SecT0uch/pendora-box
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: SecT0uch:18eaa61dda77b3b0ae8f34b0e1e0ab4920b8bd95
Branches Tags
SecT0uch:master
...
compare: SecT0uch:master
Branches Tags
SecT0uch:master

6 Commits
18eaa61dda ... master

Author SHA1 Message Date
Jordan ERNST
91b5ce8f28 Add NimScan 2023-04-24 00:50:58 +02:00
Jordan ERNST
eefc1e7aa1 Update 2023-04-05 21:07:48 +02:00
Jordan ERNST
6a5e28dc1c Add plink, allow mimikatz 2023-03-30 23:09:58 +02:00
Jordan ERNST
b9790c7d9f Fix download method 2022-08-09 14:07:02 +02:00
Jordan ERNST
89450cd2fe Update README 2022-08-02 19:11:57 +02:00
Jordan ERNST
926676eb1b Add P0wnyShell 2022-06-08 14:28:49 +02:00
2 changed files with 166 additions and 23 deletions
Expand all files Collapse all files

96
config.json
View File

@ -17,27 +17,107 @@
"MS11-046/ms11-046.exe", "MS11-046/ms11-046.exe",
"MS11-046/MS11_46_k8.exe", "MS11-046/MS11_46_k8.exe",
"MS10-059/MS10-059.exe" "MS10-059/MS10-059.exe"
],
"flozz/p0wny-shell": [
"shell.php"
],
"int0x33/nc.exe": [
"nc64.exe"
],
"BloodHoundAD/BloodHound": [
"Collectors/SharpHound.exe"
],
"PowerShellMafia/PowerSploit": [
"Recon/PowerView.ps1"
],
"Flangvik/SharpCollection": [
"NetFramework_4.7_Any/Rubeus.exe"
],
"calebstewart/CVE-2021-1675": [
"CVE-2021-1675.ps1"
],
"besimorhino/powercat": [
"powercat.ps1"
],
"r3motecontrol/Ghostpack-CompiledBinaries": [
"Seatbelt.exe"
] ]
}, },
"githubreleasesync": { "githubreleasesync": {
"carlospolop/PEASS-ng": { "carlospolop/PEASS-ng": {
"local_version": "20220515", "local_version": "20230419-b6aac9cb",
"files": [ "files": [
"linpeas.sh", "linpeas.sh",
"winPEAS.bat", "winPEAS.bat",
"winPEASany.exe" "winPEASany.exe",
"winPEASany_ofs.exe"
]
},
"AlessandroZ/LaZagne": {
"local_version": "v2.4.5",
"files": [
"lazagne.exe"
]
},
"DominicBreuker/pspy": {
"local_version": "v1.2.1",
"files": [
"pspy32",
"pspy64"
]
},
"itm4n/PrintSpoofer": {
"local_version": "v1.0",
"files": [
"PrintSpoofer32.exe",
"PrintSpoofer64.exe"
]
},
"PowerShell/Win32-OpenSSH": {
"local_version": "v9.2.2.0p1-Beta",
"files": [
"OpenSSH-Win32-{nobeta_version}.msi",
"OpenSSH-Win64-{nobeta_version}.msi"
]
},
"elddy/NimScan": {
"local_version": "1.0.8",
"files": [
"NimScan.exe"
] ]
}, },
"jpillora/chisel": { "jpillora/chisel": {
"local_version": "v1.7.7", "local_version": "v1.8.1",
"files": [ "files": [
{ {
"filename": "chisel_{short_version}_windows_386.gz", "filename": "chisel_{short_version}_windows_386.gz",
"binpath": "chisel.exe" "inpath": "chisel.exe",
"outpath": "chisel.exe"
}, },
{ {
"filename": "chisel_{short_version}_linux_386.gz", "filename": "chisel_{short_version}_linux_386.gz",
"binpath": "chisel" "inpath": "chisel",
"outpath": "chisel"
},
{
"filename": "chisel_{short_version}_linux_amd64.gz",
"inpath": "chisel64",
"outpath": "chisel64"
}
]
},
"gentilkiwi/mimikatz": {
"local_version": "2.2.0-20220919",
"files": [
{
"filename": "mimikatz_trunk.zip",
"inpath": "Win32/mimikatz.exe",
"outpath": "mimikatz32.exe"
},
{
"filename": "mimikatz_trunk.zip",
"inpath": "x64/mimikatz.exe",
"outpath": "mimikatz64.exe"
} }
] ]
} }
@ -54,5 +134,11 @@
"files": [ "files": [
"nc.exe" "nc.exe"
] ]
},
"plink": {
"local_version": "0.78",
"files": [
"w32/plink.exe"
]
} }
} }

93
pendora-box.py Normal file → Executable file
View File

@ -1,11 +1,12 @@
#!/usr/bin/env python3
import argparse import argparse
import json import json
from pathlib import Path from pathlib import Path
import hashlib import hashlib
import requests import requests
import base64
import sys import sys
from os import geteuid from os import geteuid, chdir
import subprocess import subprocess
from io import BytesIO from io import BytesIO
import zipfile import zipfile
@ -27,8 +28,8 @@ def get_master_info(repo, filepath, credz):
url = f"https://api.github.com/repos/{repo}/contents/{filepath}" url = f"https://api.github.com/repos/{repo}/contents/{filepath}"
r = requests.get(url, auth=credz) r = requests.get(url, auth=credz)
sha = r.json()['sha'] sha = r.json()['sha']
content = r.json()['content'] dlurl = r.json()['download_url']
return sha, content return sha, dlurl
def get_last_release_info(repo, credz): def get_last_release_info(repo, credz):
@ -67,12 +68,12 @@ def githubmastersync(reponame, filepaths, credz):
for filepath in filepaths: for filepath in filepaths:
localfile = Path('files').joinpath(Path(filepath).name) localfile = Path('files').joinpath(Path(filepath).name)
print(f" * {localfile} ", end='') print(f" * {localfile} ", end='')
lastsha, content = get_master_info(reponame, filepath, credz) lastsha, dlurl = get_master_info(reponame, filepath, credz)
if not localfile.exists(): if not localfile.exists():
content = base64.b64decode(content) r = requests.get(dlurl)
with open(localfile, 'wb') as f: with open(localfile, 'wb') as f:
f.write(content) f.write(r.content)
print('-> Installed! ;)') print('-> Installed! ;)')
else: else:
@ -81,43 +82,50 @@ def githubmastersync(reponame, filepaths, credz):
if sha == lastsha: if sha == lastsha:
print('-> Up-to-date.') print('-> Up-to-date.')
else: else:
content = base64.b64decode(content) r = requests.get(dlurl)
with open(localfile, 'wb') as f: with open(localfile, 'wb') as f:
f.write(content) f.write(r.content)
print('-> Updated!') print('-> Updated!')
def githubreleasesync(reponame, repoinfo, credz): def githubreleasesync(reponame, repoinfo, credz):
local_version = repoinfo['local_version'] local_version = repoinfo['local_version']
last_version = get_last_release_info(reponame, credz) last_version = get_last_release_info(reponame, credz)
short_version = last_version.replace('v', '') short_version = last_version.replace('v', '')
nobeta_version = last_version.replace('p1-Beta', '') # See https://github.com/PowerShell/Win32-OpenSSH/releases
filenames = repoinfo['files'] filenames = repoinfo['files']
for filename in filenames: for filename in filenames:
if isinstance(filename, dict): if isinstance(filename, dict):
binpath = filename['binpath'] inpath = filename['inpath']
outpath = filename['outpath']
filename = filename['filename'] filename = filename['filename']
filename = filename.replace('{last_version}', last_version).replace('{short_version}', short_version) filename = filename.replace('{last_version}', last_version).replace('{short_version}', short_version).replace('{nobeta_version}', nobeta_version)
localfile = Path('files').joinpath(Path(binpath).name) localfile = Path('files').joinpath(outpath)
print(f" * {localfile} ", end='') print(f" * {localfile} ", end='')
else: else:
filename = filename.replace('{last_version}', last_version).replace('{short_version}', short_version) filename = filename.replace('{last_version}', last_version).replace('{short_version}', short_version).replace('{nobeta_version}', nobeta_version)
localfile = Path('files').joinpath(Path(filename).name) localfile = Path('files').joinpath(Path(filename).name)
print(f" * {localfile} ", end='') print(f" * {localfile} ", end='')
if filename.endswith('.gz'): if filename.endswith('.gz'):
is_gz = True is_gz, is_zip = True, False
elif filename.endswith('.zip'):
is_gz, is_zip = False, True
else: else:
is_gz = False is_gz, is_zip = False, False
urldl = f'https://github.com/{reponame}/releases/download/{last_version}/{filename}' urldl = f'https://github.com/{reponame}/releases/download/{last_version}/{filename}'
if not localfile.exists(): if not localfile.exists():
content = requests.get(urldl, auth=credz).content content = requests.get(urldl, auth=credz).content
if is_gz: if is_gz:
extract_bin('gz', binpath, localfile, content) extract_bin('gz', inpath, localfile, content)
elif is_zip:
extract_bin('zip', inpath, localfile, content)
else: else:
with open(localfile, 'wb') as f: with open(localfile, 'wb') as f:
f.write(content) f.write(content)
@ -130,7 +138,9 @@ def githubreleasesync(reponame, repoinfo, credz):
else: else:
content = requests.get(urldl, auth=credz).content content = requests.get(urldl, auth=credz).content
if is_gz: if is_gz:
extract_bin('gz', binpath, localfile, content) extract_bin('gz', inpath, localfile, content)
elif is_zip:
extract_bin('zip', inpath, localfile, content)
else: else:
with open(localfile, 'wb') as f: with open(localfile, 'wb') as f:
f.write(content) f.write(content)
@ -250,6 +260,50 @@ def netcatsync(conf):
json.dump(data, jsonfile, indent=4) json.dump(data, jsonfile, indent=4)
def plinksync(conf):
r = requests.get('https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html')
last_version = r.text.split('PuTTY.\nCurrently this is ')[1].split(', ')[0]
local_version = conf['local_version']
for filename in conf['files']:
localfile = Path('files').joinpath(Path(filename).name)
print(f" * {localfile} ", end='')
urldl = 'https://the.earth.li/~sgtatham/putty/latest/w32/plink.exe'
if not localfile.exists():
content = requests.get(urldl).content
with open(localfile, 'wb') as f:
f.write(content)
print('-> Installed! ;)')
else:
if local_version == last_version:
print('-> Up-to-date.')
else:
content = requests.get(urldl).content
with open(localfile, 'wb') as f:
f.write(content)
with open("config.json", "r") as jsonfile:
data = json.load(jsonfile)
data['plink']['local_version'] = last_version
with open("config.json", "w") as jsonfile:
json.dump(data, jsonfile, indent=4)
print('-> Updated!')
with open("config.json", "r") as jsonfile:
data = json.load(jsonfile)
data['plink']['local_version'] = last_version
with open("config.json", "w") as jsonfile:
json.dump(data, jsonfile, indent=4)
def update(config): def update(config):
print("Updating...") print("Updating...")
with open("credz.json", "r") as jsonfile: with open("credz.json", "r") as jsonfile:
@ -262,8 +316,9 @@ def update(config):
for reponame, repoinfo in config['githubreleasesync'].items(): for reponame, repoinfo in config['githubreleasesync'].items():
githubreleasesync(reponame, repoinfo, credz) githubreleasesync(reponame, repoinfo, credz)
ncatsync(config['ncat']) # ncatsync(config['ncat'])
netcatsync(config['netcat']) netcatsync(config['netcat'])
plinksync(config['plink'])
make_executable() make_executable()
@ -434,6 +489,8 @@ def menu_choice(menu_options):
if __name__ == '__main__': if __name__ == '__main__':
chdir(Path(__file__).resolve().parent) # Change current dir to source location
parser = argparse.ArgumentParser(description='Sync your files and starts a listener on HTTP, SMB or SMB2.') parser = argparse.ArgumentParser(description='Sync your files and starts a listener on HTTP, SMB or SMB2.')
parser.add_argument('-u', '--update', action='store_true', help='update your files (described in config.json)') parser.add_argument('-u', '--update', action='store_true', help='update your files (described in config.json)')
args = parser.parse_args() args = parser.parse_args()