-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Brock
committed
Dec 22, 2014
1 parent
ae5d1bf
commit 4a3fbd6
Showing
61 changed files
with
6,885 additions
and
0 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,115 @@ | ||
| Intersect 2.5 - Documentation | ||
| How-To Guide | ||
|
|
||
| Table Of Contents | ||
| * Create.py | ||
| * Building custom scripts | ||
| * Using your finished script | ||
|
|
||
|
|
||
|
|
||
| [ Create.py Application ] | ||
|
|
||
| The Create application is the core application within the Intersect 2.5 framework. | ||
| The main focus of Create is to help you in building customized Intersect scripts, but it can also be used for importing | ||
| new modules from a local file or webserver, viewing their descriptions or author information, check for updates to the | ||
| Intersect framework and some other creation-centric features. | ||
|
|
||
| Create.py is a menu-driven script that guides you through the process of building your custom script. | ||
| When you start Create you will be brought to the Main Menu, where you can choose whether to build a new script, import | ||
| a new module or view a list of all currently available modules within the Custom and Standard directories. | ||
|
|
||
| Within any menu of Create, you can type ':help' to be presented with a detailed list of commands for the specific menu | ||
| you are in. You can also type ':exit' or ':quit' at any menu to be brought back to the Main Menu or completely exit | ||
| the application, if you are all ready there. | ||
|
|
||
| Main Menu: | ||
| 1 => Create Custom Script | ||
| 2 => List Available Modules | ||
| 3 => Load Plugin Module | ||
| 4 => Check for updates | ||
| 5 => Exit Creation Utility | ||
|
|
||
|
|
||
|
|
||
|
|
||
| [ Building Custom Scripts ] | ||
|
|
||
| The entire purpose of Intersect 2.5 is to help you create custom post-exploitation scripts. This is done by using the | ||
| Create application and selecting option '1' from the Main Menu. | ||
|
|
||
| After you select the first option from the Main Menu, you'll be presented with a quick tutorial on how the creation | ||
| process works and how to add modules to your script. | ||
| At any point during this process you can type ':help' for a full list of commands or type ':quit' to return to the main | ||
| menu. | ||
|
|
||
| Enter the name of each module you wish to add to your script, pressing [enter] after each addition. | ||
| Once you've added everything you want included, type ':create' to start the build process. | ||
| You'll then be prompted to enter a name for your script and define some options for things like encryption keys and | ||
| ports. | ||
| The entries will checked to make sure your entries are valid. If you enter an invalid IP address or port, you will be | ||
| notified and asked to re-enter the correct information. | ||
|
|
||
| After all the options are saved, your script will be built. | ||
| You'll be shown a list of all the modules that were built into the script and the location where the final product is | ||
| saved. | ||
|
|
||
| [Example of :create command] | ||
| => :create | ||
| Enter a name for your Intersect script. The finished script will be placed in the Scripts directory. | ||
| Do not include Python file extension. | ||
| => TutorialTest | ||
| Script will be saved as /home/ohdae/Git/Intersect-2.5/Scripts/TutorialTest.py | ||
|
|
||
| Configure Options: | ||
| If any of these options don't apply to you, press [enter] to ignore them. | ||
| bind port => 4444 | ||
| [+] bind port saved. | ||
| remote host => | ||
| [+] remote host saved. | ||
| remote port => | ||
| [+] remote port saved. | ||
| proxy port => | ||
| [+] proxy port saved. | ||
| xor cipher key => | ||
| [+] xor key saved. | ||
| bshell | ||
| extras | ||
| network | ||
|
|
||
| [+] Your custom Intersect script has been created! | ||
| Location: /home/ohdae/Git/Intersect-2.5/Scripts/TutorialTest.py | ||
|
|
||
|
|
||
|
|
||
|
|
||
| <<<<<<< HEAD | ||
| [ Using your custom Intersect script ] | ||
| ======= | ||
| [ Using your custom Intersect script ] | ||
| >>>>>>> 528f569ec22cc25259cbe6f12258205e2f68dbdf | ||
|
|
||
| There is a large variety of ways you can use your Intersect script. The options are only limited by the modules you | ||
| choose for each script. | ||
|
|
||
| The most straight-forward and common method of use is uploading or downloading the Intersect script onto a target system | ||
| and then running the post-exploitation automation tasks right from the command line. | ||
|
|
||
| If you do not have direct shell access, you can still make full use of Intersect and run any of the includes modules | ||
| over any of the remote shells (TCP, XOR, ICMP, UDP, AES, etc). | ||
| This might occur in a situation where you only have command execution access on the target host, through a vulnerable | ||
| web application for example. | ||
| In that case, simply wget the Intersect script onto the target box and execute "./Intersect.py --rshell", for example, | ||
| to start an interactive reverse shell back to your listening box. Once you get a successfull connection, you can run any | ||
| of the included modules over the shell by using the 'extask' command. | ||
| For a full list of commands and help within any of the remote shells, type 'helpme'. | ||
|
|
||
| <<<<<<< HEAD | ||
| ======= | ||
| When you run most of the Intersect modules, the information and files that are gathered will be saved into a temporary | ||
| directory within /tmp. | ||
| The files and data will be separated into sub-folders so the information is easier to identify and locate. | ||
|
|
||
| This section will be filled in with more details eventually. | ||
| >>>>>>> 528f569ec22cc25259cbe6f12258205e2f68dbdf | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| Copyright (c) 2012, Intersect 2.5 (Post-Exploitation Framework) | ||
| [author: [email protected]] | ||
| All rights reserved. | ||
|
|
||
| Redistribution and use in source and binary forms, with or without | ||
| modification, are permitted provided that the following conditions are met: | ||
| * Redistributions of source code must retain the above copyright | ||
| notice, this list of conditions and the following disclaimer. | ||
| * Redistributions in binary form must reproduce the above copyright | ||
| notice, this list of conditions and the following disclaimer in the | ||
| documentation and/or other materials provided with the distribution. | ||
| * Neither the name of the <organization> nor the | ||
| names of its contributors may be used to endorse or promote products | ||
| derived from this software without specific prior written permission. | ||
|
|
||
| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND | ||
| ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
| WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
| DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY | ||
| DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
| (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
| ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
| SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
|
|
||
| Please take notice that Intersect 2.5 is provided as is, and is a royalty free open-source application. | ||
|
|
||
| The end-user, you, is allowed to use, modify and/or change whatever you wish within this applications source-code, | ||
| provided that you give appropriate credit where credit is due and the above license and copyright information | ||
| is included. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| Intersect 2.5 - Post-Exploitation Framework | ||
|
|
||
| author: ohdae | ||
| website: http://bindshell.it.cx | ||
| https://github.com/ohdae/Intersect-2.5/ | ||
| contact: bindshell[at]live[dot]com | ||
|
|
||
| Table of Contents | ||
| * General Description | ||
| * Modules Explanation | ||
| * Script Creation Process | ||
| * Credits & How to Contribute | ||
|
|
||
| [ Description ] | ||
|
|
||
| Intersect 2.5 is the second major release in the project line. This release is much different from the previous, | ||
| in that it gives the user complete control over which features the Intersect script includes and lets them easily | ||
| import their own features, among other new functionality. | ||
|
|
||
| This release focuses mainly on the individual modules(features) and the capability to generate your own customized | ||
| Intersect scripts. By using the Create.py application, the user is guided through a menu-driven process which allows | ||
| them to select which modules they would like to include, import their own custom modules and ultimately create an | ||
| Intersect script that is built around the specific modules they choose. | ||
|
|
||
|
|
||
|
|
||
| [ Modules ] | ||
|
|
||
| A module is simply a specific post-exploitation function. Each individual module itself is not capable of stand-alone | ||
| execution until it is imported with the Create application and built into a custom script. | ||
| With Intersect 2.5, there is the arrival of many new modules and some changes to the original features that were included | ||
| in version 2.0. | ||
|
|
||
| The modules are broken down into two categories. | ||
| The first category, Standard Modules, includes all of the original Intersect 2.0 features and tasks but they are | ||
| separated into individual modules to provide more control over the finalized custom script. | ||
| For example, the credential gathering feature is now it's own module called "creds" and | ||
| the network information gathering feature is a separate module called "network". | ||
|
|
||
| The second category is the Custom modules and includes anything that was not part of Intersect 2.0 and is also where | ||
| any new, additional or custom modules that the user imports will be stored. While the user can import any module | ||
| functionality they wish, the Custom modules packaged with Intersect 2.5 focus on post-exploitation automation, remote | ||
| shell access and various data exfiltration functions. | ||
|
|
||
| For more information on writing your own modules or importing modules for use, see the Writing-Modules documentation. | ||
|
|
||
|
|
||
|
|
||
| [ Creation Process ] | ||
|
|
||
| The Create.py application is used to generate the actual Intersect script that you will be using on the target system. | ||
| There is no final Intersect script until you make one! | ||
|
|
||
| When you start Create, you will be presented with a series of menus that provides the following features: | ||
| * Generate custom Intersect scripts | ||
| -- choose as many or as few modules as you want | ||
| -- define specific variables (i.e., shell ports and hosts, crypto keys, proxy ports, etc) | ||
| -- view, add or remove modules from the queue | ||
| -- view description and information on any given module | ||
| * Import custom modules | ||
| -- download and import from a url | ||
| -- import from a local directory | ||
| * Download Intersect 2.5 updates | ||
| -- requires Git to be installed locally | ||
| -- useful for bug fixes, new features, etc | ||
| * Various help menus and lots of other commands | ||
|
|
||
| You will be asked to give your newly created script a name. Enter the filename, without the Python file extension, when | ||
| you are prompted. Your final script will be saved in the Scripts directory. | ||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
|
|
||
| Documentation: How to update Intersect Framework | ||
|
|
||
| - How To Update | ||
| - Updates Schedule | ||
|
|
||
|
|
||
| How To Update: | ||
|
|
||
| *coming soon* | ||
|
|
||
|
|
||
| Updates Schedule: | ||
|
|
||
| New features, bug fixes and upgrades are constantly being pushed to | ||
| the Intersect Github repository. I will do my best to make sure that every | ||
| Monday morning, there is a stable release available. The stable release will | ||
| be listed under the 'master' branch and any developmental and beta upgrades | ||
| will be listed under the 'development' branch. | ||
|
|
||
| Every Monday morning, you can update to the latest stable release by using | ||
| the command 'git pull master' from your main Intersect directory. | ||
|
|
||
| For the beta release use 'git pull development' | ||
|
|
Oops, something went wrong.