Merge pull request #52 from NullArray/jsonize

JSON data implemented (still needs to be converted but it's started)

Author: Ekultek

autosploit.py

@@ -4,7 +4,7 @@
 
 TODO LIST:
  - Splitting the subprocess calls with shlex line #72 (done)
- - Add the ability to read in modules list as JSON, if .txt file is provided convert to JSON before processing
+ - Add the ability to read in modules list as JSON, if .txt file is provided convert to JSON before processing (done)
  - Fix the exploit issue line #125
  - Fixing targets line #261
  - Fix clobber function line #281
@@ -19,18 +19,19 @@
 import os
 import sys
 import time
-import json # Added in preparation of implementing JSON support
 import shlex
 import pickle
 import threading
 import subprocess
 
 import shodan
-
 # idk if you're going to need this since retrying is a decorator (see line 410)
 # from retrying import retry
 from blessings import Terminal
 
+from lib.jsonize import load_exploits
+
+
 t = Terminal()
 
 # Global vars
@@ -43,7 +44,7 @@
 toolbar_width = 60
 version = "1.4.0"
 usage_and_legal_path = "{}/etc/general".format(os.getcwd())
-modules_path = "{}/etc/modules.txt".format(os.getcwd())
+loaded_exploits = load_exploits("{}/etc/json".format(os.getcwd()))
 stop_animation = False
 autosploit_opts = {
     1: "usage and legal", 2: "gather hosts", 3: "custom hosts",
@@ -115,7 +116,7 @@ def exploit(query=None, single=None):
     global workspace
     global local_port
     global local_host
-    global modules_path
+    global loaded_exploits
     global stop_animation
     print("\033[H\033[J")  # Clear terminal
 
@@ -138,11 +139,8 @@ def exploit(query=None, single=None):
             thread.daemon = True
             thread.start()
 
-            with open(modules_path, "rb") as infile:
-                for i in xrange(toolbar_width):
-                    time.sleep(0.1)
-                    for lines in infile:
-                        all_modules.append(lines)
+            for mod in loaded_exploits:
+                all_modules.append(mod)
 
             stop_animation = True
 
@@ -167,13 +165,9 @@ def exploit(query=None, single=None):
         thread.daemon = True
         thread.start()
 
-        with open(modules_path, "rb") as infile:
-            for i in xrange(toolbar_width):
-                time.sleep(0.1)
-                for lines in infile:
-                    all_modules.append(lines)
-                    if query in lines:
-                        sorted_modules.append(lines)
+        for mod in loaded_exploits:
+            all_modules.append(mod)
+
         stop_animation = True
 
     print("\n\n\n[{}]AutoSploit sorted the following MSF modules based search query relevance.\n".format(

etc/modules.json etc/json/default_modules.jsonetc/modules.json renamed to etc/json/default_modules.json

@@ -1,5 +1,5 @@
 {
-  "defaults": [
+  "exploits": [
      "use exploit/windows/firewall/blackice_pam_icq; exploit -j;",
      "use exploit/windows/ftp/ms09_053_ftpd_nlst;exploit -j;",
      "use exploit/windows/http/amlibweb_webquerydll_app;exploit -j;",

lib/__init__.py

@@ -0,0 +1,73 @@
+import os
+import json
+import string
+import random
+
+
+import blessings
+
+t = blessings.Terminal()
+
+
+def random_file_name(acceptable=string.ascii_letters, length=7):
+    """
+    create a random filename.
+
+     `note: this could potentially cause issues if there
+           a lot of file in the directory`
+    """
+    retval = set()
+    for _ in range(length):
+        retval.add(random.choice(acceptable))
+    return ''.join(list(retval))
+
+
+def load_exploits(path, node="exploits"):
+    """
+    load exploits from a given path, depending on how many files are loaded into
+    the beginning `file_list` variable it will display a list of them and prompt
+    or just select the one in the list
+    """
+    retval = []
+    file_list = os.listdir(path)
+    if len(file_list) != 1:
+        print("\n[{}] total of {} files discovered select one".format(
+                t.green("+"), len(file_list)))
+        for i, f in enumerate(file_list, start=1):
+            print("{}. {}".format(i, f[:-5]))
+        action = raw_input("\n<" + t.cyan("AUTOSPLOIT") + ">$ ")
+        selected_file = file_list[int(action) - 1]
+    else:
+        selected_file = file_list[0]
+
+    selected_file_path = os.path.join(path, selected_file)
+
+    with open(selected_file_path) as exploit_file:
+        # loading it like this has been known to cause Unicode issues later on down
+        # the road
+        _json = json.loads(exploit_file.read())
+        for item in _json[node]:
+            # so we'll reload it into a ascii string before we save it into the file
+            retval.append(str(item))
+    return retval
+
+
+def text_file_to_dict(path):
+    """
+    take a text file path, and load all of the information into a `dict`
+    send that `dict` into a JSON format and save it into a file. it will
+    use the same start node (`exploits`) as the `default_modules.json`
+    file so that we can just use one node instead of multiple when parsing
+    """
+    start_dict = {"exploits": []}
+    with open(path) as exploits:
+        for exploit in exploits.readlines():
+            # load everything into the dict
+            start_dict["exploits"].append(exploit.strip())
+    filename_path = "{}/etc/json/{}.json".format(os.getcwd(), random_file_name())
+    with open(filename_path, "a+") as exploits:
+        # sort and indent to make it look pretty
+        _data = json.dumps(start_dict, indent=4, sort_keys=True)
+        exploits.write(_data)
+    return filename_path
+