added logic to do msolspray as well!
this isn't tested very well, but give it a shot!
This commit is contained in:
pyro57000
@@ -5,6 +5,7 @@ use std::io::Read;
|
||||
use std::io::Write;
|
||||
use std::path::PathBuf;
|
||||
use std::process;
|
||||
use std::result;
|
||||
use std::thread;
|
||||
use std::time::Duration;
|
||||
use std::io::stdin;
|
||||
@@ -201,14 +202,10 @@ fn find_file(dir: &PathBuf, file_name: &str) -> Option<String>{
|
||||
return None;
|
||||
}
|
||||
|
||||
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
|
||||
let mut wait_time:u64 = 0;
|
||||
let mut wait_time_response = String::new();
|
||||
let mut exemethod = String::new();
|
||||
let mut bell_path = config_path.clone();
|
||||
bell_path.pop();
|
||||
bell_path.push("bell.mp3");
|
||||
fn nefarious_config(tools_dir: &PathBuf) -> String{
|
||||
let nefarious_spray_path = find_file(tools_dir, "obf-NefariousSpray.exe");
|
||||
let mut outline = String::new();
|
||||
let mut exemethod = String::new();
|
||||
loop {
|
||||
println!("how do you need to run it?");
|
||||
print!("
|
||||
@@ -221,6 +218,123 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
if exemethod_result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
match exemethod.as_str(){
|
||||
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
_ => println!("unknown exec method... try again")
|
||||
}
|
||||
return outline;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn msolspray_config(tools_dir: &PathBuf) -> String{
|
||||
let mut msolspray_path = String::new();
|
||||
let mut outline = String::new();
|
||||
let mut userlist = String::new();
|
||||
let mut spray_target = String::new();
|
||||
loop{
|
||||
println!("path to your users list?");
|
||||
let result = stdin().read_line(&mut userlist);
|
||||
if result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
loop{
|
||||
println!("target URL (probably a fireprox url)");
|
||||
let result = stdin().read_line(&mut spray_target);
|
||||
if result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
loop {
|
||||
let mut response = String::new();
|
||||
println!("is MSOLSpray.py in your path? (for example installed via pipx or pip)");
|
||||
let path_result = stdin().read_line(&mut response);
|
||||
if path_result.is_err(){
|
||||
println!("we need input here dummy!!");
|
||||
}
|
||||
else{
|
||||
response = response.to_lowercase();
|
||||
if response.contains("y"){
|
||||
msolspray_path = "MSOLSpray".to_owned();
|
||||
}
|
||||
else if response.contains("n"){
|
||||
println!("trying to automatically find msolspray.py in your tools folder...");
|
||||
let find_result = find_file(tools_dir, "MSOLSpray.py");
|
||||
if find_result.is_some(){
|
||||
msolspray_path = find_result.unwrap();
|
||||
loop {
|
||||
let mut response = String::new();
|
||||
println!("Found it! located at {}", msolspray_path);
|
||||
println!("is that correct?");
|
||||
let result = stdin().read_line(&mut response);
|
||||
if result.is_err(){
|
||||
println!("we need input here bruv, try again...");
|
||||
continue;
|
||||
}
|
||||
response = response.to_lowercase();
|
||||
if response.contains("n"){
|
||||
loop{
|
||||
msolspray_path = "".to_owned();
|
||||
println!("ok, so where is msolspray.py then?");
|
||||
let result = stdin().read_line(&mut msolspray_path);
|
||||
if result.is_err(){
|
||||
println!("we need input here burv...");
|
||||
continue;
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
msolspray_path = format!("python {}", msolspray_path);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else {
|
||||
loop {
|
||||
println!("OOOOF we didn't find it burh... where is MSOLSpray.py located?");
|
||||
match stdin().read_line(&mut msolspray_path){
|
||||
Ok(_response) => break,
|
||||
Err(_e) => println!("we need input here bruv... try again")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
outline = format!("{} {} -p ||PASSWORD|| --url {}", msolspray_path.trim_end(), userlist.trim_end(), spray_target.trim_end());
|
||||
return outline;
|
||||
}
|
||||
|
||||
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
|
||||
let mut wait_time:u64 = 0;
|
||||
let mut wait_time_response = String::new();
|
||||
let mut bell_path = config_path.clone();
|
||||
bell_path.pop();
|
||||
bell_path.push("bell.mp3");
|
||||
let mut tool_to_use = String::new();
|
||||
loop {
|
||||
println!("which tool?");
|
||||
print!("
|
||||
1.) nefarious spray
|
||||
2.) msolspray.py
|
||||
");
|
||||
let exemethod_result = stdin().read_line(&mut tool_to_use);
|
||||
if exemethod_result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break
|
||||
}
|
||||
@@ -286,12 +400,10 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
println!("passwords loaded, and parsed!");
|
||||
println!("starting password display and timer operations...");
|
||||
let mut outline = String::new();
|
||||
match exemethod.as_str(){
|
||||
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
_ => {println!("unknown exec method... try again"); return;}
|
||||
match tool_to_use.as_str(){
|
||||
"1\n" => outline = nefarious_config(tools_dir),
|
||||
"2\n" => outline = msolspray_config(tools_dir),
|
||||
_ => println!("unkown tool to use, try again...")
|
||||
}
|
||||
for password in &passwords{
|
||||
let mut _spraycontinue = String::new();
|
||||
|
||||
Reference in New Issue
Block a user