iotsploit-exploits 0.0.6__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- iotsploit_exploits/__init__.py +1 -0
- iotsploit_exploits/adb_check/__init__.py +0 -0
- iotsploit_exploits/adb_check/adb_check.py +493 -0
- iotsploit_exploits/demo/__init__.py +0 -0
- iotsploit_exploits/demo/async_sleep_attack.py +106 -0
- iotsploit_exploits/demo/stream_data_attack.py +184 -0
- iotsploit_exploits/flood_attack/__init__.py +0 -0
- iotsploit_exploits/flood_attack/flood_attack.py +129 -0
- iotsploit_exploits/flood_attack/syn_flood_attack.py +233 -0
- iotsploit_exploits/greatfet_echo.py +103 -0
- iotsploit_exploits/greatfet_rubber_duck.py +417 -0
- iotsploit_exploits/hydra_cracker/weak_pass.txt +471 -0
- iotsploit_exploits/hydra_cracker/weak_pass_simple.txt +5 -0
- iotsploit_exploits/hydra_ssh_attack.py +159 -0
- iotsploit_exploits/ip_scan/__init__.py +0 -0
- iotsploit_exploits/ip_scan/ip_scan.py +196 -0
- iotsploit_exploits/nmap_scan/__init__.py +0 -0
- iotsploit_exploits/nmap_scan/nmap_scan.py +207 -0
- iotsploit_exploits/plugin_ssh.py +146 -0
- iotsploit_exploits/rubber_duck_scripts/linux_infogather.txt +126 -0
- iotsploit_exploits/rubber_duck_scripts/windows_payload.txt +93 -0
- iotsploit_exploits/serial/__init__.py +0 -0
- iotsploit_exploits/serial/picocom_serial_reader.py +704 -0
- iotsploit_exploits/simple_rubber_duck.py +183 -0
- iotsploit_exploits/wifi_scan/__init__.py +0 -0
- iotsploit_exploits/wifi_scan/wifi_scan.py +242 -0
- iotsploit_exploits-0.0.6.dist-info/METADATA +65 -0
- iotsploit_exploits-0.0.6.dist-info/RECORD +30 -0
- iotsploit_exploits-0.0.6.dist-info/WHEEL +4 -0
- iotsploit_exploits-0.0.6.dist-info/entry_points.txt +16 -0
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
#!/usr/bin/python3
|
|
2
|
+
|
|
3
|
+
import pluggy
|
|
4
|
+
import asyncio
|
|
5
|
+
import os
|
|
6
|
+
import sys
|
|
7
|
+
from typing import Optional, Any
|
|
8
|
+
|
|
9
|
+
from iotsploit_core.core.exploit_spec import ExploitResult, AsyncExploitResult
|
|
10
|
+
from iotsploit_core.core.base_plugin import BasePlugin
|
|
11
|
+
from facedancer.devices.keyboard import USBKeyboardDevice
|
|
12
|
+
from facedancer.errors import EndEmulation
|
|
13
|
+
from iotsploit_core.utils import iots_logger
|
|
14
|
+
|
|
15
|
+
hookimpl = pluggy.HookimplMarker("exploit_mgr")
|
|
16
|
+
|
|
17
|
+
class SimpleRubberDuckPlugin(BasePlugin):
|
|
18
|
+
"""
|
|
19
|
+
A simplified USB rubber duck plugin that types text on a target system.
|
|
20
|
+
Uses Facedancer to emulate a USB keyboard device.
|
|
21
|
+
"""
|
|
22
|
+
|
|
23
|
+
def __init__(self):
|
|
24
|
+
super().__init__({
|
|
25
|
+
'Name': 'Simple Rubber Duck',
|
|
26
|
+
'Description': 'Simple USB keyboard emulator to type commands automatically.',
|
|
27
|
+
'License': 'GPL',
|
|
28
|
+
'Author': ['iotsploit'],
|
|
29
|
+
'RequiresRoot': False,
|
|
30
|
+
'Parameters': {
|
|
31
|
+
'text': {
|
|
32
|
+
'type': 'str',
|
|
33
|
+
'required': False,
|
|
34
|
+
'description': 'Text to type on the target system',
|
|
35
|
+
'default': 'echo Hello, from Simple Rubber Duck!\nid\nls -la\n'
|
|
36
|
+
},
|
|
37
|
+
'delay_before_typing': {
|
|
38
|
+
'type': 'int',
|
|
39
|
+
'required': False,
|
|
40
|
+
'description': 'Time to wait in seconds before starting to type',
|
|
41
|
+
'default': 2
|
|
42
|
+
},
|
|
43
|
+
'delay_after_typing': {
|
|
44
|
+
'type': 'int',
|
|
45
|
+
'required': False,
|
|
46
|
+
'description': 'Time to wait in seconds after typing completes before ending the emulation',
|
|
47
|
+
'default': 1
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
})
|
|
51
|
+
self.device = None
|
|
52
|
+
self.running = False
|
|
53
|
+
self.logger = iots_logger.get_logger("simple_rubber_duck")
|
|
54
|
+
|
|
55
|
+
@hookimpl
|
|
56
|
+
def initialize(self, device_plugin: Optional[Any] = None):
|
|
57
|
+
self.logger.info("Initializing SimpleRubberDuckPlugin")
|
|
58
|
+
|
|
59
|
+
def custom_facedancer_main(self, device, coroutine):
|
|
60
|
+
"""
|
|
61
|
+
Custom implementation of Facedancer's main function that doesn't parse command line arguments.
|
|
62
|
+
This is needed when running inside Django where sys.argv contains Django's arguments.
|
|
63
|
+
"""
|
|
64
|
+
self.logger.info("Starting custom Facedancer emulation")
|
|
65
|
+
try:
|
|
66
|
+
# Directly call the device's emulate method with our coroutine
|
|
67
|
+
device.emulate(coroutine)
|
|
68
|
+
self.logger.info("Facedancer emulation completed successfully")
|
|
69
|
+
except EndEmulation as e:
|
|
70
|
+
self.logger.info(f"Facedancer emulation ended: {str(e)}")
|
|
71
|
+
except KeyboardInterrupt:
|
|
72
|
+
self.logger.info("Facedancer emulation interrupted by user")
|
|
73
|
+
except Exception as e:
|
|
74
|
+
raise e
|
|
75
|
+
|
|
76
|
+
@hookimpl
|
|
77
|
+
def execute(self, target: Optional[Any] = None, parameters: Optional[dict] = None):
|
|
78
|
+
"""
|
|
79
|
+
Primary execution method - synchronous version.
|
|
80
|
+
This is the preferred entry point for Celery tasks.
|
|
81
|
+
"""
|
|
82
|
+
self.logger.info("Executing SimpleRubberDuckPlugin")
|
|
83
|
+
|
|
84
|
+
try:
|
|
85
|
+
# Check if we already have a running instance
|
|
86
|
+
if self.running:
|
|
87
|
+
return ExploitResult(False, "An instance is already running", {})
|
|
88
|
+
|
|
89
|
+
# Get parameters
|
|
90
|
+
parameters = parameters or {}
|
|
91
|
+
text = parameters.get('text', self.info['Parameters']['text']['default'])
|
|
92
|
+
delay_before_typing = parameters.get('delay_before_typing',
|
|
93
|
+
self.info['Parameters']['delay_before_typing']['default'])
|
|
94
|
+
delay_after_typing = parameters.get('delay_after_typing',
|
|
95
|
+
self.info['Parameters']['delay_after_typing']['default'])
|
|
96
|
+
|
|
97
|
+
# Initialize USB device
|
|
98
|
+
self.logger.info("Initializing USB keyboard device...")
|
|
99
|
+
try:
|
|
100
|
+
self.device = USBKeyboardDevice()
|
|
101
|
+
self.logger.info(f"USB keyboard device initialized")
|
|
102
|
+
except Exception as e:
|
|
103
|
+
self.logger.error(f"Failed to initialize USB keyboard device: {str(e)}")
|
|
104
|
+
return ExploitResult(False, f"Failed to initialize USB keyboard device: {str(e)}", {})
|
|
105
|
+
|
|
106
|
+
# Set running flag
|
|
107
|
+
self.running = True
|
|
108
|
+
|
|
109
|
+
# Define our typing coroutine - similar to rubber-ducky.py
|
|
110
|
+
async def type_text():
|
|
111
|
+
self.logger.info(f"Waiting {delay_before_typing} seconds before typing...")
|
|
112
|
+
await asyncio.sleep(delay_before_typing)
|
|
113
|
+
|
|
114
|
+
self.logger.info(f"Typing text: {text}")
|
|
115
|
+
await self.device.type_string(text)
|
|
116
|
+
|
|
117
|
+
self.logger.info("Typing complete.")
|
|
118
|
+
|
|
119
|
+
# Wait a configurable amount of time to ensure all keystrokes are processed
|
|
120
|
+
self.logger.info(f"Waiting {delay_after_typing} seconds for keystrokes to be processed...")
|
|
121
|
+
await asyncio.sleep(delay_after_typing)
|
|
122
|
+
|
|
123
|
+
# Raise EndEmulation to exit facedancer_main cleanly without requiring Ctrl+C
|
|
124
|
+
self.logger.info("Exiting facedancer emulation...")
|
|
125
|
+
raise EndEmulation("Typing completed successfully")
|
|
126
|
+
|
|
127
|
+
try:
|
|
128
|
+
# Use our custom Facedancer main function to avoid argument parsing issues
|
|
129
|
+
self.logger.info("Starting Facedancer execution...")
|
|
130
|
+
self.custom_facedancer_main(self.device, type_text())
|
|
131
|
+
self.logger.info("Facedancer execution completed successfully")
|
|
132
|
+
except Exception as e:
|
|
133
|
+
self.logger.error(f"Error in Facedancer execution: {str(e)}")
|
|
134
|
+
if hasattr(e, '__traceback__'):
|
|
135
|
+
import traceback
|
|
136
|
+
self.logger.error(''.join(traceback.format_tb(e.__traceback__)))
|
|
137
|
+
self.running = False
|
|
138
|
+
return ExploitResult(False, f"Facedancer execution failed: {str(e)}", {})
|
|
139
|
+
|
|
140
|
+
# Return success - at this point the operation is complete
|
|
141
|
+
return ExploitResult(True, "SimpleRubberDuck executed successfully", {
|
|
142
|
+
"status": "complete",
|
|
143
|
+
"message": "Device has typed all commands"
|
|
144
|
+
})
|
|
145
|
+
|
|
146
|
+
except Exception as e:
|
|
147
|
+
self.running = False
|
|
148
|
+
self.logger.error(f"Error during SimpleRubberDuck execution: {str(e)}")
|
|
149
|
+
if hasattr(e, '__traceback__'):
|
|
150
|
+
import traceback
|
|
151
|
+
self.logger.error(''.join(traceback.format_tb(e.__traceback__)))
|
|
152
|
+
return ExploitResult(False, f"SimpleRubberDuck failed: {str(e)}", {})
|
|
153
|
+
finally:
|
|
154
|
+
# Reset the running flag
|
|
155
|
+
self.running = False
|
|
156
|
+
|
|
157
|
+
@hookimpl
|
|
158
|
+
def cleanup(self):
|
|
159
|
+
"""Clean up resources when plugin execution is finished"""
|
|
160
|
+
self.logger.info("Cleaning up SimpleRubberDuckPlugin")
|
|
161
|
+
|
|
162
|
+
try:
|
|
163
|
+
# Signal any running operations to stop
|
|
164
|
+
self.running = False
|
|
165
|
+
|
|
166
|
+
# Disconnect the device if it exists
|
|
167
|
+
if hasattr(self, 'device') and self.device:
|
|
168
|
+
try:
|
|
169
|
+
self.logger.info("Disconnecting USB keyboard device...")
|
|
170
|
+
self.device.disconnect()
|
|
171
|
+
self.logger.info("Keyboard Device disconnected")
|
|
172
|
+
except Exception as e:
|
|
173
|
+
self.logger.error(f"Error disconnecting device: {str(e)}")
|
|
174
|
+
finally:
|
|
175
|
+
self.device = None
|
|
176
|
+
|
|
177
|
+
self.logger.info("Cleanup completed successfully")
|
|
178
|
+
|
|
179
|
+
except Exception as e:
|
|
180
|
+
self.logger.error(f"Error during cleanup: {str(e)}")
|
|
181
|
+
if hasattr(e, '__traceback__'):
|
|
182
|
+
import traceback
|
|
183
|
+
self.logger.error(''.join(traceback.format_tb(e.__traceback__)))
|
|
File without changes
|
|
@@ -0,0 +1,242 @@
|
|
|
1
|
+
#!/usr/bin/python3
|
|
2
|
+
"""
|
|
3
|
+
WiFi Scan Exploit Plugin.
|
|
4
|
+
|
|
5
|
+
This plugin scans for surrounding WiFi networks using the WiFi backend
|
|
6
|
+
injected via PluginContext. It demonstrates the backend injection mechanism
|
|
7
|
+
and provides a simple way to discover available WiFi networks.
|
|
8
|
+
"""
|
|
9
|
+
|
|
10
|
+
import logging
|
|
11
|
+
import pluggy
|
|
12
|
+
from typing import Optional, Any, List, Dict
|
|
13
|
+
|
|
14
|
+
from iotsploit_core.core.exploit_spec import ExploitResult, AsyncExploitResult
|
|
15
|
+
from iotsploit_core.core.base_plugin import BasePlugin
|
|
16
|
+
from iotsploit_core.context import PluginContext
|
|
17
|
+
from iotsploit_core.utils import iots_logger
|
|
18
|
+
|
|
19
|
+
logger = logging.getLogger(__name__)
|
|
20
|
+
hookimpl = pluggy.HookimplMarker("exploit_mgr")
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
class WifiScanPlugin(BasePlugin):
|
|
24
|
+
"""
|
|
25
|
+
WiFi Scan Plugin - Scans for surrounding WiFi networks.
|
|
26
|
+
|
|
27
|
+
This plugin uses the WiFi backend injected via PluginContext to scan
|
|
28
|
+
for available WiFi networks and returns their SSIDs and metadata.
|
|
29
|
+
"""
|
|
30
|
+
|
|
31
|
+
def __init__(self):
|
|
32
|
+
super().__init__({
|
|
33
|
+
'Name': 'WiFi Scan',
|
|
34
|
+
'Description': 'Scan for surrounding WiFi networks and list their SSIDs, BSSIDs, signal strength, and security information.',
|
|
35
|
+
'License': 'GPL',
|
|
36
|
+
'Author': ['iotsploit'],
|
|
37
|
+
'RequiresRoot': False,
|
|
38
|
+
'Parameters': {
|
|
39
|
+
'min_signal': {
|
|
40
|
+
'type': 'int',
|
|
41
|
+
'required': False,
|
|
42
|
+
'description': 'Minimum signal strength to include in results (0-100)',
|
|
43
|
+
'default': 0
|
|
44
|
+
},
|
|
45
|
+
'sort_by': {
|
|
46
|
+
'type': 'str',
|
|
47
|
+
'required': False,
|
|
48
|
+
'description': 'Sort results by: signal, ssid, or bssid',
|
|
49
|
+
'default': 'signal'
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
})
|
|
53
|
+
self.wifi_backend = None
|
|
54
|
+
self.logger = iots_logger.get_logger("wifi_scan")
|
|
55
|
+
|
|
56
|
+
@hookimpl
|
|
57
|
+
def initialize(self, ctx: Optional[PluginContext] = None):
|
|
58
|
+
"""
|
|
59
|
+
Initialize the plugin with platform backend context.
|
|
60
|
+
|
|
61
|
+
Args:
|
|
62
|
+
ctx: PluginContext containing backend instances (e.g., ctx.wifi)
|
|
63
|
+
"""
|
|
64
|
+
self.logger.info("Initializing WifiScanPlugin")
|
|
65
|
+
|
|
66
|
+
if ctx is None or getattr(ctx, "wifi", None) is None:
|
|
67
|
+
self.logger.warning("WiFi backend not available in injected PluginContext")
|
|
68
|
+
self.wifi_backend = None
|
|
69
|
+
return
|
|
70
|
+
|
|
71
|
+
self.wifi_backend = ctx.wifi
|
|
72
|
+
self.logger.info("WiFi backend injected successfully")
|
|
73
|
+
|
|
74
|
+
@hookimpl
|
|
75
|
+
def execute(self, target: Optional[Any] = None, parameters: Optional[dict] = None) -> ExploitResult:
|
|
76
|
+
"""
|
|
77
|
+
Execute WiFi scan synchronously.
|
|
78
|
+
|
|
79
|
+
Args:
|
|
80
|
+
target: Not used for WiFi scan
|
|
81
|
+
parameters: Optional parameters (min_signal, sort_by)
|
|
82
|
+
|
|
83
|
+
Returns:
|
|
84
|
+
ExploitResult with scan results
|
|
85
|
+
"""
|
|
86
|
+
self.logger.info("Executing WiFi scan")
|
|
87
|
+
|
|
88
|
+
# Check if WiFi backend is available
|
|
89
|
+
if self.wifi_backend is None:
|
|
90
|
+
error_msg = "WiFi backend not available. Ensure PluginContext was injected."
|
|
91
|
+
self.logger.error(error_msg)
|
|
92
|
+
return ExploitResult(False, error_msg, {})
|
|
93
|
+
|
|
94
|
+
try:
|
|
95
|
+
# Get parameters
|
|
96
|
+
params = parameters or {}
|
|
97
|
+
min_signal = params.get('min_signal', self.info['Parameters']['min_signal']['default'])
|
|
98
|
+
sort_by = params.get('sort_by', self.info['Parameters']['sort_by']['default'])
|
|
99
|
+
|
|
100
|
+
# Perform scan
|
|
101
|
+
self.logger.info("Starting WiFi scan...")
|
|
102
|
+
networks = self.wifi_backend.scan()
|
|
103
|
+
|
|
104
|
+
if not networks:
|
|
105
|
+
self.logger.warning("No WiFi networks found")
|
|
106
|
+
return ExploitResult(True, "Scan completed but no networks found", {
|
|
107
|
+
"networks": [],
|
|
108
|
+
"count": 0
|
|
109
|
+
})
|
|
110
|
+
|
|
111
|
+
# Filter by minimum signal strength
|
|
112
|
+
if min_signal > 0:
|
|
113
|
+
filtered_networks = [
|
|
114
|
+
net for net in networks
|
|
115
|
+
if net.get('signal', 0) >= min_signal
|
|
116
|
+
]
|
|
117
|
+
self.logger.info(f"Filtered {len(networks)} networks to {len(filtered_networks)} (min_signal={min_signal})")
|
|
118
|
+
networks = filtered_networks
|
|
119
|
+
|
|
120
|
+
# Sort results
|
|
121
|
+
if sort_by == 'signal':
|
|
122
|
+
networks = sorted(networks, key=lambda x: x.get('signal', 0), reverse=True)
|
|
123
|
+
elif sort_by == 'ssid':
|
|
124
|
+
networks = sorted(networks, key=lambda x: x.get('ssid', '').lower())
|
|
125
|
+
elif sort_by == 'bssid':
|
|
126
|
+
networks = sorted(networks, key=lambda x: x.get('bssid', '').lower())
|
|
127
|
+
|
|
128
|
+
# Format results for display
|
|
129
|
+
result_data = {
|
|
130
|
+
"networks": networks,
|
|
131
|
+
"count": len(networks),
|
|
132
|
+
"scan_params": {
|
|
133
|
+
"min_signal": min_signal,
|
|
134
|
+
"sort_by": sort_by
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
|
|
138
|
+
# Log summary
|
|
139
|
+
self.logger.info(f"WiFi scan completed: found {len(networks)} networks")
|
|
140
|
+
for net in networks[:5]: # Log first 5 networks
|
|
141
|
+
ssid = net.get('ssid', 'Unknown')
|
|
142
|
+
signal = net.get('signal', 0)
|
|
143
|
+
security = net.get('security', 'Unknown')
|
|
144
|
+
self.logger.info(f" - {ssid} (Signal: {signal}%, Security: {security})")
|
|
145
|
+
|
|
146
|
+
return ExploitResult(True, f"Found {len(networks)} WiFi networks", result_data)
|
|
147
|
+
|
|
148
|
+
except Exception as e:
|
|
149
|
+
error_msg = f"WiFi scan failed: {str(e)}"
|
|
150
|
+
self.logger.error(error_msg, exc_info=True)
|
|
151
|
+
return ExploitResult(False, error_msg, {})
|
|
152
|
+
|
|
153
|
+
@hookimpl
|
|
154
|
+
async def execute_async(self, target: Optional[Any] = None, parameters: Optional[dict] = None) -> AsyncExploitResult:
|
|
155
|
+
"""
|
|
156
|
+
Execute WiFi scan asynchronously.
|
|
157
|
+
|
|
158
|
+
Args:
|
|
159
|
+
target: Not used for WiFi scan
|
|
160
|
+
parameters: Optional parameters (min_signal, sort_by)
|
|
161
|
+
|
|
162
|
+
Returns:
|
|
163
|
+
AsyncExploitResult with scan results
|
|
164
|
+
"""
|
|
165
|
+
self.logger.info("Executing WiFi scan (async)")
|
|
166
|
+
|
|
167
|
+
# Check if WiFi backend is available
|
|
168
|
+
if self.wifi_backend is None:
|
|
169
|
+
error_msg = "WiFi backend not available. Ensure PluginContext was injected."
|
|
170
|
+
self.logger.error(error_msg)
|
|
171
|
+
return AsyncExploitResult(status=False, message=error_msg, data={})
|
|
172
|
+
|
|
173
|
+
try:
|
|
174
|
+
# Get parameters
|
|
175
|
+
params = parameters or {}
|
|
176
|
+
min_signal = params.get('min_signal', self.info['Parameters']['min_signal']['default'])
|
|
177
|
+
sort_by = params.get('sort_by', self.info['Parameters']['sort_by']['default'])
|
|
178
|
+
|
|
179
|
+
# Perform scan (scan() is synchronous but we're in async context)
|
|
180
|
+
self.logger.info("Starting WiFi scan...")
|
|
181
|
+
networks = self.wifi_backend.scan()
|
|
182
|
+
|
|
183
|
+
if not networks:
|
|
184
|
+
self.logger.warning("No WiFi networks found")
|
|
185
|
+
return AsyncExploitResult(
|
|
186
|
+
status=True,
|
|
187
|
+
message="Scan completed but no networks found",
|
|
188
|
+
data={"networks": [], "count": 0}
|
|
189
|
+
)
|
|
190
|
+
|
|
191
|
+
# Filter by minimum signal strength
|
|
192
|
+
if min_signal > 0:
|
|
193
|
+
filtered_networks = [
|
|
194
|
+
net for net in networks
|
|
195
|
+
if net.get('signal', 0) >= min_signal
|
|
196
|
+
]
|
|
197
|
+
self.logger.info(f"Filtered {len(networks)} networks to {len(filtered_networks)} (min_signal={min_signal})")
|
|
198
|
+
networks = filtered_networks
|
|
199
|
+
|
|
200
|
+
# Sort results
|
|
201
|
+
if sort_by == 'signal':
|
|
202
|
+
networks = sorted(networks, key=lambda x: x.get('signal', 0), reverse=True)
|
|
203
|
+
elif sort_by == 'ssid':
|
|
204
|
+
networks = sorted(networks, key=lambda x: x.get('ssid', '').lower())
|
|
205
|
+
elif sort_by == 'bssid':
|
|
206
|
+
networks = sorted(networks, key=lambda x: x.get('bssid', '').lower())
|
|
207
|
+
|
|
208
|
+
# Format results
|
|
209
|
+
result_data = {
|
|
210
|
+
"networks": networks,
|
|
211
|
+
"count": len(networks),
|
|
212
|
+
"scan_params": {
|
|
213
|
+
"min_signal": min_signal,
|
|
214
|
+
"sort_by": sort_by
|
|
215
|
+
}
|
|
216
|
+
}
|
|
217
|
+
|
|
218
|
+
# Log summary
|
|
219
|
+
self.logger.info(f"WiFi scan completed: found {len(networks)} networks")
|
|
220
|
+
for net in networks[:5]: # Log first 5 networks
|
|
221
|
+
ssid = net.get('ssid', 'Unknown')
|
|
222
|
+
signal = net.get('signal', 0)
|
|
223
|
+
security = net.get('security', 'Unknown')
|
|
224
|
+
self.logger.info(f" - {ssid} (Signal: {signal}%, Security: {security})")
|
|
225
|
+
|
|
226
|
+
return AsyncExploitResult(
|
|
227
|
+
status=True,
|
|
228
|
+
message=f"Found {len(networks)} WiFi networks",
|
|
229
|
+
data=result_data
|
|
230
|
+
)
|
|
231
|
+
|
|
232
|
+
except Exception as e:
|
|
233
|
+
error_msg = f"WiFi scan failed: {str(e)}"
|
|
234
|
+
self.logger.error(error_msg, exc_info=True)
|
|
235
|
+
return AsyncExploitResult(status=False, message=error_msg, data={})
|
|
236
|
+
|
|
237
|
+
@hookimpl
|
|
238
|
+
def cleanup(self):
|
|
239
|
+
"""Clean up resources when plugin execution is finished"""
|
|
240
|
+
self.logger.info("Cleaning up WifiScanPlugin")
|
|
241
|
+
# WiFi backend is managed by the context, no cleanup needed here
|
|
242
|
+
self.wifi_backend = None
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
Metadata-Version: 2.3
|
|
2
|
+
Name: iotsploit-exploits
|
|
3
|
+
Version: 0.0.6
|
|
4
|
+
Summary: Official IoTSploit exploit plugin package
|
|
5
|
+
License: GPL-3.0-or-later
|
|
6
|
+
Author: IoTSploit Team
|
|
7
|
+
Author-email: support@iotsploit.org
|
|
8
|
+
Requires-Python: >=3.10,<4.0
|
|
9
|
+
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
|
|
10
|
+
Classifier: Programming Language :: Python :: 3
|
|
11
|
+
Classifier: Programming Language :: Python :: 3.10
|
|
12
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
13
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
14
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
15
|
+
Requires-Dist: facedancer (>=3.0.6,<4.0)
|
|
16
|
+
Requires-Dist: iotsploit-core (>=0.0.6,<0.0.7)
|
|
17
|
+
Requires-Dist: iotsploit-django (>=0.0.6,<0.0.7)
|
|
18
|
+
Requires-Dist: pwntools (>=4.12)
|
|
19
|
+
Requires-Dist: pyserial (>=3.5)
|
|
20
|
+
Requires-Dist: scapy (>=2.5)
|
|
21
|
+
Description-Content-Type: text/markdown
|
|
22
|
+
|
|
23
|
+
# iotsploit-exploits
|
|
24
|
+
|
|
25
|
+
Official IoTSploit exploit plugin package. Contains all built-in exploit/security testing plugins.
|
|
26
|
+
|
|
27
|
+
## Included Plugins
|
|
28
|
+
|
|
29
|
+
| Plugin | Module | Description |
|
|
30
|
+
|--------|--------|-------------|
|
|
31
|
+
| Flood Attack | `iotsploit_exploits.flood_attack` | Network flood attack |
|
|
32
|
+
| SYN Flood | `iotsploit_exploits.flood_attack` | TCP SYN flood attack |
|
|
33
|
+
| WiFi Scan | `iotsploit_exploits.wifi_scan` | WiFi network scanner |
|
|
34
|
+
| IP Scan | `iotsploit_exploits.ip_scan` | IP network scanner |
|
|
35
|
+
| Nmap Scan | `iotsploit_exploits.nmap_scan` | Nmap-based scanner |
|
|
36
|
+
| ADB Check | `iotsploit_exploits.adb_check` | Android Debug Bridge security check |
|
|
37
|
+
| Hydra SSH | `iotsploit_exploits.hydra_ssh_attack` | Hydra SSH attack |
|
|
38
|
+
| SSH Plugin | `iotsploit_exploits.plugin_ssh` | SSH connection plugin |
|
|
39
|
+
| Serial Reader | `iotsploit_exploits.serial` | Picocom serial reader |
|
|
40
|
+
| GreatFET Echo | `iotsploit_exploits.greatfet_echo` | FTDI echo emulation |
|
|
41
|
+
| Rubber Duck | `iotsploit_exploits.greatfet_rubber_duck` | USB rubber duck attack |
|
|
42
|
+
| Simple Rubber Duck | `iotsploit_exploits.simple_rubber_duck` | Simplified rubber duck |
|
|
43
|
+
| Async Sleep | `iotsploit_exploits.demo` | Demo async plugin |
|
|
44
|
+
| Stream Data | `iotsploit_exploits.demo` | Demo streaming plugin |
|
|
45
|
+
|
|
46
|
+
## System Tool Dependencies
|
|
47
|
+
|
|
48
|
+
Some plugins require system-level tools (not installable via pip):
|
|
49
|
+
|
|
50
|
+
- **nmap_scan**: Requires `nmap` (`apt install nmap`)
|
|
51
|
+
- **hydra_ssh_attack**: Requires `hydra` (`apt install hydra`)
|
|
52
|
+
- **adb_check**: Requires `adb` (`apt install android-tools-adb`)
|
|
53
|
+
|
|
54
|
+
## Installation
|
|
55
|
+
|
|
56
|
+
```bash
|
|
57
|
+
pip install iotsploit-exploits
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
For development:
|
|
61
|
+
|
|
62
|
+
```bash
|
|
63
|
+
pip install -e ./iotsploit-exploits
|
|
64
|
+
```
|
|
65
|
+
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
iotsploit_exploits/__init__.py,sha256=guANNqpExIjL6PKjJ4cGNP-h3oC4JlQVu57vJu1rPN4,49
|
|
2
|
+
iotsploit_exploits/adb_check/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
3
|
+
iotsploit_exploits/adb_check/adb_check.py,sha256=MJKxmuSNakbhd_v86ecbhiBC-pH1U7uXZXT-KpG-o-I,22369
|
|
4
|
+
iotsploit_exploits/demo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
5
|
+
iotsploit_exploits/demo/async_sleep_attack.py,sha256=CV7RZz_n0egyN1ZUG9iMpMCMaEWZZj_IFMYofqXjv-A,3553
|
|
6
|
+
iotsploit_exploits/demo/stream_data_attack.py,sha256=-Vl118YkeS-niyJ6PTp08wNSHMxEvbdzuf9HSRPp-Fs,6661
|
|
7
|
+
iotsploit_exploits/flood_attack/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
|
+
iotsploit_exploits/flood_attack/flood_attack.py,sha256=XyspX6L0tjdwgoK2Axdp3uzb8wssAUN_lxWwLdNvdjM,5094
|
|
9
|
+
iotsploit_exploits/flood_attack/syn_flood_attack.py,sha256=htzhPDeaLSYvkD-srtIY6V5lyg6Gdf6kvVU3y5KrvpY,9071
|
|
10
|
+
iotsploit_exploits/greatfet_echo.py,sha256=RcfuWGkNP0qLks3LW4cNmPT8x4qmpLvadWVxBPeye_o,4188
|
|
11
|
+
iotsploit_exploits/greatfet_rubber_duck.py,sha256=r3iZVVV2s5yoTtWJBoqu0ECdMoh4n9dko2aZb4T6Rso,19314
|
|
12
|
+
iotsploit_exploits/hydra_cracker/weak_pass.txt,sha256=TRaT9rdJ0eS3iBETr7Y4S4ZH93jGfSP7GIP8KPZh3-k,4847
|
|
13
|
+
iotsploit_exploits/hydra_cracker/weak_pass_simple.txt,sha256=Lflu1RuGHbL8y7RlppWU-wUEhcPJlY4hd6HvOZrh1oQ,39
|
|
14
|
+
iotsploit_exploits/hydra_ssh_attack.py,sha256=Z_AL3WkHNtFvHHx85pEh1_o-Gj8MhflVGuoCPTe71xk,6627
|
|
15
|
+
iotsploit_exploits/ip_scan/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
16
|
+
iotsploit_exploits/ip_scan/ip_scan.py,sha256=Z624vuAIBrhhi44yFvS1ZeZKxH9QK0YNHKUq9m1GOIQ,7284
|
|
17
|
+
iotsploit_exploits/nmap_scan/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
18
|
+
iotsploit_exploits/nmap_scan/nmap_scan.py,sha256=PL88bQVNl4vaSMN6Vyo1NEAbxxazlc46uM03FWu30DU,7403
|
|
19
|
+
iotsploit_exploits/plugin_ssh.py,sha256=LOwWwqpADG2ZufNSkxbQKClxPyaFgWHrjI1-XV3L-KE,5250
|
|
20
|
+
iotsploit_exploits/rubber_duck_scripts/linux_infogather.txt,sha256=ONOi41ZiWZM04hf4kF4okutNSpsoB_iT49YtVkSHtzw,2509
|
|
21
|
+
iotsploit_exploits/rubber_duck_scripts/windows_payload.txt,sha256=_urWrg1jIjpFYuo6Ksdo001gv0rutn7rmtiK7cEm1I8,2525
|
|
22
|
+
iotsploit_exploits/serial/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
23
|
+
iotsploit_exploits/serial/picocom_serial_reader.py,sha256=ecghWdPkohh-jUcCNFW2_Z7H81EYBQFQL999vTsq6oI,31453
|
|
24
|
+
iotsploit_exploits/simple_rubber_duck.py,sha256=7eXl1T7nGK02RxLB8FQLKhdYhYgJirEFboDu5MhXm3U,8052
|
|
25
|
+
iotsploit_exploits/wifi_scan/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
26
|
+
iotsploit_exploits/wifi_scan/wifi_scan.py,sha256=kcMq0crR99R5vRCOOcfmVEBrrLLZg85MyBcukeKGFoM,9619
|
|
27
|
+
iotsploit_exploits-0.0.6.dist-info/METADATA,sha256=xPDpP3RnTHZMIIG7bdESoMlX_GHF44MOxWY-aeE-qlk,2497
|
|
28
|
+
iotsploit_exploits-0.0.6.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
|
|
29
|
+
iotsploit_exploits-0.0.6.dist-info/entry_points.txt,sha256=7AfeJunmncgyIYDJN-SKBvqPzFN_98QIpYXSZpnrb-o,1059
|
|
30
|
+
iotsploit_exploits-0.0.6.dist-info/RECORD,,
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
[iotsploit.exploit_plugins]
|
|
2
|
+
adb_check=iotsploit_exploits.adb_check.adb_check:AdbSecurityCheckPlugin
|
|
3
|
+
async_sleep_attack=iotsploit_exploits.demo.async_sleep_attack:AsyncSleepAttackPlugin
|
|
4
|
+
flood_attack=iotsploit_exploits.flood_attack.flood_attack:FloodAttackPlugin
|
|
5
|
+
greatfet_echo=iotsploit_exploits.greatfet_echo:FTDIEchoPlugin
|
|
6
|
+
greatfet_rubber_duck=iotsploit_exploits.greatfet_rubber_duck:RubberDuckPlugin
|
|
7
|
+
hydra_ssh_attack=iotsploit_exploits.hydra_ssh_attack:HydraSSHAttackPlugin
|
|
8
|
+
ip_scan=iotsploit_exploits.ip_scan.ip_scan:IPScanPlugin
|
|
9
|
+
nmap_scan=iotsploit_exploits.nmap_scan.nmap_scan:NmapScanPlugin
|
|
10
|
+
picocom_serial_reader=iotsploit_exploits.serial.picocom_serial_reader:PicocomSerialReaderPlugin
|
|
11
|
+
plugin_ssh=iotsploit_exploits.plugin_ssh:SSHPlugin
|
|
12
|
+
simple_rubber_duck=iotsploit_exploits.simple_rubber_duck:SimpleRubberDuckPlugin
|
|
13
|
+
stream_data_attack=iotsploit_exploits.demo.stream_data_attack:StreamDataAttackPlugin
|
|
14
|
+
syn_flood_attack=iotsploit_exploits.flood_attack.syn_flood_attack:SynFloodAttackPlugin
|
|
15
|
+
wifi_scan=iotsploit_exploits.wifi_scan.wifi_scan:WifiScanPlugin
|
|
16
|
+
|