OXIESEC PANEL
- Current Dir:
/
/
usr
/
share
/
nmap
/
nselib
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
afp.lua
71.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ajp.lua
16.69 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
amqp.lua
10.5 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
anyconnect.lua
4.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
asn1.lua
14.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base32.lua
7.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base64.lua
5.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bin.lua
12.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bit.lua
2.43 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bitcoin.lua
16.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bits.lua
1.82 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bittorrent.lua
40.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bjnp.lua
9.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
brute.lua
50.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cassandra.lua
5.78 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
citrixxml.lua
16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
coap.lua
76.24 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
comm.lua
10.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
creds.lua
18.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cvs.lua
3.13 KB
04/16/2018 01:11:39 AM
rw-r--r--
📁
data
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
datafiles.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
datetime.lua
1.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp.lua
29.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp6.lua
19.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dns.lua
51.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnsbl.lua
19.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnssd.lua
12.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
drda.lua
24.2 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eap.lua
7.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eigrp.lua
14.47 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
formulas.lua
5.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ftp.lua
9.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
geoip.lua
1.71 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
giop.lua
18.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
gps.lua
3.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
http.lua
105.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
httpspider.lua
36.15 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
iax2.lua
9.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ike.lua
15.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
imap.lua
9.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
informix.lua
39.76 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipOps.lua
26.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipmi.lua
10.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipp.lua
12.54 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
irc.lua
757 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
iscsi.lua
21.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
isns.lua
15.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
jdwp.lua
43.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
json.lua
11.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ldap.lua
31.86 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lfs.luadoc
1.68 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2-utility.lua
4.39 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2.luadoc
4.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
listop.lua
4.66 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg-utility.lua
5.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg.luadoc
351 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
ls.lua
10.96 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
match.lua
2.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
membase.lua
9.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mobileme.lua
8.46 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mongodb.lua
21.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mqtt.lua
28.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpc.lua
179.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpcperformance.lua
29.72 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpctypes.lua
167.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mssql.lua
110.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
multicast.lua
6.1 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mysql.lua
17.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
natpmp.lua
5.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ncp.lua
36 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ndmp.lua
11.58 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
netbios.lua
13.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nmap.luadoc
40.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nrpc.lua
4.42 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nsedebug.lua
3.49 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
omp2.lua
4.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
openssl.luadoc
7.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ospf.lua
15.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
packet.lua
36.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pcre.luadoc
6.79 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pgsql.lua
20.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pop3.lua
5.7 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pppoe.lua
29.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
proxy.lua
12.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rdp.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
re.lua
8.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
redis.lua
3.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rmi.lua
47.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpc.lua
106.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpcap.lua
11.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rsync.lua
5.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rtsp.lua
8.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sasl.lua
16.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
shortport.lua
8.01 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sip.lua
30.56 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
slaxml.lua
17.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb.lua
175.85 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb2.lua
16.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smbauth.lua
37.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smtp.lua
19.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
snmp.lua
15.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
socks.lua
8.26 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
srvloc.lua
12.25 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh1.lua
8.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh2.lua
11.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslcert.lua
33.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslv2.lua
9.63 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stdnse.lua
45.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strbuf.lua
4.52 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strict.lua
2.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stun.lua
11.51 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tab.lua
3.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
target.lua
3.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tftp.lua
9.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tls.lua
56.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tn3270.lua
43.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tns.lua
64.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unicode.lua
14.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unittest.lua
12.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unpwdb.lua
10.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
upnp.lua
11.18 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
url.lua
12.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
versant.lua
8.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vnc.lua
23.3 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vulns.lua
76.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vuzedht.lua
16.62 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
wsdd.lua
12.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xdmcp.lua
11.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xmpp.lua
15.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
Editing: mobileme.lua
Close
local http = require "http" local json = require "json" local stdnse = require "stdnse" local table = require "table" _ENV = stdnse.module("mobileme", stdnse.seeall) --- -- A MobileMe web service client that allows discovering Apple devices -- using the "find my iPhone" functionality. -- -- @author Patrik Karlsson <patrik@cqure.net> -- MobileMe = { -- headers used in all requests headers = { ["Content-Type"] = "application/json; charset=utf-8", ["X-Apple-Find-Api-Ver"] = "2.0", ["X-Apple-Authscheme"] = "UserIdGuest", ["X-Apple-Realm-Support"] = "1.0", ["User-Agent"] = "Find iPhone/1.3 MeKit (iPad: iPhone OS/4.2.1)", ["X-Client-Name"] = "iPad", ["X-Client-UUID"] = "0cf3dc501ff812adb0b202baed4f37274b210853", ["Accept-Language"] = "en-us", ["Connection"] = "keep-alive" }, -- Creates a MobileMe instance -- @param username string containing the Apple ID username -- @param password string containing the Apple ID password -- @return o new instance of MobileMe new = function(self, username, password) local o = { host = "fmipmobile.icloud.com", port = 443, username = username, password = password } setmetatable(o, self) self.__index = self return o end, -- Sends a message to an iOS device -- @param devid string containing the device id to which the message should -- be sent -- @param subject string containing the message subject -- @param message string containing the message body -- @param alarm boolean true if alarm should be sounded, false if not -- @return status true on success, false on failure -- @return err string containing the error message (if status is false) sendMessage = function(self, devid, subject, message, alarm) local data = '{"clientContext":{"appName":"FindMyiPhone","appVersion":\z "1.3","buildVersion":"145","deviceUDID":\z "0000000000000000000000000000000000000000","inactiveTime":5911,\z "osVersion":"3.2","productType":"iPad1,1","selectedDevice":"%s",\z "shouldLocate":false},"device":"%s","serverContext":{\z "callbackIntervalInMS":3000,"clientId":\z "0000000000000000000000000000000000000000","deviceLoadStatus":"203",\z "hasDevices":true,"lastSessionExtensionTime":null,"maxDeviceLoadTime":\z 60000,"maxLocatingTime":90000,"preferredLanguage":"en","prefsUpdateTime":\z 1276872996660,"sessionLifespan":900000,"timezone":{"currentOffset":\z -25200000,"previousOffset":-28800000,"previousTransition":1268560799999,\z "tzCurrentName":"Pacific Daylight Time","tzName":"America/Los_Angeles"},\z "validRegion":true},"sound":%s,"subject":"%s","text":"%s"}' data = data:format(devid, devid, tostring(alarm), subject, message) local url = ("/fmipservice/device/%s/sendMessage"):format(self.username) local auth = { username = self.username, password = self.password } local response = http.post(self.host, self.port, url, { header = self.headers, auth = auth, timeout = 10000 }, nil, data) if ( response.status == 200 ) then local status, resp = json.parse(response.body) if ( not(status) ) then stdnse.debug2("Failed to parse JSON response from server") return false, "Failed to parse JSON response from server" end if ( resp.statusCode ~= "200" ) then stdnse.debug2("Failed to send message to server") return false, "Failed to send message to server" end end return true end, -- Updates location information for all devices controlled by the Apple ID -- @return status true on success, false on failure -- @return json parsed json table or string containing an error message on -- failure update = function(self) local auth = { username = self.username, password = self.password } local url = ("/fmipservice/device/%s/initClient"):format(self.username) local data= '{"clientContext":{"appName":"FindMyiPhone","appVersion":\z "1.3","buildVersion":"145","deviceUDID":\z "0000000000000000000000000000000000000000","inactiveTime":2147483647,\z "osVersion":"4.2.1","personID":0,"productType":"iPad1,1"}}' local retries = 2 local response repeat response = http.post(self.host, self.port, url, { header = self.headers, auth = auth }, nil, data) if ( response.header["x-apple-mme-host"] ) then self.host = response.header["x-apple-mme-host"] end if ( response.status == 401 ) then return false, "Authentication failed" elseif ( response.status ~= 200 and response.status ~= 330 ) then return false, "An unexpected error occurred" end retries = retries - 1 until ( 200 == response.status or 0 == retries) if ( response.status ~= 200 ) then return false, "Received unexpected response from server" end local status, parsed_json = json.parse(response.body) if ( not(status) or parsed_json.statusCode ~= "200" ) then return false, "Failed to parse JSON response from server" end -- cache the parsed_json.content as devices self.devices = parsed_json.content return true, parsed_json end, -- Gets a list of devices -- @return devices table containing a list of devices getDevices = function(self) if ( not(self.devices) ) then self:update() end return self.devices end } Helper = { -- Creates a Helper instance -- @param username string containing the Apple ID username -- @param password string containing the Apple ID password -- @return o new instance of Helper new = function(self, username, password) local o = { mm = MobileMe:new(username, password) } setmetatable(o, self) self.__index = self o.mm:update() return o end, -- Gets the geolocation from each device -- -- @return status true on success, false on failure -- @return result table containing a table of device locations -- the table is indexed based on the name of the device and -- contains a location table with the following fields: -- * <code>longitude</code> - the GPS longitude -- * <code>latitude</code> - the GPS latitude -- * <code>accuracy</code> - the location accuracy -- * <code>timestamp</code> - the time the location was acquired -- * <code>postype</code> - the position type (GPS or WiFi) -- * <code>finished</code> - -- or string containing an error message on failure getLocation = function(self) -- do 3 tries, with a 5 second timeout to allow the location to update -- there are two attributes, locationFinished and isLocating that seem -- to be good candidates to monitor, but so far, I haven't had any -- success with that. local tries, timeout = 3, 5 local result = {} repeat local status, response = self.mm:update() if ( not(status) or not(response) ) then return false, "Failed to retrieve response from server" end for _, device in ipairs(response.content) do if ( device.location ) then result[device.name] = { longitude = device.location.longitude, latitude = device.location.latitude, accuracy = device.location.horizontalAccuracy, timestamp = device.location.timeStamp, postype = device.location.positionType, finished = device.location.locationFinished, } end end tries = tries - 1 if ( tries > 0 ) then stdnse.sleep(timeout) end until( tries == 0 ) return true, result end, -- Gets a list of names and ids of devices associated with the Apple ID -- @return status true on success, false on failure -- @return table of devices containing the following fields: -- <code>name</code> and <code>id</code> getDevices = function(self) local devices = {} for _, dev in ipairs(self.mm:getDevices()) do table.insert(devices, { name = dev.name, id = dev.id }) end return true, devices end, -- Send a message to an iOS Device -- -- @param devid string containing the device id to which the message should -- be sent -- @param subject string containing the message subject -- @param message string containing the message body -- @param alarm boolean true if alarm should be sounded, false if not -- @return status true on success, false on failure -- @return err string containing the error message (if status is false) sendMessage = function(self, ...) return self.mm:sendMessage(...) end } return _ENV;