Permalink
Browse files

OWTF 0.13 Trooper

  • Loading branch information...
2 parents 6a50aa3 + b42ffdf commit 0d21e1eaec5a981d6675c0a0077652f90306a0b1 @7a 7a committed with root Mar 25, 2012
Showing 1,563 changed files with 1,271,063 additions and 265 deletions.
View
@@ -7,3 +7,16 @@
################################################################################
dictionaries/restricted/*
tools/restricted/*
+
+# Tools with license restrictions that prevent re-distribution #
+################################################################
+*/sbd
+
+# Defined OWTF tests with potential proprietary information #
+################################################################
+tests/restricted/*
+
+# Eclipse files #
+#################
+.pydevproject
+.project
View
@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+# Description: Installation script for tools not in Backtrack or unreliable in Backtrack
+# (i.e. Backtrack chose the development version instead of the stable one)
+#
+# owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+# Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the copyright owner nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+DIR=$(dirname $0) # Get current directory
+echo "Copying (linux) sbd from BT to agent directory .. (reason: GPL)"
+cp /usr/bin/sbd $DIR/shell/linux/sbd
@@ -0,0 +1,8 @@
+IMAP_HOST: mail.pwnlabs.es
+IMAP_USER: victim
+IMAP_PASS: victim
+WAIT_SECS: 60
+TRACK_FILE: track.txt
+PROCESS_PLUGIN: link_clicker
+LOG_FILE: log.log
+ERROR_LOG_FILE: error_log.log
No changes.
View
@@ -0,0 +1,106 @@
+#!/usr/bin/env python
+'''
+owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the copyright owner nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Description:
+General purpose functions to assist OWTF Agents
+'''
+import imp, os
+from collections import defaultdict
+
+class Plugin:
+ def Get(self, ModuleName, ModuleFile, ModulePath):# Python fiddling to load a module from a file, there is probably a better way...
+ f, Filename, desc = imp.find_module(ModuleFile.split('.')[0], [ModulePath]) #ModulePath = os.path.abspath(ModuleFile)
+ return imp.load_module(ModuleName, f, Filename, desc)
+
+ def Run(self, Name, Path, Params):
+ return self.Get("", Name, Path+"/").Run(Params)
+
+class Storage:
+ def __init__(self, FileName):
+ self.FileName = FileName
+ self.Init()
+ self.Load()
+
+ def Init(self):
+ self.Content = ""
+
+ def Get(self):
+ return self.Content
+
+ def Set(self, Content):
+ self.Content = Content
+
+ def Load(self):
+ if not os.path.isfile(self.FileName):
+ self.Init()
+ else:
+ self.Set(File().GetAsList(self.FileName)[0].strip())
+
+ def Save(self):
+ #print "Saving Storage " + str(self.Content) + ".."
+ File().Save(self.FileName, self.Content)
+
+class File:
+ def GetAsList(self, FileName):
+ try:
+ Output = open(FileName, 'r').read().split("\n")
+ print "Loaded file: '"+FileName+"'"
+ except IOError, error:
+ print "Cannot open file: '"+FileName+"' ("+str(sys.exc_info())+")"
+ Output = []
+ return Output
+
+ def Save(self, FileName, Data):
+ Data = str(Data)
+ try:
+ print "FileName=" + str(FileName) + ", Data=" + str(Data)
+ print "Saving to File '" + str(FileName) + "' " + str(Data) + ".."
+ File = open(FileName, 'w')
+ File.write(Data)
+ except IOError, error:
+ print "Cannot write to: '" + FileName +"' ("+str(sys.exc_info())+")"
+
+class Config:
+ def __init__(self, FileName):
+ self.Config = defaultdict(list)
+ self.Load(FileName)
+
+ def Load(self, FileName):
+ for Line in File().GetAsList(FileName):
+ try:
+ Name = Line.split(":")[0]
+ Value = Line.replace(Name + ":", "").strip()
+ self.Config[Name] = Value
+ except:
+ print "Cannot parse line: " + Line
+
+ def Get(self, Setting):
+ return self.Config[Setting]
+
+ def Set(self, Setting, Value):
+ self.Config[Setting] = Value
View
@@ -0,0 +1,69 @@
+#!/usr/bin/env python
+'''
+owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the copyright owner nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Description:
+OWTF imap agent daemon, to periodically check email and launch actions
+'''
+import imaplib, time, sys, os
+from general import *
+
+def RunDaemon(Config, Storage):
+ print "Starting Daemon.."
+ try:
+ while True:
+ print "Checking Email.."
+ Connection = imaplib.IMAP4_SSL(Config.Get('IMAP_HOST'))
+ Connection.login(Config.Get('IMAP_USER'), Config.Get('IMAP_PASS'))
+ Connection.select()
+ Typ, Data = Connection.search(None, 'ALL')
+ for ID in Data[0].split():
+ StoredID = 0
+ if Storage.Get():
+ StoredID = int(Storage.Get())
+ if int(ID) > StoredID:
+ print "Processing Message Number=" + ID
+ Typ, Data = Connection.fetch(ID, '(RFC822)')
+ # Run the Plugin specified in the config file (i.e. link_clicker, whatever) to process the message:
+ Plugin().Run(Config.Get('PROCESS_PLUGIN'), 'payloads', {
+ 'Message' : Data
+ , 'Log' : Config.Get('LOG_FILE')
+ , 'ErrorLog' : Config.Get('ERROR_LOG_FILE') })
+ #print 'Message %s\n%s\n' % (Num, Data[0][1])
+ Storage.Set(ID) # Store last processed ID in the counter
+ Connection.close()
+ Connection.logout()
+ Storage.Save()
+ print "Sleeping " + Config.Get('WAIT_SECS') + " seconds..(Control+C to stop agent)"
+ time.sleep(int(Config.Get('WAIT_SECS')))
+ except KeyboardInterrupt:
+ print "Stopping daemon.."
+ Storage.Save()
+
+Config = Config('config.cfg')
+Storage = Storage(Config.Get('TRACK_FILE'))
+RunDaemon(Config, Storage)
View
@@ -0,0 +1,5 @@
+Fri Mar 23 20:02:35 CET 2012 - curl http://www.google.com
+Fri Mar 23 20:02:35 CET 2012 - curl http://www.google.com
+Fri Mar 23 20:02:35 CET 2012 - curl http://www.google.com
+Fri Mar 23 20:02:35 CET 2012 - curl http://www.google.com
+Fri Mar 23 20:02:35 CET 2012 - curl http://www.google.com
@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+'''
+owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the copyright owner nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Description:
+OWTF imap agent daemon plugin, to emulate user clicks via email
+'''
+import re, subprocess
+URL_REGEX = 'http[:a-zA-Z\.\/]+'
+
+def Run(Params):
+ LogStr = " >> " + Params['Log'] + " 2>> " + Params['ErrorLog']
+ for URL in re.findall(URL_REGEX, str(Params['Message'])):
+ print "Found URL=" + URL
+ VisitURLCmd = "curl " + URL
+ subprocess.Popen(VisitURLCmd, shell=True) # Visit URL
+ # Log visit:
+ subprocess.Popen('echo "$(date)" - ' + VisitURLCmd + LogStr, shell=True)
@@ -0,0 +1 @@
+588
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+#
+# owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+# Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the copyright owner nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+echo "The following installation script may solve some potential agent issues
+sudo apt-get install gtk2-engines-pixbuf
@@ -0,0 +1,2 @@
+sbd is a GPL tool and cannot be redistribute it from OWTF
+please copy it from backtrack: /usr/bin/sbd
Binary file not shown.
@@ -0,0 +1,2 @@
+PORT=4444
+PASSWORD=OWTFtest
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+#
+# owtf is an OWASP+PTES-focused try to unite great tools and facilitate pen testing
+# Copyright (c) 2011, Abraham Aranguren <name.surname@gmail.com> Twitter: @7a_ http://7-a.org
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the copyright owner nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+# ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+DIR=$(dirname $0) # Load sbd and config from shell directory
+echo "OWTF Agent - persistent linux shell based on sbd: Shared password encrypted channel with persistent shell access"
+echo "Password and port are configurable from the command line interface (CLI) or a shelld.cfg config file"
+if [ $# -ne 1 ]; then
+ echo "Syntax $0 <port or config file>"
+ exit
+fi
+
+if [ -f $1 ]; then # Config file supplied, read values from there
+ CONFIG=$DIR/$1
+ PORT=$(grep PORT $CONFIG | cut -f2 -d=)
+ PASSWORD=$(grep PASSWORD $CONFIG | cut -f2 -d=)
+else # No config supplied, read parameters from commandline
+ PORT=$1
+ echo "Type a password for the agent"
+ read PASSWORD
+ clear
+fi
+
+echo "Starting persistent listener.."
+$DIR/sbd -nvlp $PORT -e /bin/sh -r0 -k $PASSWORD
Oops, something went wrong.

0 comments on commit 0d21e1e

Please sign in to comment.