Skip to content

release/0.2.26
Compare
Choose a tag to compare
@grisuno grisuno released this 17 Jan 20:47
· 13 commits to main since this release
release/0.2.26
This tag was signed with the committer’s verified signature.
grisuno Grisuno
GPG key ID: C8ED7C62321C57F8
Verified
Learn about vigilant mode.
ffc671a
This commit was signed with the committer’s verified signature.
grisuno Grisuno
GPG key ID: C8ED7C62321C57F8
Verified
Learn about vigilant mode.

What's Changed

  • new C2 con todas las características... by @grisuno in #79

Full Changelog: release/0.2.25...release/0.2.26

atomic_lazyown

Genera y ejecuta pruebas de Atomic Red Team usando el C2.

Parameters:
line (str): Lista de IDs de técnicas separadas por espacios.

Returns:
None

upload_file_to_c2

Sube un archivo al C2.

Parameters:
file_path (str): Ruta del archivo a subir.

Returns:
None

download_file_from_c2

Descarga un archivo desde el C2.

Parameters:
file_name (str): Nombre del archivo a descargar.
clientid (str): Identificador del cliente (opcional).

Returns:
None

issue_command_to_c2

Ejecuta un comando en el cliente usando el C2.

Parameters:
command (str): Comando a ejecutar.

Returns:
None

ofuscatorps1

Obfuscates a PowerShell script using various techniques.
by @JoelGMSec https://github.com/JoelGMSec/Invoke-Stealth/ rewite in python by grisun0
This function:
- Displays a banner and help information if requested.
- Validates the provided parameters.
- Executes all obfuscation techniques on the input PowerShell script by default.
- Displays the result in the terminal.

Behavior:
- Requires python3 to be installed for certain techniques.
- Uses parameters from the command line for the script path and optional flags.

Usage:
ofuscatorps1 <script_path> [-nobanner]

Techniques:
- Chameleon: Substitute strings and concatenate variables.
- BetterXencrypt: Compresses and encrypts with random iterations.
- PyFuscation: Obfuscate functions, variables, and parameters.
- ReverseB64: Encode with base64 and reverse it to avoid detections.
- PSObfuscation: Convert content to bytes and compress with Gzip.
- All: Sequentially executes all techniques described above.

d3monizedshell

Executes the D3m0n1z3dShell tool for persistence in Linux.

This function:
- Installs D3m0n1z3dShell if not already installed.
- Executes the D3m0n1z3dShell command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires git and curl to be installed.
- Uses a one-liner installation method for simplicity.

Usage:
d3monizedshell

scp

Copies the local "sessions" directory to a remote host using scp, leveraging sshpass for automated authentication.

Steps:
1. Verifies if the credentials file exists in the "sessions" directory.
If not, prompts the user for a username and password.
2. Reads the credentials file if it exists and extracts the username and password.
3. Constructs an scp command to deploy the "sessions" directory to the remote host.
4. Executes the scp command using the system shell.

Args:
line (str): Input command line (optional). The third parameter can be 'win' or 'lin' to specify the target OS.

Dependencies:
- The sshpass command-line tool must be installed on the local machine.
- scp must be installed on both the local and remote machines.
- The remote host must be accessible via SSH.

Attributes:
- self.params: Dictionary containing the following keys:
- username (str, optional): Predefined username. Defaults to prompting the user if not provided.
- password (str, optional): Predefined password. Defaults to prompting the user if not provided.
- rhost (str): Remote host's IP or domain name.

Raises:
- KeyError: If rhost is not provided in self.params.
- FileNotFoundError: If the "sessions" directory does not exist.

Note:
- The credentials.txt file, if present, should have credentials in the format username:password
on the first line.

Returns:
None

apt_proxy

Configures the local machine with internet access to act as an APT proxy for a machine without internet access.

Steps:
1. Installs and configures apt-cacher-ng on the local machine.
2. Generates the necessary commands to configure the remote machine to use the proxy.
3. Copies the commands to the clipboard using the copy2clip function.

Parameters:
line (str): The IP address of the remote machine without internet access.

Returns:
None

pip_proxy

Configures the local machine with internet access to act as a pip proxy for a machine without internet access.

Steps:
1. Installs and configures squid on the local machine.
2. Generates the necessary commands to configure the remote machine to use the proxy.
3. Copies the commands to the clipboard using the copy2clip function.

Parameters:
line (str): The IP address of the remote machine without internet access.

Returns:
None

internet_proxy

Configures the local machine with internet access to act as a proxy for a machine without internet access.

Steps:
1. Installs and configures squid on the local machine.
2. Generates the necessary commands to configure the remote machine to use the proxy.
3. Copies the commands to the clipboard using the copy2clip function.

Parameters:
line (str): The IP address of the remote machine without internet access.

Returns:
None

check_update

Checks for updates by comparing the local version with the remote version.

This function:
- Fetches the remote version from a JSON file hosted on GitHub.
- Reads the local version from a JSON file in the script's root directory.
- Compares the version numbers and determines if an update is needed.

Behavior:
- Requires requests library to fetch the remote version.
- Uses JSON parsing to extract version numbers.

Usage:
check_update

wmiexecpro

Executes wmiexec-pro with various options for WMI operations.

This function handles the installation of wmiexec-pro and its dependencies,
and allows the user to execute various WMI operations with minimal input.
It reads credentials from a specified file and constructs the necessary
commands to interact with the target system.

:param line: Command line input from the user. This input is used to
determine the module and action to be executed.
:returns: None

The function performs the following steps:

  1. Checks if wmiexec-pro and its dependencies are installed. If not, it
    installs them in specified directories.
  2. Reads credentials from a file.
  3. Constructs and executes the wmiexec-pro command based on user input.
  4. Enumerates available modules and actions for each module, allowing the
    user to select them interactively.
  5. Enumerates available options for each action, allowing the user to select
    them interactively.

Example usage:

do_wmiexecpro("enum -run")

This will execute the enumeration module with the -run action.

If no specific command is provided, the function will prompt the user to
select a module and action interactively.

create_session_json

Generates or updates a JSON file to be used as a database.

The JSON file will be named sessionLazyOwn_{timestamp}.json and will be stored
in the sessions directory. The JSON file will contain data from self.params
and additional data extracted from credentials*.txt and hash*.txt files.

The structure of the JSON file will be as follows:

  • params: Data from self.params.
  • credentials: A list of dictionaries containing usernames and passwords extracted
    from credentials*.txt files.
  • hashes: A list of dictionaries containing the contents of hash*.txt files.
  • notes: The content of the notes.txt file, if it exists.

Returns:
None

shellcode2elf

Convert shellcode into an ELF file and infect it.

This function takes an optional input line that specifies the name of the shellcode file.
If no input line is provided, a filename is generated based on the domain. The function reads
the shellcode and inserts it into a C source file, then compiles the source file into an ELF
file. It also creates an infected version of the ELF file and uploads all generated files to a
command and control (C2) server.

Args:
line (str): An optional input line that specifies the name of the shellcode file.

Returns:
None

ssh_cmd

Perform Remote Execution Command trow ssh using grisun0 user, see help grisun0

Parameters:
line (str): The command line input, is the command to execute, if not presented is whoami

Returns:
None

clone_site

Clone a website and serve the files in sessions/{url_cloned}.
Args:
line (str): input line that url to clone

Returns:
None

knokknok

Send special string to trigger a reverse shell, with the command 'c2 client_name'
create a listener shell script to drop the reverse shell in python3
Args:
line (str): input line not used

Returns:
None

listener_go

Configures and starts a listener for a specified victim.

This function takes a command line input to configure and start a listener for a specified victim.
The input should include the victim ID, the choice of listener type, and optionally the port numbers.
The function then constructs the appropriate command to start the listener and assigns the necessary
parameters.

Args:
line (str): The command line input containing the victim ID, listener type, and optional port numbers.

Returns:
None

Raises:
None

Example:
>>> listener_go victim1 2 1337 7777

listener_py

Configures and starts a listener for a specified victim.

This function takes a command line input to configure and start a listener for a specified victim.
The input should include the victim ID, the choice of listener type, and optionally the port numbers.
The function then constructs the appropriate command to start the listener and assigns the necessary
parameters.

Args:
line (str): The command line input containing the victim ID, listener type, and optional port numbers.

Returns:
None

Raises:
None

Example:
>>> listener_py victim1 2 1337 7777

ipinfo

Retrieves detailed information about an IP address using the ARIN API.

This function takes an IP address as input, queries the ARIN API to get detailed
information about the IP, and then displays the organization name and the network
range associated with the IP.

Args:
line (str): The command line input containing the IP address to query.

Returns:
None

Raises:
None

Example:
>>> ipinfo 1.1.1.1

service_ssh

Creates a systemd service file for a specified binary and generates a script to enable and start the service.

This function takes the name of a binary as input, creates a systemd service file for it, and generates a shell script
to enable and start the service. The script is saved in the sessions directory and a command is provided to execute
the script remotely via SSH.

Args:
line (str): The command line input containing the name of the binary. If an absolute path is not provided,
a default path is used.

Returns:
None

Raises:
None

Example:
>>> service my_binary_name

service

Creates a systemd service file for a specified binary and generates a script to enable and start the service.

This function takes the name of a binary as input, creates a systemd service file for it, and generates a shell script
to enable and start the service. The script is saved in the sessions directory and a command is provided to execute
the script remotely via SSH.

Args:
line (str): The command line input containing the name of the binary. If an absolute path is not provided,
a default path is used.

Returns:
None

Raises:
None

Example:
>>> service my_binary_name

toctoc

Sends a magic packet to the Chinese malware.
The function extracts rhost and rport from self.params["rhost"] and self.params["rport"], respectively.

upload_c2

Upload a file to the command and control (C2) server.

This function handles the uploading of a file to the C2 server. If no file is specified in the input line,
it prompts the user to enter the file extension (defaulting to 'txt') and retrieves the file using the
get_users_dic function. If a file is specified in the input line, it directly uploads that file.

Args:
line (str): The input line containing the file path to upload. If empty, the function will prompt the user
to enter the file extension.

Returns:
None

download_c2

Download a file from the command and control (C2) server.

This function handles the downloading of a file from the C2 server. It requires the remote path of the file to be specified in the input line. If the input line is empty, it prints an error message and returns.

Args:
line (str): The input line containing the remote path of the file to download. If empty, the function will print an error message.

Returns:
None

groq

Execute a command to interact with the GROQ API using the provided API key.

This function takes an optional input line that is used as the prompt. If no input line is
provided, the default prompt stored in the instance is used. The function sets the GROQ_API_KEY
environment variable and runs a Python script to interact with the GROQ API.

Parameters:
line (str): The input line to be used as the prompt. If not provided, the default prompt is used.

Returns:
None

c2asm

Display C and ASM code side by side in a curses-based interface.

This function sets up a curses window to display C code and its corresponding
assembly code side by side. It allows the user to select a .c file from the
'sessions' directory and then displays the code with scrolling capabilities
both vertically and horizontally. A green vertical line separates the C code
from the ASM code.

Parameters:
stdscr (curses.window): The curses window object to draw on.

Returns:
None

view_code

Display C and ASM code side by side in a curses-based interface.

This function sets up a curses window to display C code and its corresponding
assembly code side by side. It allows the user to select a .c file from the
'sessions' directory and then displays the code with scrolling capabilities
both vertically and horizontally. A green vertical line separates the C code
from the ASM code.

Parameters:
stdscr (curses.window): The curses window object to draw on.

Returns:
None

camphish

Executes the camphish tool for Grab cam shots from target's phone front camera or PC webcam just sending a link.

This function:
- Installs camphish if not already installed.
- Executes the camphish command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires git and php to be installed.
- Uses a one-liner installation method for simplicity.

Usage:
camphish

hound

Executes the hound tool for Hound is a simple and light tool for information gathering and capture exact GPS coordinates

This function:
- Installs hound if not already installed.
- Executes the hound command with the provided parameters.
- Displays the result in the terminal.

Behavior:
- Requires git and php to be installed.
- Uses a one-liner installation method for simplicity.

Usage:
hound

ofuscatesh

Obfuscates a shell script by encoding it in Base64 and prepares a command to decode and execute it.

This function reads the content of a shell script file, encodes it in Base64, and constructs a command
that can be used to decode and execute the encoded script using echo and base64 -d.

Args:
line (str): The path to the shell script file to be obfuscated. If not provided, a default
path is obtained from the get_users_dic function.

Returns:
None

Example:
>>> ofuscatesh /path/to/script.sh or just ofuscatesh
# This will read the script, encode it in Base64, and prepare a command to decode and execute it.

load_session

Load the session from the sessionLazyOwn.json file and display the status of various parameters.

This command reads the sessionLazyOwn.json file from the sessions directory and displays the status
of parameters, credentials, hashes, notes, plan, id_rsa, implants, and redop.

:param line: Additional arguments (not used in this command)

lateral_mov_lin

Perform lateral movement by downloading and installing LazyOwn on a remote Linux machine.

This function automates the process of setting up an APT and PIP proxy, downloading the LazyOwn package,
transferring it to a remote machine, and installing it. The function ensures that all necessary directories
are created and that the package is correctly installed on the remote machine.

Parameters:
line (str): The command line input, which is not used in this function.

Returns:
None

Contributors

grisuno and JoelGMSec
Assets 2
Loading
0 Join discussion