-
Notifications
You must be signed in to change notification settings - Fork 60
/
Blacklist.cna
120 lines (100 loc) · 2.63 KB
/
Blacklist.cna
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# Blacklist.cna
# Author: Vincent Yiu @vysecurity
# Not responsible for you losing shells, check the blacklists before using.
global('@blacklist');
#$blacklist_pc = @("JOHN-PC", "TEQUILABOOMBOOM", "ANTONY-PC", "XFIIP-PC", "HOME-OFF-D5F0AC");
#$blacklist_user = @();
$blacklist = @(
@("John *","JOHN-PC"),
@("janettdoe *","TEQUILABOOMBOOM"),
@("Antony *","ANTONY-PC"),
@("xfIIp *","XFIIP-PC"),
@("Dave *","HOME-OFF-D5F0AC")
);
on beacon_initial{
# $1 - ID of beacon
# $2 - text of the message
# $3 - time
$pcname = binfo($1, "computer");
$username = binfo($1, "user");
if (@($username, $pcname) isin $blacklist){
blog("[!] Blacklisted Pair: $username, $pcname");
blog("Exiting...");
bexit($1);
blog("Removing...");
bremove($1);
}
}
sub add_blacklist{
# $1 = beacon_id
foreach $beacon ($1){
#elog($beacon);
$pair = @(binfo($beacon, "user"), binfo($beacon, "computer"));
if (!exists($pair)){
blog($beacon, "[*] Adding $pair to blacklist");
add($blacklist, $pair, -1);
}
else{
blog($beacon, "[!] $pair already exists in blacklist");
}
}
show_blacklist($beacon);
}
sub remove_blacklist{
# $1 = beacon_id
foreach $beacon ($1){
$pair = @(binfo($beacon, "user"), binfo($beacon, "computer"));
if (exists($pair)){
blog($beacon, "[*] Removing $pair from blacklist");
remove($blacklist, $pair);
}
else{
blog($beacon, "[!] $pair does not exist in blacklist");
}
}
show_blacklist($beacon);
}
sub show_blacklist{
blog($1, "========================");
if (size($1) <= 0){
blog($1, "[!] Empty Blacklist");
}
foreach $pair ($blacklist){
blog($1, "Blacklist: $pair");
}
blog($1, "========================");
}
popup beacon_bottom {
menu "Blacklist"{
item "Add to Blacklist" {
add_blacklist($1);
}
item "Remove from Blacklist" {
remove_blacklist($1);
}
item "Show Blacklist" {
show_blacklist($1);
}
}
}
sub exists{
# Check if blacklist already exists
# @("user", "computer");
if ($1 in $blacklist){
return true;
}
else{
return false;
}
}
alias blacklist-add {
# $1 = beacon_id
add_blacklist(@($1));
}
alias blacklist-remove {
# $1 = beacon_id
remove_blacklist(@($1));
}
alias blacklist-show {
show_blacklist($1);
}