forked from nettitude/PoshC2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathUrlConfig.py
125 lines (105 loc) · 4.59 KB
/
UrlConfig.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
import random
from urllib.parse import urlparse
class UrlConfig:
# urlConfig class represents the necessary URL information for PoshC2.
def __init__(self, filePath="", wordList="wordlist.txt"):
# by default a filepath is specified when instantiating the object
# selecting urls from the old list.
# Feel free to change it to work from a fixed list of known URLs
# works a treat copying and pasting from burp.
self.filePath = filePath
self.urlList = []
self.sockList = []
self.sockRewriteList = []
self.urlRewriteList = []
self.rewriteFile = "rewrite-rules.txt"
if filePath != "":
self.wordList = ""
self.getUrls()
else:
# If you remove the filepath, you'll get random word generation based on a wordlist.
# Default Example Wordlist from:
# https://raw.githubusercontent.com/dominictarr/random-name/master/first-names.txt
# Could use urllib to request this live, but opted for local storage here.
self.wordList = open(wordList).read().splitlines()
self.getRandomUrls()
self.qcUrl = ""
self.connUrl = ""
self.getSockUrls() # Ordering is important. getUrls/getRandomUrls before getSockUrls or getSockurls has nothing to operate on.
self.createRewriteRules()
self.createSockRewriteRules()
# Internal functions - Intended to generate the various items.
def createSockRewriteRules(self):
# Setter
for sockurl in self.sockList:
self.sockRewriteList.append("RewriteRule ^/" + urlparse(sockurl).path + "(.*) https://${SharpSocks}/" + urlparse(sockurl).path + "$1 [NC,L,P]")
def createRewriteRules(self):
# Setter
for url in self.urlList:
self.urlRewriteList.append("RewriteRule ^/" + urlparse(url).path + "(.*) https://${PoshC2}/" + urlparse(url).path + "$1 [NC,L,P]")
def getSockUrls(self):
sock1 = random.choice(self.urlList)
self.urlList[:] = (value for value in self.urlList if value != sock1)
sock2 = random.choice(self.urlList)
self.urlList[:] = (value for value in self.urlList if value != sock2)
self.sockList = [sock1, sock2]
def process(self, line):
output = urlparse(line).path
output = output.rpartition('/')[0]
output = output.replace("'", "")
if output != '':
if output[0] == "/":
output = output.lstrip('/')
if output[-1] != "/":
output = output + "/"
output = output.replace("'", "")
return output
def getUrls(self):
with open(self.filePath, "r") as input:
array = []
for line in input:
toAppend = self.process(line)
if toAppend != '':
if toAppend != ' ':
array.append(self.process(line))
self.urlList = list(set(array))
def generateRandomURL(self):
words = self.wordList
lengthOfUrl = random.randint(1, 10)
i = 0 # Length of URL
urlStub = ""
while i < lengthOfUrl:
i = i + 1
urlStub = urlStub + random.choice(words) + "/"
if random.randint(0, 1) == 1:
urlStub = urlStub + random.choice(words) + "?" + random.choice(words) + "=" + random.choice(words)
urlStub = urlStub.replace("'", "")
return urlStub
else:
urlStub = urlStub.replace("'", "")
return urlStub
def getRandomUrls(self):
numOfUrls = random.randint(20, 75)
i = 0
while i < numOfUrls:
i = i + 1
self.urlList.append(self.generateRandomURL())
# Outputs - Formatted to work with PoshC2
def fetchUrls(self):
return '"{0}"'.format('", "'.join(self.urlList))
def fetchSocks(self):
return '"{0}"'.format('", "'.join(self.sockList))
def fetchRewriteRules(self):
return self.urlRewriteList
def fetchSocksRewriteRules(self):
return self.sockRewriteList
def fetchQCUrl(self):
if self.wordList == "":
return random.choice(self.urlList)
else:
return random.choice(self.urlList) + random.choice(self.wordList) + "?" + random.choice(self.wordList) + "=" + random.choice(self.wordList)
def fetchConnUrl(self):
if self.wordList == "":
return random.choice(self.urlList)
else:
return random.choice(self.urlList) + random.choice(self.wordList) + "?" + random.choice(self.wordList) + "=" + random.choice(self.wordList)