added logic to save and come back to a password

spray.

pentest_tool/src/info_controls.rs

@@ -5,6 +5,7 @@ use std::io::Read;
 use std::io::Write;
 use std::path::PathBuf;
 use std::process;
+use std::result;
 use std::thread;
 use std::time::Duration;
 use std::io::stdin;
@@ -201,14 +202,10 @@ fn find_file(dir: &PathBuf, file_name: &str) -> Option<String>{
     return None;
 }
 
-pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
+fn nefarious_config(tools_dir: &PathBuf) -> String{
-    let mut wait_time:u64 = 0;
-    let mut wait_time_response = String::new();
-    let mut exemethod = String::new();
-    let mut bell_path = config_path.clone();
-    bell_path.pop();
-    bell_path.push("bell.mp3");
     let nefarious_spray_path = find_file(tools_dir, "obf-NefariousSpray.exe");
+    let mut outline = String::new();
+    let mut exemethod = String::new();
     loop {
         println!("how do you need to run it?");
         print!("
@@ -221,6 +218,123 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
         if exemethod_result.is_err(){
             println!("we need input here dummy!");
         }
+        else{
+            match exemethod.as_str(){
+                "1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
+                "2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
+                "3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
+                "4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
+                _ => println!("unknown exec method... try again")
+            }
+            return outline;
+        }
+    }
+}
+
+fn msolspray_config(tools_dir: &PathBuf) -> String{
+    let mut msolspray_path = String::new();
+    let mut outline = String::new();
+    let mut userlist = String::new();
+    let mut spray_target = String::new();
+    loop{
+        println!("path to your users list?");
+        let result = stdin().read_line(&mut userlist);
+        if result.is_err(){
+            println!("we need input here dummy!");
+        }
+        else{
+            break;
+        }
+    }
+    loop{
+        println!("target URL (probably a fireprox url)");
+        let result = stdin().read_line(&mut spray_target);
+        if result.is_err(){
+            println!("we need input here dummy!");
+        }
+        else{
+            break;
+        }
+    }
+    loop {
+        let mut response = String::new();
+        println!("is MSOLSpray.py in your path? (for example installed via pipx or pip)");
+        let path_result = stdin().read_line(&mut response);
+        if path_result.is_err(){
+            println!("we need input here dummy!!");
+        }
+        else{
+            response = response.to_lowercase();
+            if response.contains("y"){
+                msolspray_path = "MSOLSpray".to_owned();
+            }
+            else if response.contains("n"){
+                println!("trying to automatically find msolspray.py in your tools folder...");
+                let find_result = find_file(tools_dir, "MSOLSpray.py");
+                if find_result.is_some(){
+                    msolspray_path = find_result.unwrap();
+                    loop {
+                        let mut response = String::new();
+                        println!("Found it! located at {}", msolspray_path);
+                        println!("is that correct?");
+                        let result = stdin().read_line(&mut response);
+                        if result.is_err(){
+                            println!("we need input here bruv, try again...");
+                            continue;
+                        }
+                        response = response.to_lowercase();
+                        if response.contains("n"){
+                            loop{
+                                msolspray_path = "".to_owned();
+                                println!("ok, so where is msolspray.py then?");
+                                let result = stdin().read_line(&mut msolspray_path);
+                                if result.is_err(){
+                                    println!("we need input here burv...");
+                                    continue;
+                                }
+                                else{
+                                    break;
+                                }
+                            }
+                        }
+                        msolspray_path = format!("python {}", msolspray_path);
+                        break;
+                    }
+                }
+                else {
+                    loop {
+                        println!("OOOOF we didn't find it burh... where is MSOLSpray.py located?");
+                        match stdin().read_line(&mut msolspray_path){
+                            Ok(_response) => break,
+                            Err(_e) => println!("we need input here bruv... try again")
+                        }
+                    }
+                }
+            }
+        }
+        break;
+    }
+    outline = format!("{} {} -p ||PASSWORD|| --url {}", msolspray_path.trim_end(), userlist.trim_end(), spray_target.trim_end());
+    return outline;
+}
+
+pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
+    let mut wait_time:u64 = 0;
+    let mut wait_time_response = String::new();
+    let mut bell_path = config_path.clone();
+    bell_path.pop();
+    bell_path.push("bell.mp3");
+    let mut tool_to_use = String::new();
+    loop {
+        println!("which tool?");
+        print!("
+        1.) nefarious spray
+        2.) msolspray.py
+        ");
+        let exemethod_result = stdin().read_line(&mut tool_to_use);
+        if exemethod_result.is_err(){
+            println!("we need input here dummy!");
+        }
         else{
             break
         }
@@ -248,7 +362,7 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
     password_spray_file.push("password_spray.md");
     println!("{}", password_spray_file.display());
     let mut password_spray_string = String::new();
-    let password_spray_read_result = fs::read_to_string(password_spray_file);
+    let password_spray_read_result = fs::read_to_string(&password_spray_file);
     if password_spray_read_result.is_err(){
         println!("error reading password spray file!!!");
         return;
@@ -286,13 +400,12 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
     println!("passwords loaded, and parsed!");
     println!("starting password display and timer operations...");
     let mut outline = String::new();
-    match exemethod.as_str(){
+    match tool_to_use.as_str(){
-        "1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
+        "1\n" => outline = nefarious_config(tools_dir),
-        "2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
+        "2\n" => outline = msolspray_config(tools_dir),
-        "3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
+        _ => println!("unkown tool to use, try again...")
-        "4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
-        _ => {println!("unknown exec method... try again"); return;} 
     } 
+    let mut sprayed_passwords = Vec::new();
     for password in &passwords{
         let mut _spraycontinue = String::new();
         let mut printline = outline.replace("||PASSWORD||", password);
@@ -300,8 +413,37 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
             printline = printline.replace("-p useraspass", "--UserAsPass")
         }
         println!("\n{}\n", printline);
-        println!("press enter to start timer");
+        println!("enter s to save an return to main menu, or just enter to start timer");
         stdin().read_line(&mut _spraycontinue).unwrap();
+        sprayed_passwords.push(password.to_owned());
+        if _spraycontinue.contains("s"){
+            let new_spray_file = fs::OpenOptions::new().write(true).truncate(true).open(&password_spray_file);
+            if new_spray_file.is_err(){
+                println!("error saving progress, please make note of where you are and update the file accordingly");
+            }
+            else{
+                let mut open_spray_file  = new_spray_file.unwrap();
+                let mut new_file_text = String::new();
+                for sprayed_pass in &sprayed_passwords{
+                    new_file_text = format!("{}\n- [x] {}", new_file_text, sprayed_pass);
+                }
+                for password in &passwords{
+                    if sprayed_passwords.contains(password) == false{
+                        new_file_text = format!("{}\n- [ ] {}", new_file_text, password);
+                    }
+                }
+                let save_result = open_spray_file.write_all(new_file_text.as_bytes());
+                if save_result.is_err(){
+                    println!("saving failed!\nplease copy the below lines into your password spray notes!");
+                    println!("{}", new_file_text);
+                }
+                else{
+                    println!("password saved complete!!!");
+                    println!("returning to main menu...");
+                    return;
+                }
+            }   
+        }
         println!("waiting for {} minutes...", wait_dur.as_secs());
         thread::sleep(wait_dur * 60);
         let (_stream, stream_handle) = OutputStream::try_default().unwrap();