release/0.2.16

[grisuno]

What's Changed

• some utils by @grisun0 in some utils #61
• some utils 2 by @grisuno in some utils 2 #62

Full Changelog: release/0.2.15...release/0.2.16

follina

Executes the MSDT Follina exploit tool to create malicious documents for exploitation.

This function performs the following actions:

1. Checks if follina.py is available; if not, it clones the repository and installs dependencies.
2. If the line argument is "default", it runs the tool with default parameters to pop calc.exe.
3. If the line argument is "notepad", it runs the tool to pop notepad.exe.
4. If the line argument is "reverse", it prompts for a port and runs the tool to get a reverse shell.
5. If the line does not match any valid options, it displays an error message with usage instructions.

Parameters:
line (str): Command argument specifying the action mode.
- If "default", executes with default parameters.
- If "notepad", executes to pop notepad.exe.
- If "reverse", prompts for a port and executes for a reverse shell.
- If neither, displays an error message with usage instructions.

Returns:
None

sawks

Executes the Swaks (Swiss Army Knife for SMTP) tool to send test emails for phishing simulations.

This function performs the following actions:

1. Checks if Swaks is available; if not, it clones the repository to the appropriate directory.
2. Constructs the Swaks command with the specified 'to' and 'from' emails, server, and message body.
3. Runs the command using Swaks to simulate email delivery.

Parameters:
line (str): Command argument specifying additional options or the message body.
- If not provided, defaults to a basic test message.

Returns:
None

ad_ldap_enum

Executes ad-ldap-enum to enumerate Active Directory objects (users, groups, computers)
through LDAP, collecting extended information on group memberships and additional AD details.

This function enables the enumeration of Active Directory users, groups, and computers
by executing LDAP queries on a specified domain controller. The command constructed allows
password or Pass-the-Hash authentication, supports SSL/TLS, and IPv4/IPv6 connections,
and outputs data into CSV files detailing domain group memberships and extended user/computer
information.

Functionalities include:

1. Checking for credential availability and prompting for them if not found.
2. Constructing an LDAP enumeration command with customizable authentication and server details.
3. Executing ad-ldap-enum.py to output detailed information in CSV format.

The output files are saved in the current working directory with a prepend if specified.

Example command the function can build:

• python3 ad-ldap-enum.py -d scrm.local -l 10.10.11.168 -u ksimpson -p ksimpson -v

Usage:
- Run dp_ad_ldap_enum to initiate AD object enumeration using ad-ldap-enum.

:param line: String containing initial command-line arguments or options.

unzip

Unzips a specified file from the sessions directory.

This function attempts to locate and unzip a file in the sessions directory.
If a filename is provided as line, it will use that; otherwise, it will attempt
to retrieve a zip file name based on existing zip files in the user's dictionary.
If the zip file is not found or does not exist in the sessions path, it prints
an error message.

Steps of execution:

1. Determines the zip file name from line or user dictionary.
2. Checks if the zip file exists within the sessions path.
3. Builds the unzip command and executes it to extract the contents of the zip file.

Usage example:
unzip filename.zip

:param line: The zip filename to be extracted. If empty, a zip file will be selected
automatically if available.
:return: None

regeorg

Executes the reGeorg tool for HTTP(s) tunneling through a SOCKS proxy.

This function performs the following actions:

1. Checks if the reGeorg tool is installed; if not, it clones the repository and sets up the environment.
2. Validates the command line arguments, specifically the port and URL required for the SOCKS proxy.
3. Constructs the command to run the reGeorg SOCKS proxy with the specified options and executes it.
4. Provides usage instructions in case of incorrect command line argument formats.

Parameters:
line (str): Command argument specifying the parameters for the reGeorg execution.
- The expected format is: " ", where is the listening port and is the URL
containing the tunnel script.

Returns:
None

rocky

Reduces a wordlist based on the specified password length.

This function filters the provided wordlist to only include passwords
that match the specified length. If no length is provided, it defaults
to 4. The function constructs a grep command to achieve this and executes
it.

Usage:
do_rocky(line: str)

:param line: The length of the passwords to filter in the wordlist.
This parameter should be a string representing a positive integer.
If not provided, the function prompts the user for input.
:type line: str
:raises ValueError: If the provided length is not a valid positive integer.

Example:
do_rocky('8')
# Executes: grep '^.{8}$' /usr/share/wordlists/rockyou.txt > sessions/lazypass_mini_rocky.txt

---

This discussion was created from the release release/0.2.16.