#!/usr/bin/perl
# IPv6 army knife
# 1. Enumerate (ping, DNS, google)
# 2. Scan port
# 3. Exploit and gaining shell
# 4. Backdoor

use strict;
use warnings;
use Switch;
use English;

my $ENUMDIR='./enum';
my $XPLDIR='./xpl';
my $BDDIR='./bd';

my ($opt,$cmd,$command);
my (@argsbuild,@argsenum,@argsscan,@argsgoogle,@argsdns)=();
my (@argsbind,@argsreverse,@argsexploit,@argsbackdoor)=();
my @commands=('build','enum','scan','google','exploit','dns','shell',
'backdoor','bind','reverse','quit','help');

sub banner
{
 print "IPv6 Hackit Written by Ph03n1X\n";
 print "Copyright ipsecs (c) 2010\n";
 print "OS Detected : ";
 system("uname -o");
 print "\n\n
:::::::::::  :::::::::    ::::::::   ::::::::::   ::::::::    ::::::::
    :+:      :+:    :+:  :+:    :+:  :+:         :+:    :+:  :+:    :+:
    +:+      +:+    +:+  +:+         +:+         +:+         +:+
    +#+      +#++:++#+   +#++:++#++  +#++:++#    +#+         +#++:++#++
    +#+      +#+                +#+  +#+         +#+                +#+
    #+#      #+#         #+#    #+#  #+#         #+#    #+#  #+#    #+#
###########  ###          ########   ##########   ########    ########
	
		IPv6 Hackit - The IPv6 Army Knife
 \n\n\n";
 return;
}

sub helpmenu
{
print "Available command are :\n
run - run the tools
quit - back to main menu
help - to print this help. \n\n";
return;
}

sub doRequest
{
 my @args=@_;
 my $argslen = scalar @args;
 my $param = "perl " . $args[$argslen-2];
 for(my $i=1;$i<=$argslen-3;$i++) {
  $param=$param . " " . $args[$i];
 }
 #Check if related tool exist!
 open(FD,"<$args[$argslen-2]") or die("$args[$argslen-1] : Something goes wrong!");
 switch($args[0]){
  case 'run' { 	#User type run command
   system($param); #Execute related modul
  }
  case 'quit' { #User type quit command
   goto core; 	#Exit from module back to main menu
  }
  else { #User type any characters
   helpmenu(); 	#Display help menu
  }
 }
 close(FD); #Close file descriptor
 return;
}

sub Trap
{
 my @args=@_;
 my $argslen = scalar @args;
 if($argslen <1 ){
  exit(0);
 }
}

banner();

core:	#Core menu ipv6-hackit
while(1) {
 print "ipv6~> "; #Display prompt
 $|++;
 chop($opt = <STDIN>); #Get user input from STDIN
 foreach $command (@commands){
  if($command eq $opt){
   goto $opt;
  } #End if
 } #End for
} #End while

build:	#Build IPv6 module
{
 while(1) {
  print "ipv6(build)~> "; #Display prompt
  $|++;
  @argsbuild = split(/\s+/,<>);
  #Send request to build ipv6 list
  doRequest(@argsbuild,$ENUMDIR . '/buildipv6.pl','ERRBUILD');
 } #End of while
} #End of build

enum:	#Enumerate which is host up and down
{
 while(1) {
  print "ipv6(enum)~> "; #Display prompt
  $|++;
  @argsenum = split(/\s+/,<>);
  #Send request to enumerate which host is up and down
  doRequest(@argsenum,$ENUMDIR . '/isalive6.pl','ERRENUM');
 } #End of while
} #End of build

scan: #Do tcp scanning
{
 while(1) {
  print "ipv6(scan)~> "; #Display prompt
  $|++;
  @argsscan = split(/\s+/,<>);
  #Send request to do tcp port scanning
  doRequest(@argsscan,$ENUMDIR . '/tcpscan6.pl','ERRSCAN');
 } #End of while
} #End of scan

google: #Googling via console
{
 while(1) {
  print "ipv6(google)~> "; #Display prompt
  $|++;
  @argsgoogle = split(/\s+/,<>);
  #Send request to do googling
  doRequest(@argsgoogle,$ENUMDIR . '/google6.pl','ERRGOOGLE');
 } #End of while
} #End of build

shell: #Execute shell linux/unix command via ipv6 hackit
{
 while(1) {
  print "ipv6(shell)~> "; #Display prompt
  $|++;
  chop($cmd = <STDIN>); #Get user input from STDIN
  if($cmd eq "quit"){ #User type quit
   goto core; #Exit from shell and back to main menu
  }else{ #User type any characters
   system("$cmd"); #Execute typed characters
  } #End of if else
 } #End of while
} #End of shell

dns: #Enumerate DNS to IPv6 address
{
 while(1) {
  print "ipv6(dns)~>"; #Display prompt
  $|++;
  @argsdns = split(/\s+/,<>);
  #Send request to translate DNS to IPv6 address
  doRequest(@argsdns,$ENUMDIR . '/dns6.pl','ERRDNS');
 }
}

exploit:
{
 print "Since this module has not done yet
 \rSo it's disabled now! You have to wait
 \rcomplete release at http://ipsecs.com\n";
 goto core;
}

backdoor: #Install IPv6 binding backdoor
{
 while(1) {
  print "ipv6(backdoor)~>"; #Display prompt
  $|++;
  @argsbackdoor = split(/\s+/,<>);
  #Send request to install binding backdoor
  doRequest(@argsbackdoor,$BDDIR . '/sh6.pl','ERRBACKDOOR');
 } #End of while
} #End of backdoor

bind: #Get remote shell produced by binding shellcode
{
 while(1) {
  print "ipv6(bind)~>"; #Display prompt
  $|++;
  @argsbind = split(/\s+/,<>);
  #Send request to get remote shell via IPv6 address
  doRequest(@argsbind,$XPLDIR . '/getshell6.pl','ERRBIND');
  #This code is buggy after pressing CTRL+C so we have to quit
  Trap(@argsbind);
 } #End of while
} #End of bind

reverse: #Wait for remote shell produced by reverse shellcode
{
 while(1) {
  print "ipv6(reverse)~>"; #Display prompt
  $|++;
  @argsreverse = split(/\s+/,<>);
  #Send request to wait remote shell via IPv6 address
  doRequest(@argsreverse,$XPLDIR . '/waitshell6.pl','ERRREVERSE');
  #This code is buggy after pressing CTRL+C so we have to quit
  Trap(@argsreverse);
 } #End of while
} #End of reverse

help:
{
print "IPv6 Army Knife - Available Commands Are :\n
build		- to build IPv6 host list file.
enum		- to do host enumeration finding which is up and down.
scan		- to do port scanning finding which is open and close.
google		- to search possible ipv6 host (domain) via google.
exploit		- to exploit programming flaw in ipv6 application.
dns 		- to get record AAAA from domain list file.
shell 		- interactive linux shell without quiting hackit.
bind 		- get remote shell produced by binding payloads.
reverse 	- waiting remote shell produced by reverse payloads. 
backdoor 	- simple binding backdoor without password.
quit 		- to quit from this program.
help 		- to print this help.\n\n";
goto core;
}

quit:
{
print "Bye bye!\n";
exit;
}