feature: webapp to infect

2026-06-03 01:27:11 +00:00 · 2024-02-29 19:17:51 +00:00
parent 87c0cc2944
commit bb185b572d
7 changed files with 221 additions and 69 deletions
@@ -0,0 +1,79 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    {% include 'header.html' %}
+  </head>
+  <body>
+      
+{% include 'navigation.html' %}
+
+<div class="container-fluid">
+<div class="row">
+
+
+<!-- a bootstrap dropdown to select one of the log files -->
+<div class="col-md-3">
+
+    <form method="POST" enctype="multipart/form-data" action="/inject">
+    <div class="row row-cols-lg-auto g-3">
+    
+    <select class="form-select" name="shellcode" aria-label="SHELLCODE">
+        {% for shellcode in shellcodes %}
+        <option value="{{shellcode}}">{{shellcode}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="exe" aria-label="EXE">
+        {% for exe in exes %}
+        <option value="{{exe}}">{{exe}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="source_style" aria-label="SOURCESTYLE">
+        {% for name, value in sourcestyles %}
+        <option value="{{name}}">{{value}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="alloc_style" aria-label="ALLOCSTYLE">
+        {% for name, value in allocstyles %}
+        <option value="{{name}}">{{value}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="decoder_style" aria-label="DECODERESTYLE">
+        {% for name, value in decoderstyles %}
+        <option value="{{name}}">{{value}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="exec_style" aria-label="EXECSTYLE">
+        {% for name, value in execstyles %}
+        <option value="{{name}}">{{value}}</option>
+        {% endfor %}
+    </select>
+
+    <select class="form-select" name="inject_style" aria-label="INJECTSTYLE">
+        {% for name, value in injectstyles %}
+        <option value="{{name}}">{{value}}</option>
+        {% endfor %}
+    </select>
+
+    <div class="form-check">
+        <input class="form-check-input" type="checkbox" value="" id="flexCheckDefault">
+        <label class="form-check-label" for="flexCheckDefault">
+          Execute after injection
+        </label>
+      </div>
+
+    <button class="btn btn-primary" type="submit" value="Inject">Inject</button>
+    <button class="btn btn-primary" type="submit" value="Verify">Verify</button>
+
+    </div>
+    </form>
+
+</div>
+</div>
+
+</body>
+</html>
@@ -11,6 +11,10 @@ from pygments.formatters import HtmlFormatter
 import difflib
 from ansi2html import Ansi2HTMLConverter

+from config import config
+from model.settings import Settings
+from model.defs import *
+from supermega import start

 views = Blueprint('views', __name__)

@@ -22,6 +26,68 @@ def index():
    return render_template('index.html')


+@views.route("/inject", methods=['GET', 'POST'])
+def inject():
+    config.load()
+    settings = Settings()
+
+    settings.payload_path = "app/upload/shellcode/" + request.form['shellcode']
+    settings.inject_exe_in = "app/upload/exe/" + request.form['exe']
+    settings.inject_exe_out = "app/upload/infected/" + request.form['exe'] + ".injected"
+
+    source_style = request.form['source_style']
+    settings.source_style = SourceStyle[source_style]
+
+    alloc_style = request.form['alloc_style']
+    settings.alloc_style = AllocStyle[alloc_style]
+
+    decoder_style = request.form['decoder_style']
+    settings.decoder_style = DecoderStyle[decoder_style]
+
+    exec_style = request.form['exec_style']
+    settings.exec_style = ExecStyle[exec_style]
+
+    inject_style = request.form['inject_style']
+    inject_style = InjectStyle[inject_style]
+    settings.inject = True
+    if inject_style == InjectStyle.ENTRY:
+        settings.inject_mode = 1
+    elif inject_style == InjectStyle.HIJACK:
+        settings.inject_mode = 2
+        
+    print(str(settings))
+    start(settings)
+
+    return render_template('inject.html')
+
+
+@views.route("/build")
+def build():
+    exes = []
+    for file in os.listdir("app/upload/exe"):
+        exes.append(file)
+
+    shellcodes = []
+    for file in os.listdir("app/upload/shellcode"):
+        shellcodes.append(file)
+
+    sourcestyles = [(color.name, color.value) for color in SourceStyle]
+    allocstyles = [(color.name, color.value) for color in AllocStyle]
+    decoderstyles = [(color.name, color.value) for color in DecoderStyle]
+    execstyles = [(color.name, color.value) for color in ExecStyle]
+    injectstyles = [(color.name, color.value) for color in InjectStyle]
+
+    return render_template('build.html', 
+        exes=exes,
+        shellcodes=shellcodes,
+        sourcestyles=sourcestyles,
+        allocstyles=allocstyles,
+        decoderstyles=decoderstyles,
+        execstyles=execstyles,
+        injectstyles=injectstyles,
+    )
+
+
@views.route("/project")
 def project():
    log_files = []