Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
882afe0f67 | ||
|
|
1f47ff8229 | ||
|
|
f40c0e31c1 | ||
|
|
bf95a375fb |
@@ -5,6 +5,7 @@ use std::io::Read;
|
||||
use std::io::Write;
|
||||
use std::path::PathBuf;
|
||||
use std::process;
|
||||
use std::result;
|
||||
use std::thread;
|
||||
use std::time::Duration;
|
||||
use std::io::stdin;
|
||||
@@ -201,14 +202,10 @@ fn find_file(dir: &PathBuf, file_name: &str) -> Option<String>{
|
||||
return None;
|
||||
}
|
||||
|
||||
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
|
||||
let mut wait_time:u64 = 0;
|
||||
let mut wait_time_response = String::new();
|
||||
let mut exemethod = String::new();
|
||||
let mut bell_path = config_path.clone();
|
||||
bell_path.pop();
|
||||
bell_path.push("bell.mp3");
|
||||
fn nefarious_config(tools_dir: &PathBuf) -> String{
|
||||
let nefarious_spray_path = find_file(tools_dir, "obf-NefariousSpray.exe");
|
||||
let mut outline = String::new();
|
||||
let mut exemethod = String::new();
|
||||
loop {
|
||||
println!("how do you need to run it?");
|
||||
print!("
|
||||
@@ -221,6 +218,123 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
if exemethod_result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
match exemethod.as_str(){
|
||||
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
_ => println!("unknown exec method... try again")
|
||||
}
|
||||
return outline;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fn msolspray_config(tools_dir: &PathBuf) -> String{
|
||||
let mut msolspray_path = String::new();
|
||||
let mut outline = String::new();
|
||||
let mut userlist = String::new();
|
||||
let mut spray_target = String::new();
|
||||
loop{
|
||||
println!("path to your users list?");
|
||||
let result = stdin().read_line(&mut userlist);
|
||||
if result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
loop{
|
||||
println!("target URL (probably a fireprox url)");
|
||||
let result = stdin().read_line(&mut spray_target);
|
||||
if result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
loop {
|
||||
let mut response = String::new();
|
||||
println!("is MSOLSpray.py in your path? (for example installed via pipx or pip)");
|
||||
let path_result = stdin().read_line(&mut response);
|
||||
if path_result.is_err(){
|
||||
println!("we need input here dummy!!");
|
||||
}
|
||||
else{
|
||||
response = response.to_lowercase();
|
||||
if response.contains("y"){
|
||||
msolspray_path = "MSOLSpray".to_owned();
|
||||
}
|
||||
else if response.contains("n"){
|
||||
println!("trying to automatically find msolspray.py in your tools folder...");
|
||||
let find_result = find_file(tools_dir, "MSOLSpray.py");
|
||||
if find_result.is_some(){
|
||||
msolspray_path = find_result.unwrap();
|
||||
loop {
|
||||
let mut response = String::new();
|
||||
println!("Found it! located at {}", msolspray_path);
|
||||
println!("is that correct?");
|
||||
let result = stdin().read_line(&mut response);
|
||||
if result.is_err(){
|
||||
println!("we need input here bruv, try again...");
|
||||
continue;
|
||||
}
|
||||
response = response.to_lowercase();
|
||||
if response.contains("n"){
|
||||
loop{
|
||||
msolspray_path = "".to_owned();
|
||||
println!("ok, so where is msolspray.py then?");
|
||||
let result = stdin().read_line(&mut msolspray_path);
|
||||
if result.is_err(){
|
||||
println!("we need input here burv...");
|
||||
continue;
|
||||
}
|
||||
else{
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
msolspray_path = format!("python {}", msolspray_path);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else {
|
||||
loop {
|
||||
println!("OOOOF we didn't find it burh... where is MSOLSpray.py located?");
|
||||
match stdin().read_line(&mut msolspray_path){
|
||||
Ok(_response) => break,
|
||||
Err(_e) => println!("we need input here bruv... try again")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
outline = format!("{} {} -p ||PASSWORD|| --url {}", msolspray_path.trim_end(), userlist.trim_end(), spray_target.trim_end());
|
||||
return outline;
|
||||
}
|
||||
|
||||
pub fn password_spray_help(project: &Project, season: String, lseason: String, year: i32, tools_dir: &PathBuf, config_path: &PathBuf){
|
||||
let mut wait_time:u64 = 0;
|
||||
let mut wait_time_response = String::new();
|
||||
let mut bell_path = config_path.clone();
|
||||
bell_path.pop();
|
||||
bell_path.push("bell.mp3");
|
||||
let mut tool_to_use = String::new();
|
||||
loop {
|
||||
println!("which tool?");
|
||||
print!("
|
||||
1.) nefarious spray
|
||||
2.) msolspray.py
|
||||
");
|
||||
let exemethod_result = stdin().read_line(&mut tool_to_use);
|
||||
if exemethod_result.is_err(){
|
||||
println!("we need input here dummy!");
|
||||
}
|
||||
else{
|
||||
break
|
||||
}
|
||||
@@ -243,12 +357,12 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
Err(_e) => println!("we need you to put in the minutes for the obervation window please!")
|
||||
}
|
||||
}
|
||||
let mut wait_dur = Duration::from_secs(wait_time);
|
||||
let wait_dur = Duration::from_secs(wait_time);
|
||||
let mut password_spray_file = project.notes_folder.clone();
|
||||
password_spray_file.push("password_spray.md");
|
||||
println!("{}", password_spray_file.display());
|
||||
let mut password_spray_string = String::new();
|
||||
let password_spray_read_result = fs::read_to_string(password_spray_file);
|
||||
let password_spray_read_result = fs::read_to_string(&password_spray_file);
|
||||
if password_spray_read_result.is_err(){
|
||||
println!("error reading password spray file!!!");
|
||||
return;
|
||||
@@ -257,6 +371,7 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
password_spray_string = password_spray_read_result.unwrap();
|
||||
}
|
||||
let mut passwords = Vec::new();
|
||||
let mut sprayed_passwords = Vec::new();
|
||||
println!("loading lines to parse...");
|
||||
for line in password_spray_string.split("\n"){
|
||||
if line.len() > 3{
|
||||
@@ -281,17 +396,21 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
}
|
||||
passwords.push(password);
|
||||
}
|
||||
else{
|
||||
let words: Vec<&str> = line.split_whitespace().collect();
|
||||
let password = words.last().unwrap().to_string();
|
||||
println!("{} already sprayed, making note...", &password);
|
||||
sprayed_passwords.push(password);
|
||||
}
|
||||
}
|
||||
}
|
||||
println!("passwords loaded, and parsed!");
|
||||
println!("starting password display and timer operations...");
|
||||
let mut outline = String::new();
|
||||
match exemethod.as_str(){
|
||||
"1\n" => outline = format!("execute-assembly {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"2\n" => outline = format!("inlineExecute-Assembly --dotnetassembly {} --assemblyargs spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt --etw --amsi --pipe totallyawesomepipeyo", nefarious_spray_path.map_or("".to_string(), |s| s)),
|
||||
"3\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("run {} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
"4\n" => outline = {let mut path = String::new(); println!("path to nefarious spray.exe"); stdin().read_line(&mut path).unwrap(); format!("{} spray -p ||PASSWORD|| -o C:\\temp\\fr\\||PASSWORD||.txt", path.trim_ascii_end())},
|
||||
_ => {println!("unknown exec method... try again"); return;}
|
||||
match tool_to_use.as_str(){
|
||||
"1\n" => outline = nefarious_config(tools_dir),
|
||||
"2\n" => outline = msolspray_config(tools_dir),
|
||||
_ => println!("unkown tool to use, try again...")
|
||||
}
|
||||
for password in &passwords{
|
||||
let mut _spraycontinue = String::new();
|
||||
@@ -300,8 +419,37 @@ pub fn password_spray_help(project: &Project, season: String, lseason: String, y
|
||||
printline = printline.replace("-p useraspass", "--UserAsPass")
|
||||
}
|
||||
println!("\n{}\n", printline);
|
||||
println!("press enter to start timer");
|
||||
println!("enter s to save an return to main menu, or just enter to start timer");
|
||||
stdin().read_line(&mut _spraycontinue).unwrap();
|
||||
sprayed_passwords.push(password.to_owned());
|
||||
if _spraycontinue.contains("s"){
|
||||
let new_spray_file = fs::OpenOptions::new().write(true).truncate(true).open(&password_spray_file);
|
||||
if new_spray_file.is_err(){
|
||||
println!("error saving progress, please make note of where you are and update the file accordingly");
|
||||
}
|
||||
else{
|
||||
let mut open_spray_file = new_spray_file.unwrap();
|
||||
let mut new_file_text = String::new();
|
||||
for sprayed_pass in &sprayed_passwords{
|
||||
new_file_text = format!("{}\n- [x] {}", new_file_text, sprayed_pass);
|
||||
}
|
||||
for password in &passwords{
|
||||
if sprayed_passwords.contains(password) == false{
|
||||
new_file_text = format!("{}\n- [ ] {}", new_file_text, password);
|
||||
}
|
||||
}
|
||||
let save_result = open_spray_file.write_all(new_file_text.as_bytes());
|
||||
if save_result.is_err(){
|
||||
println!("saving failed!\nplease copy the below lines into your password spray notes!");
|
||||
println!("{}", new_file_text);
|
||||
}
|
||||
else{
|
||||
println!("password saved complete!!!");
|
||||
println!("returning to main menu...");
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
println!("waiting for {} minutes...", wait_dur.as_secs());
|
||||
thread::sleep(wait_dur * 60);
|
||||
let (_stream, stream_handle) = OutputStream::try_default().unwrap();
|
||||
|
||||
Reference in New Issue
Block a user