Merge pull request #65 from NullArray/more-updates

Updates

Author: NullArray

autosploit.py

@@ -29,10 +29,13 @@
 
 from lib.jsonize import load_exploits
 from lib.cmdline.cmd import AutoSploitParser
+from lib.banner import banner_main
 from lib.settings import (
     validate_ip_addr,
+    check_services,
     PLATFORM_PROMPT,
-    AUTOSPLOIT_PROMPT
+    AUTOSPLOIT_PROMPT,
+    AUTOSPLOIT_TERM_OPTS
 )
 from lib.output import (
     info,
@@ -50,27 +53,14 @@
 local_host = ""
 configured = False
 toolbar_width = 60
-version = "1.4.0"
 usage_and_legal_path = "{}/etc/general".format(os.getcwd())
 loaded_exploits = load_exploits("{}/etc/json".format(os.getcwd()))
 stop_animation = False
-autosploit_opts = {
-    1: "usage and legal", 2: "gather hosts", 3: "custom hosts",
-    4: "add single host", 5: "view gathered hosts", 6: "exploit gathered hosts",
-    99: "quit"
-}
 
 
 def logo(line_sep="#--", space=" " * 30):
     """Logo."""
-    global version
-    print("""\033[1m\033[36m{space_sep}_____     _       _____     _     _ _
-{sep1}Author : Vector/NullArray |  _  |_ _| |_ ___|   __|___| |___|_| |_
-{sep1}Twitter: @Real__Vector    |     | | |  _| . |__   | . | | . | |  _|
-{sep1}Type   : Mass Exploiter   |__|__|___|_| |___|_____|  _|_|___|_|_|
-{sep1}Version: {v_num}                                    |_|
-##############################################\033[0m
-""".format(sep1=line_sep, v_num=version, space_sep=space))
+    print banner_main()
 
 
 def animation(text):
@@ -428,7 +418,6 @@ def main():
     global query
     global configured
     global api
-    global autosploit_opts
 
     # TODO:/
     # commenting this out for now, guessing we need to create a retry function
@@ -453,8 +442,8 @@ def try_shodan():
                 settings()
 
             info("Welcome to AutoSploit. Please select an action.")
-            for i in autosploit_opts.keys():
-                print("{}. {}".format(i, autosploit_opts[i].title()))
+            for i in AUTOSPLOIT_TERM_OPTS.keys():
+                print("{}. {}".format(i, AUTOSPLOIT_TERM_OPTS[i].title()))
 
             action = raw_input(AUTOSPLOIT_PROMPT)
 
@@ -568,37 +557,46 @@ def try_shodan():
     info("Initializing AutoSploit...")
     info("One moment please while we check the Postgresql and Apache services...")
 
-    postgresql = cmdline("sudo service postgresql status | grep active")
-    if "Active: inactive" in postgresql:
-        warning("Warning. Heuristic tests have indicated PostgreSQL Service is offline")
+    # postgresql = cmdline("sudo service postgresql status | grep active")
+    postgresql = check_services("postgre")
+    if not postgresql:
+
+        def start_postgresql():
+            # we're going to import it here because we don't need it anywhere else
+            from lib.settings import START_POSTGRESQL_PATH
 
+            cmd = shlex.split("sudo sh {}".format(START_POSTGRESQL_PATH))
+            cmdline(cmd)
+
+        warning("Warning. Heuristic tests have indicated PostgreSQL Service is offline")
         start_pst = prompt("Start Postgresql Service? [Y]es/[N]o")
         if start_pst == 'y':
-            os.system("sudo service postgresql start")
-            info("Postgresql Service Started...")
-            time.sleep(1.5)
-
+            start_postgresql()
         elif start_pst == 'n':
             error("AutoSploit's MSF related operations require this service to be active.")
             error("Aborted.")
             time.sleep(1.5)
             sys.exit(0)
         else:
             warning("Unhandled Option. Defaulting to starting the service.")
-            os.system("sudo service postgresql start")
-
-            info("Postgresql Service Started...")
+            start_postgresql()
             time.sleep(1.5)
 
-    apache = cmdline("service apache2 status | grep active")
-    if "Active: inactive" in apache:
+    apache = check_services("apache2")
+    if not apache:
+
+        def start_apache():
+            # same as above
+            from lib.settings import START_APACHE_PATH
+
+            cmd = shlex.split("sudo sh {}".format(START_APACHE_PATH))
+            cmdline(cmd)
+
         warning("Warning. Heruistic tests indicated that Apache Service is offline")
 
         start_ap = prompt("Start Apache Service? [Y]es/[N]o")
         if start_ap == 'y':
-            os.system("sudo service apache2 start")
-
-            info("[{}]Apache2 Service Started...")
+            start_apache()
             time.sleep(1.5)
 
         elif start_ap == 'n':
@@ -608,12 +606,7 @@ def try_shodan():
             sys.exit(0)
         else:
             warning("Unhandled Option. Defaulting to starting the service.")
-            os.system("sudo service apache2 start")
-            # TODO:/
-            # Should really add another check here to make sure it started,
-            # possible to use `psutils` to check the running tasks for autosploit
-
-            info("Apache2 Service Started...")
+            start_apache()
             time.sleep(1.5)
 
     # We will check if the shodan api key has been saved before, if not we are going to prompt
@@ -636,4 +629,4 @@ def try_shodan():
         path = os.path.abspath("api.p")
         info("Your API key was loaded from {}".format(path))
 
-        main()
+        main()

etc/scripts/start_apache.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+sudo service apache2 start > /dev/null 2>&1

etc/scripts/start_postgre.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+sudo service postgresql start > /dev/null 2>&1

lib/banner.py

@@ -0,0 +1,66 @@
+import random
+
+VERSION = "1.4.0"
+
+
+def banner_1(line_sep="#--", space=" " * 30):
+    print("""\033[1m\033[36m{space_sep}_____     _       _____     _     _ _
+{sep1}Author : Vector/NullArray |  _  |_ _| |_ ___|   __|___| |___|_| |_
+{sep1}Twitter: @Real__Vector    |     | | |  _| . |__   | . | | . | |  _|
+{sep1}Type   : Mass Exploiter   |__|__|___|_| |___|_____|  _|_|___|_|_|
+{sep1}Version: {v_num}                                    |_|
+##############################################\033[0m
+    """.format(sep1=line_sep, v_num=VERSION, space_sep=space))
+
+
+def banner_2():
+    print(r"""
+{blue}--+{end} {red}Graffiti the world with exploits{end} {blue}+--{end}
+{blue}--+{end}             __   ____            {blue}+--{end} 
+{blue}--+{end}            / _\ / ___)           {blue}+--{end}
+{blue}--+{end}           /    \\___ \           {blue}+--{end}
+{blue}--+{end}           \_/\_/(____/           {blue}+--{end}
+{blue}--+{end}            {red}AutoSploit{end}            {blue}+--{end}
+{blue}--+{end}           NullArray/Eku          {blue}+--{end}
+{blue}--+{end}             v({red}{vnum}{end})             {blue}+--{end}
+    """.format(vnum=VERSION, blue="\033[36m", red="\033[31m", end="\033[0m"))
+
+
+def banner_3():
+    print(r'''#SploitaSaurus Rex{green}
+                                           O_
+                                          /  >
+                                        -  >  ^\
+                                      /   >  ^ /   
+                                    (O)  >  ^ /   / / /  
+       _____                        |            \\|//
+      /  __ \                      _/      /     / _/
+     /  /  | |                    /       /     / /
+   _/  |___/ /                   /      ------_/ / 
+ ==_|  \____/                 _/       /  ______/
+     \   \                 __/           |\
+      |   \_          ____/              / \      _                    
+       \    \________/                  |\  \----/_V
+        \_                              / \_______ V
+          \__                /       \ /          V
+             \               \        \
+              \______         \_       \
+                     \__________\_      \ 
+                        /    /    \_    | 
+                       |   _/       \   |
+                      /  _/          \  |
+                     |  /            |  |
+                     \  \__          |   \__
+                     /\____=\       /\_____=\{end} v({vnum})'''''.format(
+        green="\033[1m\033[32m", end="\033[0m", vnum=VERSION
+    ))
+
+
+def banner_main():
+    """
+    grab a random banner each run
+    """
+    banners = [
+        banner_3, banner_2, banner_1
+    ]
+    return random.choice(banners)()

lib/cmdline/cmd.py

@@ -36,7 +36,7 @@ def single_run_args(opt):
             ethics_file = "{}/etc/text_files/ethics.lst".format(os.getcwd())
             with open(ethics_file) as ethics:
                 ethic = random.choice(ethics.readlines()).strip()
-                print("Your ethic for the day:\n\n{}".format(ethic))
+                print("Here we have an ethical lesson for you:\n\n{}".format(ethic))
                 sys.exit(0)
         if opt.exploitList:
             try:

lib/output.py

@@ -1,14 +1,14 @@
 def info(text):
     print(
-        "\n[\033[1m\033[32m+\033[0m] {}".format(
+        "[\033[1m\033[32m+\033[0m] {}".format(
             text
         )
     )
 
 
 def prompt(text, lowercase=True):
     question = raw_input(
-        "\n[\033[1m\033[36m?\033[0m] {}: ".format(
+        "[\033[1m\033[36m?\033[0m] {}: ".format(
             text
         )
     )
@@ -19,15 +19,15 @@ def prompt(text, lowercase=True):
 
 def error(text):
     print(
-        "\n[\033[1m\033[31m!\033[0m] {}".format(
+        "[\033[1m\033[31m!\033[0m] {}".format(
             text
         )
     )
 
 
 def warning(text):
     print(
-        "\n[\033[1m\033[33m-\033[0m] {}".format(
+        "[\033[1m\033[33m-\033[0m] {}".format(
             text
         )
     )

lib/settings.py

@@ -1,14 +1,35 @@
+import os
 import socket
 import getpass
 
+import psutil
 
+
+START_POSTGRESQL_PATH = "{}/etc/scripts/start_postgre.sh".format(os.getcwd())
+START_APACHE_PATH = "{}/etc/scripts/start_apache.sh".format(os.getcwd())
 PLATFORM_PROMPT = "\n{}@\033[36mPLATFORM\033[0m$ ".format(getpass.getuser())
 AUTOSPLOIT_PROMPT = "\n\033[31m{}\033[0m@\033[36mautosploit\033[0m# ".format(getpass.getuser())
+AUTOSPLOIT_TERM_OPTS = {
+    1: "usage and legal", 2: "gather hosts", 3: "custom hosts",
+    4: "add single host", 5: "view gathered hosts", 6: "exploit gathered hosts",
+    99: "quit"
+}
 
 
 def validate_ip_addr(provided):
     try:
         socket.inet_aton(provided)
         return True
     except:
-        return False
+        return False
+
+
+def check_services(service_name):
+    all_processes = set()
+    for pid in psutil.pids():
+        running_proc = psutil.Process(pid)
+        all_processes.add(" ".join(running_proc.cmdline()).strip())
+    for proc in list(all_processes):
+        if service_name in proc:
+            return True
+    return False

requirements.txt

@@ -1,2 +1,3 @@
 shodan==1.7.7
 requests==2.18.4
+psutil==5.3.0