<color=white>need metaxploit")
  • end if
  • else
  • if metaxploit then
  • if not attackPort then
  • net_session = metaxploit.net_use(ipAddress)
  • else
  • net_session = metaxploit.net_use(ipAddress,attackPort)
  • end if
  • if not net_session then
  • print("<color=white>can't reach port " + attackPort)
  • else
  • metaLib = net_session.dump_lib
  • print("<color=#75808A>session established")
  • end if
  • else
  • print("<color=white>need metaxploit")
  • end if
  • end if
  • if metaLib then
  • libName = metaLib.lib_name
  • libVer = metaLib.version
  • if metaLib then print("<color=#75808A>scanning library: " + libName + " v." + libVer + "\n")
  • memory = metaxploit.scan(metaLib)
  • if not memory then print("<color=#75808A>no exploits detected.")
  • password = null
  • for mem in memory
  • address = metaxploit.scan_address(metaLib, mem).split("Unsafe check:")
  • userList = null
  • for add in address
  • if add == address[0] then continue
  • value = add[add.indexOf("<b>")+3:add.indexOf("</b>")]
  • if passwd then
  • result = metaLib.overflow(mem, value, passwd)
  • else
  • result = metaLib.overflow(mem, value)
  • end if
  • if result then print("<color=#75808A> *found: " + result + "*\n") else print("<color=#75808A>no results\n")
  • if typeof(result) == "shell" then
  • i = user_input("<color=#75808A>connect?\n<color=white>[1]<color=#75808A> or <color=white>[0]\n<b>></b>")
  • if i == "1" then result.start_terminal
  • if i == "2" then ls(result)
  • end if
  • end for
  • end for
  • end if
  • end if