2 |
3 | 
4 | 
5 |
6 | A simple toolkit that contains useful tools and capable of control the I/Os of those tools to make it easier your life in CTFs.
7 |
8 | ## :exclamation: Requirements
9 |
10 | Supported distros are :arrow_heading_down:
11 | * [Kali](https://www.kali.org/)
12 | * [Ubuntu](https://www.ubuntu.com/)
13 | * [Mint](https://linuxmint.com/)
14 | * [Debian](https://www.debian.org/)
15 |
16 | Supported python versions are 2.7.X
17 |
18 | ## ⚙ Installation
19 |
20 | Open the terminal and type the following command :arrow_heading_down:
21 | ```bash
22 | bash <(curl https://raw.githubusercontent.com/AUCyberClub/axion/master/Installiation.sh)
23 | ```
24 |
25 | For manuel installation :arrow_right: [click here!](https://github.com/AUCyberClub/axion/wiki/(ENG)-Installiation)
26 |
27 | ## :video_game: Usage
28 |
29 | * If you installed with script, open the terminal and type the following command :arrow_heading_down:
30 |
31 | ```bash
32 | axion
33 | ```
34 | * If you installed manually, open the terminal and type the following command :arrow_heading_down:
35 |
36 | ```bash
37 | python2 axion.py
38 | ```
39 |
40 | For detailed usage manual :arrow_right: [click here!](https://github.com/AUCyberClub/axion/wiki)
41 |
42 | ## :camera: Screenshots
43 |
44 | 
45 | 
46 | 
47 |
48 | ## ✌️ [Authors](https://github.com/AUCyberClub/axion/graphs/contributors)
49 |
50 | ## :question: Questions and Contributing
51 |
52 | If you have any questions, ideas or whatsoever, please create new issues or send pull requests.
53 |
54 |
55 |
56 |
--------------------------------------------------------------------------------
/Installiation.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | clear
4 |
5 | echo " ____________________________________________ "
6 | echo "|****WELCOME TO AUCC AXION INSTALLIATION*****|"
7 | echo "|____________________________________________|"
8 | echo ""
9 | echo "Axion is a simple toolkit that contains useful tools and capable of control the I/Os of those tools to make it easier your life in CTFs."
10 | echo ""
11 | echo "This program is under GPL-3 LICENSE"
12 | echo ""
13 | echo "https://github.com/AUCyberClub/axion"
14 | echo ""
15 | echo "Axion uses or controls following tools or packages--->"
16 | echo ""
17 | echo "git binwalk exiftool"
18 | echo "volatility python-pip python-pexpect"
19 | echo "wget zbar-tools pdf-parser"
20 | echo "john-jumbo"
21 | echo ""
22 | echo "Axion uses following external python libraries--->"
23 | echo ""
24 | echo "setuptools colorama hashid pybase64"
25 | echo ""
26 | echo "_______________________________________________________"
27 | echo ""
28 | echo "Choose a language to continue the installation"
29 | echo ""
30 | echo "'T' for Turkish and 'E' for English --->"
31 |
32 | read lang
33 |
34 | if [ "$lang" = "E" ]; then
35 | git clone https://github.com/AUCyberClub/axion.git
36 | elif [ "$lang" = "T" ]; then
37 | git clone https://github.com/AUCyberClub/axion-tr axion
38 | else
39 | echo "Wrong input !!"
40 | exit 1
41 | fi
42 |
43 | sudo apt-get install git binwalk exiftool volatility python-pip python-pexpect wget zbar-tools
44 | cd axion
45 | sudo pip install -r requirements.txt
46 | path=$(pwd | grep axion)
47 | echo "#!/bin/bash" >> axion
48 | echo "cd $path" >> axion
49 | echo "python2 $path/axion.py" >> axion
50 | sudo chmod +x axion
51 | sudo mv axion /usr/bin
52 |
53 | #John Jumbo Donwloader
54 | wget http://download.openwall.net/pub/projects/john/contrib/linux/john-1.7.9-jumbo-5-Linux-x86-64.tar.gz
55 | tar -xvf john-1.7.9-jumbo-5-Linux-x86-64.tar.gz
56 | mv john-1.7.9-jumbo-5-Linux-x86-64/run ./john_files
57 | chmod +x john_files/*
58 | rm -rf john-1.7.9-jumbo*
59 |
--------------------------------------------------------------------------------
/imports/hash_ident.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 |
17 | logo = ("""
18 | _ __ _____ ___ _ _ _ _ _ ____ ____
19 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
20 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
21 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
22 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
23 | """)
24 |
25 | def hash_ident():
26 | check_call(["clear"])
27 | while True:
28 | print (logo)
29 | colorprint("info", "'hashid' will be used to identify hash.")
30 | colorprint("info", "Waiting for hash value...")
31 | colorprint("warn", "9-->Go back to the top menu")
32 | colorprint("fatal", "0-->Quit")
33 |
34 | raw_hash = raw_input("Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_ident" + Style.RESET_ALL + ")\n-->")
35 |
36 | if raw_hash == "9":
37 | return
38 | elif raw_hash == "0":
39 | sys.exit()
40 | else:
41 | std = Popen(["hashid", raw_hash], stdout=PIPE, stderr=PIPE)
42 | (out, err) = std.communicate()
43 | if out.find("Unknown") == -1:
44 | colorprint("success", out)
45 | else:
46 | colorprint("fatal", out)
47 |
48 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
49 |
50 | if __name__ == "__main__":
51 | hash_ident()
52 |
53 |
54 |
--------------------------------------------------------------------------------
/imports/xor_decoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys, base64
4 | from subprocess import check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 | logo = ("""
17 | _ __ _____ ___ _ _ _ _ _ ____ ____
18 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
19 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
20 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
21 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
22 | """)
23 |
24 |
25 | def decode_xor(xor_msg):
26 | text_msg = ""
27 | for character in base64.b64decode(xor_msg):
28 | text_msg += chr(ord(character) ^ ord('_'))
29 | return text_msg
30 |
31 |
32 | def xor_decoder():
33 | check_call(["clear"])
34 | while True:
35 | print (logo)
36 | colorprint("info", "In this section you can decrypt XOR-ed messages.")
37 | colorprint("info", "Enter the cipher:")
38 | colorprint("warn", "9-->Go back to the top menu")
39 | colorprint("fatal", "0-->Quit")
40 |
41 | xor_msg = raw_input(
42 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/xor_decoder" + Style.RESET_ALL + ")\n-->")
43 |
44 | if xor_msg == "9":
45 | return
46 | elif xor_msg == "0":
47 | sys.exit()
48 | else:
49 | text_msg = decode_xor(xor_msg)
50 | colorprint("success","Your message decrypted.")
51 | print ("Plaintext:\n--> %s" % text_msg)
52 |
53 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
54 |
55 | if __name__ == "__main__":
56 | xor_decoder()
57 |
--------------------------------------------------------------------------------
/imports/base64_decoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys, base64
4 | from subprocess import check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 |
17 | logo = ("""
18 | _ __ _____ ___ _ _ _ _ _ ____ ____
19 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
20 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
21 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
22 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
23 | """)
24 |
25 |
26 | def decode_base64(base64_msg):
27 | text_msg = base64.b64decode(base64_msg)
28 | return text_msg
29 |
30 |
31 | def base64_decoder():
32 | check_call(["clear"])
33 | while True:
34 | print (logo)
35 | colorprint("info", "In this section you can decode Base64-encoded strings.")
36 | colorprint("info", "Please input ciphertext:")
37 | colorprint("warn", "9-->Go back to the top menu")
38 | colorprint("fatal", "0-->Quit")
39 |
40 | base64_msg = raw_input(
41 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/base64_decoder" + Style.RESET_ALL + ")\n-->")
42 |
43 | if base64_msg == "9":
44 | return
45 | elif base64_msg == "0":
46 | sys.exit()
47 | else:
48 | base64_msg = base64_msg.replace(" ", "")
49 | text_msg = decode_base64(base64_msg)
50 |
51 | colorprint("success","Your message decoded.")
52 | print ("Plaintext:\n--> %s" % text_msg)
53 |
54 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
55 |
56 | if __name__ == "__main__":
57 | base64_decoder()
58 |
--------------------------------------------------------------------------------
/imports/rot13_caesar.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import check_call
5 | from colorama import Fore, Style
6 | from string import maketrans, translate
7 |
8 |
9 | def colorprint(verbosity, text):
10 | if verbosity == "fatal":
11 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
12 | if verbosity == "warn":
13 | print(Fore.YELLOW + text + Style.RESET_ALL)
14 | if verbosity == "info":
15 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
16 | if verbosity == "success":
17 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
18 |
19 |
20 | logo = ("""
21 | _ __ _____ ___ _ _ _ _ _ ____ ____
22 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
23 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
24 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
25 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
26 | """)
27 |
28 |
29 | def shift(alphabet, n):
30 | alphabet = list(alphabet)
31 | for i in range(len(alphabet) - n):
32 | alphabet[i] = chr(ord(alphabet[i]) + n)
33 | for i in range(n):
34 | alphabet[25 - i] = chr(ord(alphabet[25 - i]) + n - 26)
35 | alphabet = ''.join(alphabet)
36 | return alphabet
37 |
38 |
39 | def rot_to_text(n, text):
40 | upper = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
41 | lower = "abcdefghijklmnopqrstuvwxyz"
42 | upper_rot = shift(upper, n)
43 | lower_rot = shift(lower, n)
44 | rot = maketrans(upper + lower, upper_rot + lower_rot)
45 | return translate(text, rot)
46 |
47 |
48 | def rot13_caesar():
49 | check_call(["clear"])
50 | while True:
51 | print (logo)
52 |
53 | colorprint("info", "Here, you can decrypt Caesar and ROT13 encrypted messages.")
54 | colorprint("info", "Enter ciphertext:")
55 | colorprint("warn", "9-->Go back to the top menu")
56 | colorprint("fatal", "0-->Quit")
57 |
58 | caesar_msg = raw_input(
59 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/rot13_caesar" + Style.RESET_ALL + ")\n-->")
60 |
61 | if caesar_msg == "9":
62 | return
63 | elif caesar_msg == "0":
64 | sys.exit()
65 | else:
66 | colorprint("success", "All cases are below:")
67 | for i in range(1,26):
68 | rot_msg = rot_to_text(i,caesar_msg)
69 | colorprint("info", "ROT" + str(i) + ": " + rot_msg)
70 |
71 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
72 |
73 | if __name__ == "__main__":
74 | rot13_caesar()
75 |
--------------------------------------------------------------------------------
/imports/handbook.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import os,sys,time
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | import webbrowser
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 |
27 | def handbook():
28 | while True:
29 |
30 | check_call(["clear"])
31 | print (logo)
32 | colorprint("info", "You can find lot of information about CTFs here.")
33 | colorprint("info", "Please select a topic.")
34 | colorprint("info", "1-->Reverse Engineering")
35 | colorprint("info", "2-->Cryptography")
36 | colorprint("warn", "9-->Go back to the top menu")
37 | colorprint("fatal", "0-->Quit")
38 |
39 | choice = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/handbook"+Style.RESET_ALL+")\n-->")
40 |
41 | if choice == "9":
42 | return
43 |
44 | elif choice == "0":
45 | sys.exit()
46 |
47 | elif choice == "1":
48 | page = os.path.realpath(__file__) + "/../../handbook_files/reverse/reverse.html"
49 | savout = os.dup(1)
50 | os.close(1)
51 | os.open(os.devnull, os.O_RDWR)
52 | try:
53 | webbrowser.open('file:///{}'.format(page))
54 | time.sleep(1)
55 | finally:
56 | os.dup2(savout, 1)
57 |
58 | elif choice == "2":
59 | page = os.path.realpath(__file__) + "/../../handbook_files/crypto/crypto.html"
60 | savout = os.dup(1)
61 | os.close(1)
62 | os.open(os.devnull, os.O_RDWR)
63 | try:
64 | webbrowser.open('file:///{}'.format(page))
65 | time.sleep(1)
66 | finally:
67 | os.dup2(savout, 1)
68 |
69 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
70 |
71 | if __name__ == "__main__":
72 | handbook()
73 |
74 |
75 |
--------------------------------------------------------------------------------
/imports/morse_decoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 | logo = ("""
17 | _ __ _____ ___ _ _ _ _ _ ____ ____
18 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
19 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
20 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
21 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
22 | """)
23 |
24 | morseAlphabet ={
25 | "A" : ".-",
26 | "B" : "-...",
27 | "C" : "-.-.",
28 | "D" : "-..",
29 | "E" : ".",
30 | "F" : "..-.",
31 | "G" : "--.",
32 | "H" : "....",
33 | "I" : "..",
34 | "J" : ".---",
35 | "K" : "-.-",
36 | "L" : ".-..",
37 | "M" : "--",
38 | "N" : "-.",
39 | "O" : "---",
40 | "P" : ".--.",
41 | "Q" : "--.-",
42 | "R" : ".-.",
43 | "S" : "...",
44 | "T" : "-",
45 | "U" : "..-",
46 | "V" : "...-",
47 | "W" : ".--",
48 | "X" : "-..-",
49 | "Y" : "-.--",
50 | "Z" : "--..",
51 | " " : "/"
52 | }
53 | inverseMorseAlphabet = dict((v,k) for (k,v) in morseAlphabet.items())
54 |
55 | def decode_morse(morse_msg):
56 | text_msg = ""
57 | for item in morse_msg.split(' '):
58 | text_msg = text_msg + inverseMorseAlphabet[item]
59 | return text_msg
60 |
61 | def morse_decoder():
62 | check_call(["clear"])
63 | while True:
64 | print (logo)
65 | colorprint("info", "In this section, you can decode Morse encoded messages.")
66 | colorprint("info", "Enter the Morse code:")
67 | colorprint("warn", "i.e -> .-- . / .-.. --- ...- . / .- ..- -.-. -.-. ")
68 | colorprint("warn", "9-->Go back to the top menu")
69 | colorprint("fatal", "0-->Quit")
70 |
71 | morse_msg = raw_input(
72 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/morse_decoder" + Style.RESET_ALL + ")\n-->")
73 |
74 | if morse_msg == "9":
75 | return
76 | elif morse_msg == "0":
77 | sys.exit()
78 | else:
79 | text_msg = decode_morse(morse_msg)
80 | colorprint("success", "Your message decoded.")
81 | print ("Message:\n--> %s" %text_msg)
82 |
83 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
84 |
85 | if __name__ == "__main__":
86 | morse_decoder()
87 |
--------------------------------------------------------------------------------
/imports/find_file_ext.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 | def find_file_ext():
27 | while True:
28 | check_call(["clear"])
29 | print (logo)
30 | colorprint("info", "The 'file' command will be used to determine file format.")
31 |
32 | path = config_get('paths', 'path')
33 | if path == '':
34 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
35 | colorprint("fatal","\n\tPlease specify one to continue:\n")
36 |
37 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/find_file_ext"+Style.RESET_ALL+")\n-->")
38 |
39 | config_set('paths', 'path', path)
40 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
41 |
42 | colorprint("success", "\n[*] Using "+path+"\n")
43 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
44 |
45 | if choice == 'p':
46 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/find_file_ext"+Style.RESET_ALL+")\n--> New path: ")
47 | config_set('paths', 'path', path)
48 | colorprint("success", "\n[*] Using "+path+"\n")
49 |
50 | std = Popen(["file", path], stdout=PIPE, stderr=PIPE)
51 | (out, err) = std.communicate()
52 |
53 | if out.find("No") == -1:
54 | colorprint("success", out)
55 | else:
56 | colorprint("fatal", out)
57 |
58 | colorprint("warn", "9-->Go back to the top menu")
59 | colorprint("fatal", "0-->Quit")
60 |
61 | choice = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/find_file_ext"+Style.RESET_ALL+")\n-->").lower()
62 |
63 | if choice == "9":
64 | return
65 | elif choice == "0":
66 | sys.exit()
67 |
68 | if __name__ == "__main__":
69 | find_file_ext()
70 |
71 |
72 |
--------------------------------------------------------------------------------
/imports/qr_decoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 |
9 | def colorprint(verbosity, text):
10 | if verbosity == "fatal":
11 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
12 | if verbosity == "warn":
13 | print(Fore.YELLOW + text + Style.RESET_ALL)
14 | if verbosity == "info":
15 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
16 | if verbosity == "success":
17 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
18 |
19 |
20 | logo = ("""
21 | _ __ _____ ___ _ _ _ _ _ ____ ____
22 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
23 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
24 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
25 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
26 | """)
27 |
28 |
29 | def qr_decoder():
30 | while True:
31 | check_call(["clear"])
32 | print (logo)
33 | colorprint("info", "The 'zbarimg' command will be used to decode QRCode")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal", "\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input(
41 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/qr_decoder" + Style.RESET_ALL + ")\n-->")
42 |
43 | config_set('paths', 'path', path)
44 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
45 |
46 | colorprint("success", "\n[*] Using " + path + "\n")
47 | choice = raw_input(
48 | Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
49 |
50 | if choice == 'p':
51 | path = raw_input(
52 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/qr_decoder" + Style.RESET_ALL + ")\n--> New path: ")
53 | config_set('paths', 'path', path)
54 | colorprint("success", "\n[*] Using " + path + "\n")
55 |
56 | std = Popen(["zbarimg", path], stdout=PIPE, stderr=PIPE)
57 | (out, err) = std.communicate()
58 |
59 | if out.find("No") == -1:
60 | colorprint("success", out)
61 | else:
62 | colorprint("fatal", out)
63 |
64 | if err:
65 | colorprint("fatal", err)
66 |
67 | colorprint("warn", "9-->Go back to the top menu")
68 | colorprint("fatal", "0-->Quit")
69 |
70 | choice = raw_input(
71 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/qr_decoder" + Style.RESET_ALL + ")\n-->").lower()
72 |
73 | if choice == "9":
74 | return
75 | elif choice == "0":
76 | sys.exit()
77 |
78 |
79 | if __name__ == "__main__":
80 | qr_decoder()
81 |
82 |
83 |
--------------------------------------------------------------------------------
/imports/volatility_info.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 |
28 | def volatility_info():
29 |
30 | while True:
31 |
32 | check_call(["clear"])
33 | print (logo)
34 | colorprint("info","'volatility' will be used to determine profile(to model OS).")
35 |
36 | path = config_get('paths', 'path')
37 | if path == '':
38 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
39 | colorprint("fatal","\n\tPlease specify one to continue:\n")
40 |
41 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_info"+Style.RESET_ALL+")\n-->")
42 |
43 | config_set('paths', 'path', path)
44 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
45 |
46 | colorprint("success", "\n[*] Using "+path+"\n")
47 |
48 | colorprint("warn","9-->Go back to the top menu")
49 | colorprint("fatal","0-->Quit")
50 |
51 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
52 |
53 | if choice == "9":
54 | return
55 | elif choice == "0":
56 | sys.exit()
57 | if choice == 'p':
58 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_info"+Style.RESET_ALL+")\n--> New path: ")
59 | config_set('paths', 'path', path)
60 | colorprint("success", "\n[*] Using "+path+"\n")
61 |
62 | colorprint("warn", "Please wait...")
63 |
64 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
65 | (out, err) = std.communicate()
66 |
67 | if err.find("The requested file doesn't exist") != -1:
68 | colorprint("fatal" ,err)
69 |
70 | else:
71 | out = out.rstrip()
72 |
73 | if out.find("No") != -1:
74 | colorprint("warn", out)
75 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
76 | else:
77 | colorprint("success", out.replace(" ", ""))
78 |
79 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
80 |
81 | if __name__ == "__main__":
82 | volatility_info()
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | # Created by https://www.gitignore.io/api/python,pycharm+all
3 |
4 | ### PyCharm+all ###
5 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
6 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
7 |
8 | # User-specific stuff:
9 | .idea/**/workspace.xml
10 | .idea/**/tasks.xml
11 | .idea/dictionaries
12 |
13 | # Sensitive or high-churn files:
14 | .idea/**/dataSources/
15 | .idea/**/dataSources.ids
16 | .idea/**/dataSources.xml
17 | .idea/**/dataSources.local.xml
18 | .idea/**/sqlDataSources.xml
19 | .idea/**/dynamic.xml
20 | .idea/**/uiDesigner.xml
21 |
22 | # Gradle:
23 | .idea/**/gradle.xml
24 | .idea/**/libraries
25 |
26 | # CMake
27 | cmake-build-debug/
28 |
29 | # Mongo Explorer plugin:
30 | .idea/**/mongoSettings.xml
31 |
32 | ## File-based project format:
33 | *.iws
34 |
35 | ## Plugin-specific files:
36 |
37 | # IntelliJ
38 | /out/
39 |
40 | # mpeltonen/sbt-idea plugin
41 | .idea_modules/
42 |
43 | # JIRA plugin
44 | atlassian-ide-plugin.xml
45 |
46 | # Cursive Clojure plugin
47 | .idea/replstate.xml
48 |
49 | # Ruby plugin and RubyMine
50 | /.rakeTasks
51 |
52 | # Crashlytics plugin (for Android Studio and IntelliJ)
53 | com_crashlytics_export_strings.xml
54 | crashlytics.properties
55 | crashlytics-build.properties
56 | fabric.properties
57 |
58 | ### PyCharm+all Patch ###
59 | # Ignores the whole idea folder
60 | # See https://github.com/joeblau/gitignore.io/issues/186 and https://github.com/joeblau/gitignore.io/issues/360
61 |
62 | .idea/
63 |
64 | ### Python ###
65 | # Byte-compiled / optimized / DLL files
66 | __pycache__/
67 | *.py[cod]
68 | *$py.class
69 |
70 | # C extensions
71 | *.so
72 |
73 | # Distribution / packaging
74 | .Python
75 | build/
76 | develop-eggs/
77 | dist/
78 | downloads/
79 | eggs/
80 | .eggs/
81 | lib/
82 | lib64/
83 | parts/
84 | sdist/
85 | var/
86 | wheels/
87 | *.egg-info/
88 | .installed.cfg
89 | *.egg
90 |
91 | # PyInstaller
92 | # Usually these files are written by a python script from a template
93 | # before PyInstaller builds the exe, so as to inject date/other infos into it.
94 | *.manifest
95 | *.spec
96 |
97 | # Installer logs
98 | pip-log.txt
99 | pip-delete-this-directory.txt
100 |
101 | # Unit test / coverage reports
102 | htmlcov/
103 | .tox/
104 | .coverage
105 | .coverage.*
106 | .cache
107 | .pytest_cache/
108 | nosetests.xml
109 | coverage.xml
110 | *.cover
111 | .hypothesis/
112 |
113 | # Translations
114 | *.mo
115 | *.pot
116 |
117 | # Flask stuff:
118 | instance/
119 | .webassets-cache
120 |
121 | # Scrapy stuff:
122 | .scrapy
123 |
124 | # Sphinx documentation
125 | docs/_build/
126 |
127 | # PyBuilder
128 | target/
129 |
130 | # Jupyter Notebook
131 | .ipynb_checkpoints
132 |
133 | # pyenv
134 | .python-version
135 |
136 | # celery beat schedule file
137 | celerybeat-schedule.*
138 |
139 | # SageMath parsed files
140 | *.sage.py
141 |
142 | # Environments
143 | .env
144 | .venv
145 | env/
146 | venv/
147 | ENV/
148 | env.bak/
149 | venv.bak/
150 |
151 | # Spyder project settings
152 | .spyderproject
153 | .spyproject
154 |
155 | # Rope project settings
156 | .ropeproject
157 |
158 | # mkdocs documentation
159 | /site
160 |
161 | # mypy
162 | .mypy_cache/
163 |
164 |
165 | # End of https://www.gitignore.io/api/python,pycharm+all
166 |
--------------------------------------------------------------------------------
/imports/volatility_pslist.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 | def volatility_pslist():
28 |
29 | while True:
30 |
31 | check_call(["clear"])
32 | print (logo)
33 | colorprint("info","'volatility' will be used to list processes.")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal","\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_pslist"+Style.RESET_ALL+")\n-->")
41 |
42 | config_set('paths', 'path', path)
43 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
44 |
45 | colorprint("success", "\n[*] Using "+path+"\n")
46 |
47 | colorprint("warn","9-->Go back to the top menu")
48 | colorprint("fatal","0-->Quit")
49 |
50 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
51 |
52 | if choice == "9":
53 | return
54 | elif choice == "0":
55 | sys.exit()
56 | if choice == 'p':
57 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_pslist"+Style.RESET_ALL+")\n--> New path: ")
58 | config_set('paths', 'path', path)
59 | colorprint("success", "\n[*] Using "+path+"\n")
60 |
61 | colorprint("warn", "Please wait...")
62 |
63 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
64 | (out, err) = std.communicate()
65 |
66 | if err.find("The requested file doesn't exist") != -1:
67 | colorprint("fatal" ,err)
68 |
69 | else:
70 | out = out.rstrip()
71 |
72 | if out.find("No") != -1:
73 | colorprint("warn", out)
74 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
75 |
76 | else:
77 | std = Popen("volatility -f " + path + " --profile" + out + " pslist", shell=True, stdout=PIPE,stderr=PIPE)
78 | (out, err) = std.communicate()
79 |
80 | colorprint("success", out)
81 |
82 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
83 |
84 | if __name__ == "__main__":
85 | volatility_pslist()
86 |
--------------------------------------------------------------------------------
/imports/volatility_cmdscan.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 | def volatility_cmdscan():
28 |
29 | while True:
30 |
31 | check_call(["clear"])
32 | print (logo)
33 | colorprint("info","'volatility' will be used to look for CMD command history buffers.")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal","\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_cmdscan"+Style.RESET_ALL+")\n-->")
41 |
42 | config_set('paths', 'path', path)
43 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
44 |
45 | colorprint("success", "\n[*] Using "+path+"\n")
46 |
47 | colorprint("warn","9-->Go back to the top menu")
48 | colorprint("fatal","0-->Quit")
49 |
50 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
51 |
52 | if choice == "9":
53 | return
54 | elif choice == "0":
55 | sys.exit()
56 | if choice == 'p':
57 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_cmdscan"+Style.RESET_ALL+")\n--> New path: ")
58 | config_set('paths', 'path', path)
59 | colorprint("success", "\n[*] Using "+path+"\n")
60 |
61 | colorprint("warn", "Please wait...")
62 |
63 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
64 | (out, err) = std.communicate()
65 |
66 | if err.find("The requested file doesn't exist") != -1:
67 | colorprint("fatal" ,err)
68 |
69 | else:
70 | out = out.rstrip()
71 |
72 | if out.find("No") != -1:
73 | colorprint("warn", out)
74 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
75 |
76 | else:
77 | std = Popen("volatility -f " + path + " --profile" + out + " cmdscan", shell=True, stdout=PIPE,stderr=PIPE)
78 | (out, err) = std.communicate()
79 |
80 | colorprint("success", out)
81 |
82 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
83 |
84 | if __name__ == "__main__":
85 | volatility_cmdscan()
--------------------------------------------------------------------------------
/imports/volatility_notepad.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 | def volatility_notepad():
28 |
29 | while True:
30 |
31 | check_call(["clear"])
32 | print (logo)
33 | colorprint("info","'volatility' will be used to look for currently displayed Notepad's.")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal","\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_notepad"+Style.RESET_ALL+")\n-->")
41 |
42 | config_set('paths', 'path', path)
43 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
44 |
45 | colorprint("success", "\n[*] Using "+path+"\n")
46 |
47 | colorprint("warn","9-->Go back to the top menu")
48 | colorprint("fatal","0-->Quit")
49 |
50 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
51 |
52 | if choice == "9":
53 | return
54 | elif choice == "0":
55 | sys.exit()
56 | if choice == 'p':
57 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_notepad"+Style.RESET_ALL+")\n--> New path: ")
58 | config_set('paths', 'path', path)
59 | colorprint("success", "\n[*] Using "+path+"\n")
60 |
61 | colorprint("warn", "Please wait...")
62 |
63 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
64 | (out, err) = std.communicate()
65 |
66 | if err.find("The requested file doesn't exist") != -1:
67 | colorprint("fatal" ,err)
68 |
69 | else:
70 | out = out.rstrip()
71 |
72 | if out.find("No") != -1:
73 | colorprint("warn", out)
74 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
75 |
76 | else:
77 | std = Popen("volatility -f " + path + " --profile" + out + " notepad", shell=True, stdout=PIPE,stderr=PIPE)
78 | (out, err) = std.communicate()
79 |
80 | colorprint("success", out)
81 |
82 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
83 |
84 | if __name__ == "__main__":
85 | volatility_notepad()
86 |
--------------------------------------------------------------------------------
/imports/volatility_iehistory.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 | def volatility_iehistory():
28 |
29 | while True:
30 |
31 | check_call(["clear"])
32 | print (logo)
33 | colorprint("info","'volatility' will be used to look for Internet Explorer history cache information.")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal","\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_iehistory"+Style.RESET_ALL+")\n-->")
41 |
42 | config_set('paths', 'path', path)
43 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
44 |
45 | colorprint("success", "\n[*] Using "+path+"\n")
46 |
47 | colorprint("warn","9-->Go back to the top menu")
48 | colorprint("fatal","0-->Quit")
49 |
50 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
51 |
52 | if choice == "9":
53 | return
54 | elif choice == "0":
55 | sys.exit()
56 | if choice == 'p':
57 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_iehistory"+Style.RESET_ALL+")\n--> New path: ")
58 | config_set('paths', 'path', path)
59 | colorprint("success", "\n[*] Using "+path+"\n")
60 |
61 | colorprint("warn", "Please wait...")
62 |
63 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
64 | (out, err) = std.communicate()
65 |
66 | if err.find("The requested file doesn't exist") != -1:
67 | colorprint("fatal" ,err)
68 |
69 | else:
70 | out = out.rstrip()
71 |
72 | if out.find("No") != -1:
73 | colorprint("warn", out)
74 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
75 |
76 | else:
77 | std = Popen("volatility -f " + path + " --profile" + out + " iehistory", shell=True, stdout=PIPE,stderr=PIPE)
78 | (out, err) = std.communicate()
79 |
80 | colorprint("success", out)
81 |
82 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
83 |
84 | if __name__ == "__main__":
85 | volatility_iehistory()
--------------------------------------------------------------------------------
/imports/volatility_screenshot.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 | def volatility_screenshot():
27 |
28 | while True:
29 |
30 | check_call(["clear"])
31 | print (logo)
32 | colorprint("info","'volatility' will be used to create a screenshot(capable of illustrating window positions).")
33 |
34 | path = config_get('paths', 'path')
35 | if path == '':
36 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
37 | colorprint("fatal","\n\tPlease specify one to continue:\n")
38 |
39 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_screenshot"+Style.RESET_ALL+")\n-->")
40 |
41 | config_set('paths', 'path', path)
42 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
43 |
44 | colorprint("success", "\n[*] Using "+path+"\n")
45 |
46 | colorprint("warn","9-->Go back to the top menu")
47 | colorprint("fatal","0-->Quit")
48 |
49 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
50 |
51 | if choice == "9":
52 | return
53 | elif choice == "0":
54 | sys.exit()
55 | if choice == 'p':
56 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/ram_analysis/volatility_screenshot"+Style.RESET_ALL+")\n--> New path: ")
57 | config_set('paths', 'path', path)
58 | colorprint("success", "\n[*] Using "+path+"\n")
59 |
60 | colorprint("warn", "Please wait...")
61 |
62 | std = Popen("volatility -f " + path + " imageinfo | grep Suggested | cut -d ',' -f1 | cut -d ':' -f2", shell=True, stdout=PIPE,stderr=PIPE)
63 | (out, err) = std.communicate()
64 |
65 | if err.find("The requested file doesn't exist") != -1:
66 | colorprint("fatal" ,err)
67 |
68 | else:
69 | out = out.rstrip()
70 |
71 | if out.find("No") != -1:
72 | colorprint("warn", out)
73 | colorprint("fatal", "This file is not a RAM Dump file Restarting...")
74 |
75 | else:
76 | std = Popen("volatility -f " + path + " --profile" + out + " screenshot -D screenshots/", shell=True, stdout=PIPE,stderr=PIPE)
77 | (out, err) = std.communicate()
78 |
79 | colorprint("success", out)
80 |
81 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
82 |
83 | if __name__ == "__main__":
84 | volatility_screenshot()
--------------------------------------------------------------------------------
/imports/vigenere_decoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 |
17 | logo = ("""
18 | _ __ _____ ___ _ _ _ _ _ ____ ____
19 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
20 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
21 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
22 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
23 | """)
24 |
25 | # Vigenere Cipher (Polyalphabetic Substitution Cipher)
26 | # http://inventwithpython.com/hacking (BSD Licensed)
27 |
28 | def decode_vigenere(vigenere_msg, key, LETTERS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'):
29 | translated = []
30 | keyIndex = 0
31 | key = key.upper()
32 |
33 | for symbol in vigenere_msg:
34 | num = LETTERS.find(symbol.upper())
35 | if num != -1:
36 | num -= LETTERS.find(key[keyIndex])
37 |
38 | num %= len(LETTERS)
39 |
40 | if symbol.isupper():
41 | translated.append(LETTERS[num])
42 | elif symbol.islower():
43 | translated.append(LETTERS[num].lower())
44 |
45 | keyIndex += 1
46 | if keyIndex == len(key):
47 | keyIndex = 0
48 | else:
49 | translated.append(symbol)
50 |
51 | return ''.join(translated)
52 |
53 |
54 | def vigenere_decoder():
55 | check_call(["clear"])
56 | while True:
57 | print (logo)
58 | colorprint("info", "In here, you can decrypt messages encrypted with Vigenere.")
59 | colorprint("info", "Enter the cipher:.")
60 | colorprint("warn", "9-->Go back to the top menu")
61 | colorprint("fatal", "0-->Quit")
62 |
63 | vigenere_msg = raw_input(
64 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/vigenere_decoder" + Style.RESET_ALL + ")\n-->")
65 |
66 | if vigenere_msg == "9":
67 | return
68 | elif vigenere_msg == "0":
69 | sys.exit()
70 | else:
71 | colorprint("info", "Type the key:")
72 | key = raw_input(
73 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/vigenere_decoder" + Style.RESET_ALL + ")\n-->")
74 |
75 | colorprint("info", "Do you wanna specify a charset? Y/N")
76 | colorprint("warn", "'ABCDEFGHIJKLMNOPQRSTUVWXYZ' will be used as predefined charset.")
77 | choice = raw_input(
78 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/vigenere_decoder" + Style.RESET_ALL + ")\n-->")
79 | if choice == 'Y':
80 | colorprint("warn", "You can set a charset now:")
81 | LETTERS = raw_input(
82 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/vigenere_decoder" + Style.RESET_ALL + ")\n-->")
83 | text_msg = decode_vigenere(vigenere_msg, key, LETTERS)
84 |
85 | else:
86 | text_msg = decode_vigenere(vigenere_msg, key)
87 | colorprint("success","Your message decrypted.")
88 | print ("Plaintext:\n--> %s" %text_msg)
89 |
90 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
91 |
92 | if __name__ == "__main__":
93 | vigenere_decoder()
94 |
--------------------------------------------------------------------------------
/imports/morse_encoder.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 |
17 | logo = ("""
18 | _ __ _____ ___ _ _ _ _ _ ____ ____
19 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
20 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
21 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
22 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
23 | """)
24 |
25 | morse_table = {
26 | 'A': '.-', 'a': '.-',
27 | 'B': '-...', 'b': '-...',
28 | 'C': '-.-.', 'c': '-.-.',
29 | 'D': '-..', 'd': '-..',
30 | 'E': '.', 'e': '.',
31 | 'F': '..-.', 'f': '..-.',
32 | 'G': '--.', 'g': '--.',
33 | 'H': '....', 'h': '....',
34 | 'I': '..', 'i': '..',
35 | 'J': '.---', 'j': '.---',
36 | 'K': '-.-', 'k': '-.-',
37 | 'L': '.-..', 'l': '.-..',
38 | 'M': '--', 'm': '--',
39 | 'N': '-.', 'n': '-.',
40 | 'O': '---', 'o': '---',
41 | 'P': '.--.', 'p': '.--.',
42 | 'Q': '--.-', 'q': '--.-',
43 | 'R': '.-.', 'r': '.-.',
44 | 'S': '...', 's': '...',
45 | 'T': '-', 't': '-',
46 | 'U': '..-', 'u': '..-',
47 | 'V': '...-', 'v': '...-',
48 | 'W': '.--', 'w': '.--',
49 | 'X': '-..-', 'x': '-..-',
50 | 'Y': '-.--', 'y': '-.--',
51 | 'Z': '--..', 'z': '--..',
52 | '0': '-----', ',': '--..--',
53 | '1': '.----', '.': '.-.-.-',
54 | '2': '..---', '?': '..--..',
55 | '3': '...--', ';': '-.-.-.',
56 | '4': '....-', ':': '---...',
57 | '5': '.....', "'": '.----.',
58 | '6': '-....', '-': '-....-',
59 | '7': '--...', '(': '-.--.-',
60 | '8': '---..', ')': '-.--.-',
61 | '9': '----.', '_': '..--.-',
62 | ' ': '/',
63 | }
64 |
65 | def encode_morse(text_msg):
66 | morse_msg = ""
67 | for i in list(text_msg):
68 | morse_msg = morse_msg + morse_table[i] + " "
69 | return morse_msg
70 |
71 |
72 | def morse_encoder():
73 | check_call(["clear"])
74 | while True:
75 | print (logo)
76 | colorprint("info", "In this section, you can convert messages to Morse code.")
77 | colorprint("info", "Enter the message:")
78 | colorprint("warn", "9-->Go back to the top menu")
79 | colorprint("fatal", "0-->Quit")
80 |
81 | text_msg = raw_input(
82 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/morse_encoder" + Style.RESET_ALL + ")\n-->")
83 |
84 | if text_msg == "9":
85 | return
86 | elif text_msg == "0":
87 | sys.exit()
88 | else:
89 | morse_msg = encode_morse(text_msg)
90 | colorprint("success", "Your message encoded.")
91 | print ("Message:\n--> %s" % morse_msg)
92 |
93 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
94 |
95 | if __name__ == "__main__":
96 | morse_encoder()
--------------------------------------------------------------------------------
/imports/bin_hex_dec_ascii.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys, re
4 | from subprocess import check_call
5 | from colorama import Fore, Style
6 |
7 | def colorprint(verbosity, text):
8 | if verbosity == "fatal":
9 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
10 | if verbosity == "warn":
11 | print(Fore.YELLOW + text + Style.RESET_ALL)
12 | if verbosity == "info":
13 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
14 | if verbosity == "success":
15 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
16 |
17 | logo = ("""
18 | _ __ _____ ___ _ _ _ _ _ ____ ____
19 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
20 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
21 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
22 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
23 | """)
24 |
25 |
26 | def hex_to_ascii(number):
27 | ascii = bytearray.fromhex(number).decode()
28 | return ascii
29 | def bin_to_ascii(number):
30 | return "".join([chr(int(number[i:i + 8], 2)) for i in range(0, len(number), 8)])
31 | def dec_to_ascii(number):
32 | ascii = re.sub('1?..', lambda m: chr(int(m.group())), number)
33 | return ascii
34 | def hex_to_dec(number):
35 | dec = int(number, 16)
36 | return str(dec)
37 | def dec_to_bin(number):
38 | return bin(int(number))[2:]
39 | def bin_to_dec(number):
40 | return int(number, 2)
41 | def bin_to_hex(number):
42 | return hex(int(number, 2))
43 | def dec_to_hex(number):
44 | return hex(int(number))
45 |
46 |
47 | def bin_hex_dec_ascii():
48 | check_call(["clear"])
49 | while True:
50 | print (logo)
51 |
52 | colorprint("info", "You can do convertion between decimal, hexadecimal, binary and ASCII in here.")
53 | colorprint("info", "1-->Hexadecimal to ASCII")
54 | colorprint("info", "2-->Binary to ASCII")
55 | colorprint("info", "3-->Decimal to ASCII")
56 | colorprint("info", "4-->Hexadecimal to Decimal")
57 | colorprint("info", "5-->Decimal to Binary")
58 | colorprint("info", "6-->Binary to Decimal")
59 | colorprint("info", "7-->Binary to Hexadecimal")
60 | colorprint("info", "8-->Decimal to Hexadecimal")
61 | colorprint("warn", "9-->Go back to the top menu")
62 | colorprint("fatal", "0-->Quit")
63 |
64 | choice = input(
65 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/bin_hex_dec_ascii" + Style.RESET_ALL + ")\n-->")
66 |
67 | if choice == 9:
68 | return
69 | elif choice == 0:
70 | sys.exit()
71 |
72 | colorprint("info", "Please enter the number.")
73 |
74 | number = raw_input(
75 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/crypto/bin_hex_dec_ascii" + Style.RESET_ALL + ")\n-->")
76 | number = number.replace(" ", "")
77 |
78 | if choice == 1:
79 | return_msg = hex_to_ascii(number)
80 | elif choice == 2:
81 | return_msg = bin_to_ascii(number)
82 | elif choice == 3:
83 | return_msg = dec_to_ascii(number)
84 | elif choice == 4:
85 | return_msg = hex_to_dec(number)
86 | elif choice == 5:
87 | return_msg = dec_to_bin(number)
88 | elif choice == 6:
89 | return_msg = bin_to_dec(number)
90 | elif choice == 7:
91 | return_msg = bin_to_hex(number)
92 | elif choice == 8:
93 | return_msg = dec_to_hex(number)
94 | else:
95 | colorprint("fatal", "Wrong input, please try again...")
96 | continue
97 |
98 | colorprint("success", "Conversion done.")
99 | print ("Output:\n--> %s" % return_msg)
100 |
101 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
102 |
103 | if __name__ == "__main__":
104 | bin_hex_dec_ascii()
105 |
--------------------------------------------------------------------------------
/imports/pdf_parser.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys,os
4 | import subprocess
5 | from colorama import Fore, Style
6 | from subprocess import Popen,PIPE
7 | from ini_edit import config_get, config_set
8 |
9 | def colorprint(verbosity, text):
10 | if verbosity == "fatal":
11 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
12 | if verbosity == "warn":
13 | print(Fore.YELLOW + text + Style.RESET_ALL)
14 | if verbosity == "info":
15 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
16 | if verbosity == "success":
17 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
18 |
19 | logo = ("""
20 | _ __ _____ ___ _ _ _ _ _ ____ ____
21 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
22 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
23 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
24 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
25 | """)
26 |
27 | def func(path):
28 | while True:
29 | os.system('clear')
30 | print (logo)
31 |
32 | colorprint("info", "1-->Information about PDF content")
33 | colorprint("info", "2-->Look for embedded file info")
34 | colorprint("warn", "9-->Go back to the top menu")
35 | colorprint("fatal","0-->Quit")
36 |
37 | choice = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/pdf_parser"+Style.RESET_ALL+")-->")
38 |
39 | if choice == "9":
40 | return
41 | elif choice == "0":
42 | sys.exit()
43 | elif choice == "1":
44 |
45 | std = Popen(["python imports/pdf-parser.py "+path+" | grep /ProcSet"], stdout=PIPE,stderr=PIPE,shell=True)
46 |
47 | (s_out,err) = std.communicate()
48 | if s_out:
49 | colorprint("success", s_out)
50 | if err:
51 | colorprint("fatal", err)
52 |
53 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
54 |
55 | elif choice == "2":
56 | std = Popen(["python imports/pdf-parser.py -s Embeddedfile --raw --filter "+path+" | grep PDF"], stdout=PIPE,stderr=PIPE,shell=True)
57 |
58 | (s_out,err) = std.communicate()
59 | if s_out:
60 | colorprint("success", s_out)
61 | elif err:
62 | colorprint("fatal", err)
63 | else:
64 | colorprint("warn", "\n\tEmbedded file not found.\n")
65 |
66 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
67 |
68 | def pdf_parser():
69 | while True:
70 | os.system('clear')
71 | print (logo)
72 |
73 | path = config_get('paths', 'path')
74 | if path == '':
75 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
76 | colorprint("fatal","\n\tPlease specify one to continue:\n")
77 |
78 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/find_file_ext"+Style.RESET_ALL+")\n-->")
79 |
80 | config_set('paths', 'path', path)
81 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
82 |
83 | colorprint("success", "\n[*] Using "+path+"\n")
84 |
85 | colorprint("warn", "9-->Go back to the top menu")
86 | colorprint("fatal","0-->Quit")
87 |
88 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
89 |
90 | if choice == "9":
91 | return
92 | elif choice == "0":
93 | sys.exit()
94 | if choice == 'p':
95 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_brute"+Style.RESET_ALL+")\n--> New path: ")
96 | config_set('paths', 'path', path)
97 | colorprint("success", "\n[*] Using "+path+"\n")
98 |
99 | std = Popen(["python", "imports/pdf-parser.py", path], stdout=PIPE,stderr=PIPE)
100 | (out,err) = std.communicate()
101 |
102 | if out.find("No such file or directory") == -1:
103 | func(path)
104 | else:
105 | colorprint("fatal", "There is no such file.\nRestarting...\n")
106 |
107 | if __name__ == "__main__":
108 | pdf_parser()
109 |
--------------------------------------------------------------------------------
/imports/binary_search.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys,time
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 |
27 | def binary_search():
28 |
29 | check_call(["clear"])
30 | while True:
31 | print (logo)
32 | colorprint("info", "The 'binwalk' tool will be used for binary searching.")
33 | colorprint("info", "If a file signature match is found in the search, it will be extracted with the 'foremost' tool.")
34 |
35 | path = config_get('paths', 'path')
36 | if path == '':
37 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
38 | colorprint("fatal","\n\tPlease specify one to continue:\n")
39 |
40 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/binary_search"+Style.RESET_ALL+")\n-->")
41 |
42 | config_set('paths', 'path', path)
43 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
44 |
45 | colorprint("success", "\n[*] Using "+path+"\n")
46 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
47 |
48 | if choice == 'p':
49 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/binary_search"+Style.RESET_ALL+")\n--> New path: ")
50 | config_set('paths', 'path', path)
51 | colorprint("success", "\n[*] Using "+path+"\n")
52 |
53 | std = Popen(["binwalk",path], stdout=PIPE,stderr=PIPE)
54 | (out,err) = std.communicate()
55 |
56 | if not err:
57 | print(out)
58 |
59 | print("Extract embedded files? Y/N\n")
60 | colorprint("warn", "9-->Go back to the top menu")
61 | colorprint("fatal", "0-->Quit")
62 |
63 | extract_choice = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/binary_search"+Style.RESET_ALL+")\n-->").lower()
64 |
65 | if extract_choice == "9":
66 | return
67 | elif extract_choice == "0":
68 | sys.exit()
69 | elif extract_choice == "y":
70 | while True:
71 | print("\nSpecify the output path:")
72 | colorprint("warn", "Abort -> 9")
73 | colorprint("fatal", "Quit -> 0")
74 |
75 | out_path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/binary_search"+Style.RESET_ALL+")\n--> Output path: ")
76 |
77 | if out_path == "9":
78 | return
79 | elif out_path == "0":
80 | sys.exit()
81 |
82 | std = Popen(["foremost",path,"-o",out_path], stdout=PIPE,stderr=PIPE)
83 | (out,err) = std.communicate()
84 |
85 | if out.find("ERROR") == -1:
86 | if out_path == '':
87 | colorprint("success", "Found files are written to the 'output/'\n")
88 | else:
89 | colorprint("success", "Found files are written to the " + out_path + ".\n")
90 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
91 | break
92 | else:
93 | colorprint("fatal", "The file already exists in the output path you specify, try another one.")
94 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
95 |
96 | else:
97 | colorprint("fatal", "No such file was found.\nResetting...\n")
98 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
99 |
100 | if __name__ == "__main__":
101 | binary_search()
102 |
103 |
104 |
--------------------------------------------------------------------------------
/imports/metadata_search.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen,PIPE,check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 | def strings_out(path):
27 | std = Popen(["strings",path], stdout=PIPE,stderr=PIPE)
28 | (out,err) = std.communicate()
29 | return out;
30 |
31 | def exiftool_out(path):
32 | std = Popen(["exiftool",path], stdout=PIPE,stderr=PIPE)
33 | (out,err) = std.communicate()
34 | return out;
35 |
36 | def searcher(path):
37 |
38 | print("Enter a keyword which may be found in the flag.")
39 | print("e.g : Strings/characters like 'CTF' or '_{' can be used to search for a 'CTF_{flag_is_here}' flag format.")
40 |
41 | flag_keyword = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/metadata_search"+Style.RESET_ALL+")\n-->")
42 |
43 | std = Popen("strings "+path+" | grep -i "+flag_keyword, stdout=PIPE,stderr=PIPE,shell=True)
44 | (s_out,err) = std.communicate()
45 |
46 | std = Popen("exiftool "+path+" | grep -i "+flag_keyword, stdout=PIPE,stderr=PIPE,shell=True)
47 | (e_out,err) = std.communicate()
48 |
49 | if s_out+e_out:
50 | colorprint("success", s_out+e_out)
51 | else:
52 | colorprint("fatal", "It seems there is no word like that in meta-data or strings output :(")
53 |
54 | def metadata_search():
55 |
56 | check_call(["clear"])
57 | while True:
58 | print (logo)
59 | colorprint("info", "'exiftool' and 'strings' will be used to search for a string you specify.")
60 |
61 | path = config_get('paths', 'path')
62 | if path == '':
63 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
64 | colorprint("fatal","\n\tPlease specify one to continue:\n")
65 |
66 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/metadata_search"+Style.RESET_ALL+")\n-->")
67 |
68 | config_set('paths', 'path', path)
69 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
70 |
71 |
72 | colorprint("success", "\n[*] Using "+path+"\n")
73 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
74 |
75 | if choice == 'p':
76 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_brute"+Style.RESET_ALL+")\n--> New path: ")
77 | config_set('paths', 'path', path)
78 | colorprint("success", "\n[*] Using "+path+"\n")
79 |
80 | std = Popen(["file",path], stdout=PIPE,stderr=PIPE)
81 | (out,err) = std.communicate()
82 | if out.find("No such file or directory") == -1:
83 |
84 | colorprint("info", "1-->Search for a specific keyword in 'exiftool' and 'strings' output")
85 | colorprint("info", "2-->Print meta-data information")
86 | colorprint("info", "3-->Print 'strings' output")
87 | colorprint("warn", "9-->Go back to the top menu")
88 | colorprint("fatal", "0-->Quit")
89 | choose = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/metadata_search"+Style.RESET_ALL+")\n-->").lower()
90 | if choose == "1":
91 | searcher(path)
92 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
93 | elif choose == "2":
94 | colorprint("warn", exiftool_out(path))
95 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
96 | elif choose == "3":
97 | colorprint("warn", strings_out(path))
98 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
99 | elif choose == "9":
100 | return
101 | elif choose == "0":
102 | sys.exit()
103 | else:
104 | colorprint("fatal", "Wrong input.\nResetting...\n")
105 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
106 | else:
107 | colorprint("fatal", "There is no such file.\nRestarting...\n")
108 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
109 | break
110 |
111 | if __name__ == "__main__":
112 | metadata_search()
113 |
114 |
115 |
--------------------------------------------------------------------------------
/imports/hash_extractor.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys, time
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 |
8 | def colorprint(verbosity, text):
9 | if verbosity == "fatal":
10 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
11 | if verbosity == "warn":
12 | print(Fore.YELLOW + text + Style.RESET_ALL)
13 | if verbosity == "info":
14 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
15 | if verbosity == "success":
16 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
17 |
18 | logo = ("""
19 | _ __ _____ ___ _ _ _ _ _ ____ ____
20 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
21 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
22 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
23 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
24 | """)
25 |
26 | def rar2john(rar_path):
27 |
28 | colorprint("info", "Waiting for output path...")
29 | hashtxt_path = raw_input(
30 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_extractor/rar2john" + Style.RESET_ALL + ")\n-->")
31 |
32 | with open(hashtxt_path, 'w') as out:
33 | std = Popen(["./john_files/rar2john", rar_path], stdout=out, stderr=PIPE)
34 | (out, err) = std.communicate()
35 | if err.find("No such file or directory") != -1:
36 | colorprint("fatal", "No such file or directory!")
37 | elif err:
38 | colorprint("fatal", err)
39 | else:
40 | colorprint("success", "\nHash is written to the " + hashtxt_path + ".\n")
41 |
42 |
43 | def zip2john(zip_path):
44 |
45 | colorprint("info", "Waiting for output path...")
46 | hashtxt_path = raw_input(
47 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_extractor/zip2john" + Style.RESET_ALL + ")\n-->")
48 |
49 | with open(hashtxt_path, 'w') as out:
50 | std = Popen(["./john_files/zip2john", zip_path], stdout=out, stderr=PIPE)
51 | (out, err) = std.communicate()
52 | if err.find("No such file or directory") != -1:
53 | colorprint("fatal", "No such file or directory!")
54 | elif err:
55 | colorprint("fatal", err)
56 | else:
57 | colorprint("success", "\nHash is written to the " + hashtxt_path + ".\n")
58 |
59 |
60 | def truecrypt2john(truecrypt_path):
61 |
62 | colorprint("info", "Waiting for output path...")
63 | hashtxt_path = raw_input(
64 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_extractor/truecrypt2john" + Style.RESET_ALL + ")\n-->")
65 |
66 | with open(hashtxt_path, 'w') as out:
67 | std = Popen(["./john_files/truecrypt2john", truecrypt_path], stdout=out, stderr=PIPE)
68 | (out, err) = std.communicate()
69 | if err.find("No such file or directory") != -1:
70 | colorprint("fatal", "No such file or directory!")
71 | elif err:
72 | colorprint("fatal", err)
73 | else:
74 | colorprint("success", "\nHash is written to the " + hashtxt_path + ".\n")
75 |
76 | def hash_extractor():
77 | check_call(["clear"])
78 | while True:
79 | print (logo)
80 |
81 | colorprint("info", "In this section, you can get hashed passwords out of ZIP, RAR and TrueCrypt files.")
82 | colorprint("info", "'JohntheRipper' utilities will be used to do this.")
83 |
84 | path = config_get('paths', 'path')
85 | if path == '':
86 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
87 | colorprint("fatal","\n\tPlease specify one to continue:\n")
88 |
89 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_extractor"+Style.RESET_ALL+")\n-->")
90 |
91 | config_set('paths', 'path', path)
92 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
93 |
94 | colorprint("success", "\n[*] Using "+path+"\n")
95 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
96 |
97 | if choice == 'p':
98 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_extractor"+Style.RESET_ALL+")\n--> New path: ")
99 | config_set('paths', 'path', path)
100 | colorprint("success", "\n[*] Using "+path+"\n")
101 |
102 | colorprint("info", "1-->RAR files")
103 | colorprint("info", "2-->ZIP archives")
104 | colorprint("info", "3-->TrueCrypt files")
105 | colorprint("warn", "9-->Go back to the top menu")
106 | colorprint("fatal", "0-->Quit")
107 |
108 | choice = raw_input(
109 | "Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_extractor" + Style.RESET_ALL + ")\n-->")
110 |
111 | if choice == "9":
112 | return
113 | elif choice == "0":
114 | sys.exit()
115 | elif choice == "1":
116 | rar2john(path)
117 | elif choice == "2":
118 | zip2john(path)
119 | elif choice == "3":
120 | truecrypt2john(path)
121 |
122 | colorprint("warn", "9-->Go back to the top menu")
123 | colorprint("fatal", "0-->Quit")
124 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
125 |
126 | if choice == "9":
127 | return
128 | elif choice == "0":
129 | sys.exit()
130 |
131 | if __name__ == "__main__":
132 | hash_extractor()
133 |
--------------------------------------------------------------------------------
/imports/hash_brute.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 | # -*- coding: utf-8 -*-
3 | import sys
4 | from subprocess import Popen, PIPE, check_call
5 | from colorama import Fore, Style
6 | from ini_edit import config_get, config_set
7 | import pexpect
8 | import time
9 |
10 | def colorprint(verbosity, text):
11 | if verbosity == "fatal":
12 | print(Style.BRIGHT + Fore.RED + text + Style.RESET_ALL)
13 | if verbosity == "warn":
14 | print(Fore.YELLOW + text + Style.RESET_ALL)
15 | if verbosity == "info":
16 | print(Style.DIM + Fore.WHITE + text + Style.RESET_ALL)
17 | if verbosity == "success":
18 | print(Style.BRIGHT + Fore.GREEN + text + Style.RESET_ALL)
19 |
20 | logo = ("""
21 | _ __ _____ ___ _ _ _ _ _ ____ ____
22 | / \ \ \/ /_ _/ _ \| \ | | / \ | | | |/ ___/ ___|
23 | / _ \ \ / | | | | | \| |_____ / _ \| | | | | | |
24 | / ___ \ / \ | | |_| | |\ |_____/ ___ \ |_| | |__| |___
25 | /_/ \_\/_/\_\___\___/|_| \_| /_/ \_\___/ \____\____|
26 | """)
27 |
28 | format_list = ("""
29 | des/bsdi/md5/bf/afs/lm/
30 | dynamic_n/bfegg/dmd5/dominosec/epi/hdaa/ipb2/krb4/
31 | krb5/mschapv2/mysql-fast/mysql/netlm/netlmv2/netntlm/
32 | netntlmv2/nethalflm/md5ns/nt/phps/po/xsha/crc32/
33 | hmac-md5/lotus5/md4-gen/mediawiki/mscash/mscash2/
34 | mskrb5/mssql/mssql05/mysql-sha1/nsldap/nt2/oracle11/
35 | oracle/phpass-md5/pix-md5/pkzip/raw-md4/raw-md5thick/
36 | raw-md5/raw-sha1/raw-sha/raw-md5u/salted-sha1/sapb/
37 | sapg/sha1-gen/raw-sha224/raw-sha256/raw-sha384/
38 | raw-sha512/xsha512/hmailserver/sybasease/crypt/trip/
39 | ssh/pdf/rar/zip/dummy
40 | """)
41 |
42 | def run_john(cmd):
43 | child = pexpect.spawn(str(cmd))
44 | child.expect('.+')
45 |
46 | if child.after.find("No pass") != -1:
47 | colorprint("fatal", child.after)
48 | return
49 | if child.after.find("No such") != -1:
50 | colorprint("fatal", child.after)
51 | return
52 |
53 | child.sendline('a')
54 | while True:
55 | child.expect('.+')
56 | child.sendline('a')
57 | if child.after.find("DONE") != -1:
58 | return
59 | else:
60 | colorprint("warn",child.after)
61 |
62 |
63 | def hash_brute():
64 | check_call(["clear"])
65 | while True:
66 | print (logo)
67 |
68 | colorprint("info", "Here, you can try to crack hashes with the wordlists you want.")
69 | colorprint("info", "'JohnTheRipper' will be used.")
70 | colorprint("info", "Also specified path will be used as text file containing the hash.")
71 |
72 | path = config_get('paths', 'path')
73 |
74 | if path == '':
75 | colorprint("fatal", "\n\tOh, it seems there is no path stored before :(")
76 | colorprint("fatal","\n\tPlease specify one to continue:\n")
77 |
78 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_brute"+Style.RESET_ALL+")\n-->")
79 |
80 | config_set('paths', 'path', path)
81 | colorprint("info", "\nWell, we'll store this path for next operations...\n")
82 |
83 | colorprint("success", "\n[*] Using "+path+"\n")
84 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue or 'p' to new path..." + Style.RESET_ALL).lower()
85 |
86 | if choice == 'p':
87 | path = raw_input("Axion TERMINAL("+Style.BRIGHT+Fore.CYAN+"/file_analysis/hash_brute"+Style.RESET_ALL+")\n--> New path: ")
88 | config_set('paths', 'path', path)
89 | colorprint("success", "\n[*] Using "+path+"\n")
90 |
91 | colorprint("info", "If you have a custom wordlist, please enter the path.")
92 | colorprint("warn", "Leave Empty-->Use default wordlist for JohnTheRipper.")
93 |
94 | wordlist_path = raw_input("Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_brute" + Style.RESET_ALL + ")-->")
95 |
96 | colorprint("info", "Do you want to enter a format parameter?")
97 | colorprint("warn", "1 -->List all formats for hashes.")
98 | colorprint("warn", "Leave Empty-->Use default format detected by John.")
99 |
100 | format = raw_input("Axion TERMINAL(" + Style.BRIGHT + Fore.CYAN + "/file_analysis/hash_brute" + Style.RESET_ALL + ")-->")
101 |
102 | if format == "1":
103 | colorprint("warn",format_list)
104 | raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
105 | continue
106 |
107 | if wordlist_path == "":
108 | if format == "":
109 | cmd = "./john_files/john " + path
110 | else:
111 | cmd = "./john_files/john " + path + " --format=" + format
112 | else:
113 | if format == "":
114 | cmd = "./john_files/john " + path + " --wordlist=" + wordlist_path
115 | else:
116 | cmd = "./john_files/john " + path + " --wordlist=" + wordlist_path + " --format=" + format
117 |
118 | run_john(cmd)
119 |
120 | std = Popen(["./john_files/john", "--show", path], stdout=PIPE, stderr=PIPE)
121 | (out, err) = std.communicate()
122 | if err:
123 | colorprint("fatal", err)
124 | if out:
125 | colorprint("success", out)
126 |
127 | colorprint("warn", "9-->Go back to the top menu")
128 | colorprint("fatal", "0-->Quit")
129 |
130 | choice = raw_input(Style.DIM + Fore.WHITE + "Press Enter to continue..." + Style.RESET_ALL)
131 |
132 | if choice == "9":
133 | return
134 | elif choice == "0":
135 | sys.exit()
136 |
137 | if __name__ == "__main__":
138 | hash_brute()
139 |
--------------------------------------------------------------------------------
/handbook_files/reverse/reverse.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
87 |
88 |
89 |
90 | CTF GUIDE
92 |What Is Reverse Engineering?
93 |Introduction
94 |Reverse Engineering (RE) is the process of discovering how different software and hardware technologies work.
95 |Nowadays, computer software and games are also cracked by Reverse Engineering tools.
96 |Under normal circumstances, software written in programming languages such as C, C ++ is cracked by tools called Disassembler. Disassembler translates the code into Assembler which is machine language. This process is called Reverse Code Engineering (RCE).
97 |What Is The Relation With CTFs?
98 |In order to solve the Rev questions which are asked as an important sub-question group in the CTFs, generally it is necessary to make the compiled code to source code using special tools. So we can find the Flags hidden in them.
99 |Useful Links and Resources
100 |-
101 |
- IDA pro - Disassembler which is the most used and which has many features 102 |
- GDB - GNU Debugger 103 |
- PEDA - GDB plugin. It adds new features to GDB. 104 |
- LiveOverflow - Reverse Engineering training 105 |
Sample Questions with Solutions
107 |There are many different kind of Reverse Engineering questions; however, we'll try to explain with a few examples.
108 |CanYouPwnME CTF REV100
109 |After seeing that the file is an executable file, using this command
110 | $ chmod +x rev100
111 | we set permission to run and run it.
114 |
It wants password information from us. Using Axion, we display its Metadata and examine strings output.
116 |
FLAG = BATLAMYUS
118 |CanYouPwnME CTF REV200
119 |Using Axion, we determine file's format,
120 |
After that we run it and we find out that the program expects an input from us and it gives results according to its correctness.
122 |
So far we have analyzed our program superficially and we have the following; the program wants a pincode from us and compares it to a value and tests the validity. Using GDB, we get a little deeper into the program. We run our program with the gdb rev200 command and put a breakpoint on the main function.
124 |
Then, we run it with the run command. Our expectation from our program is to make a comparison after it receives input from us. It calls the scanf function in the input section and compares the input with the correct value with cmp. After running it, we use the next command to examine one by one and get to the point where the scanf function is called.
126 |
After scanf is called, we see cmp eax, 0x58f *. Here we see that the value it wants from us is *0x58f, but it is hexadecimal. Converting hexadecimal to decimal reaches us the end 0x58f -> 1423.
128 |
FLAG = 1423
130 |The solutions of the above questions are benefited from buradan
131 |
