├── README.md ├── build.py ├── build.sh ├── commands ├── addgroup.src ├── addobject.src ├── adduser.src ├── addvar.src ├── aircrack.src ├── aireplay.src ├── airmon.src ├── apt-get.src ├── back.src ├── buffer.src ├── cat.src ├── chgrp.src ├── chmod.src ├── chown.src ├── clear.src ├── compile.src ├── corruptlogs.src ├── cp.src ├── crack.src ├── credits.src ├── deepscan.src ├── delgroup.src ├── dellib.src ├── deltarget.src ├── deluser.src ├── delvar.src ├── echo.src ├── exec.src ├── exit.src ├── exploit.src ├── exploitscan.src ├── findlib.src ├── fs.src ├── ftp.src ├── get.src ├── getlib.src ├── getviper.src ├── gpg.src ├── grab.src ├── groups.src ├── help.src ├── iwlist.src ├── jump.src ├── kill.src ├── libs.src ├── load_theme.src ├── loop.src ├── ls.src ├── md5.src ├── mkdir.src ├── msfconsole.src ├── msfvenom.src ├── mv.src ├── nmap.src ├── nslookup.src ├── passwd.src ├── ps.src ├── put.src ├── return.src ├── rm.src ├── saveSettings.src ├── scanlib.src ├── secure.src ├── sha256.src ├── shell.src ├── sniffer.src ├── ssh.src ├── sudo.src ├── targets.src ├── touch.src ├── use.src ├── uselib.src ├── vars.src ├── whois.src ├── wipe.src └── write.src ├── core_commands ├── list_files.src └── read_file.src ├── functions ├── ascii_print.src ├── buffer.src ├── delete_target.src ├── do_style.src ├── exploit_scan.src ├── import_libs.src ├── loadSettings.src ├── logic.src ├── nmap_scan.src ├── random_ip.src ├── router_check.src ├── show_help.src ├── show_targets.src ├── sortMap.src ├── ssh.src ├── tty.src └── userCheck.src ├── images ├── raw_image.src └── viper.img.src ├── libs ├── Escape.src ├── encryption.src ├── json.src ├── security.src └── sha256.src ├── main └── main.src ├── notes.md └── viper.src /README.md: -------------------------------------------------------------------------------- 1 | # greyhack-viper 2 | Grey Hack Viper tool 3 | -------------------------------------------------------------------------------- /build.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | main_path = os.path.dirname(os.path.abspath(__file__)) 4 | 5 | print(main_path) 6 | 7 | out_file = main_path+"//viper.src" 8 | 9 | paths = [ 10 | main_path+"//libs", 11 | main_path+"//functions", 12 | main_path+"//core_commands", 13 | main_path+"//commands", 14 | main_path+"//main" 15 | ] 16 | 17 | print('\x1b[32m'+"Building..."+'\x1b[0m') 18 | 19 | out = "" 20 | for path in paths: 21 | 22 | files = os.listdir(path) 23 | for file in files: 24 | 25 | with open(path+"//"+file, "r") as f: 26 | out += f.read()+"\n" 27 | 28 | with open(out_file, "w") as f: 29 | f.write(out) 30 | 31 | print('\x1b[32m'+"Done building!"+'\x1b[0m') 32 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | echo "Building..." 2 | 3 | echo "" > ./viper.src 4 | 5 | for i in $(ls ./libs); 6 | do 7 | cat ./libs/$i >> ./viper.src 8 | echo "" >> ./viper.src 9 | done 10 | 11 | for i in $(ls ./functions); 12 | do 13 | cat ./functions/$i >> ./viper.src 14 | echo "" >> ./viper.src 15 | done 16 | 17 | for i in $(ls ./core_commands); 18 | do 19 | cat ./core_commands/$i >> ./viper.src 20 | echo "" >> ./viper.src 21 | done 22 | 23 | for i in $(ls ./commands); 24 | do 25 | cat ./commands/$i >> ./viper.src 26 | echo "" >> ./viper.src 27 | done 28 | 29 | cat ./main/main.src >> ./viper.src 30 | 31 | echo "Done building!" 32 | -------------------------------------------------------------------------------- /commands/addgroup.src: -------------------------------------------------------------------------------- 1 | addgroup = {} 2 | addgroup.name = "addgroup" 3 | addgroup.args = "[USER] [GROUP]" 4 | addgroup.desc = "Adds a user to a group." 5 | addgroup.full_desc = "This command will add a user to a group where [USER] is the user and [GROUP] the group." 6 | addgroup.handler_types = ["start", "shell", "computer"] 7 | addgroup.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: groupadd 12 | 13 | user = args[0] 14 | group = args[1] 15 | 16 | output = object.create_group(user, group) 17 | if output == true then; print("Group " + group + " added to user " + user); return; end if 18 | if output then; print(output); return; end if 19 | print("Error: the group could not be created.") 20 | 21 | end function 22 | 23 | addgroup.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/addobject.src: -------------------------------------------------------------------------------- 1 | addobject = {} 2 | addobject.name = "addobject" 3 | addobject.args = "[N/A]" 4 | addobject.desc = "Adds the current session to targets." 5 | addobject.full_desc = "This command will add the current session to the target list." 6 | addobject.handler_types = ["start", "shell", "computer", "file"] 7 | addobject.run = function(object, args) 8 | 9 | main_session.objectList[main_session.objectList.len] = {"IP":main_session.pub_ip, "objectType":typeof(object), "object":object, "localIP":main_session.loc_ip, "user":main_session.current_user} 10 | 11 | end function 12 | 13 | addobject.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/adduser.src: -------------------------------------------------------------------------------- 1 | adduser = {} 2 | adduser.name = "adduser" 3 | adduser.args = "[USER] [PASS]" 4 | adduser.desc = "Adds a user to the computer." 5 | adduser.full_desc = "This command will add a user to the computer where [USER] is the user,\n and [PASSWORD] is the password for the user." 6 | adduser.handler_types = ["start", "shell", "computer"] 7 | adduser.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: useradd 12 | 13 | inputMsg = "Creating new user " + args[0] 14 | inputPass = args[1] 15 | 16 | print(inputMsg) 17 | 18 | output = object.create_user(args[0], inputPass) 19 | if output == true then; print("User created OK"); return; end if 20 | if output then; print(output); return; end if 21 | print("Error: the user could not be created.") 22 | 23 | end function 24 | 25 | adduser.show_help = function() 26 | show_help(self.name, self.args, self.full_desc, self.handler_types) 27 | end function -------------------------------------------------------------------------------- /commands/addvar.src: -------------------------------------------------------------------------------- 1 | addvar = {} 2 | addvar.name = "addvar" 3 | addvar.args = "[KEY] [VAL]" 4 | addvar.desc = "Adds a variable to the list of variables." 5 | addvar.full_desc = "This command will add a variable to the list of variabels where [KEY] is the name of the variable,\n and [VAL] is the value of the variable." 6 | addvar.handler_types = ["start", "shell", "computer", "file"] 7 | addvar.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | arguments = "" 11 | for argument in args[1:] 12 | arguments = arguments+argument+" " 13 | end for 14 | main_session.vars[args[0]] = arguments.trim() 15 | 16 | end function 17 | 18 | addvar.show_help = function() 19 | show_help(self.name, self.args, self.full_desc, self.handler_types) 20 | end function -------------------------------------------------------------------------------- /commands/aircrack.src: -------------------------------------------------------------------------------- 1 | crack_cap = {} 2 | crack_cap.name = "aircrack" 3 | crack_cap.args = "[PATH]" 4 | crack_cap.desc = "Cracks a file.cap file." 5 | crack_cap.full_desc = "This command will crack a file.cap file where [PATH] is the path to the file." 6 | crack_cap.handler_types = ["start", "shell", "computer", "file"] 7 | crack_cap.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | path = args[0] 11 | if not main_session.cryptoLib then; print("Error: Missing crypto library"); return; end if 12 | print(main_session.cryptoLib.aircrack(path)) 13 | 14 | end function 15 | 16 | crack_cap.show_help = function() 17 | show_help(self.name, self.args, self.full_desc, self.handler_types) 18 | end function -------------------------------------------------------------------------------- /commands/aireplay.src: -------------------------------------------------------------------------------- 1 | airkick = {} 2 | airkick.name = "aireplay" 3 | airkick.args = "[BSSID] [ESSID] [PWR]" 4 | airkick.desc = "Generates a file.cap file." 5 | airkick.full_desc = "This command will generate a file.cap file, where [BSSID] is the bssid of the network,\n where [ESSID] is the essid of the network,\n where [PWR] is the power of the network." 6 | airkick.handler_types = ["start", "shell", "computer", "file"] 7 | airkick.run = function(object, args) 8 | 9 | if not args or args.len < 3 then; self.show_help; return; end if 10 | //command: aireplay 11 | if not main_session.cryptoLib then; print("Error: Missing crypto library"); return; end if 12 | 13 | bssid = args[0] 14 | essid = args[1] 15 | pwr = args[2].to_int 16 | 17 | if typeof(pwr) != "number" then 18 | pwr = args[2].split("%")[0].to_int 19 | if typeof(pwr) != "number" then 20 | print("Invalid pwr.") 21 | return 22 | end if 23 | end if 24 | 25 | result = main_session.cryptoLib.aireplay(bssid, essid, 300000/pwr) 26 | if typeof(result) == "string" then print(result) 27 | 28 | end function 29 | 30 | airkick.show_help = function() 31 | show_help(self.name, self.args, self.full_desc, self.handler_types) 32 | end function -------------------------------------------------------------------------------- /commands/airmon.src: -------------------------------------------------------------------------------- 1 | airmonitor = {} 2 | airmonitor.name = "airmon" 3 | airmonitor.args = "[START/STOP] [NETDEVICE]" 4 | airmonitor.desc = "Puts network card into monitor mode." 5 | airmonitor.full_desc = "This command will put a network card into monitor mode,\n where [START/STOP] is whether to start or stop monitor mode,\n where [NETDEVICE] is the network card,\n provide no arguments to list available network cards." 6 | airmonitor.handler_types = ["start", "shell", "computer", "file"] 7 | airmonitor.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then object = object.host_computer 10 | //command: airmon 11 | if not args then 12 | print(char(10)+object.network_devices()) 13 | return 14 | end if 15 | if not args or args.len < 2 then; self.show_help; return; end if 16 | if not main_session.cryptoLib then; print("Error: Missing crypto library"); return; end if 17 | 18 | formatOutput = "Interface Chipset Monitor_Mode\n" 19 | if args.len == 0 then; print(format_columns(formatOutput + object.network_devices)); return; end if 20 | option = args[0] 21 | device = args[1] 22 | if option != "start" and option != "stop" then; self.show_help; return; end if 23 | 24 | output = main_session.cryptoLib.airmon(option, device) 25 | if not output then; print("airmon: " + device + " not found"); return; end if 26 | if typeof(output) == "string" then; print(output); return; end if 27 | print(format_columns(formatOutput + object.network_devices)) 28 | 29 | end function 30 | 31 | airmonitor.show_help = function() 32 | show_help(self.name, self.args, self.full_desc, self.handler_types) 33 | end function -------------------------------------------------------------------------------- /commands/apt-get.src: -------------------------------------------------------------------------------- 1 | aptget = {} 2 | aptget.name = "apt-get" 3 | aptget.args = "[N/A]" 4 | aptget.desc = "Apt client." 5 | aptget.full_desc = "This command will start the apt-get client." 6 | aptget.handler_types = ["start", "shell", "computer", "file"] 7 | aptget.run = function(object, args) 8 | 9 | //command: apt-get 10 | if not main_session.aptclientLib then 11 | print("aptclient.so not found!") 12 | return 13 | end if 14 | 15 | PendingUpdating = function(folderPath) 16 | pendingUpdate = [] 17 | targetFolder = object.host_computer.File(folderPath) 18 | if targetFolder != null then 19 | files = targetFolder.get_files 20 | for itemFile in files 21 | output = main_session.aptclientLib.check_upgrade(itemFile.path) 22 | if output == true then 23 | pendingUpdate.push(itemFile.name) 24 | end if 25 | end for 26 | end if 27 | return pendingUpdate 28 | end function 29 | 30 | if not args or args.len == 0 or args.len > 3 then; print(command_info("apt-get_usage")); return; end if 31 | action = args[0] 32 | if action == "update" then 33 | print("Updating package lists...") 34 | output = main_session.aptclientLib.update 35 | if output then print(output) 36 | 37 | else if action == "install" then 38 | print("Reading package lists...") 39 | if args.len != 2 then; print(command_info("apt-get_usage")); return; end if 40 | print("Downloading " + args[1]) 41 | output = main_session.aptclientLib.install(args[1]) 42 | if output == true then; print(args[1] + " installed"); return; end if 43 | print(output) 44 | 45 | else if action == "search" then 46 | if args.len != 2 then; print(command_info("apt-get_usage")); return; end if 47 | print(main_session.aptclientLib.search(args[1])) 48 | 49 | else if action == "show" then 50 | if args.len != 2 then; print(command_info("apt-get_usage")); return; end if 51 | print(main_session.aptclientLib.show(args[1])) 52 | 53 | else if action == "addrepo" then 54 | if args.len < 2 or args.len > 3 then; print(command_info("apt-get_usage")); return; end if 55 | port = 1542 56 | if args.len == 3 then port = args[2] 57 | output = main_session.aptclientLib.add_repo(args[1]) 58 | if output then; print(output); return; end if 59 | print("Repository " + args[1] + " added succesfully.\nLaunch apt with the update option to apply the changes") 60 | 61 | else if action == "delrepo" then 62 | if args.len != 2 then; print(command_info("apt-get_usage")); return; end if 63 | output = main_session.aptclientLib.del_repo(args[1]) 64 | if output then; print(output); return; end if 65 | print("Repository " + args[1] + " removed succesfully.\nLaunch apt with the update option to apply the changes") 66 | 67 | else if action == "upgrade" then 68 | print("Reading package lists...") 69 | //upgrade all packages 70 | if args.len == 1 then 71 | pendingPackages = PendingUpdating("/lib") + PendingUpdating("/bin") 72 | if pendingPackages.len == 0 then; print("No updates needed"); return; end if 73 | print("The following packages will be updated:") 74 | pkgs = "" 75 | for itemPackage in pendingPackages 76 | pkgs = pkgs + " " + itemPackage 77 | end for 78 | print(pkgs) 79 | option = user_input("\nDo you want to continue?(y/n): ") 80 | if option == "y" or option == "yes" then 81 | counter = 0 82 | for itemPackage in pendingPackages 83 | output = main_session.aptclientLib.install(itemPackage) 84 | if output == true then 85 | counter = counter + 1 86 | else if output then 87 | print(output) 88 | end if 89 | end for 90 | print(counter + " packages updated") 91 | else 92 | print("aborted") 93 | return 94 | end if 95 | 96 | //upgrade specific package 97 | else if args.len == 2 then 98 | output = main_session.aptclientLib.check_upgrade(args[1]) 99 | if not output then; print("No updates needed"); return; end if 100 | if output == true then 101 | print("The following package will be updated:\nargs[1]") 102 | option = user_input("\nDo you want to continue?(y/n): ") 103 | if option == "y" or option == "yes" then 104 | output = main_session.aptclientLib.install(args[1]) 105 | if output == true then; print(args[1] + " installed."); return; end if 106 | print(output) 107 | else 108 | print("aborted") 109 | return 110 | end if 111 | else 112 | print(output) 113 | end if 114 | end if 115 | 116 | else 117 | print(command_info("apt-get_usage")) 118 | end if 119 | 120 | end function 121 | 122 | aptget.show_help = function() 123 | show_help(self.name, self.args, self.full_desc, self.handler_types) 124 | end function -------------------------------------------------------------------------------- /commands/back.src: -------------------------------------------------------------------------------- 1 | back = {} 2 | back.name = "back" 3 | back.args = "[N/A]" 4 | back.desc = "Backs out to the previous session." 5 | back.full_desc = "This command will back out to the previous session." 6 | back.handler_types = ["start", "shell", "computer", "file"] 7 | back.run = function(object, args) 8 | 9 | sessions = main_session.sessionList 10 | if sessions.len then 11 | main_session.object = sessions[-1].object 12 | main_session.handlerType = sessions[-1].objectType 13 | main_session.pub_ip = sessions[-1].IP 14 | main_session.loc_ip = sessions[-1].localIP 15 | main_session.current_user = sessions[-1].user 16 | main_session.sessionList = sessions[:-1] 17 | print("Going back to the previous position.") 18 | return 19 | end if 20 | main_session.object = get_shell 21 | main_session.handlerType = "start" 22 | main_session.pub_ip = get_shell.host_computer.public_ip 23 | if params.indexOf("-a") != null or params.indexOf("--anonymous") != null then main_session.pub_ip = "HIDDEN" 24 | main_session.loc_ip = get_shell.host_computer.local_ip 25 | main_session.current_user = active_user 26 | print("Back at starting point.") 27 | 28 | end function 29 | 30 | back.show_help = function() 31 | show_help(self.name, self.args, self.full_desc, self.handler_types) 32 | end function -------------------------------------------------------------------------------- /commands/buffer.src: -------------------------------------------------------------------------------- 1 | buffer = {} 2 | buffer.name = "buffer" 3 | buffer.args = "(LEN/ALL)" 4 | buffer.desc = "Shows used commands." 5 | buffer.full_desc = "This command will show the last used commands,\n where (LEN/ALL) is a number of how many commands to show,\n or ""ALL"" to list all commands inside the buffer." 6 | buffer.handler_types = ["start", "shell", "computer", "file"] 7 | buffer.run = function(object, args) 8 | 9 | listBuffer(args) 10 | 11 | end function 12 | 13 | buffer.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/cat.src: -------------------------------------------------------------------------------- 1 | cat = {} 2 | cat.name = "cat" 3 | cat.args = "[PATH]" 4 | cat.desc = "Prints the contents of a file." 5 | cat.full_desc = "This command will prints the contents of a file,\n where [PATH] is the path to the file." 6 | cat.handler_types = ["start", "shell", "computer", "file"] 7 | cat.run = function(object, args) 8 | 9 | read_file(object, args) 10 | 11 | end function 12 | 13 | cat.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/chgrp.src: -------------------------------------------------------------------------------- 1 | chgrp = {} 2 | chgrp.name = "chgrp" 3 | chgrp.args = "(-R) [GROUP] [PATH]" 4 | chgrp.desc = "Changes the group of a file or directory." 5 | chgrp.full_desc = "This command will change the group of a file or directory where (-R) is recursion,\n where [GROUP] is the new group of the file or directory,\n where [PATH] is the path of the file or directory." 6 | chgrp.handler_types = ["start", "shell", "computer", "file"] 7 | chgrp.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | //command: chgrp 13 | 14 | group = args[0] 15 | pathFile = args[1] 16 | isRecursive = 0 17 | 18 | if args.len == 3 then 19 | group = args[1] 20 | pathFile = args[2] 21 | isRecursive = 1 22 | end if 23 | 24 | file = findFile(object, pathFile) 25 | if file == null then; print("chgrp: can't find " + pathFile); return; end if 26 | output = file.set_group(group, isRecursive) 27 | if output then print(output) 28 | 29 | end function 30 | 31 | chgrp.show_help = function() 32 | show_help(self.name, self.args, self.full_desc, self.handler_types) 33 | end function -------------------------------------------------------------------------------- /commands/chmod.src: -------------------------------------------------------------------------------- 1 | chmodFile = {} 2 | chmodFile.name = "chmod" 3 | chmodFile.args = "(-R) [PERMS] [PATH]" 4 | chmodFile.desc = "Chmods a file or directory." 5 | chmodFile.full_desc = "This command will chmod a file or directory where (-R) is recursion,\n where [PARMS] are the permissions of the file,\n where [PATH] is the path to the file or directory." 6 | chmodFile.handler_types = ["start", "shell", "computer", "file"] 7 | chmodFile.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | //command: chmod 13 | permissions = args[0] 14 | pathFile = args[1] 15 | isRecursive = 0 16 | 17 | if args.len == 3 then 18 | permissions = args[1] 19 | pathFile = args[2] 20 | isRecursive = 1 21 | end if 22 | 23 | file = findFile(object, pathFile) 24 | if file == null then; print("chmod: can't find " + pathFile); return; end if 25 | output = file.chmod(permissions, isRecursive) 26 | if output then print(output) 27 | 28 | end function 29 | 30 | chmodFile.show_help = function() 31 | show_help(self.name, self.args, self.full_desc, self.handler_types) 32 | end function -------------------------------------------------------------------------------- /commands/chown.src: -------------------------------------------------------------------------------- 1 | chown = {} 2 | chown.name = "chown" 3 | chown.args = "(-R) [OWNER] [PATH]" 4 | chown.desc = "Changes the owner of a file or directory." 5 | chown.full_desc = "This command will change the owner of a file or directory where (-R) is recursion,\n where [OWNER] is the new owner of the file or directory,\n where [PATH] is the path to the file or directory." 6 | chown.handler_types = ["start", "shell", "computer", "file"] 7 | chown.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | //command: chown 13 | owner = args[0] 14 | pathFile = args[1] 15 | isRecursive = 0 16 | 17 | if args.len == 3 then 18 | owner = args[1] 19 | pathFile = args[2] 20 | isRecursive = 1 21 | end if 22 | 23 | file = findFile(object, pathFile) 24 | if file == null then; print("chown: can't find " + pathFile); return; end if 25 | output = file.set_owner(owner, isRecursive) 26 | if output then print(output) 27 | 28 | end function 29 | 30 | chown.show_help = function() 31 | show_help(self.name, self.args, self.full_desc, self.handler_types) 32 | end function -------------------------------------------------------------------------------- /commands/clear.src: -------------------------------------------------------------------------------- 1 | clear = {} 2 | clear.name = "clear" 3 | clear.args = "[N/A]" 4 | clear.desc = "Clears the screen." 5 | clear.full_desc = "This command will clear the screen." 6 | clear.handler_types = ["start", "shell", "computer", "file"] 7 | clear.run = function(object, args) 8 | 9 | ascii_print() 10 | 11 | end function 12 | 13 | clear.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/compile.src: -------------------------------------------------------------------------------- 1 | compile = {} 2 | compile.name = "compile" 3 | compile.args = "[SRCPATH] [DESTPATH]" 4 | compile.desc = "Compiles a program from source." 5 | compile.full_desc = "This command will compile a program from source where [SRCPATH] is the path to the sourcecode,\n and [DESTPATH] the path of the compiled program." 6 | compile.handler_types = ["start", "shell"] 7 | compile.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | //command: compile 11 | pathSource = args[0] 12 | programPath = args[1] 13 | 14 | shell = object 15 | computer = shell.host_computer 16 | fileSource = computer.File(pathSource) 17 | folderDest = computer.File(programPath) 18 | 19 | if fileSource == null then; print("compile: can't find "+ pathSource); return; end if 20 | if folderDest == null then; print("compile: can't find " + programPath); return; end if 21 | 22 | output = shell.build(fileSource.path, folderDest.path) 23 | if output.len == 0 then 24 | print("compiled successfully.") 25 | else 26 | print(output); 27 | end if 28 | 29 | end function 30 | 31 | compile.show_help = function() 32 | show_help(self.name, self.args, self.full_desc, self.handler_types) 33 | end function -------------------------------------------------------------------------------- /commands/corruptlogs.src: -------------------------------------------------------------------------------- 1 | corruptlogs = {} 2 | corruptlogs.name = "corruptlogs" 3 | corruptlogs.args = "[N/A]" 4 | corruptlogs.desc = "Corrupts the logfile." 5 | corruptlogs.full_desc = "This command will currupt the logfile completely,\n and does not leave any log (not even disconnected!)." 6 | corruptlogs.handler_types = ["start", "shell", "computer", "file"] 7 | corruptlogs.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then fileObj = object.host_computer.File("/var") 10 | if typeof(object) == "computer" then fileObj = object.File("/var") 11 | if typeof(object) == "file" then fileObj = object 12 | if not findFile(fileObj, "/var/system.log") or not findFile(fileObj, "/var/system.log").has_permission("w") then 13 | no_perms = do_style("No permissions", "red", "static") 14 | print(no_perms) 15 | return 16 | end if 17 | if typeof(object) == "shell" then 18 | object = object.host_computer 19 | object.touch("/var", "system.bac") 20 | syslogbak = object.File("/var/system.bac") 21 | syslogbak.set_content("") 22 | 23 | syslog = object.File("/var/system.log") 24 | syslog.delete 25 | syslogbak.move("/var", "system.log") 26 | 27 | else if typeof(object) == "computer" then 28 | object.touch("/var", "system.bac") 29 | syslogbak = object.File("/var/system.bac") 30 | syslogbak.set_content("") 31 | 32 | syslog = object.File("/var/system.log") 33 | syslog.delete 34 | syslogbak.move("/var", "system.log") 35 | 36 | else if typeof(object) == "file" then 37 | fstab = findFile(object, "/etc/fstab") 38 | fstab.copy("/var", "system.bac") 39 | 40 | syslogbak = findFile(object, "/var/system.bac") 41 | syslogbak.set_content("") 42 | 43 | syslog = findFile(object, "/var/system.log") 44 | syslog.delete 45 | syslogbak.move("/var", "system.log") 46 | end if 47 | cleared = do_style("Logs are corrupted!", "green", "static") 48 | print(cleared) 49 | 50 | end function 51 | 52 | corruptlogs.show_help = function() 53 | show_help(self.name, self.args, self.full_desc, self.handler_types) 54 | end function -------------------------------------------------------------------------------- /commands/cp.src: -------------------------------------------------------------------------------- 1 | cp = {} 2 | cp.name = "cp" 3 | cp.args = "[PATH] [DESTPATH]" 4 | cp.desc = "Copies a file or directory." 5 | cp.full_desc = "This command will copy a file or directory where [PATH] is the path of the file or directory and,\n [DESTPATH] the path where the file or directory should be copied to." 6 | cp.handler_types = ["start", "shell", "computer", "file"] 7 | cp.run = function(object, args) 8 | 9 | if args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | //command: cp 13 | origFile = args[0] 14 | destFolder = args[1] 15 | file = findFile(object, origFile) 16 | folder = findFile(object, destFolder) 17 | if not file then; print("cp: can't find " + origFile); return; end if 18 | if not parent_path(destFolder) then; print("cp: can't find " + parent_path(destFolder)); return; end if 19 | newName = "" 20 | if not folder then 21 | //Check if the user wants to put a new name. 22 | pathParent = parent_path(destFolder) 23 | if pathParent == destFolder then 24 | newName = destFolder 25 | destFolder = file.parent.path 26 | output = file.copy(destFolder, newName) 27 | if output and output != 1 then print(output) 28 | exit 29 | end if 30 | folder = findFile(object, pathParent) 31 | newName = destFolder[destFolder.len - (destFolder.len - pathParent.len):] 32 | if newName[0] == "/" then 33 | newName = newName[1:] 34 | end if 35 | if not folder then; print("cp: can't copy file. " + parent_path(destFolder) + " doesn't exist."); return; end if 36 | end if 37 | if folder then 38 | //Check if is trying to copy the file on itself. Ignored. 39 | if parent_path(file.path) != parent_path(folder.path) or file.name != folder.name then 40 | finalDest = folder.path 41 | if(newName.len == 0) then 42 | newName = file.name 43 | end if 44 | if not folder.is_folder then 45 | finalDest = parent_path(file.path) 46 | newName = folder.name 47 | end if 48 | output = file.copy(finalDest, newName) 49 | if output and output != 1 then print(output) 50 | end if 51 | end if 52 | 53 | end function 54 | 55 | cp.show_help = function() 56 | show_help(self.name, self.args, self.full_desc, self.handler_types) 57 | end function -------------------------------------------------------------------------------- /commands/crack.src: -------------------------------------------------------------------------------- 1 | crack = {} 2 | crack.name = "crack" 3 | crack.args = "[HASH]" 4 | crack.desc = "Cracks an MD5 hash." 5 | crack.full_desc = "This command will crack an MD5 hash, where [HASH] is the hash without user." 6 | crack.handler_types = ["start", "shell", "computer", "file"] 7 | crack.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | //command: decipher 11 | if not main_session.cryptoLib then; print("Error: Missing crypto library"); return; end if 12 | 13 | GetPassword = function(userPass) 14 | password = main_session.cryptoLib.decipher(userPass) 15 | return password 16 | end function 17 | 18 | password = GetPassword(args[0]) 19 | 20 | if not password then 21 | print("Can't find password") 22 | return 23 | end if 24 | print("password found! => " + password) 25 | 26 | end function 27 | 28 | crack.show_help = function() 29 | show_help(self.name, self.args, self.full_desc, self.handler_types) 30 | end function -------------------------------------------------------------------------------- /commands/credits.src: -------------------------------------------------------------------------------- 1 | credits = {} 2 | credits.name = "credits" 3 | credits.args = "[N/A]" 4 | credits.desc = "Shows everyone that helped with Viper." 5 | credits.full_desc = "This command will show everyone that helped with Viper." 6 | credits.handler_types = ["start", "shell", "computer", "file"] 7 | credits.run = function(object, args) 8 | 9 | string = char(10) 10 | string = string+"Maintainer: Volk"+char(10) 11 | string = string+"Viper is created by Volk."+char(10) 12 | string = string+"My special thanks go to Eraser,"+char(10) 13 | string = string+"for helping me refactor Viper into a more effecient program."+char(10) 14 | print(string) 15 | 16 | end function 17 | 18 | credits.show_help = function() 19 | show_help(self.name, self.args, self.full_desc, self.handler_types) 20 | end function 21 | -------------------------------------------------------------------------------- /commands/deepscan.src: -------------------------------------------------------------------------------- 1 | deepscan = {} 2 | deepscan.name = "deepscan" 3 | deepscan.args = "[IP]" 4 | deepscan.desc = "Scans every IP behind a router." 5 | deepscan.full_desc = "This command will scan every IP behind a router where [IP] is the IP,\n when used inside the network it will scan all IP's inside the network." 6 | deepscan.handler_types = ["start", "shell", "computer", "file"] 7 | deepscan.run = function(object, args) 8 | 9 | if not args or not args.len then; self.show_help; return; end if 10 | if args.len == 1 then 11 | ip = args[0] 12 | if not is_valid_ip(ip) then; print("IP "+ip+" not found!"); return; end if 13 | router = get_router(ip) 14 | if not router then; print(do_style("IP is not a router or public IP!", "red", "static")); return; end if 15 | print(" ") 16 | print(do_style(router.local_ip, "text").replace("\.",do_style(".", "title"))) 17 | ipscan(ip, []) 18 | print(" ") 19 | return 20 | else if args.len >= 2 then 21 | fileObject = object.host_computer.File("/var") 22 | file = findFile(fileObject, args[1]) 23 | if file then 24 | object.launch(args[1], args[0]+" deepscan") 25 | return 26 | end if 27 | print("Jump file does not exist!") 28 | return 29 | end if 30 | 31 | end function 32 | 33 | deepscan.show_help = function() 34 | show_help(self.name, self.args, self.full_desc, self.handler_types) 35 | end function -------------------------------------------------------------------------------- /commands/delgroup.src: -------------------------------------------------------------------------------- 1 | delgroup = {} 2 | delgroup.name = "delgroup" 3 | delgroup.args = "[USER] [GROUP]" 4 | delgroup.desc = "Removes a user from a group." 5 | delgroup.full_desc = "This command will remove a user to a group where [USER] is the user and [GROUP] the group." 6 | delgroup.handler_types = ["start", "shell", "computer"] 7 | delgroup.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: groupdel 12 | 13 | user = args[0] 14 | group = args[1] 15 | 16 | output = object.create_group(user, group) 17 | if output == true then; print("Group " + group + " deleted from user " + user); return; end if 18 | if output then; print(output); return; end if 19 | print("Error: the group could not be deleted.") 20 | 21 | end function 22 | 23 | delgroup.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/dellib.src: -------------------------------------------------------------------------------- 1 | dellib = {} 2 | dellib.name = "dellib" 3 | dellib.args = "[INDEX]" 4 | dellib.desc = "Deletes a library from the library list." 5 | dellib.full_desc = "This command will delete a library from the library list where [INDEX] is the library." 6 | dellib.handler_types = ["start", "shell", "computer", "file"] 7 | dellib.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | for index in args 11 | if index.split("-").len == 2 then 12 | for object in range(index.split("-")[0].to_int, index.split("-")[1].to_int) 13 | main_session.libList.remove(object) 14 | end for 15 | continue 16 | end if 17 | main_session.libList.remove(index.to_int) 18 | end for 19 | globals.main_session.libList = sortMap(main_session.libList) 20 | 21 | end function 22 | 23 | dellib.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/deltarget.src: -------------------------------------------------------------------------------- 1 | deltarget = {} 2 | deltarget.name = "deltarget" 3 | deltarget.args = "[INDEX]" 4 | deltarget.desc = "Deletes a target from the targets list." 5 | deltarget.full_desc = "This command will delete target from the targets list, where [INDEX] is the index of the target." 6 | deltarget.handler_types = ["start", "shell", "computer", "file"] 7 | deltarget.run = function(object, args) 8 | 9 | if not args then 10 | self.show_help() 11 | return 12 | end if 13 | 14 | if args[0].lower() == "all" then args = ["0-1000"] 15 | delete_target("objectList", args) 16 | 17 | end function 18 | 19 | deltarget.show_help = function() 20 | show_help(self.name, self.args, self.full_desc, self.handler_types) 21 | end function -------------------------------------------------------------------------------- /commands/deluser.src: -------------------------------------------------------------------------------- 1 | deluser = {} 2 | deluser.name = "deluser" 3 | deluser.args = "[USER]" 4 | deluser.desc = "Deletes a user from the computer." 5 | deluser.full_desc = "This command will delete a user from the computer where [USER] is the user." 6 | deluser.handler_types = ["start", "shell", "computer"] 7 | deluser.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: userdel 12 | 13 | output = object.delete_user(args[0], 0) 14 | if output == true then; print("user " + args[0] + " deleted."); return; end if 15 | if output then; print(output); return; end if 16 | print("Error: user not deleted.") 17 | 18 | end function 19 | 20 | deluser.show_help = function() 21 | show_help(self.name, self.args, self.full_desc, self.handler_types) 22 | end function -------------------------------------------------------------------------------- /commands/delvar.src: -------------------------------------------------------------------------------- 1 | delvar = {} 2 | delvar.name = "delvar" 3 | delvar.args = "[KEY]" 4 | delvar.desc = "Removes a variable to the list of variables." 5 | delvar.full_desc = "This command will remove a variable to the list of variabels where [KEY] is the name of the variable." 6 | delvar.handler_types = ["start", "shell", "computer", "file"] 7 | delvar.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | main_session.vars.remove(args[0]) 11 | 12 | end function 13 | 14 | delvar.show_help = function() 15 | show_help(self.name, self.args, self.full_desc, self.handler_types) 16 | end function -------------------------------------------------------------------------------- /commands/echo.src: -------------------------------------------------------------------------------- 1 | echo = {} 2 | echo.name = "echo" 3 | echo.args = "[STRING]" 4 | echo.desc = "Prints text to the screen." 5 | echo.full_desc = "This command will print text to the screen." 6 | echo.handler_types = ["start", "shell", "computer", "file"] 7 | echo.run = function(object, args) 8 | 9 | string = "" 10 | for word in args 11 | string = string+word+" " 12 | end for 13 | print(char(10)+string+char(10)) 14 | 15 | end function 16 | 17 | echo.show_help = function() 18 | show_help(self.name, self.args, self.full_desc, self.handler_types) 19 | end function -------------------------------------------------------------------------------- /commands/exec.src: -------------------------------------------------------------------------------- 1 | exec = {} 2 | exec.name = "exec" 3 | exec.args = "[PATH]" 4 | exec.desc = "Executes a program." 5 | exec.full_desc = "This command will execute a program where [PATH] is the path to the program." 6 | exec.handler_types = ["start", "shell"] 7 | exec.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | program = args[0] 11 | params = "" 12 | if args.len >= 2 then 13 | for arg in args[1:] 14 | if params == "" then 15 | params = arg 16 | continue 17 | end if 18 | params = params+" "+arg 19 | end for 20 | end if 21 | object.launch(program, params) 22 | 23 | end function 24 | 25 | exec.show_help = function() 26 | show_help(self.name, self.args, self.full_desc, self.handler_types) 27 | end function -------------------------------------------------------------------------------- /commands/exit.src: -------------------------------------------------------------------------------- 1 | do_exit = {} 2 | do_exit.name = "exit" 3 | do_exit.args = "[N/A]" 4 | do_exit.desc = "Exits Viper." 5 | do_exit.full_desc = "This command will exit Viper." 6 | do_exit.handler_types = ["start", "shell", "computer", "file"] 7 | do_exit.run = function(object, args) 8 | 9 | interop = get_custom_object() 10 | interop.viper = main_session.objectList 11 | interop.vlibs = main_session.libList 12 | main_session.exit = true 13 | 14 | end function 15 | 16 | do_exit.show_help = function() 17 | show_help(self.name, self.args, self.full_desc, self.handler_types) 18 | end function -------------------------------------------------------------------------------- /commands/exploit.src: -------------------------------------------------------------------------------- 1 | exploit = {} 2 | exploit.name = "exploit" 3 | exploit.args = "[IP/LIB] (PORT) [MEM] [VULN] (IP/PASS)" 4 | exploit.desc = "Exploits a target library or service." 5 | exploit.full_desc = "This command will exploit a target library or service,\n where [IP/LIB] is the IP or library to exploit,\n where (PORT) is the port of the service (not used when exploiting a library),\n where [MEM] is the memory address,\n where [VULN] is the vulnerable string,\n where (IP/PASS) is a local IP for a bounce exploit or PASS to inject a new password." 6 | exploit.handler_types = ["start", "shell", "computer", "file"] 7 | exploit.run = function(_, args) 8 | 9 | if not args or args.len < 3 then; show_help(self.name, self.args, self.full_desc, self.handler_types); return; end if 10 | usage = "Example: [IP/Library] [port] [memAddress] [vulnString] (IP/Password)" 11 | localIP = "unknown" 12 | 13 | if is_valid_ip(args[0]) and args.len > 3 then 14 | IP = args[0] 15 | PORT = args[1].to_int 16 | memAddress = args[2] 17 | vulnString = args[3] 18 | extra = "." 19 | if args.len >= 5 then 20 | extra = args[4] 21 | end if 22 | netSession = main_session.MetaxploitLib.net_use(IP, PORT) 23 | if not netSession then; print("Could not connect to port: "+PORT); return; end if 24 | object = netSession.dump_lib.overflow(memAddress, vulnString, extra) 25 | objectType = typeof(object) 26 | if not object then; print("Exploit not found!"); return; end if 27 | if objectType == "shell" then 28 | localIP = object.host_computer.local_ip 29 | IP = object.host_computer.public_ip 30 | user = userCheck(object.host_computer.File("/var")) 31 | else if objectType == "computer" then 32 | localIP = object.local_ip 33 | IP = object.public_ip 34 | user = userCheck(object.File("/var")) 35 | else if objectType == "file" then 36 | user = userCheck(object) 37 | router = get_router(IP) 38 | if router and not is_lan_ip(IP) then 39 | if PORT == 0 or PORT == 8080 then 40 | localIP = router.local_ip 41 | IP = router.public_ip 42 | else 43 | for port in router.used_ports 44 | if port.port_number == PORT then 45 | localIP = port.get_lan_ip 46 | break 47 | end if 48 | end for 49 | end if 50 | else if IP then 51 | localIP = IP 52 | ip = main_session.MetaxploitLibPublicIP 53 | else 54 | localIP = main_session.MetaxploitLibLocalIP 55 | ip = main_session.MetaxploitLibPublicIP 56 | end if 57 | end if 58 | else 59 | library = args[0] 60 | memAddress = args[1] 61 | vulnString = args[2] 62 | extra = "." 63 | if args.len >= 4 then 64 | extra = args[3] 65 | end if 66 | metalib = main_session.MetaxploitLib.load("/lib/"+library) 67 | if not metalib then; print("Could not load library: "+library); return; end if 68 | object = metalib.overflow(memAddress, vulnString, extra) 69 | objectType = typeof(object) 70 | if not object then; print("Exploit not found!"); return; end if 71 | if objectType == "shell" then 72 | IP = object.host_computer.public_ip 73 | localIP = object.host_computer.local_ip 74 | user = userCheck(object.host_computer.File("/var")) 75 | else if objectType == "computer" then 76 | IP = object.public_ip 77 | localIP = object.local_ip 78 | user = userCheck(object.File("/var")) 79 | else if objectType == "file" then 80 | IP = main_session.MetaxploitLibPublicIP 81 | localIP = main_session.MetaxploitLibLocalIP 82 | user = userCheck(object) 83 | end if 84 | end if 85 | if not object then 86 | print("Object not found!") 87 | return 88 | else if objectType == "string" then 89 | print(object) 90 | return 91 | else if objectType == "number" then 92 | return 93 | end if 94 | main_session.objectList[main_session.objectList.len] = {"IP":IP, "objectType":objectType, "object":object, "localIP":localIP, "user":user} 95 | 96 | end function 97 | 98 | exploit.show_help = function() 99 | show_help(self.name, self.args, self.full_desc, self.handler_types) 100 | end function -------------------------------------------------------------------------------- /commands/exploitscan.src: -------------------------------------------------------------------------------- 1 | exploitscan = {} 2 | exploitscan.name = "exploitscan" 3 | exploitscan.args = "[LIB/IP] [PORT] (PASS/LANIP)" 4 | exploitscan.desc = "This command will scan a library or IP for exploits." 5 | exploitscan.full_desc = "This command will scan a library or IP for exploits,\n where [LIB/IP] is a library or IP,\n where [PORT] is the port of a service to attack (this can be skipped when attacking a local library),\n where (PASS/LANIP) is a password to inject a new password,\n or local IP of any computer on the network for a bounce attack.\n it is possible to add a variable called ""lib"" with a library index, which will be used to scan from." 6 | exploitscan.handler_types = ["start", "shell", "computer", "file"] 7 | exploitscan.run = function(object, args) 8 | 9 | exploit_scan(main_session.handlerType, args) 10 | 11 | end function 12 | 13 | exploitscan.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/findlib.src: -------------------------------------------------------------------------------- 1 | findlib = {} 2 | findlib.name = "findlib" 3 | findlib.args = "[LIB] [VERSION]" 4 | findlib.desc = "Scans greyhack for a library." 5 | findlib.full_desc = "This command will scan greyhack for a library where [LIB] is the library,\n and [VERSION] is the version." 6 | findlib.handler_types = ["start", "shell", "computer", "file"] 7 | findlib.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if args[0] == "kernel_router" then 11 | count = 0 12 | start = time 13 | print(" ") 14 | print(do_style("Searching for library "+args[0]+" "+args[1]+"...", "text")) 15 | while true 16 | if get_shell.host_computer.show_procs.split("Map").len > 1 then 17 | break 18 | end if 19 | count = count+1 20 | ip = get_random_ip 21 | if not check_router(ip, args[1]) then continue 22 | print(" ") 23 | print(do_style("Library found!", "green", "static")) 24 | print("IP containing kernel_router.so "+args[1]+" found at ip: "+ip) 25 | print("Tried "+count+" times. Spent "+str(time - start)+" seconds.") 26 | print(" ") 27 | return 28 | wait(0.01) 29 | end while 30 | end if 31 | 32 | count = 0 33 | start = time 34 | print(" ") 35 | print(do_style("Searching for library "+args[0]+" "+args[1]+"...", "text")) 36 | while true 37 | if get_shell.host_computer.show_procs.split("Map").len > 1 then 38 | break 39 | end if 40 | count = count+1 41 | ip = get_random_ip 42 | router = get_router(ip) 43 | if not router then router = get_switch(ip) 44 | if not router then continue 45 | if not check_service(router, args[0], args[1]) then continue 46 | print(" ") 47 | print(do_style("Library found!", "green", "static")) 48 | print("IP containing service "+args[0]+" "+args[1]+" found at ip: "+ip) 49 | print("Tried "+count+" times. Spent "+str(time - start)+" seconds.") 50 | print(" ") 51 | return 52 | wait(0.01) 53 | end while 54 | 55 | end function 56 | 57 | findlib.show_help = function() 58 | show_help(self.name, self.args, self.full_desc, self.handler_types) 59 | end function -------------------------------------------------------------------------------- /commands/fs.src: -------------------------------------------------------------------------------- 1 | fs = {} 2 | fs.name = "fs" 3 | fs.args = "[N/A]" 4 | fs.desc = "Lists the whole filesystem." 5 | fs.full_desc = "This command will list the whole filesystem." 6 | fs.handler_types = ["start", "shell", "computer", "file"] 7 | fs.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 10 | if typeof(object) == "computer" then object = object.File("/var") 11 | FileSystem = {} 12 | FileSystem.listFiles = function(handle) 13 | tld = null 14 | if typeof(handle) == "file" then 15 | tld = FileSystem.file_get_tld(handle) 16 | else 17 | print("Handle not a file") 18 | return null 19 | end if 20 | FileSystem.print_contents(tld) 21 | end function 22 | FileSystem.check_permissions = function(file) 23 | if not file then 24 | print("File " + file + " does not exist") 25 | return null 26 | end if 27 | return file 28 | end function 29 | FileSystem.file_get_tld = function(handle) 30 | tld = FileSystem.check_permissions(handle.parent) 31 | while tld.path != "/" 32 | tld = FileSystem.check_permissions(tld.parent) 33 | end while 34 | return tld 35 | end function 36 | FileSystem.print_contents = function(file, indent=0, newLine) 37 | buffer = "―" * indent 38 | file_name = do_style(file.name, "text") 39 | if file.is_folder then 40 | file_name = do_style(file.path, "light_blue", "static") 41 | end if 42 | if file.has_permission("r") and file.has_permission("w") and file.has_permission("x") then 43 | line = newLine+do_style(buffer+"»"+file.permissions+" "+file.owner+" "+file.group+" "+file_name, "green", "static") 44 | else if file.has_permission("r") or file.has_permission("w") or file.has_permission("x") then 45 | line = newLine+do_style(buffer+"»"+file.permissions+" "+file.owner+" "+file.group+" "+file_name, "yellow", "static") 46 | else 47 | line = newLine+do_style(buffer+"»"+file.permissions+" "+file.owner+" "+file.group+" "+file_name, "red", "static") 48 | end if 49 | print(line) 50 | if file.is_folder then 51 | for sub_file in file.get_files 52 | newLine = "" 53 | FileSystem.print_contents(sub_file, indent+2, newLine) 54 | end for 55 | for folder in file.get_folders 56 | newLine = char(10) 57 | FileSystem.print_contents(folder, indent+2, newLine) 58 | end for 59 | end if 60 | end function 61 | print(" ") 62 | FileSystem.listFiles(object) 63 | print() 64 | 65 | end function 66 | 67 | fs.show_help = function() 68 | show_help(self.name, self.args, self.full_desc, self.handler_types) 69 | end function -------------------------------------------------------------------------------- /commands/ftp.src: -------------------------------------------------------------------------------- 1 | ftp = {} 2 | ftp.name = "ftp" 3 | ftp.args = "[USER@PASSWORD] [IP] (PORT)" 4 | ftp.desc = "Connects to a service using ftp." 5 | ftp.full_desc = "This command will connects to a server using ftp where [USER@PASSWORD] is the user and password,\n where [IP] is the IP of ther server,\n where (PORT) is an optional port." 6 | ftp.handler_types = ["start", "shell"] 7 | ftp.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | 11 | //Command: ssh 12 | credentials = args[0].split("@") 13 | user = credentials[0] 14 | password = credentials[1] 15 | 16 | port = 21 17 | // params is a list of strings, so you have to convert it to integer, which is what connect_service accepts. 18 | if args.len == 3 then port = args[2].to_int 19 | if typeof(port) != "number" then; print("Invalid port: " + port); return; end if 20 | print("Connecting...") 21 | 22 | remoteFtp = object.connect_service(args[1], port, user, password, "ftp") 23 | if typeof(remoteFtp) == "string" then; print(remoteFtp); return; end if 24 | if remoteFtp then 25 | print("Connected!") 26 | main_session.pub_ip = remoteShell.host_computer.public_ip 27 | main_session.handlerType = typeof(remoteShell) 28 | main_session.object = remoteShell 29 | main_session.loc_ip = remoteShell.host_computer.local_ip 30 | main_session.current_user = user 31 | else 32 | print("connection failed") 33 | end if 34 | 35 | end function 36 | 37 | ftp.show_help = function() 38 | show_help(self.name, self.args, self.full_desc, self.handler_types) 39 | end function -------------------------------------------------------------------------------- /commands/get.src: -------------------------------------------------------------------------------- 1 | shellGet = {} 2 | shellGet.name = "get" 3 | shellGet.args = "[REMPATH] [DESTPATH]" 4 | shellGet.desc = "Downloads a file." 5 | shellGet.full_desc = "This command will download a file where [REMPATH] is the path to the file or directory, and [DESTPATH] is the path to the directory to put the file." 6 | shellGet.handler_types = ["start", "shell"] 7 | shellGet.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then 11 | filePath = args[0] 12 | hostPath = args[1] 13 | if filePath == "" or hostPath == "" then; self.show_help; return; end if 14 | err = object.scp(filePath, hostPath, get_shell) 15 | else if typeof(object) == "ftpshell" then 16 | filePath = args[0] 17 | hostPath = args[1] 18 | err = object.put(filePath, hostPath, get_shell) 19 | end if 20 | 21 | end function 22 | 23 | shellGet.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/getlib.src: -------------------------------------------------------------------------------- 1 | getlib = {} 2 | getlib.name = "getlib" 3 | getlib.args = "[PATH] [JUMPFILE]" 4 | getlib.desc = "Imports a library." 5 | getlib.full_desc = "This command will import a library where [PATH] is the path to the library,\n and [JUMPFILE] is the path to the jumpfile." 6 | getlib.handler_types = ["start", "shell"] 7 | getlib.run = function(object, args) 8 | cargo = get_custom_object 9 | 10 | if main_session.handlerType == "start" then 11 | if not args or args.len < 1 then; self.show_help; return; end if 12 | newObject = include_lib(args[0]) 13 | 14 | if not newObject then; print("Unable to load library!"); return; end if 15 | 16 | if typeof(newObject) != "MetaxploitLib" and typeof(newObject) != "cryptoLib" and typeof(newObject) != "aptclientLib" then 17 | print("Library "+typeof(newObject)+" unable to load!") 18 | return 19 | end if 20 | 21 | libVersion = "unknown" 22 | if main_session.MetaxploitLibLocalIP+main_session.MetaxploitLibPublicIP == object.host_computer.local_ip+object.host_computer.public_ip then libVersion = main_session.MetaxploitLib.load(args[0]).version 23 | if typeof(newObject) == "MetaxploitLib" then 24 | libVersion = newObject.load(args[0]).version 25 | else 26 | for library in main_session.libList 27 | if typeof(library["value"].lib) == "MetaxploitLib" and library["value"].publicIP == object.host_computer.public_ip and library["value"].localIP == object.host_computer.local_ip then 28 | libVersion = library["value"].lib.load(args[0]).version 29 | end if 30 | end for 31 | end if 32 | 33 | main_session.libList[main_session.libList.len] = {"lib":newObject, "publicIP":object.host_computer.public_ip, "localIP":object.host_computer.local_ip, "version":libVersion, "used":0} 34 | print("Library "+typeof(newObject).lower.replace("lib","")+" imported!") 35 | return 36 | end if 37 | 38 | if not args or args.len < 2 then; self.show_help; return; end if 39 | fileObject = object.host_computer.File("/var") 40 | file = findFile(fileObject, args[1]) 41 | if file then 42 | clearInterface(cargo) 43 | object.launch(args[1], args[0]) 44 | if hasIndex(cargo, "glib") then 45 | 46 | if not verifyObject(@cargo.glib) then 47 | print("AV detected injection!") 48 | clearInterface(cargo) 49 | return 50 | end if 51 | 52 | newObject = cargo.glib 53 | clearInterface(cargo) 54 | else 55 | print("Jump file corrupted!") 56 | clearInterface(cargo) 57 | return 58 | end if 59 | 60 | if not newObject then; print("Unable to load library!"); return; end if 61 | 62 | if typeof(newObject) != "MetaxploitLib" and typeof(newObject) != "cryptoLib" and typeof(newObject) != "aptclientLib" then 63 | print("Library "+typeof(newObject)+" unable to load!") 64 | return 65 | end if 66 | 67 | libVersion = "unknown" 68 | if main_session.MetaxploitLibLocalIP+main_session.MetaxploitLibPublicIP == object.host_computer.local_ip+object.host_computer.public_ip then libVersion = main_session.MetaxploitLib.load(args[0]).version 69 | if typeof(newObject) == "MetaxploitLib" then 70 | libVersion = newObject.load(args[0]).version 71 | else 72 | for library in main_session.libList 73 | if typeof(library["value"].lib) == "MetaxploitLib" and library["value"].publicIP == object.host_computer.public_ip and library["value"].localIP == object.host_computer.local_ip then 74 | libVersion = library["value"].lib.load(args[0]).version 75 | end if 76 | end for 77 | end if 78 | 79 | main_session.libList[main_session.libList.len] = {"lib":newObject, "publicIP":object.host_computer.public_ip, "localIP":object.host_computer.local_ip, "version":libVersion, "used":0} 80 | print("Library "+typeof(newObject).lower.replace("lib","")+" imported!") 81 | return 82 | end if 83 | print("Jump file does not exist!") 84 | return 85 | 86 | end function 87 | 88 | getlib.show_help = function() 89 | show_help(self.name, self.args, self.full_desc, self.handler_types) 90 | end function -------------------------------------------------------------------------------- /commands/getviper.src: -------------------------------------------------------------------------------- 1 | getviper = {} 2 | getviper.name = "getviper" 3 | getviper.args = "[PATH] (ARGS)" 4 | getviper.desc = "Launches another instance of Viper." 5 | getviper.full_desc = "This command will launch another instance of Viper and will get the objects and imports from the other instance,\n where [PATH] is the path to the new instance of Viper,\n where (ARGS) is any optional arguments." 6 | getviper.handler_types = ["start", "shell"] 7 | getviper.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | argument = "" 11 | if args.len >= 2 then argument = args[1] 12 | viperPath = object.host_computer.File(args[0]) 13 | if not viperPath then; print("Viper not found!"); return; end if 14 | wait(1) 15 | cargo = get_custom_object 16 | clearInterface(cargo) 17 | object.launch(args[0], argument) 18 | if hasIndex(cargo, "viper") then 19 | for index in @cargo.viper 20 | 21 | if not verifyObject(@index.value.object) then // first verify index.value before index.value.object, make recusrive function to check all 22 | print("AV detected injection!") 23 | clearInterface(cargo) 24 | return 25 | end if 26 | 27 | main_session.objectList[main_session.objectList.len] = index.value 28 | end for 29 | print("Objects imported!") 30 | else 31 | print("Viper currupted!") 32 | end if 33 | 34 | if hasIndex(cargo, "vlibs") then 35 | for index in @cargo.vlibs 36 | 37 | if not verifyObject(@index.value.lib) then 38 | print("AV detected injection!") 39 | clearInterface(cargo) 40 | return 41 | end if 42 | 43 | index.value["used"] = 0 44 | main_session.libList[main_session.libList.len] = index.value 45 | end for 46 | print("Libraries imported!") 47 | else 48 | print("Viper currupted!") 49 | end if 50 | clearInterface(cargo) 51 | 52 | end function 53 | 54 | getviper.show_help = function() 55 | show_help(self.name, self.args, self.full_desc, self.handler_types) 56 | end function -------------------------------------------------------------------------------- /commands/gpg.src: -------------------------------------------------------------------------------- 1 | gpg = {} 2 | gpg.name = "gpg" 3 | gpg.args = "[-e/-d] [KEY] [PATH/STRING]" 4 | gpg.desc = "Encrypts/decrypts a string or file." 5 | gpg.full_desc = "This command will encrypt or decrypt a string or file where [-e/-d] is wether to encrypt or decrypt,\n where [KEY] is a 16 character long string,\n where [PATH/STRING] is the path to a file or string to encrypt/decrypt." 6 | gpg.handler_types = ["start", "shell", "computer", "file"] 7 | gpg.run = function(object, args) 8 | 9 | if not args or args.len < 3 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | if args[1].len != 16 then; print("Error: Key must be 16 characters long."); return; end if 13 | if args[0] == "-e" then type = "encrypt" 14 | if args[0] == "-d" then type = "decrypt" 15 | key = args[1] 16 | encString = args[2] 17 | file = findFile(object, args[2]) 18 | 19 | if file != null then 20 | encString = file.get_content 21 | end if 22 | 23 | r = AES128(type, key, encString) 24 | 25 | if typeof(r) == "null" then r = "Error" 26 | print("-----BEGIN GPG MESSAGE-----") 27 | print(r) 28 | print("-----END GPG MESSAGE-----") 29 | 30 | end function 31 | 32 | gpg.show_help = function() 33 | show_help(self.name, self.args, self.full_desc, self.handler_types) 34 | end function -------------------------------------------------------------------------------- /commands/grab.src: -------------------------------------------------------------------------------- 1 | grab = {} 2 | grab.name = "grab" 3 | grab.args = "[BANK/MAIL/ALL]" 4 | grab.desc = "Grabs all banks and emails." 5 | grab.full_desc = "This command will grab all banks and emails where [BANK/MAIL/ALL] is what to grab." 6 | grab.handler_types = ["start", "shell", "computer", "file"] 7 | grab.run = function(object, args) 8 | 9 | if not args or args.len != 1 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | 13 | home = findFile(object, "/home") 14 | 15 | if not home then 16 | print("/home does not exist!") 17 | return 18 | end if 19 | 20 | print(" ") 21 | for folder in home.get_folders 22 | if args[0].lower == "bank" or args[0].lower == "all" then 23 | for config in folder.get_folders 24 | for file in config.get_files 25 | if file.name == "Bank.txt" then print(file.get_content) 26 | end for 27 | end for 28 | end if 29 | if args[0].lower == "email" or args[0].lower == "mail" or args[0].lower == "all" then 30 | for config in folder.get_folders 31 | for file in config.get_files 32 | if file.name == "Mail.txt" then print(file.get_content) 33 | end for 34 | end for 35 | end if 36 | if args[0].lower != "bank" and args[0].lower != "mail" and args[0].lower != "email" and args[0].lower != "all" then 37 | self.show_help 38 | return 39 | end if 40 | end for 41 | print(" ") 42 | 43 | end function 44 | 45 | grab.show_help = function() 46 | show_help(self.name, self.args, self.full_desc, self.handler_types) 47 | end function -------------------------------------------------------------------------------- /commands/groups.src: -------------------------------------------------------------------------------- 1 | getGroups = {} 2 | getGroups.name = "groups" 3 | getGroups.args = "[USER]" 4 | getGroups.desc = "Shows the groups of a user." 5 | getGroups.full_desc = "This command will show all the groups a user is part of,\n where [USER] is the user." 6 | getGroups.handler_types = ["start", "shell", "computer"] 7 | getGroups.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: groups 12 | user = args[0] 13 | output = object.groups(user) 14 | if not output then; self.show_help; return; end if 15 | print(output) 16 | 17 | end function 18 | 19 | getGroups.show_help = function() 20 | show_help(self.name, self.args, self.full_desc, self.handler_types) 21 | end function -------------------------------------------------------------------------------- /commands/help.src: -------------------------------------------------------------------------------- 1 | help = {} 2 | help.name = "help" 3 | help.args = "[COMMAND]" 4 | help.desc = "Displays the help page." 5 | help.full_desc = "This command will display the help pages. \nWhere [COMMAND] is a command that you would like a detailed discription about." 6 | help.handler_types = ["start", "shell", "computer", "file"] 7 | help.run = function(object, args) 8 | 9 | if args and args[0] != "" then 10 | if commands.hasIndex(args[0]) then 11 | commands[args[0]].show_help 12 | return 13 | else 14 | print("Command: "+args[0]+" not found!") 15 | return 16 | end if 17 | else 18 | string = do_style("COMMAND", "title")+" "+do_style("ARGUMENTS", "title")+" "+do_style("DESCRIPTION", "title")+"\n"+do_style("-------", "text")+" "+do_style("---------", "text")+" "+do_style("-----------", "text")+"\n" 19 | for command in commands 20 | if command.value.handler_types.indexOf(main_session.handlerType) == null then 21 | string = string+do_style(command.value.name, "red", "static")+" "+do_style(command.value.args.replace(" ","|"), "red", "static")+" "+do_style(command.value.desc.replace(" ","|"), "text")+"\n" 22 | continue 23 | end if 24 | string = string+do_style(command.value.name, "arg")+" "+do_style(command.value.args.replace(" ","|"), "arg")+" "+do_style(command.value.desc.replace(" ","|"), "text")+"\n" 25 | end for 26 | 27 | print("\n"+format_columns(string).replace("\|"," ")+"\n") 28 | end if 29 | 30 | end function 31 | 32 | help.show_help = function() 33 | show_help(self.name, self.args, self.full_desc, self.handler_types) 34 | end function 35 | -------------------------------------------------------------------------------- /commands/iwlist.src: -------------------------------------------------------------------------------- 1 | iwlist = {} 2 | iwlist.name = "iwlist" 3 | iwlist.args = "[NETDEVICE]" 4 | iwlist.desc = "Shows available networks." 5 | iwlist.full_desc = "This command will show all available networks, where [NETDEVICE] is the network card." 6 | iwlist.handler_types = ["start", "shell", "computer"] 7 | iwlist.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: iwlist 12 | devices = object.network_devices 13 | if devices == null or devices.indexOf(args[0]) == null then; print("iwlist: Network device not found"); return; end if 14 | if args[0].indexOf("eth") != null then; print("iwlist: ethernet cards not supported for this command"); return; end if 15 | networks = object.wifi_networks(args[0]) 16 | 17 | info = "BSSID PWR ESSID" 18 | for network in networks 19 | info = info + "\n" + network 20 | end for 21 | print(format_columns(info)) 22 | 23 | end function 24 | 25 | iwlist.show_help = function() 26 | show_help(self.name, self.args, self.full_desc, self.handler_types) 27 | end function -------------------------------------------------------------------------------- /commands/jump.src: -------------------------------------------------------------------------------- 1 | jump = {} 2 | jump.name = "jump" 3 | jump.args = "[PATH] (NAME)" 4 | jump.desc = "Creates a jump file." 5 | jump.full_desc = "This command will create a jumpfile which is used in other commands.\n[PATH] is the directory the jumpfile should be created in,\n and (NAME) should be the name of the jumpfile." 6 | jump.handler_types = ["start", "shell"] 7 | jump.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | jumpName = "jumpfile" 11 | if args.len >= 2 then jumpName = args[1] 12 | pc = object.host_computer 13 | file = pc.File(args[0]) 14 | if not file or not file.is_folder or not file.has_permission("w") then; print("Error, check if folder exists and has write perms!"); return; end if 15 | 16 | maker = pc.touch(args[0], jumpName+".src") 17 | if typeof(maker) == "string" then; print(maker); return; end if 18 | file = pc.File(args[0]+"/"+jumpName+".src") 19 | write.run(object, ["interop = get_custom_object()"+char(10), ">", file.path]) 20 | write.run(object, ["user = ""user"""+char(10), ">>", file.path]) 21 | write.run(object, ["pass = ""pass"""+char(10), ">>", file.path]) 22 | write.run(object, ["if params.len >= 2 then"+char(10), ">>", file.path]) 23 | write.run(object, ["user = params[0]"+char(10), ">>", file.path]) 24 | write.run(object, ["pass = params[1]"+char(10), ">>", file.path]) 25 | write.run(object, ["else if params.len == 1 then"+char(10), ">>", file.path]) 26 | write.run(object, ["user = params[0]"+char(10), ">>", file.path]) 27 | write.run(object, ["end if"+char(10), ">>", file.path]) 28 | 29 | write.run(object, ["ipscan = function(ip, routers)"+char(10), ">>", file.path]) 30 | write.run(object, ["router = get_router(ip)"+char(10), ">>", file.path]) 31 | write.run(object, ["for localIP in router.devices_lan_ip"+char(10), ">>", file.path]) 32 | write.run(object, ["if routers.indexOf(localIP) != null then continue"+char(10), ">>", file.path]) 33 | write.run(object, ["print(""""+localIP)"+char(10), ">>", file.path]) 34 | write.run(object, ["routers.push(router.local_ip)"+char(10), ">>", file.path]) 35 | write.run(object, ["if get_router(localIP) then ipscan(localIP, routers)"+char(10), ">>", file.path]) 36 | write.run(object, ["end for"+char(10), ">>", file.path]) 37 | write.run(object, ["end function"+char(10), ">>", file.path]) 38 | 39 | write.run(object, ["if params.len >= 2 and pass == ""deepscan"" then"+char(10), ">>", file.path]) 40 | write.run(object, ["ip = user"+char(10), ">>", file.path]) 41 | write.run(object, ["if not is_valid_ip(ip) then; print(""IP ""+ip+"" not found!""); return; end if"+char(10), ">>", file.path]) 42 | write.run(object, ["print("" "")"+char(10), ">>", file.path]) 43 | write.run(object, ["print(""""+get_router(ip).local_ip)"+char(10), ">>", file.path]) 44 | write.run(object, ["ipscan(ip, [])"+char(10), ">>", file.path]) 45 | write.run(object, ["print("" "")"+char(10), ">>", file.path]) 46 | write.run(object, ["end if"+char(10), ">>", file.path]) 47 | 48 | 49 | write.run(object, ["interop.gshell = get_shell(user, pass)"+char(10), ">>", file.path]) 50 | write.run(object, ["interop.gcurrentUser = active_user"+char(10), ">>", file.path]) 51 | write.run(object, ["interop.glib = include_lib(user)"+char(10), ">>", file.path]) 52 | write.run(object, ["interop.gcryptTools = include_lib(user)"+char(10), ">>", file.path]) 53 | 54 | builder = object.build(file.path, args[0], false) 55 | if builder.len then; print(builder); return; end if 56 | //file.delete 57 | file.set_content("") 58 | // object.launch(args[0]+"/"+jumpName) 59 | // return get_custom_object.gcurrentUser 60 | 61 | //output that needs to be added in another function 62 | // print(get_custom_object.gshell) 63 | // print(get_custom_object.gcurrentUser) 64 | // print(get_custom_object.gmetaxploit) 65 | // print(get_custom_object.gcryptTools) 66 | 67 | end function 68 | 69 | jump.show_help = function() 70 | show_help(self.name, self.args, self.full_desc, self.handler_types) 71 | end function -------------------------------------------------------------------------------- /commands/kill.src: -------------------------------------------------------------------------------- 1 | kill = {} 2 | kill.name = "kill" 3 | kill.args = "[PID/ALL]" 4 | kill.desc = "Kills a process." 5 | kill.full_desc = "This command will kill a process where [PID] is the id of the process.\nMultiple process ids can be given or all for closing all." 6 | kill.handler_types = ["start", "shell", "computer"] 7 | kill.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | 12 | if args[0].lower == "all" then 13 | for proc in object.show_procs.split(char(10)) 14 | PID = proc.split(" ")[1].to_int 15 | output = object.close_program(PID) 16 | if output == true then 17 | print("Process " + PID + " closed") 18 | continue 19 | else if output then 20 | print(output) 21 | continue 22 | end if 23 | end for 24 | return 25 | end if 26 | 27 | for proc in args 28 | PID = proc.to_int 29 | if typeof(PID) != "number" then 30 | print("The PID must be a number\n" + self.show_help) 31 | continue 32 | end if 33 | 34 | output = object.close_program(PID) 35 | if output == true then 36 | print("Process " + PID + " closed") 37 | continue 38 | else if output then 39 | print(output) 40 | continue 41 | end if 42 | print("Process " + PID + " not found") 43 | end for 44 | 45 | end function 46 | 47 | kill.show_help = function() 48 | show_help(self.name, self.args, self.full_desc, self.handler_types) 49 | end function -------------------------------------------------------------------------------- /commands/libs.src: -------------------------------------------------------------------------------- 1 | libs = {} 2 | libs.name = "libs" 3 | libs.args = "[N/A]" 4 | libs.desc = "Shows all imported libraries." 5 | libs.full_desc = "This command will show all imported libraries." 6 | libs.handler_types = ["start", "shell", "computer", "file"] 7 | libs.run = function(object, args) 8 | 9 | info = do_style("INDEX"+" "+"LIBRARY"+" "+"PUBLICIP"+" "+"LOCALIP"+" "+"VERSION", "title")+"\n"+do_style("-----"+" "+"-------"+" "+"--------"+" "+"-------"+" "+"-------", "text") 10 | for index in main_session.libList 11 | line = do_style(index.key+" "+typeof(index["value"].lib).lower.replace("lib","")+" "+index["value"].publicIP+" "+index["value"].localIP+" "+index["value"].version, "text") 12 | if index["value"].used then line = do_style(index.key+" "+typeof(index["value"].lib).lower.replace("lib","")+" "+index["value"].publicIP+" "+index["value"].localIP+" "+index["value"].version, "green", "static") 13 | info = info+"\n"+line 14 | end for 15 | print("\n"+format_columns(info)+"\n") 16 | 17 | end function 18 | 19 | libs.show_help = function() 20 | show_help(self.name, self.args, self.full_desc, self.handler_types) 21 | end function -------------------------------------------------------------------------------- /commands/load_theme.src: -------------------------------------------------------------------------------- 1 | load_theme = {} 2 | load_theme.name = "load-theme" 3 | load_theme.args = "[N/A]" 4 | load_theme.desc = "Reloads theme." 5 | load_theme.full_desc = "This command will load the theme from the settings file." 6 | load_theme.handler_types = ["start", "shell", "computer", "file"] 7 | load_theme.run = function(_, _) 8 | 9 | loadSettings("theme") 10 | txt = do_style("Theme reloaded!", "green", "static") 11 | print(char(10)+txt+char(10)) 12 | 13 | end function 14 | 15 | load_theme.show_help = function() 16 | show_help(self.name, self.args, self.full_desc, self.handler_types) 17 | end function -------------------------------------------------------------------------------- /commands/loop.src: -------------------------------------------------------------------------------- 1 | loop = {} 2 | loop.name = "loop" 3 | loop.args = "[IP] [PORT] [MEM] [VULN] [IP/PASS]" 4 | loop.desc = "Loops over an exploit, open Map.exe to stop." 5 | loop.full_desc = "This command will loop over an exploit, where [IP] is the target IP,\n where [PORT] is the target port,\n where [MEM] is the memory address,\n where [VULN] is the vulnerable string,\n where [IP/PASS] is the IP for a bounce attack or a new password to inject." 6 | loop.handler_types = ["start", "shell", "computer", "file"] 7 | loop.run = function(object, args) 8 | 9 | if not args or args.len < 4 then; self.show_help; return; end if 10 | object = null 11 | IP = args[0] 12 | PORT = args[1].to_int 13 | memAddress = args[2] 14 | vulnString = args[3] 15 | extra = "." 16 | mapCheck = 1 17 | netSession = main_session.MetaxploitLib.net_use(IP, PORT) 18 | if args.len >= 5 then extra = args[4] 19 | while mapCheck < 2 and object == null 20 | mapCheck = get_shell.host_computer.show_procs.split("Map").len 21 | if not netSession then; print("Could not connect to port: "+PORT); return; end if 22 | object = netSession.dump_lib.overflow(memAddress, vulnString, extra) 23 | objectType = typeof(object) 24 | if objectType == "shell" then 25 | localIP = object.host_computer.local_ip 26 | user = userCheck(object.host_computer.File("/var")) 27 | else if objectType == "computer" then 28 | localIP = object.local_ip 29 | user = userCheck(object.File("/var")) 30 | else if objectType == "file" then 31 | user = userCheck(object) 32 | router = get_router(IP) 33 | if router and not is_lan_ip(IP) then 34 | if PORT == 0 or PORT == 8080 then 35 | localIP = router.local_ip 36 | ip = router.public_ip 37 | else 38 | for port in router.used_ports 39 | if port.port_number == PORT then 40 | localIP = port.get_lan_ip 41 | break 42 | end if 43 | end for 44 | end if 45 | else if IP then 46 | localIP = IP 47 | ip = main_session.MetaxploitLibPublicIP 48 | else 49 | localIP = main_session.MetaxploitLibLocalIP 50 | ip = main_session.MetaxploitLibPublicIP 51 | end if 52 | end if 53 | wait(0.01) 54 | end while 55 | if object == null or objectType == "number" then return 56 | main_session.objectList[main_session.objectList.len] = {"IP":IP, "objectType":objectType, "object":object, "localIP":localIP, "user":user} 57 | 58 | end function 59 | 60 | loop.show_help = function() 61 | show_help(self.name, self.args, self.full_desc, self.handler_types) 62 | end function -------------------------------------------------------------------------------- /commands/ls.src: -------------------------------------------------------------------------------- 1 | ls = {} 2 | ls.name = "ls" 3 | ls.args = "[PATH]" 4 | ls.desc = "Lists files inside a directory." 5 | ls.full_desc = "This command will list all the files inside a directory,\n where [PATH] is the path to the directory." 6 | ls.handler_types = ["start", "shell", "computer", "file"] 7 | ls.run = function(object, args) 8 | 9 | list_files(object, args) 10 | 11 | end function 12 | 13 | ls.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/md5.src: -------------------------------------------------------------------------------- 1 | md5_hash = {} 2 | md5_hash.name = "md5" 3 | md5_hash.args = "[STRING]" 4 | md5_hash.desc = "Hashes a string with the md5 hash algorithm." 5 | md5_hash.full_desc = "This command will hash a string with the md5 hash algorithm where [STRING] is the string to hash." 6 | md5_hash.handler_types = ["start", "shell", "computer", "file"] 7 | md5_hash.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | print(char(10)+md5(args[0])+char(10)) 11 | 12 | end function 13 | 14 | md5_hash.show_help = function() 15 | show_help(self.name, self.args, self.full_desc, self.handler_types) 16 | end function -------------------------------------------------------------------------------- /commands/mkdir.src: -------------------------------------------------------------------------------- 1 | mkdir = {} 2 | mkdir.name = "mkdir" 3 | mkdir.args = "[PATH]" 4 | mkdir.desc = "Creates a directory." 5 | mkdir.full_desc = "This command will create a directory where [PATH] is the path of the directory." 6 | mkdir.handler_types = ["start", "shell", "computer"] 7 | mkdir.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: mkdir 12 | for pathFile in args 13 | computer = object 14 | if pathFile == "" then 15 | self.show_help() 16 | return 17 | end if 18 | 19 | pathParent = parent_path(pathFile) 20 | existFile = computer.File(pathFile) 21 | if pathParent == pathFile then 22 | pathParent = current_path 23 | end if 24 | 25 | parent = computer.File(pathParent) 26 | if parent == null then 27 | print("mkdir: " + pathParent + " not found") 28 | else if existFile != null then 29 | print("mkdir: " + existFile.path + " file exists") 30 | else if not parent.has_permission("w") then 31 | print("mkdir: permission denied") 32 | else 33 | arrayPath = pathFile.split("/") 34 | output = computer.create_folder(parent.path, arrayPath[arrayPath.len - 1]) 35 | if output != null and output != 1 then 36 | print(output) 37 | end if 38 | end if 39 | end for 40 | 41 | end function 42 | 43 | mkdir.show_help = function() 44 | show_help(self.name, self.args, self.full_desc, self.handler_types) 45 | end function -------------------------------------------------------------------------------- /commands/msfconsole.src: -------------------------------------------------------------------------------- 1 | msfconsole = {} 2 | msfconsole.name = "msfconsole" 3 | msfconsole.args = "[N/A]" 4 | msfconsole.desc = "Starts a listiner for incomming rshells." 5 | msfconsole.full_desc = "This command will start an rshell listiner." 6 | msfconsole.handler_types = ["start", "shell", "computer", "file"] 7 | msfconsole.run = function(object, args) 8 | 9 | if not main_session.MetaxploitLib then 10 | print("metaxploit.so not found!") 11 | return 12 | end if 13 | 14 | getNetcatConnections() 15 | input = null 16 | while input != "exit" 17 | input = user_input("meterpreter > ") 18 | 19 | //main_session.netcatList 20 | if input.split(" ")[0] == "get" or input == "refresh" then 21 | getNetcatConnections() 22 | else if input.split(" ")[0] == "list" or input.split(" ")[0] == "sessions" then 23 | output = "\n" 24 | for netcatItem in main_session.netcatList 25 | // print(GREEN+"Shell ("+netcatItem.key+")") 26 | color = do_style(netcatItem.value["user"], "logo", "static") 27 | if netcatItem.value["user"] == "root" then color = do_style(netcatItem.value["user"], "logo", "static") 28 | // print(YELLOW+"User: "+color+netcatItem.value["user"]) 29 | // print(YELLOW+"Public IP: "+LIGHT_BLUE+netcatItem.value["IP"]) 30 | // print(YELLOW+"Local IP: "+ORANGE+netcatItem.value["localIP"]) 31 | output = output+do_style("("+netcatItem.key+")", "logo", "static")+do_style(" [*] ", "arg")+do_style(netcatItem.value["localIP"]+" Connected from "+netcatItem.value["IP"]+" as ", "logo", "static")+color+"\n" 32 | end for 33 | print(format_columns(output)) 34 | print(" ") 35 | else if input.split(" ")[0] == "use" then 36 | if input.split(" ").len() <= 1 then continue 37 | index = input.split(" ")[1].to_int 38 | if not main_session.netcatList.hasIndex(index) then 39 | print("Index not found!") 40 | else 41 | main_session.object = main_session.netcatList[index].object 42 | main_session.handlerType = typeof(main_session.netcatList[index].object) 43 | main_session.pub_ip = main_session.netcatList[index].IP 44 | main_session.loc_ip = main_session.netcatList[index].localIP 45 | main_session.current_user = main_session.netcatList[index].user 46 | break 47 | end if 48 | 49 | else if input.split(" ")[0] == "loop" or input.split(" ")[0] == "listen" or input.split(" ")[0] == "run" or input.split(" ")[0] == "start" then 50 | print("execute the map program to exit") 51 | print(do_style("Listining for connections on "+main_session.MetaxploitLibPublicIP+"...", "arg")+"\n") 52 | listLen = main_session.netcatList.len 53 | while true 54 | getNetcatConnections(false) 55 | if main_session.netcatList.len > listLen then 56 | listLen = main_session.netcatList.len 57 | line = do_style("[*] ", "arg")+do_style(main_session.netcatList[main_session.netcatList.len-1].localIP+" Connected from "+main_session.netcatList[main_session.netcatList.len-1].IP+" as "+main_session.netcatList[main_session.netcatList.len-1].user, "logo", "static") 58 | print(line) 59 | end if 60 | if get_shell.host_computer.show_procs.split("Map").len > 1 then 61 | break 62 | end if 63 | end while 64 | else if input.split(" ")[0] == "clear" then 65 | clear_screen 66 | else if input.split(" ")[0] == "help" then 67 | helpPage = { 68 | "help":{"arguments":"N/A", "description":"Displays the help page."}, 69 | "clear":{"arguments":"N/A", "description":"Clears the screen."}, 70 | "get/refresh":{"arguments":"N/A", "description":"Updates connected shells list."}, 71 | "list/sessions":{"arguments":"N/A", "description":"Shows a list of connected shells."}, 72 | "loop/listen/run/start":{"arguments":"N/A", "description":"Loop that updates connected shells list."}, 73 | "use":{"arguments":"[INDEX]", "description":"Uses an index from the list."}, 74 | "exit":{"arguments":"N/A", "description":"Exits the msfconsole."}, 75 | } 76 | str = do_style("COMMAND ARGUMENTS DESCRIPTION", "title")+"\n" 77 | str = str+do_style("------- --------- -----------", "text")+"\n" 78 | print(" ") 79 | for line in helpPage 80 | str = str+do_style(line.key+" "+line.value["arguments"]+" "+line.value["description"].replace(" ","|"), "text")+"\n" 81 | end for 82 | print(format_columns(str).replace("\|"," ")) 83 | print(" ") 84 | else if input != "exit" then 85 | print("Command "+input+" not found! Type help for help.") 86 | end if 87 | wait(0.01) 88 | end while 89 | 90 | end function 91 | 92 | msfconsole.show_help = function() 93 | show_help(self.name, self.args, self.full_desc, self.handler_types) 94 | end function -------------------------------------------------------------------------------- /commands/msfvenom.src: -------------------------------------------------------------------------------- 1 | msfvenom = {} 2 | msfvenom.name = "msfvenom" 3 | msfvenom.args = "[IP] [PORT] [PROC]" 4 | msfvenom.desc = "Starts a reverse shell." 5 | msfvenom.full_desc = "This command will start a reverse shell on the target,\n where [IP] is the IP of the rshell server,\n where [PORT] is the port of the rshell server,\n where [PROC] is the process's name." 6 | msfvenom.handler_types = ["start", "shell", "computer", "file"] 7 | msfvenom.run = function(object, args) 8 | 9 | if not args or args.len != 3 then; self.show_help; return; end if 10 | if not main_session.MetaxploitLib then 11 | print("metaxploit.so not found!") 12 | return 13 | end if 14 | 15 | ip = args[0] 16 | port = args[1].to_int 17 | procName = args[2] 18 | if typeof(port) != "number" then; self.show_help; return; end if 19 | 20 | main_session.MetaxploitLib.rshell_client(ip, port, procName) 21 | line1 = "\n"+"rshell started at "+main_session.MetaxploitLibPublicIP+" on "+main_session.MetaxploitLibLocalIP+" as "+procName+"\n" 22 | print(line1) 23 | print("Connected to server "+ip+" on port "+port) 24 | 25 | end function 26 | 27 | msfvenom.show_help = function() 28 | show_help(self.name, self.args, self.full_desc, self.handler_types) 29 | end function -------------------------------------------------------------------------------- /commands/mv.src: -------------------------------------------------------------------------------- 1 | mv = {} 2 | mv.name = "mv" 3 | mv.args = "[PATH] [DESTPATH]" 4 | mv.desc = "Moves a file or directory." 5 | mv.full_desc = "This command will move a file or directory where [PATH] is the path of the file or directory and,\n [DESTPATH] the path where the file or directory should be moved to." 6 | mv.handler_types = ["start", "shell", "computer", "file"] 7 | mv.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 10 | if typeof(object) == "computer" then object = object.File("/var") 11 | //command: mv 12 | if not args or args.len != 2 then 13 | self.show_help 14 | else 15 | origFile = args[0] 16 | destFolder = args[1] 17 | file = findFile(object, origFile) 18 | if file == null then 19 | print("mv: can't find " + origFile) 20 | else 21 | newName = "" 22 | folder = findFile(object, destFolder) 23 | if folder == null then 24 | //Check if the user wants to put a new name. 25 | pathParent = parent_path(destFolder) 26 | if pathParent == destFolder then 27 | newName = destFolder 28 | destFolder = file.parent.path 29 | file.move(destFolder, newName) 30 | else 31 | folder = findFile(object, pathParent) 32 | newName = destFolder[destFolder.len - (destFolder.len - pathParent.len):] 33 | if newName[0] == "/" then 34 | newName = newName[1:] 35 | file.move(pathParent, newName) 36 | end if 37 | if folder == null then 38 | print("mv: can't copy file. " + destFolder + " doesn't exist.") 39 | end if 40 | end if 41 | else if folder != null then 42 | //Check if is trying to copy the file on itself. Ignored. 43 | if parent_path(file.path) != parent_path(folder.path) or file.name != folder.name then 44 | finalDest = folder.path 45 | if(newName.len == 0) then 46 | newName = file.name 47 | end if 48 | if not folder.is_folder then 49 | finalDest = parent_path(file.path) 50 | newName = folder.name 51 | end if 52 | if parent_path(file.path) == parent_path(folder.path) and newName != file.name then 53 | file.rename(newName) 54 | else 55 | file.move(finalDest, newName) 56 | end if 57 | end if 58 | end if 59 | end if 60 | end if 61 | 62 | end function 63 | 64 | mv.show_help = function() 65 | show_help(self.name, self.args, self.full_desc, self.handler_types) 66 | end function -------------------------------------------------------------------------------- /commands/nmap.src: -------------------------------------------------------------------------------- 1 | nmap = {} 2 | nmap.name = "nmap" 3 | nmap.args = "[IP/RANDOM]" 4 | nmap.desc = "Scans a network for open ports." 5 | nmap.full_desc = "Scans a network for open ports where [IP/RANDOM] is the IP or a random IP to scan." 6 | nmap.handler_types = ["start", "shell", "computer", "file"] 7 | nmap.run = function(object, args) 8 | 9 | nmap_scan(args) 10 | 11 | end function 12 | 13 | nmap.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function 16 | -------------------------------------------------------------------------------- /commands/nslookup.src: -------------------------------------------------------------------------------- 1 | nsLookup = {} 2 | nsLookup.name = "nslookup" 3 | nsLookup.args = "[DOMAIN]" 4 | nsLookup.desc = "Returns the IP of a domain." 5 | nsLookup.full_desc = "This command will return the IP of a domain where [DOMAIN] is the domain." 6 | nsLookup.handler_types = ["start", "shell", "computer", "file"] 7 | nsLookup.run = function(object, args) 8 | 9 | if not args then; show_help("nslookup", self.args, self.full_desc, self.handler_types); return; end if 10 | nslookup_info = do_style("IP", "title")+do_style(": "+nslookup(args[0]), "text") 11 | print("\n"+nslookup_info+"\n") 12 | 13 | end function 14 | 15 | nsLookup.show_help = function() 16 | show_help(self.name, self.args, self.full_desc, self.handler_types) 17 | end function -------------------------------------------------------------------------------- /commands/passwd.src: -------------------------------------------------------------------------------- 1 | passwd = {} 2 | passwd.name = "passwd" 3 | passwd.args = "[USER] [PASSWORD]" 4 | passwd.desc = "Changes the password of a user." 5 | passwd.full_desc = "This command will change the password of a user where [USER] is the user,\n and [PASSWORD] is the new password." 6 | passwd.handler_types = ["start", "shell", "computer"] 7 | passwd.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: passwd 12 | 13 | inputMsg = "Changing password for user " + args[0] 14 | inputPass = args[1] 15 | 16 | print(inputMsg) 17 | output = object.change_password(args[0], inputPass) 18 | if output == true then; print("password modified OK"); return; end if 19 | if output then; print(output); return; end if 20 | print("Error: password not modified") 21 | 22 | end function 23 | 24 | passwd.show_help = function() 25 | show_help(self.name, self.args, self.full_desc, self.handler_types) 26 | end function -------------------------------------------------------------------------------- /commands/ps.src: -------------------------------------------------------------------------------- 1 | ps = {} 2 | ps.name = "ps" 3 | ps.args = "[N/A]" 4 | ps.desc = "Shows all running processes on a computer." 5 | ps.full_desc = "This command will show all running processes on a computer." 6 | ps.handler_types = ["start", "shell", "computer"] 7 | ps.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then object = object.host_computer 10 | info = "" 11 | procs = object.show_procs.split("\n") 12 | for proc in procs 13 | if proc == procs[0] then 14 | info=info+do_style(proc, "title")+char(10)+do_style("---- --- --- --- -------", "text")+char(10) 15 | continue 16 | end if 17 | info=info+do_style(proc, "text")+char(10) 18 | end for 19 | print(char(10)+format_columns(info)+char(10)) 20 | 21 | end function 22 | 23 | ps.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/put.src: -------------------------------------------------------------------------------- 1 | shellPut = {} 2 | shellPut.name = "put" 3 | shellPut.args = "[HOSTPATH] [DESPATH]" 4 | shellPut.desc = "Uploads a file." 5 | shellPut.full_desc = "This command will upload a file where [HOSTPATH] is the path to the file or directory, and [DESTPATH] is the path to the directory to put the file." 6 | shellPut.handler_types = ["start", "shell"] 7 | shellPut.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then 11 | hostPath = args[0] 12 | filePath = args[1] 13 | if filePath == "" or hostPath == "" then; self.show_help; return; end if 14 | err = get_shell.scp(hostPath, filePath, object) 15 | else if typeof(object) == "ftpshell" then 16 | filePath = args[0] 17 | hostPath = args[1] 18 | err = get_shell.put(hostPath, filePath, object) 19 | end if 20 | 21 | end function 22 | 23 | shellPut.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/return.src: -------------------------------------------------------------------------------- 1 | returnStart = {} 2 | returnStart.name = "return" 3 | returnStart.args = "[N/A]" 4 | returnStart.desc = "Returns to the starting point." 5 | returnStart.full_desc = "This command will return starting point." 6 | returnStart.handler_types = ["start", "shell", "computer", "file"] 7 | returnStart.run = function(object, _) 8 | 9 | main_session.object = get_shell 10 | main_session.handlerType = "start" 11 | main_session.pub_ip = get_shell.host_computer.public_ip 12 | main_session.loc_ip = get_shell.host_computer.local_ip 13 | main_session.current_user = active_user 14 | print("Back at starting point.") 15 | 16 | end function 17 | 18 | returnStart.show_help = function() 19 | show_help(self.name, self.args, self.full_desc, self.handler_types) 20 | end function -------------------------------------------------------------------------------- /commands/rm.src: -------------------------------------------------------------------------------- 1 | rm = {} 2 | rm.name = "rm" 3 | rm.args = "[PATH]" 4 | rm.desc = "Removes a file or directory." 5 | rm.full_desc = "This command will remove a file or directory where [PATH] is the path to the file or directory." 6 | rm.handler_types = ["start", "shell", "computer", "file"] 7 | rm.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | //command: rm 13 | isRecursive = 0 14 | if args[0] == "-r" then 15 | if args.len == 1 then; self.show_help; return; end if 16 | isRecursive = 1 17 | args = args[1:] 18 | end if 19 | for pathFile in args 20 | file = findFile(object, pathFile) 21 | if file == null then; print("rm: file not found: "+pathFile); return; end if 22 | if not file.has_permission("w") then; print("rm: permission denied"); return; end if 23 | 24 | if file.is_folder == 1 and isRecursive == 0 then 25 | print("rm: " + file.name + " is a directory") 26 | else 27 | output = file.delete 28 | if len(output) or output == null then print(output) 29 | end if 30 | end for 31 | 32 | end function 33 | 34 | rm.show_help = function() 35 | show_help(self.name, self.args, self.full_desc, self.handler_types) 36 | end function -------------------------------------------------------------------------------- /commands/saveSettings.src: -------------------------------------------------------------------------------- 1 | saveSettings = {} 2 | saveSettings.name = "save-settings" 3 | saveSettings.args = "[N/A]" 4 | saveSettings.desc = "Saves settings." 5 | saveSettings.full_desc = "This command will save all settings to the settings file." 6 | saveSettings.handler_types = ["start", "shell", "computer", "file"] 7 | saveSettings.run = function(_, _) 8 | 9 | configFile = get_shell.host_computer.File("/home/"+active_user+"/Config/Viper.conf") 10 | if active_user() == "root" then configFile = get_shell.host_computer.File("/root/Config/Viper.conf") 11 | if not configFile then return 12 | settings = {} 13 | settings.theme = user_session.theme 14 | settings.vars = main_session.vars 15 | configFile.set_content(toJSON(settings)) 16 | txt = do_style("Settings saved!", "green", "static") 17 | print(char(10)+txt+char(10)) 18 | 19 | end function 20 | 21 | saveSettings.show_help = function() 22 | show_help(self.name, self.args, self.full_desc, self.handler_types) 23 | end function -------------------------------------------------------------------------------- /commands/scanlib.src: -------------------------------------------------------------------------------- 1 | scanlib = {} 2 | scanlib.name = "scanlib" 3 | scanlib.args = "[PATH]" 4 | scanlib.desc = "Returns library version." 5 | scanlib.full_desc = "This command will return the version of a library,\n where [PATH] is the path to the library.\nIt's important to use the correct metaxploit.so." 6 | scanlib.handler_types = ["start", "shell", "computer", "file"] 7 | scanlib.run = function(object, args) 8 | 9 | if not args then; show_help(self.name, self.args, self.full_desc, self.handler_types); return; end if 10 | if not main_session.MetaxploitLib then; print("Metaxploit not found!"); return; end if 11 | 12 | lib = main_session.MetaxploitLib.load(args[0]) 13 | if not lib then; print("Unable to load library!"); return; end if 14 | libName = do_style("Name", "title")+do_style(": "+lib.lib_name, "text") 15 | libVersion = do_style("Version", "title")+do_style(": "+lib.version, "text") 16 | print(libName) 17 | print(libVersion) 18 | 19 | end function 20 | 21 | scanlib.show_help = function() 22 | show_help(self.name, self.args, self.full_desc, self.handler_types) 23 | end function -------------------------------------------------------------------------------- /commands/secure.src: -------------------------------------------------------------------------------- 1 | secure = {} 2 | secure.name = "secure" 3 | secure.args = "[-home/-server]" 4 | secure.desc = "Secures a pc or server." 5 | secure.full_desc = "This command will secure a pc or server where [-home/-server] is a homePC or server." 6 | secure.handler_types = ["start", "shell", "computer", "file"] 7 | secure.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | if userCheck(object) != "root" then; print("Root is required!"); return; end if 13 | 14 | print("If you are running this from your homePC, please use -home") 15 | if user_input("Continue? (y/n): ").lower != "y" then 16 | print("Aborted") 17 | return 18 | end if 19 | 20 | if args[0] == "-home" then 21 | rootFS = findFile(object, "/") 22 | rootFS.chmod("o-rwx", true) 23 | rootFS.chmod("g-rwx", true) 24 | rootFS.chmod("u-rwx", true) 25 | rootFS.set_group("root", true) 26 | rootFS.set_owner("root", true) 27 | 28 | whitelisted = [ 29 | "/bin/sudo", 30 | "/usr/bin/Terminal.exe", 31 | "/usr/bin/AdminMonitor.exe", 32 | "/usr/bin/ConfigLan.exe", 33 | "/usr/bin/Mail.exe", 34 | "/usr/bin/Browser.exe", 35 | "/usr/bin/Notepad.exe", 36 | "/usr/bin/Settings.exe", 37 | "/usr/bin/Manual.exe", 38 | "/usr/bin/Chat.exe", 39 | ] 40 | 41 | for program in whitelisted 42 | file = findFile(object, program) 43 | if file then file.chmod("g+x") 44 | end for 45 | else if args[0] == "-server" then 46 | rootFS = findFile(object, "/") 47 | rootFS.chmod("o-rwx", true) 48 | rootFS.chmod("g-rwx", true) 49 | rootFS.chmod("u-rwx", true) 50 | rootFS.set_group("root", true) 51 | rootFS.set_owner("root", true) 52 | else 53 | print("Invalid arguments!") 54 | return 55 | end if 56 | print("Filesystem secured!") 57 | 58 | end function 59 | 60 | secure.show_help = function() 61 | show_help(self.name, self.args, self.full_desc, self.handler_types) 62 | end function -------------------------------------------------------------------------------- /commands/sha256.src: -------------------------------------------------------------------------------- 1 | sha256 = {} 2 | sha256.name = "sha256" 3 | sha256.args = "[STRING]" 4 | sha256.desc = "Hashes a string with the sha256 algorithm." 5 | sha256.full_desc = "This command will use the sha256 algorithm to has a string where [STRING] is the string." 6 | sha256.handler_types = ["start", "shell", "computer", "file"] 7 | sha256.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | print(" ") 11 | sha256_hash(args) 12 | print(" ") 13 | 14 | end function 15 | 16 | sha256.show_help = function() 17 | show_help(self.name, self.args, self.full_desc, self.handler_types) 18 | end function -------------------------------------------------------------------------------- /commands/shell.src: -------------------------------------------------------------------------------- 1 | shell = {} 2 | shell.name = "shell" 3 | shell.args = "[N/A]" 4 | shell.desc = "Starts a shell, Viper will quit!!" 5 | shell.full_desc = "This command will start a shell, Viper will quit!!" 6 | shell.handler_types = ["start", "shell"] 7 | shell.run = function(object, args) 8 | 9 | object.start_terminal 10 | 11 | end function 12 | 13 | shell.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/sniffer.src: -------------------------------------------------------------------------------- 1 | sniff = {} 2 | sniff.name = "sniffer" 3 | sniff.args = "(-save)" 4 | sniff.desc = "Starts a sniffer." 5 | sniff.full_desc = "This command will start a sniffer where (-save) is wether or not to save the encode.src." 6 | sniff.handler_types = ["start", "shell", "computer", "file"] 7 | sniff.run = function(object, args) 8 | 9 | if not main_session.MetaxploitLib then; print("Error: Can't find metaxploit library."); return; end if 10 | print("Starting listen...\nWaiting to incoming data.") 11 | save = false 12 | if args and args[0] == "-save" then save = true 13 | output = main_session.MetaxploitLib.sniffer(save) 14 | if not output then; print("Unknown error: can't start to listening"); return; end if 15 | print(output) 16 | 17 | end function 18 | 19 | sniff.show_help = function() 20 | show_help(self.name, self.args, self.full_desc, self.handler_types) 21 | end function -------------------------------------------------------------------------------- /commands/ssh.src: -------------------------------------------------------------------------------- 1 | ssh = {} 2 | ssh.name = "ssh" 3 | ssh.args = "[USER@PASSWORD] [IP] (PORT)" 4 | ssh.desc = "Connects to a service using ssh." 5 | ssh.full_desc = "This command will connects to a server using ssh where [USER@PASSWORD] is the user and password,\n where [IP] is the IP of ther server,\n where (PORT) is an optional port." 6 | ssh.handler_types = ["start", "shell"] 7 | ssh.run = function(object, args) 8 | 9 | if not args or args.len < 2 then; self.show_help; return; end if 10 | 11 | //Command: ssh 12 | credentials = args[0].split("@") 13 | if credentials.len < 2 then; self.show_help; return; end if 14 | user = credentials[0] 15 | password = credentials[1] 16 | 17 | port = 22 18 | // params is a list of strings, so you have to convert it to integer, which is what connect_service accepts. 19 | if args.len == 3 then port = args[2].to_int 20 | if typeof(port) != "number" then; print("Invalid port: " + port); return; end if 21 | print("Connecting...") 22 | 23 | remoteShell = object.connect_service(args[1], port, user, password, "ssh") 24 | if typeof(remoteShell) != "shell" then; print("Could not connect!"); return; end if 25 | if remoteShell then 26 | print("Connected!") 27 | main_session.pub_ip = remoteShell.host_computer.public_ip 28 | main_session.handlerType = typeof(remoteShell) 29 | main_session.object = remoteShell 30 | main_session.loc_ip = remoteShell.host_computer.local_ip 31 | main_session.current_user = user 32 | {"IP":remoteShell.host_computer.public_ip, "objectType":typeof(remoteShell), "object":remoteShell, "localIP":remoteShell.host_computer.local_ip, "user":user} 33 | else 34 | print("connection failed") 35 | end if 36 | 37 | end function 38 | 39 | ssh.show_help = function() 40 | show_help(self.name, self.args, self.full_desc, self.handler_types) 41 | end function -------------------------------------------------------------------------------- /commands/sudo.src: -------------------------------------------------------------------------------- 1 | sudo = {} 2 | sudo.name = "sudo" 3 | sudo.args = "[USER] [PASS] (JUMPPATH)" 4 | sudo.desc = "Changes the shell to another user." 5 | sudo.full_desc = "This command will change the shell to another user where [USER] is the user,\n where [PASS] is the password,\n where (JUMPPATH) is the path to the jumpfile." 6 | sudo.handler_types = ["start", "shell"] 7 | sudo.run = function(object, args) 8 | 9 | if not args or args.len == 1 then; self.show_help; return; end if 10 | 11 | if main_session.handlerType == "start" and args.len >= 2 then 12 | newObject = get_shell(args[0], args[1]) 13 | if not newObject then return null 14 | main_session.pub_ip = newObject.host_computer.public_ip 15 | main_session.handlerType = "start" 16 | main_session.object = newObject 17 | main_session.loc_ip = newObject.host_computer.local_ip 18 | main_session.current_user = userCheck(newObject.host_computer.File("/var")) 19 | return 20 | else if main_session.handlerType == "shell" and args.len >= 3 then 21 | fileObject = object.host_computer.File("/var") 22 | file = findFile(fileObject, args[2]) 23 | if file then 24 | 25 | cargo = get_custom_object 26 | clearInterface(cargo) 27 | object.launch(args[2], args[0]+" "+args[1]) 28 | 29 | if not hasIndex(cargo, "gshell") then 30 | print("Jump file corrupted!") 31 | clearInterface(cargo) 32 | return 33 | end if 34 | 35 | if @cargo.gshell == null then 36 | print("Wrong password!") 37 | clearInterface(cargo) 38 | return 39 | end if 40 | 41 | if not host_computer(@cargo.gshell) then 42 | print("AV detected injection!") 43 | clearInterface(cargo) 44 | return 45 | end if 46 | 47 | newObject = cargo.gshell 48 | main_session.pub_ip = newObject.host_computer.public_ip 49 | main_session.handlerType = typeof(newObject) 50 | main_session.object = newObject 51 | main_session.loc_ip = newObject.host_computer.local_ip 52 | main_session.current_user = userCheck(newObject.host_computer.File("/var")) 53 | clearInterface(cargo) 54 | return 55 | end if 56 | print("Jump file does not exist!") 57 | return 58 | end if 59 | self.show_help 60 | return 61 | 62 | end function 63 | 64 | sudo.show_help = function() 65 | show_help(self.name, self.args, self.full_desc, self.handler_types) 66 | end function -------------------------------------------------------------------------------- /commands/targets.src: -------------------------------------------------------------------------------- 1 | targets = {} 2 | targets.name = "targets" 3 | targets.args = "[N/A]" 4 | targets.desc = "Shows all available targets." 5 | targets.full_desc = "This command will show all available targets." 6 | targets.handler_types = ["start", "shell", "computer", "file"] 7 | targets.run = function(object, args) 8 | 9 | show_targets() 10 | 11 | end function 12 | 13 | targets.show_help = function() 14 | show_help(self.name, self.args, self.full_desc, self.handler_types) 15 | end function -------------------------------------------------------------------------------- /commands/touch.src: -------------------------------------------------------------------------------- 1 | makeFile = {} 2 | makeFile.name = "touch" 3 | makeFile.args = "[PATH]" 4 | makeFile.desc = "Creates a file." 5 | makeFile.full_desc = "This command will make a file where [PATH] is the path of the file.\nYou can create multiple files at once." 6 | makeFile.handler_types = ["start", "shell", "computer"] 7 | makeFile.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer 11 | //command: touch 12 | 13 | for pathFile in args 14 | pathParent = parent_path(pathFile) 15 | computer = object 16 | 17 | if pathParent == pathFile then 18 | pathParent = current_path 19 | end if 20 | 21 | parent = computer.File(pathParent) 22 | 23 | if not parent then; print("touch: " + pathParent + " not found"); return; end if 24 | if not parent.has_permission("w") then; print("touch: permission denied"); return; end if 25 | 26 | arrayPath = pathFile.split("/") 27 | output = computer.touch(parent.path, arrayPath[arrayPath.len - 1]) 28 | if output and output != 1 then print(output) 29 | end for 30 | 31 | end function 32 | 33 | makeFile.show_help = function() 34 | show_help(self.name, self.args, self.full_desc, self.handler_types) 35 | end function -------------------------------------------------------------------------------- /commands/use.src: -------------------------------------------------------------------------------- 1 | use = {} 2 | use.name = "use" 3 | use.args = "[INDEX]" 4 | use.desc = "Uses a selected target." 5 | use.full_desc = "This command will show all use a target where [INDEX] is the selected target." 6 | use.handler_types = ["start", "shell", "computer", "file"] 7 | use.run = function(object, args) 8 | 9 | if not args then; show_help(commands.use.args, commands.use.full_desc, commands.use.handler_types); return; end if 10 | index = args[0].to_int 11 | if not main_session.objectList.hasIndex(index) then; print("Index not found!"); return; end if 12 | 13 | add_session({"IP":main_session.pub_ip, "objectType":main_session.handlerType, "object":main_session.object, "localIP":main_session.loc_ip, "user":main_session.current_user}) 14 | 15 | info = main_session.objectList[index] 16 | main_session.object = info.object 17 | main_session.handlerType = info.objectType 18 | main_session.pub_ip = info.IP 19 | main_session.loc_ip = info.localIP 20 | main_session.current_user = info.user 21 | 22 | end function 23 | 24 | use.show_help = function() 25 | show_help(self.name, self.args, self.full_desc, self.handler_types) 26 | end function -------------------------------------------------------------------------------- /commands/uselib.src: -------------------------------------------------------------------------------- 1 | uselib = {} 2 | uselib.name = "uselib" 3 | uselib.args = "[INDEX]" 4 | uselib.desc = "Select a library." 5 | uselib.full_desc = "This command will select a library where [INDEX] is the index of the library." 6 | uselib.handler_types = ["start", "shell", "computer", "file"] 7 | uselib.run = function(object, args) 8 | 9 | if not args then; self.show_help; return; end if 10 | index = args[0].to_int 11 | if not main_session.libList.hasIndex(index) then; print("Index not found!"); return; end if 12 | for libMap in main_session.libList 13 | if typeof(libMap["value"].lib) == typeof(main_session.libList[index].lib) and libMap["value"].used then main_session.libList[libMap.key].used = 0 14 | end for 15 | main_session[typeof(main_session.libList[index].lib)+"Version"] = main_session.libList[index].version 16 | main_session[typeof(main_session.libList[index].lib)+"PublicIP"] = main_session.libList[index].publicIP 17 | main_session[typeof(main_session.libList[index].lib)+"LocalIP"] = main_session.libList[index].localIP 18 | main_session[typeof(main_session.libList[index].lib)] = main_session.libList[index].lib 19 | main_session.libList[index].used = 1 20 | 21 | end function 22 | 23 | uselib.show_help = function() 24 | show_help(self.name, self.args, self.full_desc, self.handler_types) 25 | end function -------------------------------------------------------------------------------- /commands/vars.src: -------------------------------------------------------------------------------- 1 | vars = {} 2 | vars.name = "vars" 3 | vars.args = "[N/A]" 4 | vars.desc = "Lists all the available variables." 5 | vars.full_desc = "This command will list all the variabels." 6 | vars.handler_types = ["start", "shell", "computer", "file"] 7 | vars.run = function(object, args) 8 | 9 | for item in main_session.vars 10 | print(item["key"]+": "+item["value"]) 11 | end for 12 | 13 | end function 14 | 15 | vars.show_help = function() 16 | show_help(self.name, self.args, self.full_desc, self.handler_types) 17 | end function -------------------------------------------------------------------------------- /commands/whois.src: -------------------------------------------------------------------------------- 1 | whoisLookup = {} 2 | whoisLookup.name = "whois" 3 | whoisLookup.args = "[IP]" 4 | whoisLookup.desc = "Returns whois information." 5 | whoisLookup.full_desc = "This command will show whois information about an IP address,\n where [IP] is the IP address." 6 | whoisLookup.handler_types = ["start", "shell", "computer", "file"] 7 | whoisLookup.run = function(object, args) 8 | 9 | if not args then; show_help("nslookup", self.args, self.full_desc, self.handler_types); return; end if 10 | info = "" 11 | for line in whois(args[0]).split("\n") 12 | info = info+do_style(line.split(": ")[0], "title")+do_style(": "+line.split(": ")[1], "text")+"\n" 13 | end for 14 | print("\n"+info) 15 | 16 | end function 17 | 18 | whoisLookup.show_help = function() 19 | show_help(self.name, self.args, self.full_desc, self.handler_types) 20 | end function -------------------------------------------------------------------------------- /commands/wipe.src: -------------------------------------------------------------------------------- 1 | wipe = {} 2 | wipe.name = "wipe" 3 | wipe.args = "(-y)" 4 | wipe.desc = "Wipes a machine." 5 | wipe.full_desc = "This command will wipe a machine where (-y) will skip the confirmation check." 6 | wipe.handler_types = ["start", "shell", "computer", "file"] 7 | wipe.run = function(object, args) 8 | 9 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 10 | if typeof(object) == "computer" then object = object.File("/var") 11 | 12 | if not args or args[0] != "-y" then 13 | if user_input("Do you really want to wipe this system? (y/n): ").lower != "y" then 14 | print("Aborted.") 15 | return 16 | end if 17 | end if 18 | 19 | files = ["/etc", "/lib", "/sys", "/root", "/home", "/var", "/bin", "/usr", "/boot"] 20 | 21 | wipe_folder = function(path) 22 | print("Removing "+path+"...") 23 | file = findFile(object, path) 24 | if file then 25 | if file.has_permission("w") then 26 | file.delete 27 | else 28 | print("No permission to "+file.name+"!") 29 | end if 30 | else 31 | print("File "+path+" does not exist!") 32 | end if 33 | wait(0.5) 34 | end function 35 | 36 | for filePath in files 37 | wipe_folder(filePath) 38 | end for 39 | print("System wipe done!") 40 | 41 | end function 42 | 43 | wipe.show_help = function() 44 | show_help(self.name, self.args, self.full_desc, self.handler_types) 45 | end function -------------------------------------------------------------------------------- /commands/write.src: -------------------------------------------------------------------------------- 1 | write = {} 2 | write.name = "write" 3 | write.args = "[CONT] [>>/>] [PATH]" 4 | write.desc = "Writes to a file." 5 | write.full_desc = "This command will write to a file where [CONT] is the content you want to write to the file,\n where [>>/>] is the operator (>>) for appending to the file, (>) for replacing the contents,\n where [PATH] is the path of the file." 6 | write.handler_types = ["start", "shell", "computer", "file"] 7 | write.run = function(object, args) 8 | 9 | if not args or args.len < 3 then; self.show_help; return; end if 10 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 11 | if typeof(object) == "computer" then object = object.File("/var") 12 | 13 | newContent = args[0] 14 | operator = args[1] 15 | file = findFile(object, args[2]) 16 | if not file then; print("File: "+args[2]+" not found!"); return; end if 17 | 18 | if operator == ">" then 19 | file.set_content(newContent) 20 | else if operator == ">>" then 21 | file.set_content(file.get_content+newContent) 22 | end if 23 | 24 | end function 25 | 26 | write.show_help = function() 27 | show_help(self.name, self.args, self.full_desc, self.handler_types) 28 | end function -------------------------------------------------------------------------------- /core_commands/list_files.src: -------------------------------------------------------------------------------- 1 | list_files = function(object, args) 2 | if not args then; show_help("ls", commands.ls.args, commands.ls.full_desc, commands.ls.handler_types); return; end if 3 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 4 | if typeof(object) == "computer" then object = object.File("/var") 5 | path = args[0] 6 | folder = findFile(object, path) 7 | output = "\n" + do_style("permissions", "red", "static")+" "+do_style("user", "red", "static")+" "+do_style("group", "red", "static")+" "+do_style("name", "red", "static") + "\n"+do_style("-----------", "text")+" "+do_style("----", "text")+" "+do_style("-----", "text")+" "+do_style("----", "text") + "\n" 8 | if folder == null then; print("Does not exist!"); return; end if 9 | for subFile in folder.get_folders + folder.get_files 10 | nameFile = subFile.name 11 | permission = subFile.permissions 12 | owner = subFile.owner 13 | size = subFile.size 14 | group = subFile.group 15 | nameFile = do_style(nameFile, "text") 16 | if subFile.has_permission("r") and subFile.has_permission("w") and subFile.has_permission("x") then 17 | permission = do_style(permission, "green", "static") 18 | owner = do_style(owner, "green", "static") 19 | group = do_style(group, "green", "static") 20 | else if subFile.has_permission("r") or subFile.has_permission("w") or subFile.has_permission("x") then 21 | permission = do_style(permission, "yellow", "static") 22 | owner = do_style(owner, "yellow", "static") 23 | group = do_style(group, "yellow", "static") 24 | else 25 | permission = do_style(permission, "red", "static") 26 | owner = do_style(owner, "red", "static") 27 | group = do_style(group, "red", "static") 28 | end if 29 | if subFile.is_folder then nameFile = do_style(subFile.name, "light_blue", "static") 30 | output = output+permission+" "+owner+" "+group+" "+nameFile+"\n" 31 | end for 32 | print(format_columns(output)+"\n") 33 | end function -------------------------------------------------------------------------------- /core_commands/read_file.src: -------------------------------------------------------------------------------- 1 | read_file = function(object, args) 2 | if not args then; show_help("cat", commands.cat.args, commands.cat.full_desc, commands.cat.handler_types); return; end if 3 | if typeof(object) == "shell" then object = object.host_computer.File("/var") 4 | if typeof(object) == "computer" then object = object.File("/var") 5 | 6 | pathFile = args[0] 7 | file = findFile(object, pathFile) 8 | 9 | if file == null then; print("File not found!"); return; end if 10 | 11 | if file.is_binary then 12 | print("cat: can't open " + file.path + ". Binary file") 13 | return 14 | else if not file.has_permission("r") then 15 | print("cat: permission denied") 16 | return 17 | end if 18 | 19 | info = "" 20 | for line in file.get_content.split(char(10)) 21 | info = info+"\n"+line 22 | end for 23 | print(info+"\n") 24 | end function -------------------------------------------------------------------------------- /functions/ascii_print.src: -------------------------------------------------------------------------------- 1 | // ascii_print = function() 2 | // ascii = "" 3 | // ascii = ascii+do_style("##############################################################################", "dark_grey", "static")+char(10) 4 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ... .... ... ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 5 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" oOX0xdxO0000OkdxOK0xo "+do_style("@@@@@@ @@@@@@", "red", "static")+" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 6 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" .;:.,xmMMMMMMMMMMx,.:;. "+do_style("@@ @@@ @@! @@@", "red", "static")+" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 7 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" :KXxokNMWWMMMMWWMWOoo0Xd. "+do_style(".!!@! @!@ !@!", "red", "static")+" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 8 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ;XWXXWMMMNKWMMWXXMMMWXXWWl "+do_style("!!: !!: !!!", "red", "static")+" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 9 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ;XWd.lXW0lldxxxolkNWx'cXWo "+do_style(":.:::::: () ::..::", "red", "static")+" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 10 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" lNK, cKc cKc .xNx. ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 11 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" cXk. ';' ':' oXx. ", "logo", "static")+do_style("____ ____ __ ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 12 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" cKo. '; ;' :Kd. ", "logo", "static")+do_style("\ \ / /|__|______ ____ _______ ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 13 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" :O: 'Oo. ", "logo", "static")+do_style("\ Y / | |\____ \ _/ __ \\_ __ \ ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 14 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ;d, .ol ", "logo", "static")+do_style("\ / | || |_> >\ ___/ | | \/ ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 15 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ':. ;; ", "logo", "static")+do_style("\___/ |__|| __/ \___ >|__| ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 16 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" .. . ", "logo", "static")+do_style("|__| \/ ", "red", "static")+do_style("#", "dark_grey", "static")+char(10) 17 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(" ", "logo", "static")+do_style("#", "dark_grey", "static")+char(10) 18 | // ascii = ascii+do_style("#", "dark_grey", "static")+do_style(do_style(" Created by: Volk ", "bold"), "credits", "static")+" "+do_style("#", "dark_grey", "static")+char(10) 19 | // ascii = ascii+do_style("##############################################################################", "dark_grey", "static")+char(10) 20 | // info = do_style("LIBRARY ", "title")+do_style("PUBLICIP ", "title")+do_style("LOCALIP ", "title")+do_style("VERSION", "title") 21 | // info = info+char(10)+do_style("------- ", "outline")+do_style("-------- ", "outline")+do_style("------- ", "outline")+do_style("-------", "outline") 22 | // info = info+char(10)+do_style(typeof(main_session.MetaxploitLib).lower.replace("lib","")+" ", "outline")+do_style(main_session.MetaxploitLibPublicIP+" ", "outline")+do_style(main_session.MetaxploitLibLocalIP+" ", "outline")+do_style(main_session.MetaxploitLibVersion, "outline") 23 | // info = info+char(10)+do_style(typeof(main_session.cryptoLib).lower.replace("lib","")+" ", "outline")+do_style(main_session.cryptoLibPublicIP+" ", "outline")+do_style(main_session.cryptoLibLocalIP+" ", "outline")+do_style(main_session.cryptoLibVersion, "outline") 24 | // print(ascii+char(10) + do_style("Version", "red", "static")+do_style(": ", "dark_grey", "static")+do_style(main_session.version, "dark_grey", "static")+char(10)+char(10)+format_columns(info)+char(10)+char(10), true) 25 | // end function -------------------------------------------------------------------------------- /functions/buffer.src: -------------------------------------------------------------------------------- 1 | addToBuffer = function(command, args) 2 | for i in args 3 | if i != "" then command = command+" "+i 4 | end for 5 | main_session.commandBuffer.push(command) 6 | if main_session.commandBuffer.len > 100 then main_session.commandBuffer.remove(0) 7 | end function 8 | 9 | listBuffer = function(args) 10 | max = null 11 | if not args then max=10 12 | if not max and args[0] == "all" then max=100 13 | if not max then max = args[0].to_int 14 | if max > main_session.commandBuffer.len then max = main_session.commandBuffer.len 15 | print(" ") 16 | for command in main_session.commandBuffer[-max:] 17 | print(command) 18 | end for 19 | print(" ") 20 | end function -------------------------------------------------------------------------------- /functions/delete_target.src: -------------------------------------------------------------------------------- 1 | delete_target = function(list, args) 2 | for index in args 3 | if index.split("-").len == 2 then 4 | for object in range(index.split("-")[0].to_int, index.split("-")[1].to_int) 5 | main_session[list].remove(object) 6 | end for 7 | continue 8 | end if 9 | main_session[list].remove(index.to_int) 10 | end for 11 | main_session[list] = sortMap(main_session[list]) 12 | end function -------------------------------------------------------------------------------- /functions/do_style.src: -------------------------------------------------------------------------------- 1 | do_style = function(string = null, theme_key = null, theme = null) 2 | color = null 3 | 4 | if theme_key == "bold" then return ""+string+"" 5 | 6 | if theme then 7 | color = user_session[theme][theme_key] 8 | else 9 | color = user_session.theme[theme_key] 10 | end if 11 | 12 | return ""+string+"" 13 | end function 14 | -------------------------------------------------------------------------------- /functions/exploit_scan.src: -------------------------------------------------------------------------------- 1 | exploit_scan = function(handlerType, args) 2 | if not args then; show_help("exploitscan", commands.exploitscan.args, commands.exploitscan.full_desc, commands.exploitscan.handler_types); return; end if 3 | if not main_session.MetaxploitLib then 4 | print("metaxploit.so not found!") 5 | return 6 | end if 7 | 8 | IP = null 9 | LIB = args[0] 10 | EXTRA = "." 11 | if args.len >= 2 then EXTRA = args[1] 12 | if is_valid_ip(args[0]) then 13 | if args.len < 2 then; show_help("exploitscan", commands.exploitscan.args, commands.exploitscan.full_desc, commands.exploitscan.handler_types); return; end if 14 | IP = args[0] 15 | PORT = args[1].to_int 16 | EXTRA = "." 17 | if args.len >= 3 then 18 | EXTRA = args[2] 19 | end if 20 | end if 21 | 22 | if IP then 23 | metalib = main_session.MetaxploitLib.net_use(IP, PORT) 24 | if not metalib then; print("Could not connect to port: "+PORT); return; end if 25 | metalib = metalib.dump_lib 26 | else 27 | metalib = main_session.MetaxploitLib.load("/lib/"+LIB) 28 | if not metalib then; print("Could not load library: "+LIB); return; end if 29 | end if 30 | 31 | if main_session.vars.hasIndex("lib") and main_session.libList.hasIndex(main_session.vars.lib.to_int) and typeof(main_session.libList[main_session.vars.lib.to_int].lib) == "MetaxploitLib" then 32 | memory_addresses = main_session.libList[main_session.vars.lib.to_int].lib.scan(metalib) 33 | else 34 | memory_addresses = main_session.MetaxploitLib.scan(metalib) 35 | end if 36 | 37 | exploits = [] 38 | for memory_address in memory_addresses 39 | 40 | values = main_session.MetaxploitLib.scan_address(metalib, memory_address).split("Unsafe check: ") 41 | 42 | for unsec in values 43 | if unsec == values[0] then continue 44 | unsecValue=unsec[unsec.indexOf("")+3:unsec.indexOf("")] 45 | print("="*20) 46 | print(memory_address) 47 | print("-"*20) 48 | print(unsecValue) 49 | print("-"*20) 50 | object = metalib.overflow(memory_address, unsecValue, EXTRA) 51 | objectType = typeof(object) 52 | localIP = "unknown" 53 | if objectType == "shell" or objectType == "computer" or objectType == "file" then 54 | if objectType == "computer" then 55 | user = userCheck(object.File("/var")) 56 | ip = object.public_ip 57 | localIP = object.local_ip 58 | output = do_style("computer: ", "green", "static")+do_style(localIP, "yellow", "static") 59 | print(output) 60 | end if 61 | if objectType == "shell" then 62 | user = userCheck(object.host_computer.File("/var")) 63 | ip = object.host_computer.public_ip 64 | localIP = object.host_computer.local_ip 65 | output = do_style("computer: ", "green", "static")+do_style(localIP, "yellow", "static") 66 | print(output) 67 | end if 68 | if objectType == "file" then 69 | user = userCheck(object) 70 | router = get_router(IP) 71 | if router and not is_lan_ip(IP) then 72 | if PORT == 0 or PORT == 8080 then 73 | localIP = router.local_ip 74 | ip = router.public_ip 75 | else 76 | for port in router.used_ports 77 | if port.port_number == PORT then 78 | ip = IP 79 | localIP = port.get_lan_ip 80 | break 81 | end if 82 | end for 83 | end if 84 | else if IP then 85 | localIP = IP 86 | ip = main_session.MetaxploitLibPublicIP 87 | else 88 | localIP = main_session.MetaxploitLibLocalIP 89 | ip = main_session.MetaxploitLibPublicIP 90 | end if 91 | end if 92 | output = do_style("objectType type: ", "green", "static")+do_style(objectType, "yellow", "static") 93 | print(output) 94 | else if objectType == "null" then 95 | output = do_style("objectType type: ", "green", "static")+do_style(objectType, "red", "static") 96 | print(output) 97 | else 98 | output = do_style("objectType type: ", "green", "static")+do_style(objectType, "blue", "static") 99 | print(output) 100 | if objectType == "string" then 101 | print(object) 102 | end if 103 | end if 104 | 105 | if objectType != "null" and objectType != "number" and objectType != "string" then 106 | main_session.objectList[main_session.objectList.len] = {"IP":ip, "objectType":objectType, "object":object, "localIP":localIP, "user":user} 107 | end if 108 | print("="*20) 109 | print() 110 | end for 111 | end for 112 | end function -------------------------------------------------------------------------------- /functions/import_libs.src: -------------------------------------------------------------------------------- 1 | import_lib = function(library, path) 2 | 3 | main_session[library] = include_lib(path) 4 | 5 | if not main_session[library] then 6 | path = parent_path(program_path)+"/"+path.split("/")[-1] 7 | main_session[library] = include_lib(path) 8 | end if 9 | 10 | if not main_session[library] then return 11 | 12 | main_session[library+"PublicIP"] = main_session.pub_ip 13 | main_session[library+"LocalIP"] = main_session.loc_ip 14 | 15 | if main_session.MetaxploitLib then 16 | main_session[library+"Version"] = main_session.MetaxploitLib.load(path).version 17 | else 18 | main_session[library+"Version"] = "unknown" 19 | end if 20 | 21 | main_session.libList[main_session.libList.len] = {"lib":main_session[library], "publicIP":main_session[library+"PublicIP"], "localIP":main_session[library+"LocalIP"], "version":main_session[library+"Version"], "used":1} 22 | 23 | end function 24 | 25 | import_libs = function() 26 | 27 | import_lib("MetaxploitLib", "/lib/metaxploit.so") 28 | import_lib("cryptoLib", "/lib/crypto.so") 29 | import_lib("aptclientLib", "/lib/aptclient.so") 30 | 31 | end function -------------------------------------------------------------------------------- /functions/loadSettings.src: -------------------------------------------------------------------------------- 1 | loadSettings = function(index=null) 2 | configFile = get_shell.host_computer.File("/home/"+active_user+"/Config/Viper.conf") 3 | if active_user() == "root" then configFile = get_shell.host_computer.File("/root/Config/Viper.conf") 4 | if not configFile then return 5 | settings = parse(configFile.get_content()) 6 | if not settings then return 7 | if index != "vars" then user_session.theme = settings.theme 8 | if index != "theme" then main_session.vars = settings.vars 9 | end function -------------------------------------------------------------------------------- /functions/logic.src: -------------------------------------------------------------------------------- 1 | findFile = function(fileObject, path) 2 | inputFolders = path.split("/")[:-1] 3 | inputFile = path.split("/")[-1] 4 | while fileObject.parent 5 | fileObject = fileObject.parent 6 | end while 7 | if path == "/" then return fileObject 8 | for inputFolder in inputFolders 9 | for folder in fileObject.get_folders 10 | if folder.name == inputFolder then 11 | fileObject = folder 12 | break 13 | end if 14 | end for 15 | end for 16 | for file in fileObject.get_folders+fileObject.get_files 17 | if file.name == inputFile then return file 18 | end for 19 | end function 20 | 21 | check_file = function(object, path) 22 | if typeof(object) == "shell" then file = object.host_computer.File(path) 23 | if typeof(object) == "computer" then file = object.File(path) 24 | if typeof(object) == "file" then file = findFile(object, path) 25 | return file 26 | end function 27 | 28 | in_netcat = function(shellObj, netcatList) 29 | for netcatItem in netcatList 30 | if netcatItem.value["IP"] == shellObj.host_computer.public_ip and netcatItem.value["localIP"] == shellObj.host_computer.local_ip and netcatItem.value["user"] == userCheck(shellObj.host_computer.File("/var")) then 31 | return true 32 | end if 33 | end for 34 | return false 35 | end function 36 | 37 | getNetcatConnections = function(output = true) 38 | line = char(10)+do_style("Gathering connections...", "logo", "static") 39 | if output == true then print(line) 40 | shells = main_session.MetaxploitLib.rshell_server() 41 | if typeof(shells) != "list" then; print("Error could not start listener!"); return "stop"; end if 42 | line = do_style(shells.len+" shell(s) connected!"+char(10), "arg") 43 | if output == true then print(line) 44 | for shellObj in shells 45 | if not in_netcat(shellObj, main_session.netcatList) then 46 | main_session.netcatList[main_session.netcatList.len] = {"IP":shellObj.host_computer.public_ip, "object":shellObj, "objectType":typeof(shellObj), "localIP":shellObj.host_computer.local_ip, "user":userCheck(shellObj.host_computer.File("/var"))} 47 | end if 48 | end for 49 | end function 50 | 51 | check_router = function(ip, version) 52 | router = get_router(ip) 53 | if not router then router = get_switch(ip) 54 | if not router then return null 55 | if router.kernel_version == version then return true 56 | print(do_style("kernel_router"+" "+router.kernel_version, "red", "static")) 57 | return null 58 | end function 59 | 60 | check_service = function(router, service, version) 61 | ports = router.used_ports 62 | if not ports then return null 63 | for port in ports 64 | libInfo = router.port_info(port) 65 | if libInfo == service+" "+version then return true 66 | print(do_style(libInfo, "red", "static")) 67 | end for 68 | return null 69 | end function 70 | 71 | ipscan = function(ip, routers) 72 | router = get_router(ip) 73 | for localIP in router.devices_lan_ip 74 | if routers.indexOf(localIP) != null then continue 75 | line = do_style(localIP, "text").replace("\.",do_style(".", "title")) 76 | print(line) 77 | routers.push(router.local_ip) 78 | if get_router(localIP) then ipscan(localIP, routers) 79 | end for 80 | end function 81 | 82 | addDefaultVars = function() 83 | if active_user != "root" then main_session.vars[active_user] = "/home/"+active_user 84 | main_session.vars["guest"] = "/home/guest" 85 | main_session.vars["downloads"] = "/Public/htdocs/downloads" 86 | main_session.vars["website"] = "www.viper.com" 87 | main_session.vars["viper-ip"] = "170.220.64.188" 88 | main_session.vars["es"] = "exploitscan" 89 | end function 90 | 91 | update_check = function(ip) 92 | if not main_session.aptclientLib then 93 | aptline = do_style("aptclient.so not found! Update check failed.", "red", "static") 94 | print(aptline) 95 | return 96 | end if 97 | 98 | print("Updating package lists...") 99 | main_session.aptclientLib.update 100 | 101 | if program_path == "/bin/viper" then 102 | pendingPackages = main_session.aptclientLib.check_upgrade("/bin/viper") 103 | else if program_path == "/bin/viper-dev" then 104 | pendingPackages = main_session.aptclientLib.check_upgrade("/bin/viper-dev") 105 | main_session.version = main_session.version+do_style(" UNSTABLE!", "red", "static") 106 | else 107 | binline = do_style("Viper not in /bin! Update check failed.", "red", "static") 108 | print(binline) 109 | return 110 | end if 111 | 112 | if pendingPackages == 1 then main_session.version = main_session.version+do_style(" OUTDATED!", "red", "static") 113 | end function 114 | 115 | add_session = function(obj_map) 116 | main_session.sessionList.push(obj_map) 117 | if main_session.sessionList.len > 100 then main_session.sessionList.remove(0) 118 | end function 119 | -------------------------------------------------------------------------------- /functions/nmap_scan.src: -------------------------------------------------------------------------------- 1 | nmap_scan = function(args) 2 | if not args or args[0] == "" then; commands.nmap.show_help; return; end if 3 | IP = args[0] 4 | if IP == "random" then IP = get_random_ip 5 | if IP.split("\.").len == 3 then IP = nslookup(IP) 6 | isLanIp = is_lan_ip(IP) 7 | router = get_router(IP) 8 | if isLanIp and not router then router = get_router 9 | 10 | if not router or router.device_ports(IP) == "device_ports: "+IP+" is unreachable" then 11 | print("nmap: ip address not found") 12 | return 13 | end if 14 | 15 | if not isLanIp then 16 | ports = router.used_ports 17 | else 18 | ports = router.device_ports(IP) 19 | end if 20 | 21 | KERNEL = do_style(router.local_ip+" ", "text")+do_style(0+" ", "text")+do_style("TRUE ", "green", "static")+do_style("OPEN ", "green", "static")+do_style("kernel_router "+router.kernel_version, "text") 22 | if router.kernel_version == null then KERNEL = do_style(router.local_ip+" ", "text")+do_style(0+" ", "text")+do_style("TRUE ", "green", "static")+do_style("OPEN ", "green", "static")+do_style("unknown unknown", "text") 23 | 24 | portlist = [] 25 | for port in ports 26 | portlist.push(port.get_lan_ip+" "+port.port_number+" "+router.port_info(port)) 27 | end for 28 | 29 | iplist = [KERNEL] 30 | if not isLanIp then 31 | for ip in router.devices_lan_ip 32 | for port in router.device_ports(ip) 33 | portStatus = do_style("OPEN ", "green", "static") 34 | if port.is_closed then 35 | portStatus = do_style("CLOSED ", "red", "static") 36 | end if 37 | forwarded = do_style("FALSE ", "red", "static") 38 | if portlist.indexOf(port.get_lan_ip+" "+port.port_number+" "+router.port_info(port)) != null then 39 | forwarded = do_style("TRUE ", "green", "static") 40 | end if 41 | index = do_style(port.get_lan_ip+" ", "text")+do_style(port.port_number+" ", "text")+forwarded+portStatus+do_style(router.port_info(port), "text") 42 | if iplist.indexOf(index) == null then 43 | iplist.push(index) 44 | end if 45 | end for 46 | end for 47 | else 48 | if IP != router.local_ip then iplist = [] 49 | for port in ports 50 | iplist.push(do_style(port.get_lan_ip+" ", "text")+do_style(port.port_number+" ", "text")+do_style("TRUE ", "green", "static")+do_style("OPEN ", "green", "static")+do_style(router.port_info(port), "text")) 51 | end for 52 | end if 53 | iplist = iplist.sort("TRUE") 54 | INFO = do_style("HOST ", "title")+do_style("PORT ", "title")+do_style("FORWARDED ", "title")+do_style("STATE ", "title")+do_style("SERVICE VERSION", "title")+char(10)+do_style("---- ", "text")+do_style("---- ", "text")+do_style("--------- ", "text")+do_style("----- ", "text")+do_style("------- -------", "text") 55 | 56 | if iplist.len == 0 then 57 | print("Scan finished. No open ports.") 58 | return 59 | end if 60 | 61 | for i in iplist 62 | INFO = INFO+char(10)+i 63 | end for 64 | print(" ") 65 | print(do_style("IP", "title")+do_style(": "+IP, "text")) 66 | print(do_style("ESSID", "title")+do_style(": "+router.essid_name, "text")) 67 | print(do_style("BSSID", "title")+do_style(": "+router.bssid_name, "text")) 68 | print(char(10)+format_columns(INFO)+char(10)) 69 | end function -------------------------------------------------------------------------------- /functions/random_ip.src: -------------------------------------------------------------------------------- 1 | get_random_ip = function 2 | while true 3 | ip = floor((rnd * 255) + 1) + "." + floor((rnd * 255) + 1) + "." + floor((rnd * 255) + 1) + "." + floor((rnd * 255) + 1) 4 | if not is_valid_ip(ip) then continue 5 | if is_lan_ip(ip) then continue 6 | return ip 7 | end while 8 | end function -------------------------------------------------------------------------------- /functions/router_check.src: -------------------------------------------------------------------------------- 1 | routerCheck = function(fileObject) 2 | while fileObject.parent 3 | fileObject = fileObject.parent 4 | end while 5 | for folder in fileObject.get_folders 6 | if folder.name == "lib" then 7 | libFolder = folder 8 | break 9 | end if 10 | end for 11 | for library in libFolder.get_files 12 | if library.name == "kernel_router.so" then 13 | return true 14 | end if 15 | end for 16 | return false 17 | end function -------------------------------------------------------------------------------- /functions/show_help.src: -------------------------------------------------------------------------------- 1 | show_help = function(name, args, full_desc, handler_types) 2 | bac_args = args 3 | bac_desc = full_desc 4 | handlers = "" 5 | for arg in args.split(" ") 6 | args = args.replace(Escape(arg), do_style(arg, "arg"))+" " 7 | full_desc = full_desc.replace(Escape(arg), do_style(arg, "arg"))+" " 8 | full_desc = full_desc.replace(Escape("[true]"), do_style("[true]", "bool"))+" " 9 | full_desc = full_desc.replace(Escape("[false]"), do_style("[false]", "bool"))+" " 10 | end for 11 | for handler_type in handler_types 12 | handlers = handlers+do_style(handler_type, "arg")+", " 13 | end for 14 | handlers = handlers[:-2] 15 | print("\n"+do_style(name, "arg")+" "+args+"\n") 16 | print(full_desc+"\n") 17 | print("This command can be used in the following handlers: "+handlers+"."+char(10)) 18 | args = bac_args 19 | full_desc = bac_desc 20 | end function -------------------------------------------------------------------------------- /functions/show_targets.src: -------------------------------------------------------------------------------- 1 | show_targets = function() 2 | info = do_style("INDEX ", "title")+do_style("USER ", "title")+do_style("PUBLICIP ", "title")+do_style("LANIP ", "title")+do_style("OBJECT", "title")+char(10)+do_style("----- ", "text")+do_style("---- ", "text")+do_style("-------- ", "text")+do_style("----- ", "text")+do_style("------", "text") 3 | for object in main_session.objectList 4 | USER = do_style(object["value"]["user"]+" ", "text") 5 | if object["value"]["user"] == "root" then USER = do_style("root ", "red", "static") 6 | info = info+"\n"+do_style(object["key"]+" ", "text")+USER+do_style(object["value"]["IP"]+" ", "title")+do_style(object["value"]["localIP"]+" ", "text")+do_style(object["value"]["objectType"], "green", "static") 7 | end for 8 | print("\n"+format_columns(info)+"\n") 9 | end function -------------------------------------------------------------------------------- /functions/sortMap.src: -------------------------------------------------------------------------------- 1 | sortMap = function(map) 2 | new_map = {} 3 | for i in map 4 | new_map[new_map.len] = i.value 5 | end for 6 | return new_map 7 | end function -------------------------------------------------------------------------------- /functions/ssh.src: -------------------------------------------------------------------------------- 1 | get_ssh = function(object, ip, port, user, pass) 2 | if typeof(port) != "number" then return false 3 | shell = object.connect_service(ip, port, user, pass) 4 | if typeof(shell) != "shell" then return false 5 | return shell 6 | end function 7 | -------------------------------------------------------------------------------- /functions/tty.src: -------------------------------------------------------------------------------- 1 | TTY = function(object, handlerType, pub_ip, loc_ip, user_clean) 2 | user = user_clean 3 | if user == "root" then 4 | user = do_style(user, "red", "static") 5 | hst = do_style("@", "outline")+do_style("viper", "red", "static") 6 | uic = "# " 7 | else 8 | user = do_style(user, "outline") 9 | hst = do_style("@viper", "outline") 10 | uic = "$ " 11 | end if 12 | 13 | fpub_ip = do_style(pub_ip, "title") 14 | if handlerType == "start" then fpub_ip = do_style(pub_ip, "start_color") 15 | 16 | tty = do_style("(", "outline")+user+hst+do_style(")——[", "outline")+fpub_ip+do_style("]——["+loc_ip+"]——[", "outline")+do_style(handlerType.upper, "handler_color")+do_style("]", "outline") 17 | tty_clean = "("+user_clean+"@viper"+")——["+pub_ip+"]——["+loc_ip+"]——["+handlerType+"]" 18 | spacing = 2.1 19 | spacing = spacing+(tty_clean.len)*0.6 20 | tty = do_style("———", "outline")+tty+do_style("||——", "outline")+do_style(uic, "title") 21 | return tty 22 | end function -------------------------------------------------------------------------------- /functions/userCheck.src: -------------------------------------------------------------------------------- 1 | userCheck = function(fileObject) //check perm for npc machine 2 | if not fileObject then; return "*guest"; end if 3 | while fileObject.parent 4 | fileObject = fileObject.parent 5 | end while 6 | homeFolder = null 7 | for folder in fileObject.get_folders 8 | if folder.name == "root" then 9 | if folder.has_permission("w") and folder.has_permission("r") and folder.has_permission("x") then return "root" 10 | end if 11 | if folder.name == "home" then 12 | homeFolder = folder 13 | end if 14 | end for 15 | if not homeFolder then return "guest" 16 | for folder in homeFolder.get_folders 17 | if folder.name == "guest" then continue 18 | if folder.chmod("u+rwx") == "" then 19 | if folder.owner == folder.group then return folder.owner 20 | return "*"+folder.group 21 | end if 22 | end for 23 | return "guest" 24 | end function -------------------------------------------------------------------------------- /libs/Escape.src: -------------------------------------------------------------------------------- 1 | Escape = function(text) 2 | return text.replace("(?=\\|\.|\+|\*|\?|\^|\$|\(|\)|\[|\]|\{|\}|\|)","\") 3 | end function -------------------------------------------------------------------------------- /libs/encryption.src: -------------------------------------------------------------------------------- 1 | //AES128 2 | AES128 = function(choice, key, text) // Returns null if any error (could mean undecryptable ciphertext) 3 | 4 | if typeof(key) != "string" then return null 5 | if key.len != 16 then return null 6 | if typeof(text) != "string" then return null 7 | if typeof(choice) != "string" then return null 8 | 9 | byte_key = [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 10 | for i in key.indexes 11 | byte_key[i] = key[i].code 12 | end for 13 | key = byte_key[0:] 14 | 15 | // Define lookup tables 16 | Sbox = [] 17 | Sbox=Sbox+[99,124,119,123,242,107,111,197,48,1,103,43,254,215,171,118,202,130,201,125,250,89,71,240,173,212,162,175,156,164,114,192,183,253,147,38] 18 | Sbox=Sbox+[54,63,247,204,52,165,229,241,113,216,49,21,4,199,35,195,24,150,5,154,7,18,128,226,235,39,178,117,9,131,44,26,27,110,90,160,82,59,214,179] 19 | Sbox=Sbox+[41,227,47,132,83,209,0,237,32,252,177,91,106,203,190,57,74,76,88,207,208,239,170,251,67,77,51,133,69,249,2,127,80,60,159,168,81,163,64] 20 | Sbox=Sbox+[143,146,157,56,245,188,182,218,33,16,255,243,210,205,12,19,236,95,151,68,23,196,167,126,61,100,93,25,115,96,129,79,220,34,42,144,136,70] 21 | Sbox=Sbox+[238,184,20,222,94,11,219,224,50,58,10,73,6,36,92,194,211,172,98,145,149,228,121,231,200,55,109,141,213,78,169,108,86,244,234,101,122,174] 22 | Sbox=Sbox+[8,186,120,37,46,28,166,180,198,232,221,116,31,75,189,139,138,112,62,181,102,72,3,246,14,97,53,87,185,134,193,29,158,225,248,152,17,105] 23 | Sbox=Sbox+[217,142,148,155,30,135,233,206,85,40,223,140,161,137,13,191,230,66,104,65,153,45,15,176,84,187,22] 24 | 25 | Rcon = [1, 2, 4, 8, 16, 32, 64, 128, 27, 54] 26 | 27 | Mult2 = [] 28 | Mult2=Mult2+[0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90] 29 | Mult2=Mult2+[92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148,150,152,154,156,158] 30 | Mult2=Mult2+[160,162,164,166,168,170,172,174,176,178,180,182,184,186,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224] 31 | Mult2=Mult2+[226,228,230,232,234,236,238,240,242,244,246,248,250,252,254,27,25,31,29,19,17,23,21,11,9,15,13,3,1,7,5,59,57,63,61,51,49,55,53,43,41] 32 | Mult2=Mult2+[47,45,35,33,39,37,91,89,95,93,83,81,87,85,75,73,79,77,67,65,71,69,123,121,127,125,115,113,119,117,107,105,111,109,99,97,103,101,155] 33 | Mult2=Mult2+[153,159,157,147,145,151,149,139,137,143,141,131,129,135,133,187,185,191,189,179,177,183,181,171,169,175,173,163,161,167,165,219,217] 34 | Mult2=Mult2+[223,221,211,209,215,213,203,201,207,205,195,193,199,197,251,249,255,253,243,241,247,245,235,233,239,237,227,225,231,229] 35 | 36 | 37 | SubBytes = function(column) 38 | column = column[0:] 39 | for i in column.indexes 40 | column[i] = Sbox[column[i]] 41 | end for 42 | return column 43 | end function 44 | 45 | WordXor = function(word1, word2) 46 | result = [0, 0, 0, 0] 47 | for i in result.indexes 48 | result[i] = bitwise("^", word1[i], word2[i]) 49 | end for 50 | return result 51 | end function 52 | 53 | AddRoundKey = function(state, key, roundNum) 54 | roundKey = key[roundNum*4:roundNum*4+4] 55 | return [WordXor(state[0], roundKey[0]), WordXor(state[1], roundKey[1]), WordXor(state[2], roundKey[2]), WordXor(state[3], roundKey[3])] 56 | end function 57 | 58 | ExpandKey = function(key) 59 | W = [key[0:4], key[4:8], key[8:12], key[12:16]] 60 | 61 | for i in range(4, 40, 4) 62 | W = W + [[], [], [], []] 63 | W[i] = W[i-1][1:] + [W[i-1][0]] // RotWord 64 | W[i] = SubBytes(W[i]) 65 | W[i] = WordXor(W[i-4], W[i]) 66 | W[i][0] = bitwise("^", Rcon[i/4-1], W[i][0]) 67 | for j in range(i+1, i+3) 68 | W[j] = WordXor(W[j-4], W[j-1]) 69 | end for 70 | end for 71 | return W 72 | end function 73 | 74 | aesEncrypt = function(key, block) // Expects already formatted block 75 | Mult2 = @Mult2 76 | key = key[0:] 77 | State = block[0:] 78 | 79 | // Declaring functions 80 | ShiftRows = function(state) 81 | state = state[0:] 82 | tmp = state[0][1] 83 | state[0][1] = state[1][1] 84 | state[1][1] = state[2][1] 85 | state[2][1] = state[3][1] 86 | state[3][1] = tmp 87 | 88 | for i in range(1) 89 | tmp = state[0][2] 90 | state[0][2] = state[1][2] 91 | state[1][2] = state[2][2] 92 | state[2][2] = state[3][2] 93 | state[3][2] = tmp 94 | end for 95 | 96 | tmp = state[3][3] 97 | state[3][3] = state[2][3] 98 | state[2][3] = state[1][3] 99 | state[1][3] = state[0][3] 100 | state[0][3] = tmp 101 | return state 102 | end function 103 | 104 | matrix = [[2, 3, 1, 1], [1, 2, 3, 1], [1, 1, 2, 3], [3, 1, 1, 2]] 105 | 106 | MixColumns = function(state) 107 | state = state[0:] 108 | for column in state.indexes 109 | endcolumn = [0, 0, 0, 0] 110 | for i in matrix.indexes 111 | tmp = state[column][0:] 112 | for j in matrix[i].indexes 113 | if matrix[i][j] == 1 then continue 114 | tmp[j] = Mult2[state[column][j]] 115 | if matrix[i][j] != 3 then continue 116 | tmp[j] = bitwise("^", tmp[j], state[column][j]) 117 | end for 118 | endcolumn[i] = bitwise("^", bitwise("^", bitwise("^", tmp[0], tmp[1]), tmp[2]), tmp[3]) 119 | end for 120 | state[column] = endcolumn[0:] 121 | end for 122 | return state 123 | end function 124 | 125 | // The algorithm 126 | State = AddRoundKey(State, key, 0) 127 | 128 | for round in range(1, 9) 129 | State = [SubBytes(State[0]), SubBytes(State[1]), SubBytes(State[2]), SubBytes(State[3])] 130 | State = ShiftRows(State) 131 | State = MixColumns(State) 132 | State = AddRoundKey(State, key, round) 133 | end for 134 | 135 | State = [SubBytes(State[0]), SubBytes(State[1]), SubBytes(State[2]), SubBytes(State[3])] 136 | State = ShiftRows(State) 137 | State = AddRoundKey(State, key, 10) 138 | 139 | return State 140 | end function 141 | 142 | 143 | aesDecrypt = function(key, block) // Expects already formatted block 144 | Mult2 = @Mult2 145 | Sbox = @Sbox 146 | key = key[0:] 147 | State = block[0:] 148 | 149 | // Declare functions 150 | InvShiftRows = function(state) 151 | state = state[0:] 152 | tmp = state[3][1] 153 | state[3][1] = state[2][1] 154 | state[2][1] = state[1][1] 155 | state[1][1] = state[0][1] 156 | state[0][1] = tmp 157 | 158 | for i in range(1) 159 | tmp = state[3][2] 160 | state[3][2] = state[2][2] 161 | state[2][2] = state[1][2] 162 | state[1][2] = state[0][2] 163 | state[0][2] = tmp 164 | end for 165 | 166 | tmp = state[0][3] 167 | state[0][3] = state[1][3] 168 | state[1][3] = state[2][3] 169 | state[2][3] = state[3][3] 170 | state[3][3] = tmp 171 | return state 172 | end function 173 | 174 | InvSubBytes = function(column) 175 | column = column[0:] 176 | for i in column.indexes 177 | column[i] = Sbox.indexOf(column[i]) 178 | end for 179 | return column 180 | end function 181 | 182 | matrix = [[14, 11, 13, 9], [9, 14, 11, 13], [13, 9, 14, 11], [11, 13, 9, 14]] 183 | 184 | InvMixColumns = function(state) 185 | state = state[0:] 186 | for column in state.indexes 187 | endcolumn = [0, 0, 0, 0] 188 | for i in matrix.indexes 189 | tmp = state[column][0:] 190 | for j in matrix[i].indexes 191 | if matrix[i][j] == 9 then 192 | tmp[j] = bitwise("^", Mult2[Mult2[Mult2[state[column][j]]]], state[column][j]) 193 | else if matrix[i][j] == 11 then 194 | tmp[j] = bitwise("^", Mult2[bitwise("^", Mult2[Mult2[state[column][j]]], state[column][j])], state[column][j]) 195 | else if matrix[i][j] == 13 then 196 | tmp[j] = bitwise("^", Mult2[Mult2[bitwise("^", Mult2[state[column][j]], state[column][j])]], state[column][j]) 197 | else 198 | tmp[j] = Mult2[bitwise("^", Mult2[bitwise("^", Mult2[state[column][j]], state[column][j])], state[column][j])] 199 | end if 200 | end for 201 | endcolumn[i] = bitwise("^", bitwise("^", bitwise("^", tmp[0], tmp[1]), tmp[2]), tmp[3]) 202 | end for 203 | state[column] = endcolumn[0:] 204 | end for 205 | return state 206 | end function 207 | 208 | // The actual algorithm 209 | State = AddRoundKey(State, key, 10) 210 | 211 | for round in range(9, 1) 212 | State = InvShiftRows(State) 213 | State = [InvSubBytes(State[0]), InvSubBytes(State[1]), InvSubBytes(State[2]), InvSubBytes(State[3])] 214 | State = AddRoundKey(State, key, round) 215 | State = InvMixColumns(State) 216 | end for 217 | 218 | State = InvShiftRows(State) 219 | State = [InvSubBytes(State[0]), InvSubBytes(State[1]), InvSubBytes(State[2]), InvSubBytes(State[3])] 220 | State = AddRoundKey(State, key, 0) 221 | 222 | return State 223 | end function 224 | 225 | 226 | // Generate IV 227 | IV = [] 228 | for byte in key 229 | IV = IV + [floor(rnd(byte)*256)] // Warning: rnd is not cryptographically secure 230 | end for 231 | 232 | key = ExpandKey(key) 233 | 234 | b64Table = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" 235 | 236 | if choice == "encrypt" then 237 | Blocks = [[]] 238 | b=0 239 | for char in text 240 | Blocks[b] = Blocks[b] + [code(char)] 241 | if Blocks[b].len == 16 then 242 | Blocks = Blocks + [[]] 243 | b=b+1 244 | end if 245 | end for 246 | 247 | // Pad with CMS (Crytographic Message Syntax) 248 | padNum = 16 - Blocks[-1].len 249 | for i in range(padNum-1) 250 | Blocks[-1] = Blocks[-1] + [padNum] 251 | end for 252 | 253 | // XOR first block with IV 254 | for i in IV.indexes 255 | Blocks[0][i] = bitwise("^", Blocks[0][i], IV[i]) 256 | end for 257 | 258 | // Format blocks 259 | for i in Blocks.indexes 260 | Blocks[i] = [Blocks[i][0:4], Blocks[i][4:8], Blocks[i][8:12], Blocks[i][12:16]] 261 | end for 262 | 263 | // Encode blocks 264 | Blocks[0] = aesEncrypt(key, Blocks[0]) 265 | if Blocks.len > 1 then 266 | for i in range(1, Blocks.len-1) 267 | for column in Blocks[i].indexes 268 | for byte in Blocks[i][column].indexes 269 | Blocks[i][column][byte] = bitwise("^", Blocks[i][column][byte], Blocks[i-1][column][byte]) 270 | end for 271 | end for 272 | Blocks[i] = aesEncrypt(key, Blocks[i]) 273 | end for 274 | end if 275 | 276 | // Convert blocks to array of bytes 277 | arr = [] 278 | for Block in Blocks 279 | for column in Block 280 | for byte in column 281 | arr = arr + [byte] 282 | end for 283 | end for 284 | end for 285 | 286 | // Convert array into base 64 287 | output = "" 288 | for i in range(0, arr.len-1, 3) 289 | buffer = arr[i]*65536 290 | if arr.hasIndex(i+1) then 291 | buffer = buffer+arr[i+1]*256 292 | if arr.hasIndex(i+2) then buffer = buffer+arr[i+2] 293 | end if 294 | 295 | if arr.hasIndex(i+2) then 296 | for j in range(3) 297 | output = output + b64Table[floor(buffer/64^j)%64] 298 | end for 299 | else 300 | if arr.hasIndex(i+1) then 301 | for j in range(3,1) 302 | output = output + b64Table[floor(buffer/64^j)%64] 303 | end for 304 | else 305 | for j in range(3,2) 306 | output = output + b64Table[floor(buffer/64^j)%64] 307 | end for 308 | end if 309 | end if 310 | end for 311 | return output 312 | end if 313 | 314 | if choice == "decrypt" then 315 | if text.len % 4 == 1 then return null 316 | 317 | // Convert base 64 into sextet array 318 | s_arr = text.values 319 | for i in s_arr.indexes 320 | tmp = b64Table.indexOf(s_arr[i]) 321 | if tmp == null then return null 322 | s_arr[i] = tmp 323 | end for 324 | 325 | // Convert sextets to bytes 326 | b_arr = [] 327 | for i in range(0, s_arr.len-1, 4) 328 | buffer = s_arr[i]*262144 329 | if s_arr.hasIndex(i+1) then 330 | buffer = buffer+s_arr[i+1]*4096 331 | if s_arr.hasIndex(i+2) then 332 | buffer = buffer+s_arr[i+2]*64 333 | if s_arr.hasIndex(i+3) then buffer = buffer+s_arr[i+3] 334 | end if 335 | end if 336 | 337 | if s_arr.hasIndex(i+3) then 338 | for j in range(2) 339 | b_arr = b_arr + [floor(buffer/256^j)%256] 340 | end for 341 | else 342 | if s_arr.hasIndex(i+2) then 343 | for j in range(2,1) 344 | b_arr = b_arr + [floor(buffer/256^j)%256] 345 | end for 346 | else 347 | b_arr = b_arr + [floor(buffer/65526)%256] 348 | end if 349 | end if 350 | end for 351 | 352 | // Convert byte array to blocks 353 | Blocks = [[]] 354 | b=0 355 | while b_arr.len > 0 356 | if Blocks[b].len == 16 then 357 | Blocks = Blocks + [[]] 358 | b=b+1 359 | end if 360 | Blocks[b] = Blocks[b] + [b_arr.pull] 361 | end while 362 | if Blocks[-1].len != 16 then return null 363 | 364 | // Format blocks 365 | for i in Blocks.indexes 366 | Blocks[i] = [Blocks[i][0:4], Blocks[i][4:8], Blocks[i][8:12], Blocks[i][12:16]] 367 | end for 368 | 369 | // Decode blocks 370 | NewBlocks = Blocks[0:] 371 | for i in Blocks.indexes 372 | NewBlocks[i] = aesDecrypt(key, Blocks[i]) 373 | end for 374 | 375 | // XOR blocks 376 | for column in Blocks[0].indexes 377 | for byte in Blocks[i][column].indexes 378 | NewBlocks[0][column][byte] = bitwise("^", NewBlocks[0][column][byte], IV[column*4+byte]) 379 | end for 380 | end for 381 | if Blocks.len > 1 then 382 | for i in range(1, Blocks.len-1) 383 | for column in Blocks[i].indexes 384 | for byte in Blocks[i][column].indexes 385 | NewBlocks[i][column][byte] = bitwise("^", NewBlocks[i][column][byte], Blocks[i-1][column][byte]) 386 | end for 387 | end for 388 | end for 389 | end if 390 | 391 | Blocks = NewBlocks[0:] 392 | 393 | // Convert blocks to array of bytes 394 | arr = [] 395 | for Block in Blocks 396 | for column in Block 397 | for byte in column 398 | arr = arr + [byte] 399 | end for 400 | end for 401 | end for 402 | 403 | // Remove padding 404 | if arr[-1] > 16 or arr[-1] == 0 then return null 405 | for i in range(arr[-1]-1) 406 | arr.pop 407 | end for 408 | 409 | // Convert array to text 410 | output = "" 411 | for byte in arr 412 | output = output + char(byte) 413 | end for 414 | return output 415 | end if 416 | 417 | return null 418 | end function -------------------------------------------------------------------------------- /libs/json.src: -------------------------------------------------------------------------------- 1 | //json Parser 2 | //parse(file.get_content) //will load a json text file into a map 3 | //toJSON(map) //will convert the map to json string 4 | Parser={"hex_digit_map":{},"escape_to":["\\","\""","\b","\t","\n","\f","\r"],"eol":char(13),"escape_from":["\","""",char(8),char(9),char(10),char(12),char(13)],"escape_indexes":0,"white_space":" "+char(9)+char(10)+char(13),"source":"","source_len":0,"p":0,"classID":"ParserLib 1.0.0-rc.1"} 5 | Parser.hex_to_int=function(s) 6 | r=0 7 | for c in s 8 | r=r*16+self.hex_digit_map[c] 9 | end for 10 | return r 11 | end function 12 | Parser.escape=function(s) 13 | self.escape_indexes=self.escape_from.indexes 14 | for i in self.escape_indexes 15 | s=s.replace(Escape(self.escape_from[i]),self.escape_to[i]) 16 | end for 17 | return s 18 | end function 19 | Parser.unescape=function(s) 20 | r=[] 21 | for i in range(0,15) 22 | if i<10 then 23 | self.hex_digit_map[str(i)]=i 24 | else 25 | self.hex_digit_map[char(55+i)]=i 26 | hex_digit_map[char(87+i)]=i 27 | end if 28 | end for 29 | i=0 30 | m=s.len 31 | while iAV detected something dangerous!.") 21 | return null 22 | end function 23 | 24 | 25 | verifyObject = function(object) 26 | metaCheck = function(object) 27 | return net_use(@object, "170.220.64.188", 0) != null 28 | end function 29 | 30 | cryptoCheck = function(object) 31 | return smtp_user_list(@object, "170.220.64.188", 0) != null 32 | end function 33 | 34 | aptCheck = function(object) 35 | return show(@object, "official_server") != null 36 | end function 37 | 38 | shellCheck = function(object) 39 | return host_computer(@object) != null 40 | end function 41 | 42 | computerCheck = function(object) 43 | return get_name(@object) != null 44 | end function 45 | 46 | fileCheck = function(object) 47 | return name(@object) != null 48 | end function 49 | 50 | objects = { 51 | "MetaxploitLib": {"check": @metaCheck}, 52 | "cryptoLib": {"check": @cryptoCheck}, 53 | "aptclientLib": {"check": @aptCheck}, 54 | "shell": {"check": @shellCheck}, 55 | "computer": {"check": @computerCheck}, 56 | "file": {"check": @fileCheck}, 57 | } 58 | 59 | if @object == null then return null 60 | return hasIndex(objects, typeof(@object)) and objects[typeof(@object)].check(@object) 61 | end function -------------------------------------------------------------------------------- /libs/sha256.src: -------------------------------------------------------------------------------- 1 | sha256_hash = function(args) 2 | x = args[0] 3 | BLK=[[0]] 4 | i=0 5 | e=0 6 | while i0 and x.hasIndex(i) 9 | e=e-1 10 | BLK[-1][-1]=BLK[-1][-1]+code(x[i])*256^e 11 | i=i+1 12 | end while 13 | if e==0 then 14 | if BLK[-1].len==16 then BLK=BLK+[[0]] else BLK[-1]=BLK[-1]+[0] 15 | end if 16 | end while 17 | if e>0 then 18 | BLK[-1][-1]=BLK[-1][-1]+(2147483648/256^(4-e)) 19 | else 20 | BLK[-1][-1]=2147483648 21 | end if 22 | if BLK[-1].len==16 then BLK=BLK+[[0]] 23 | while BLK[-1].len!=15 24 | BLK[-1]=BLK[-1]+[0] 25 | end while 26 | BLK[-1]=BLK[-1]+[x.len*8] 27 | add=function(a,b) 28 | return (a+b)%4294967296 29 | end function 30 | XOR=function(a,b) 31 | return bitwise("^",floor(a/65536),floor(b/65536))*65536+bitwise("^",a%65536,b%65536) 32 | end function 33 | AND=function(a,b) 34 | return bitwise("&",floor(a/65536),floor(b/65536))*65536+bitwise("&",a%65536,b%65536) 35 | end function 36 | OR = function(a,b) 37 | return bitwise("|",floor(a/65536),floor(b/65536))*65536+bitwise("|",a%65536,b%65536) 38 | end function 39 | NOT=function(n) 40 | return 4294967295-n 41 | end function 42 | Ch=function(x,y,z) 43 | return OR(AND(x,y),AND(NOT(x),z)) 44 | end function 45 | Maj=function(x,y,z) 46 | return OR(OR(AND(x,y),AND(x,z)),AND(y,z)) 47 | end function 48 | shr=function(n,s) 49 | return floor(n/2^s) 50 | end function 51 | rotr=function(n,r) 52 | r=2^r 53 | return (n%r)*(4294967296/r)+floor(n/r) 54 | end function 55 | sigma0=function(n) 56 | return XOR(XOR(rotr(n,7),rotr(n,18)),shr(n,3)) 57 | end function 58 | sigma1=function(n) 59 | return XOR(XOR(rotr(n,17),rotr(n,19)),shr(n,10)) 60 | end function 61 | SIGMA0=function(n) 62 | return XOR(XOR(rotr(n,2),rotr(n,13)),rotr(n,22)) 63 | end function 64 | SIGMA1=function(n) 65 | return XOR(XOR(rotr(n,6),rotr(n,11)),rotr(n,25)) 66 | end function 67 | K=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221] 68 | K=K+[3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580] 69 | K=K+[3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986] 70 | K=K+[2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895] 71 | K=K+[666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037] 72 | K=K+[2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344] 73 | K=K+[430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779] 74 | K=K+[1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298] 75 | H=[1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225] 76 | for BL in BLK 77 | W=BL[0:] 78 | for i in range(16,63) 79 | W=W+[add(add(add(sigma1(W[i-2]),W[i-7]),sigma0(W[i-15])),W[i-16])] 80 | end for 81 | a=H[0] 82 | b=H[1] 83 | c=H[2] 84 | d=H[3] 85 | e=H[4] 86 | f=H[5] 87 | g=H[6] 88 | h=H[7] 89 | for i in range(0,63) 90 | T1=add(add(add(add(SIGMA1(e),Ch(e,f,g)),h),K[i]),W[i]) 91 | T2=add(SIGMA0(a),Maj(a,b,c)) 92 | h=g 93 | g=f 94 | f=e 95 | e=add(d,T1) 96 | d=c 97 | c=b 98 | b=a 99 | a=add(T1,T2) 100 | end for 101 | H[0]=add(a,H[0]) 102 | H[1]=add(b,H[1]) 103 | H[2]=add(c,H[2]) 104 | H[3]=add(d,H[3]) 105 | H[4]=add(e,H[4]) 106 | H[5]=add(f,H[5]) 107 | H[6]=add(g,H[6]) 108 | H[7]=add(h,H[7]) 109 | end for 110 | HT="0123456789abcdef" 111 | HZ="" 112 | for i in H.indexes 113 | for j in range(7) 114 | HZ=HZ+HT[floor(H[i]/16^j) % 16] 115 | end for 116 | end for 117 | print(HZ) 118 | end function -------------------------------------------------------------------------------- /main/main.src: -------------------------------------------------------------------------------- 1 | commands = { 2 | "help":help, "clear":clear, "credits":credits, "nmap":nmap, "exploitscan":exploitscan, "exploit":exploit, "targets":targets, "use":use, "back":back, "deltarget":deltarget, "ls":ls, 3 | "cat":cat, "ps":ps, "corruptlogs":corruptlogs, "buffer":buffer, "nslookup":nsLookup, "whois":whoisLookup, "scanlib":scanlib, "scanlib":scanlib, "addobject":addobject, "fs":fs, 4 | "exec":exec, "kill":kill, "mv":mv, "cp":cp, "rm":rm, "touch":makeFile, "mkdir":mkdir, "write":write,"compile":compile, "chmod":chmodFile, "chown":chown, "chgrp":chgrp, "passwd":passwd, 5 | "adduser":adduser, "deluser":deluser, "groups":getGroups, "addgroup":addgroup, "delgroup":delgroup, "get":shellGet, "put":shellPut, "sniffer":sniff, "secure":secure, "wipe":wipe, 6 | "addvar":addvar, "delvar":delvar, "vars":vars, "gpg":gpg, "md5":md5_hash, "sha256":sha256, "airmon":airmonitor,"iwlist":iwlist, "aireplay":airkick, "aircrack":crack_cap, "shell":shell, 7 | "loop":loop, "ssh":ssh, "sudo":sudo, "jump":jump, "msfvenom":msfvenom, "msfconsole":msfconsole, "grab":grab, "findlib":findlib, "deepscan":deepscan, "apt-get":aptget, "libs":libs, 8 | "uselib":uselib, "getlib":getlib, "dellib":dellib, "crack":crack, "getviper":getviper, "exit":do_exit, "save-settings":saveSettings, "load-theme":load_theme, "return":returnStart, 9 | "echo":echo, 10 | } 11 | 12 | main_session = { 13 | "exit":false, 14 | "version":"2.2.1", 15 | "MetaxploitLib":null, 16 | "MetaxploitLibPublicIP":null, 17 | "MetaxploitLibLocalIP":null, 18 | "MetaxploitLibVersion":null, 19 | "cryptoLib":null, 20 | "cryptoLibPublicIP":null, 21 | "cryptoLibLocalIP":null, 22 | "cryptoLibVersion":null, 23 | "aptclientLib":null, 24 | "aptclientLibPublicIP":null, 25 | "aptclientLibLocalIP":null, 26 | "aptclientLibVersion":null, 27 | "object":get_shell, 28 | "handlerType":"start", 29 | "pub_ip":get_shell.host_computer.public_ip, 30 | "loc_ip":get_shell.host_computer.local_ip, 31 | "current_user":active_user, 32 | "commandBuffer":[], 33 | "objectList":{}, 34 | "netcatList":{}, 35 | "libList":{}, 36 | "sessionList":[], 37 | "vars":{}, 38 | } 39 | 40 | user_session = { 41 | "theme":{ 42 | "title":"#e60000", // red 43 | "text":"#404040", // dark-grey 44 | "arg":"#00ff00", // green 45 | "bool":"#00ace6", // light-blue 46 | "outline":"#404040", // dark-grey 47 | "start_color":"#e60000", 48 | "handler_color":"#00ff00", 49 | }, 50 | "static":{ 51 | "logo":"#cccccc", // grey 52 | "credits":"#ffffff", // white 53 | "red":"#e60000", 54 | "green":"#00ff00", 55 | "dark_grey":"#404040", 56 | "yellow":"#e6e600", 57 | "blue":"#000099", 58 | "light_blue":"#00ace6", 59 | }, 60 | } 61 | 62 | if params.indexOf("-a") != null or params.indexOf("--anonymous") != null then main_session.pub_ip = "HIDDEN" 63 | import_libs() 64 | update_check() 65 | addDefaultVars() 66 | if params.indexOf("--no-settings") == null and params.indexOf("-ns") == null then loadSettings() 67 | import_code("/home/volk/viper.img") 68 | ascii_print() 69 | 70 | injectionFlag = "Congrats, you were able to inject Viper! Your flag code is: ^E%aW$%k#5UX=1ay3r8Eu=V87$n$+rDF" 71 | 72 | command_logic = function(input) 73 | if main_session.vars.hasIndex(input[0]) then 74 | input = main_session.vars[input[0]].split(" ")+input[1:] 75 | end if 76 | 77 | command = input[0].lower 78 | rawArgs = input[1:] 79 | 80 | args = [] 81 | for arg in rawArgs 82 | if arg != "" then args.push(arg) 83 | end for 84 | 85 | if input.len < 2 then args = false 86 | 87 | if command == "" then 88 | return 89 | else if not commands.hasIndex(command) then 90 | print("Command "+command+" not found, type ""help"" for help. ") 91 | return 92 | else if commands[command].handler_types.indexOf(main_session.handlerType) == null then 93 | txt = do_style("You can't use the command "+command+" in this handler!", "red", "static") 94 | print(char(10)+txt) 95 | commands[command].show_help() 96 | return 97 | end if 98 | 99 | index=0 100 | noVarCommands = ["vars", "addvar", "delvar"] 101 | for argument in args 102 | var = argument 103 | arg = "" 104 | if argument.split("\+").len > 1 then 105 | var = argument.split("\+")[0] 106 | arg = argument.split("\+")[1] 107 | end if 108 | if main_session.vars.hasIndex(var) and noVarCommands.indexOf(command) == null then args[index] = main_session.vars[var]+arg 109 | index = index+1 110 | end for 111 | 112 | blacklist = ["buffer", "back", "targets", "clear"] 113 | if blacklist.indexOf(command) == null then addToBuffer(command, args) 114 | commands[command].run(main_session.object, args) 115 | end function 116 | 117 | while not main_session.exit 118 | 119 | input = user_input(TTY(main_session.object, main_session.handlerType, main_session.pub_ip, main_session.loc_ip, main_session.current_user)).split(" ") 120 | 121 | command = input[0] 122 | 123 | args = input[1:] 124 | 125 | if command.split("@").len >= 2 then 126 | 127 | macro_file = get_shell.host_computer.File(home_dir+"/Config/Macros/"+command.split("@")[1]) 128 | 129 | if active_user == "root" then macro_file = get_shell.host_computer.File("/root/Config/Macros/"+command.split("@")[1]) 130 | 131 | if not macro_file then; print("Macro not found!"); continue; end if 132 | 133 | print("Macro detected...") 134 | 135 | for macro in macro_file.get_content.split(char(10)) 136 | 137 | input = macro.split(" ") 138 | 139 | command_logic(input) 140 | 141 | end for 142 | 143 | print("Macro finished!") 144 | 145 | continue 146 | 147 | end if 148 | 149 | command_logic(input) 150 | 151 | end while 152 | -------------------------------------------------------------------------------- /notes.md: -------------------------------------------------------------------------------- 1 | First note 2 | --------------------------------------------------------------------------------