Files

probe.src
probe.src
  • metaxploit = include_lib(home_dir + "/metaxploit.so")
  • if not metaxploit then
  • metaxploit = include_lib("/lib/metaxploit.so")
  • end if
  • if not metaxploit then exit("<color=#ff0000>Error: Unable to find 'metaxploit.so'. Put missing library in the 'lib' folder.</color>")
  • help = "Usage: probe [ip_address or lib_path]:(port optinal) [mem_address] [overflow_value] [action] [*action_options] -e=extra_param"
  • if params.len == 0 or params[0] == "-h" or params[0] == "--help" then exit(help)
  • options = []
  • extra_param = null
  • for param in params
  • if param[0] == "-" then
  • params.remove(params.indexOf(param))
  • options.push(param)
  • end if
  • end for
  • for option in options
  • if option.indexOf("-e") != null then
  • extra_param = option[option.indexOf("-e")+3:]
  • print(extra_param)
  • end if
  • end for
  • net_session = null
  • libFile = null
  • if params[0].split(".").len == 4 then
  • url = params[0].split(":")
  • net_session = metaxploit.net_use(url[0])
  • if url.len > 1 then
  • net_session = metaxploit.net_use(url[0], url[1].to_int)
  • end if
  • if not net_session then exit("<color=#ff0000>Error: Unable to connect.</color>")
  • else
  • libFile = get_shell.host_computer.File(params[0])
  • if not libFile then exit("can't find library: " + params[0])
  • end if
  • mem_address = params[1]
  • overflow_value = params[2]
  • action = params[3]
  • action_params = []
  • if params.len > 4 then
  • action_params = params[4:]
  • end if
  • if libFile != null then
  • print("local exploit")
  • metaLib = metaxploit.load(libFile.path)
  • else
  • print("remote exploit")
  • metaLib = net_session.dump_lib
  • end if
  • result = metaLib.overflow(mem_address, overflow_value)
  • if result == null then
  • if extra_param != null then
  • result = metaLib.overflow(mem_address, overflow_value, extra_param)
  • end if
  • end if
  • type = typeof(result)
  • print_action = function(obj, options)
  • file = null
  • file_path = options[0]
  • if typeof(obj) == "computer" then
  • if options.len == 0 then
  • exit("no path provided")
  • else
  • file = obj.File(file_path)
  • end if
  • end if
  • if typeof(obj) == "file" then
  • file = obj
  • end if
  • if typeof(obj) == "shell" then
  • file = obj.host_computer.File(file_path)
  • end if
  • if file.is_folder then
  • files = file.get_files.len + file.get_folders.len
  • if files == 0 then
  • print("the folder is has no files")
  • end if
  • for f in file.get_files
  • print(f.name)
  • end for
  • for f in file.get_folders
  • print("<b>d</b> "+f.name)
  • end for
  • else
  • if file.get_content == "" then
  • print("file is empty")
  • else
  • print(file.get_content)
  • end if
  • end if
  • end function
  • if action == "print" then
  • print("<b>print</b>")
  • print_action(result, action_params)
  • end if
  • if action == "connect" then
  • print("<b>connect</b>")
  • print(result)
  • result.start_terminal
  • end if
  • if action == "scp" then
  • if typeof(result) != "shell" then exit("result is not a shell")
  • print("<b>spc</b>")
  • spc = get_shell.scp(action_params[0], action_params[1], result)
  • print(spc)
  • end if
  • if action == "rename" then
  • print("<b>rename</b>")
  • if typeof(result) == "shell" then comp = result.host_computer
  • if typeof(result) == "computer" then comp = result
  • rname = comp.File(action_params[0]).rename(action_params[1])
  • print(rname)
  • end if
  • if action == "delete" then
  • print("<b>delete</b>")
  • if typeof(result) == "shell" then comp = result.host_computer
  • if typeof(result) == "computer" then comp = result
  • del = comp.File(action_params[0]).delete
  • print(del)
  • end if