App-Hack-Exe
view release on metacpan or search on metacpan
lib/App/Hack/Exe.pm view on Meta::CPAN
# Translate packed binary address to human-readable IP address
# (err, addr, port) = getnameinfo
my (undef, $ip) = getnameinfo($res->{addr}, NI_NUMERICHOST | NI_NUMERICSERV);
if (defined $ip) {
push @{$ips{$family_key}}, $ip;
}
}
};
return %ips;
}
sub _chainproxies {
my $self = shift;
my @proxies = @{$self->{proxies}};
$self->_dots('Chaining proxies');
# Interpolation glue
local $" = '>';
my $bracket_width = length "@proxies"; # (sic)
my $proxy_ct = scalar @proxies;
my @chained;
print " [+] 0/$proxy_ct proxies chained {", MEMORIZE_CURSOR, (' ' x $bracket_width), '}';
$self->_sleep(0.2);
while (@proxies) {
push @chained, shift @proxies;
print "\r [+] ", (scalar @chained), RECALL_CURSOR, "@chained";
$self->_sleep(0.2);
}
say '';
return;
}
sub _launchproxy {
my $self = shift;
$self->_dots('Opening SOCKS5 ports on infected hosts');
say ' [+] SSL entry point on 127.0.0.1:1337';
return;
}
sub _portknock {
my $self = shift;
my @ports = @{$self->{ports}};
$self->_dots('Launching port knocking sequence');
# Interpolation glue
local $" = ',';
my $bracket_width = length "@ports"; # (sic)
my @knocked;
print ' [+] Knock on TCP<', MEMORIZE_CURSOR, (' ' x $bracket_width), '>', RECALL_CURSOR;
$self->_sleep(0.2);
while (@ports) {
push @knocked, shift @ports;
print $knocked[-1];
if (@ports) {
print $";
}
$self->_sleep(0.2);
}
say '';
return;
}
sub _prompt {
my $self = shift;
my $hostname = shift;
$self->_sleep(0.5);
my $prompt = "root\@$hostname:~# ";
print $prompt;
# Wait for the user to press Ctrl-d
while (-t STDIN && <STDIN>) {
print $prompt;
}
return;
}
sub _sleep {
my ($self, @args) = @_;
if ($self->{no_delay}) {
@args = (0);
}
return sleep @args;
}
sub _w00tw00t {
my $self = shift;
$self->_dots('Sending PCAP datagrams for fragmentation overlap');
say ' [+] Stack override ***** w00t w00t g0t r00t!';
say '';
print '[';
my $chars = 65;
while ($chars --> 0) {
print '=';
$self->_sleep(0.01);
}
say ']';
return;
}
=head1 METHODS
=head2 C<run( $hostname )>
Run the simulation.
=cut
sub run {
my ($self, $hostname) = @_;
unless ($hostname) {
croak('No targets specified.');
}
local $| = 1;
print _colored_demon();
$self->_get_ip($hostname);
$self->_launchproxy;
$self->_chainproxies;
$self->_portknock;
$self->_w00tw00t;
$self->_prompt($hostname);
say 'Done';
return;
}
=head1 AUTHOR
Dan Church (h3xx<attyzatzat>gmx<dottydot>com)
=head1 LICENSE AND COPYRIGHT
Copyright (C) 2023 Dan Church.
This library is free software; you can redistribute it and/or modify it under
the same terms as Perl itself.
=head1 AVAILABILITY
The latest version of this library is likely to be available from CPAN as well
as:
L<https://codeberg.org/h3xx/perl-App-Hack-Exe>>
=head1 THANKS
Thanks to janbrennen's L<original
idea|https://github.com/janbrennen/rice/blob/master/hack.exe.c>.
=cut
1;
( run in 0.731 second using v1.01-cache-2.11-cpan-6aa56a78535 )