Merge pull request #165 from NullArray/dev-beta

Automatic issue creation

Author: NullArray

.gitignore

@@ -7,3 +7,4 @@ uid.p
 etc/tokens/*
 autosploit_out/*
 venv/*
+etc/json/*

autosploit/main.py

@@ -6,6 +6,10 @@
 
 from lib.cmdline.cmd import AutoSploitParser
 from lib.term.terminal import AutoSploitTerminal
+from lib.creation.issue_creator import (
+    request_issue_creation,
+    hide_sensitive
+)
 from lib.output import (
     info,
     warning,
@@ -19,7 +23,8 @@
     cmdline,
     close,
     EXPLOIT_FILES_PATH,
-    START_SERVICES_PATH
+    START_SERVICES_PATH,
+    save_error_to_file,
 )
 from lib.jsonize import (
     load_exploits,
@@ -28,81 +33,99 @@
 
 
 def main():
-
     try:
-        is_admin = os.getuid() == 0
-    except AttributeError:
-        # we'll make it cross platform because it seems like a cool idea
-        is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0
 
-    if not is_admin:
-        close("must have admin privileges to run")
+        try:
+            is_admin = os.getuid() == 0
+        except AttributeError:
+            # we'll make it cross platform because it seems like a cool idea
+            is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0
 
-    opts = AutoSploitParser().optparser()
+        if not is_admin:
+            close("must have admin privileges to run")
 
-    logo()
-    info("welcome to autosploit, give us a little bit while we configure")
-    misc_info("checking your running platform")
-    platform_running = platform.system()
-    misc_info("checking for disabled services")
-    # according to ps aux, postgre and apache2 are the names of the services on Linux systems
-    service_names = ("postgres", "apache2")
-    if "darwin" in platform_running.lower():
-        service_names = ("postgres", "apachectl")
+        opts = AutoSploitParser().optparser()
 
-    for service in list(service_names):
-        while not check_services(service):
-            choice = prompt(
-                "it appears that service {} is not enabled, would you like us to enable it for you[y/N]".format(
-                    service.title()
-                )
-            )
-            if choice.lower().startswith("y"):
-                try:
-                    if "darwin" in platform_running.lower():
-                        cmdline("{} darwin".format(START_SERVICES_PATH))
-                    elif "linux" in platform_running.lower():
-                        cmdline("{} linux".format(START_SERVICES_PATH))
-                    else:
-                        close("your platform is not supported by AutoSploit at this time", status=2)
+        logo()
+        info("welcome to autosploit, give us a little bit while we configure")
+        misc_info("checking your running platform")
+        platform_running = platform.system()
+        misc_info("checking for disabled services")
+        # according to ps aux, postgre and apache2 are the names of the services on Linux systems
+        service_names = ("postgres", "apache2")
+        if "darwin" in platform_running.lower():
+            service_names = ("postgres", "apachectl")
 
-                    # moving this back because it was funky to see it each run
-                    info("services started successfully")
-                # this tends to show up when trying to start the services
-                # I'm not entirely sure why, but this fixes it
-                except psutil.NoSuchProcess:
-                    pass
-            else:
-                process_start_command = "`sudo service {} start`"
-                if "darwin" in platform_running.lower():
-                    process_start_command = "`brew services start {}`"
-                close(
-                    "service {} is required to be started for autosploit to run successfully (you can do it manually "
-                    "by using the command {}), exiting".format(
-                        service.title(), process_start_command.format(service)
+        for service in list(service_names):
+            while not check_services(service):
+                choice = prompt(
+                    "it appears that service {} is not enabled, would you like us to enable it for you[y/N]".format(
+                        service.title()
                     )
                 )
+                if choice.lower().startswith("y"):
+                    try:
+                        if "darwin" in platform_running.lower():
+                            cmdline("{} darwin".format(START_SERVICES_PATH))
+                        elif "linux" in platform_running.lower():
+                            cmdline("{} linux".format(START_SERVICES_PATH))
+                        else:
+                            close("your platform is not supported by AutoSploit at this time", status=2)
 
-    if len(sys.argv) > 1:
-        info("attempting to load API keys")
-        loaded_tokens = load_api_keys()
-        AutoSploitParser().parse_provided(opts)
+                        # moving this back because it was funky to see it each run
+                        info("services started successfully")
+                    # this tends to show up when trying to start the services
+                    # I'm not entirely sure why, but this fixes it
+                    except psutil.NoSuchProcess:
+                        pass
+                else:
+                    process_start_command = "`sudo service {} start`"
+                    if "darwin" in platform_running.lower():
+                        process_start_command = "`brew services start {}`"
+                    close(
+                        "service {} is required to be started for autosploit to run successfully (you can do it manually "
+                        "by using the command {}), exiting".format(
+                            service.title(), process_start_command.format(service)
+                        )
+                    )
 
-        if not opts.exploitFile:
+        if len(sys.argv) > 1:
+            info("attempting to load API keys")
+            loaded_tokens = load_api_keys()
+            AutoSploitParser().parse_provided(opts)
+
+            if not opts.exploitFile:
+                misc_info("checking if there are multiple exploit files")
+                loaded_exploits = load_exploits(EXPLOIT_FILES_PATH)
+            else:
+                loaded_exploits = load_exploit_file(opts.exploitFile)
+                misc_info("Loaded {} exploits from {}.".format(
+                    len(loaded_exploits),
+                    opts.exploitFile))
+
+            AutoSploitParser().single_run_args(opts, loaded_tokens, loaded_exploits)
+        else:
+            warning(
+                "no arguments have been parsed, defaulting to terminal session. "
+                "press 99 to quit and help to get help"
+            )
             misc_info("checking if there are multiple exploit files")
             loaded_exploits = load_exploits(EXPLOIT_FILES_PATH)
-        else:
-            loaded_exploits = load_exploit_file(opts.exploitFile)
-            misc_info("Loaded {} exploits from {}.".format(
-                len(loaded_exploits),
-                opts.exploitFile))
+            info("attempting to load API keys")
+            loaded_tokens = load_api_keys()
+            terminal = AutoSploitTerminal(loaded_tokens)
+            terminal.terminal_main_display(loaded_exploits)
+    except Exception as e:
+        import traceback
+
+        print(
+            "\033[31m[!] AutoSploit has hit an unhandled exception: '{}', "
+            "in order for the developers to troubleshoot and repair the "
+            "issue AutoSploit will need to gather your OS information, metasploit version, "
+            "current arguments, the error message, and a traceback. "
+            "None of this information can be used to identify you in any way\033[0m".format(str(e))
+        )
+        error_traceback = ''.join(traceback.format_tb(sys.exc_info()[2]))
+        error_file = save_error_to_file(str(error_traceback))
+        request_issue_creation(error_file, hide_sensitive(), str(e))
 
-        AutoSploitParser().single_run_args(opts, loaded_tokens, loaded_exploits)
-    else:
-        warning("no arguments have been parsed, defaulting to terminal session. press 99 to quit and help to get help")
-        misc_info("checking if there are multiple exploit files")
-        loaded_exploits = load_exploits(EXPLOIT_FILES_PATH)
-        info("attempting to load API keys")
-        loaded_tokens = load_api_keys()
-        terminal = AutoSploitTerminal(loaded_tokens)
-        terminal.terminal_main_display(loaded_exploits)

etc/scripts/start_services.sh

@@ -1,6 +1,9 @@
 #!/bin/bash
 
 function startApacheLinux () {
+  # NOTE: if you are running on Arch uncomment this
+  #sudo systemctl start apache > /dev/null 2>&1
+  # and comment this one out
   sudo systemctl start apache2 > /dev/null 2>&1
 }
 

etc/text_files/auth.key

@@ -0,0 +1 @@
+Vm0wd2VFMUdiRmhTV0d4V1YwZG9XVll3WkRSV1ZteHlWMjVrVlUxV2NIbFdNalZyWVZVeFYxZHVhRmRTZWtFeFZtMTRTMk15VGtsaFJscHBWa1ZhU1ZkV1VrZFRNazE0Vkc1V2FsSnRhRzlVVmxwWFRrWmFjbHBFVWxwV2JIQllWVEkxVDFkSFNraFZiR2hhWVRGYU0xWXhXbUZqTVZwMFVteG9hVlpyV1hwV1IzaGhZekZhU0ZOclpGaGlSMmhvVm1wT1UyRkdiRlpYYlhScVlrWmFlVlV5Y3pGV01rcEpVV3hzVjFaNlJUQlpla3BIWXpGT2MxWnNaR2xTYTNCWFZtMHhOR1F3TUhoalJXaHNVakJhVlZWc1VsZFhiR1J5VjIxR2FGWnNjSHBaTUZadlZqRktjMk5HYUZwaGExcG9WbXBHYTJOc1pISlBWbVJPWWxkb1dsWXhXbE5TTVZwMFZtdGthbEpXY0ZsWmExVXhZMVpTVjFkdFJrNVdiRlkxV1ROd1YxWnJNVmRqUldSWFRXNUNTRlpxUm1GV01rNUhWRzFHVTFKV2NFVldiR1EwVVRGYVZrMVZWazVTUkVFNQ==:9

etc/text_files/ethics.lst

@@ -9,4 +9,6 @@
 "This provides an unending opportunity for cybercriminals and script kiddies to hijack vulnerable devices and subsequently launch attacks against online organizations with ease"
 "Both Metasploit and Shodan have been available for years, as integral to the pen testers toolkit as Nessus and Burpsuite. But with Autosploit pulling them together, the concern should be focused on curious kids thinking it would be fun to see what they can find"
 "My fear is that this has magnified the attack surface, and made it so that every exposed service on the internet will be scanned and probed on a near-constant basis by an entirely new set of attackers."
-"The release of tools like these exponentially expands the threat landscape by allowing a wider group of hackers to launch global attacks at will"
+"The release of tools like these exponentially expands the threat landscape by allowing a wider group of hackers to launch global attacks at will"
+"Good to know we’ve weaponized for the masses. Everyone can now be a script kiddie simply by plugging, playing and attacking."
+"The fact that something is really easy, does not make unauthorized computer access any less a crime. And tools like this leave a forensic footprint that is miles wide. Yes, you can compromise poorly protected systems very easily with this tool, but you can also end up in a lot of trouble."

etc/text_files/links.txt

@@ -0,0 +1,12 @@
+https://gist.githubusercontent.com/Ekultek/f51e6d61817721aa9341a1f1e66d3602/raw/82dfa8234d2f744c99bc277a1c73efc39770cff6/wordpress_exploits.txt
+https://gist.githubusercontent.com/Ekultek/76202c6fa170d6da501da5ab303f01f0/raw/da5205919f1a47f2ccc9c75ab26e1456ad91d3d4/all_exploits.txt
+https://gist.githubusercontent.com/Ekultek/e04f27632d40bf10da338b61b8416f95/raw/8c949dd2aa8047ded828b1220e13101b6f28d9ab/linux_exploits.txt
+https://gist.githubusercontent.com/Ekultek/d4658fe488f9edafe2b2edc1910e1983/raw/13c21c0ed20b4b10df79b93566fdd111df77f1ed/windows_exploits.txt
+https://gist.githubusercontent.com/Ekultek/219036c05e21d8352b4181cbe3df5f4f/raw/0e907b387fa2b35dc75cb94120172155d8d3eb3e/smb_exploits.txt
+https://gist.githubusercontent.com/Ekultek/066e1c9285f2a60d2b7103b4d1972864/raw/03d06809a3d79d51f19e3d0c77fb9783f961c485/samba_exploits.txt
+https://gist.githubusercontent.com/Ekultek/e9a5c7d37fc58b77bed241d8f2811e8a/raw/789839b93c2c8ce7cc6240cafedfa8e30c2ae4e1/all_rce_exploits.txt
+https://gist.githubusercontent.com/Ekultek/c69a01e688ed1739d9e572722ea37ed5/raw/63ead0225784de9389059745b1c869face015d7c/2018_rce_exploits.txt
+https://gist.githubusercontent.com/Ekultek/6d1d2d0a83715cb0314fead1ff2768a1/raw/b4fb17df1c3c09464741547ccff674262168a015/excellent_exploits.txt
+https://gist.githubusercontent.com/Ekultek/4a06da7d69f8f7f24542f7e978ad67a5/raw/5623ac8b9e4dc8e246e013dc7d7e2b5a31948d78/os_command_exploits.txt
+https://gist.githubusercontent.com/Ekultek/2d7e0d98b37b1d06676d409fe0c5b899/raw/f4fe9b3c400dcf86a8147fd903a6ee13e3fbe5f5/buffer_overflow_exploit.txt
+https://gist.githubusercontent.com/Ekultek/fdac157e66b82fea3075d2149e9aa1d3/raw/c5002d9c9e2918084e16b83fc1a9af06cf26bd05/osx_exploits.txt

lib/banner.py

@@ -1,7 +1,7 @@
 import os
 import random
 
-VERSION = "2.2"
+VERSION = "2.2.1"
 
 
 def banner_1(line_sep="#--", space=" " * 30):
@@ -61,7 +61,7 @@ def banner_3():
     )
     return banner
 
-    
+
 def banner_4():
     banner = r"""
 {red}    .__.    ,     __.   .     , 	{end}

lib/cmdline/cmd.py

@@ -78,6 +78,8 @@ def optparser():
                           help=argparse.SUPPRESS)  # easter egg!
         misc.add_argument("--whitelist", metavar="PATH", dest="whitelist",
                              help="only exploit hosts listed in the whitelist file")
+        misc.add_argument("-D", "--download", nargs="+", metavar="SEARCH1 SEARCH2 ...", dest="downloadModules",
+                          help="download new exploit modules with a provided search flag")
         opts = parser.parse_args()
         return opts
 
@@ -138,6 +140,8 @@ def single_run_args(opt, keys, loaded_modules):
                 lib.settings.close(
                     "You should take this ethical lesson into consideration "
                     "before you continue with the use of this tool:\n\n{}\n".format(ethic))
+        if opt.downloadModules is not None:
+            print "downloading MODULES!"
         if opt.exploitList:
             try:
                 lib.output.info("converting {} to JSON format".format(opt.exploitList))