diff --git a/html/error.html b/html/error.html index 3720cb7..571b2d2 100644 --- a/html/error.html +++ b/html/error.html @@ -1,25 +1,3 @@ - @@ -43,4 +21,26 @@
%(explain)s
- \ No newline at end of file + + \ No newline at end of file diff --git a/html/exploits.html b/html/exploits.html index 3cfa222..a51ef0d 100644 --- a/html/exploits.html +++ b/html/exploits.html @@ -2,38 +2,34 @@ -Select Exploit | PS4 Exploit Host by Al Azif +* + - +
-

PlayStation 4 Exploit Host

About
+

*

-

Exploits

+
-
diff --git a/html/ps4-updatefeature.html b/html/ps4-updatefeature.html index 4f370f7..4f72459 100644 --- a/html/ps4-updatefeature.html +++ b/html/ps4-updatefeature.html @@ -1,25 +1,3 @@ - @@ -45,4 +23,26 @@

Main features:

- \ No newline at end of file + + \ No newline at end of file diff --git a/start.py b/start.py index bed7a50..779a512 100755 --- a/start.py +++ b/start.py @@ -137,24 +137,25 @@ def exploit_matcher(self): self.my_sender('text/html', data) def exploit(self): - path = unquote(self.path.rsplit('/', 1)[-1]) - if not path or path == '/': - path = 'index.html' - which = unquote(self.path.rsplit('/')[-2]) - mime = mimetypes.guess_type(path) + path = unquote(self.path.split('/', 2)[-1]) + if path[-1:] == '/': + path += 'index.html' + mime = mimetypes.guess_type(self.path.rsplit('/', 1)[-1]) if mime[0]: mime = mime[0] else: mime = 'application/octet-stream' - with open(os.path.join(EXPLOIT_LOC, which, path), 'rb') as buf: + with open(os.path.join(EXPLOIT_LOC, path), 'rb') as buf: data = buf.read() if path == 'index.html': data = data.replace(b'0.0.0.0', bytes(get_lan(), 'utf-8')) self.my_sender(mime, data) def static_request(self): - path = unquote(self.path.rsplit('/', 1)[-1]) - mime = mimetypes.guess_type(path) + path = unquote(self.path.split('/', 2)[-1]) + if path[-1:] == '/': + path += 'index.html' + mime = mimetypes.guess_type(self.path.rsplit('/', 1)[-1]) if mime[0]: mime = mime[0] else: @@ -178,19 +179,31 @@ def payload_launcher(self): def inject_exploit_html(self, html): try: - exploits = os.listdir(EXPLOIT_LOC) - if 'PUT EXPLOITS HERE' in exploits: - exploits.remove('PUT EXPLOITS HERE') - exploits.sort() - if len(exploits) == 0: - return html - elif len(exploits) == 1: - data = '"{}"'.format(exploits[0]) + firmwares = os.listdir(EXPLOIT_LOC) + if 'PUT EXPLOITS HERE' in firmwares: + firmwares.remove('PUT EXPLOITS HERE') + firmwares.sort() + if len(firmwares) == 0: + return html.replace(b'{{EXPLOITS}}', '{"firmwares": ["No Exploits Found"]}') + elif len(firmwares) == 1: + data = '{"firmwares": ["{}"]}}'.format(firmwares[0]) else: - data = '"' + '", "'.join(exploits) + '"' + data = '{"firmwares": ["' + '", "'.join(firmwares) + '"]}' + + for firmware in firmwares: + exploits = os.listdir(os.path.join(EXPLOIT_LOC, firmware)) + exploits.append('[Back]') + if len(exploits) == 1: + data = data[:-1] + data += ', "{}": ["{}"]}}'.format(firmware, exploits[0]) + else: + data = data[:-1] + data += ', "{}": ["'.format(firmware) + data += '", "'.join(exploits) + '"]}' + data = bytes(data, 'utf-8') except IOError: - pass + return html.replace(b'{{EXPLOITS}}', '{"firmwares": ["I/O Error on Host"]}') return html.replace(b'{{EXPLOITS}}', data) @@ -201,7 +214,11 @@ def check_ua(self): 'Mozilla/5.0 (PlayStation 4 4.05) AppleWebKit/537.78 (KHTML, like Gecko)', 'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/537.78 (KHTML, like Gecko)', 'Mozilla/5.0 (PlayStation 4 4.55) AppleWebKit/601.2 (KHTML, like Gecko)', - 'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)' + 'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)', + 'Mozilla/5.0 (PlayStation 4 5.01) AppleWebKit/601.2 (KHTML, like Gecko)', + 'Mozilla/5.0 (PlayStation 4 5.03) AppleWebKit/601.2 (KHTML, like Gecko)', + 'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)', + 'Mozilla/5.0 (PlayStation 4 5.50) AppleWebKit/601.2 (KHTML, like Gecko)' ] if self.headers['User-Agent'] in allowed: @@ -241,7 +258,7 @@ def do_GET(self): except IOError: self.send_error(404) - if self.path.rsplit('/', 1)[-1] == 'kernel.js': + if self.path.rsplit('/', 1)[-1] == 'rop.js': print('>> Exploit sent...') try: payloads_file = os.path.join(EXPLOIT_LOC, self.path.rsplit('/', 2)[-2], 'nopayloads') diff --git a/static/script.js b/static/script.js new file mode 100644 index 0000000..c291c78 --- /dev/null +++ b/static/script.js @@ -0,0 +1,80 @@ +function isInArray(value, array) { + return array.indexOf(value) > -1; +} + +function updatePage(title, header, buttons) { + document.title = title + " | PS4 Exploit Host by Al-Azif"; + document.getElementById("title").innerHTML = title; + document.getElementById("header").innerHTML = header; + document.getElementById("buttons").innerHTML = buttons; +} + +function resetPage() { + history.pushState("", document.title, window.location.pathname + window.location.search); + updatePage("Firmware Selection", "Firmware", firmwares); +} + +function getFirmwares() { + var firmwares = ""; + x = 0; + for (var i = 0, len = data["firmwares"].length; i < len; i++) { + x += 1; + firmwares += ""; + if (x >= 3) { + firmwares += "
"; + x = 0; + } + } + return firmwares; +} + +function getExploits() { + var hash = window.location.hash.substr(1); + var exploits = ""; + x = 0; + for (var i = 0, len = data[hash].length; i < len; i++) { + x += 1; + if (data[hash][i] == "[Back]") { + exploits += ""; + } else { + exploits += ""; + } + if (x >= 3) { + exploits += "
"; + x = 0; + } + } + return exploits; +} + +function firmwareSelected() { + var hash = window.location.hash.substr(1); + if (!isInArray(hash, firmwares)) { + resetPage(); + } else { + var exploits = getExploits(); + updatePage("Exploit Selection", hash, exploits); + } +} +/* +Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*/ \ No newline at end of file diff --git a/static/style.css b/static/style.css index 3c15484..5df3486 100644 --- a/static/style.css +++ b/static/style.css @@ -1,25 +1,3 @@ -/* -Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -*/ html { height: 100%; } @@ -109,3 +87,25 @@ ul.default li { color: white; border-radius: 8px; } +/* +Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*/ \ No newline at end of file