From d1bcca56752a51bb707d6a8cab02ef6f35a6cddd Mon Sep 17 00:00:00 2001
From: Hardik Zinzuvadiya <25708027+Z4nzu@users.noreply.github.com>
Date: Sun, 15 Mar 2026 13:55:05 +0530
Subject: [PATCH] Phase 13: Python 3 modernization and os.system cleanup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Replace os.system("cd X; ...") no-op cd subshells with subprocess.run(cwd=...)
  in: xss_attack.py (XSSCon, XanXSS), payload_creator.py (TheFatRat update/troubleshoot),
      forensics.py (BulkExtractor gui/cli), phishing_attack.py (BlackPhish update)
- Replace os.system echo+boxes+lolcat in post_exploitation.py with console.print
- Fix socialmedia_finder.py: print()+os.system+lolcat → subprocess+console.print
- Fix forensics.py cli_mode: os.system apt/bulk_extractor → subprocess.run list form
---
 tools/forensics.py                 | 17 +++++++++++------
 tools/others/socialmedia_finder.py | 16 ++++++++--------
 tools/payload_creator.py           | 11 +++++++++--
 tools/phishing_attack.py           |  4 +++-
 tools/post_exploitation.py         | 10 ++++++----
 tools/xss_attack.py                | 12 ++++++------
 6 files changed, 43 insertions(+), 27 deletions(-)

diff --git a/tools/forensics.py b/tools/forensics.py
index a95826b..e917546 100644
--- a/tools/forensics.py
+++ b/tools/forensics.py
@@ -43,21 +43,26 @@ class BulkExtractor(HackingTool):
         ], installable=False, runnable=False)
 
     def gui_mode(self):
+        import subprocess
+        from config import get_tools_dir
         console.print(Panel(Text(self.TITLE, justify="center"), style="bold magenta"))
         console.print("[bold magenta]Cloning repository and attempting to run GUI...[/]")
-        os.system("git clone https://github.com/simsong/bulk_extractor.git")
-        os.system("ls src/ && cd .. && cd java_gui && ./BEViewer")
+        tools_dir = get_tools_dir()
+        subprocess.run(["git", "clone", "https://github.com/simsong/bulk_extractor.git"],
+                       cwd=str(tools_dir))
+        be_dir = tools_dir / "bulk_extractor"
+        subprocess.run(["./BEViewer"], cwd=str(be_dir / "java_gui"))
         console.print(
             "[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]")
         console.print(
             "[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]")
 
     def cli_mode(self):
+        import subprocess
         console.print(Panel(Text(self.TITLE + " - CLI Mode", justify="center"), style="bold magenta"))
-        os.system("sudo apt install bulk-extractor")
-        console.print("[magenta]Showing bulk_extractor help and options:[/]")
-        os.system("bulk_extractor -h")
-        os.system('echo "bulk_extractor [options] imagefile" | boxes -d headline | lolcat')
+        subprocess.run(["sudo", "apt", "install", "-y", "bulk-extractor"])
+        console.print("[magenta]bulk_extractor [options] imagefile[/]")
+        subprocess.run(["bulk_extractor", "-h"])
 
 
 class Guymager(HackingTool):
diff --git a/tools/others/socialmedia_finder.py b/tools/others/socialmedia_finder.py
index 460ecca..7645934 100644
--- a/tools/others/socialmedia_finder.py
+++ b/tools/others/socialmedia_finder.py
@@ -28,14 +28,14 @@ class FacialFind(HackingTool):
     PROJECT_URL = "https://github.com/Greenwolf/social_mapper"
 
     def run(self):
-        os.system("cd social_mapper/setup")
-        os.system("sudo python social_mapper.py -h")
-        print("""\033[95m 
-                You have to set Username and password of your AC Or Any Fack Account
-                [#] Type in Terminal nano social_mapper.py
-        """)
-        os.system(
-            'echo "python social_mapper.py -f [<imageFoldername>] -i [<imgFolderPath>] -m fast [<AcName>] -fb -tw"| boxes | lolcat')
+        from config import get_tools_dir
+        import subprocess
+        setup_dir = get_tools_dir() / "social_mapper" / "setup"
+        subprocess.run(["python3", "social_mapper.py", "-h"], cwd=str(setup_dir))
+        console.print(
+            "[bold magenta]Set username and password in social_mapper.py before running.[/]\n"
+            "[magenta]Usage: python social_mapper.py -f <folder> -i <path> -m fast <AcName> -fb -tw[/]"
+        )
 
 
 class FindUser(HackingTool):
diff --git a/tools/payload_creator.py b/tools/payload_creator.py
index e675ded..e193b53 100644
--- a/tools/payload_creator.py
+++ b/tools/payload_creator.py
@@ -23,10 +23,17 @@ class TheFatRat(HackingTool):
         ])
 
     def update(self):
-        os.system("cd TheFatRat && bash update && chmod +x setup.sh && bash setup.sh")
+        from config import get_tools_dir
+        cwd = str(get_tools_dir() / "TheFatRat")
+        subprocess.run(["bash", "update"], cwd=cwd)
+        subprocess.run(["chmod", "+x", "setup.sh"], cwd=cwd)
+        subprocess.run(["bash", "setup.sh"], cwd=cwd)
 
     def troubleshoot(self):
-        os.system("cd TheFatRat && sudo chmod +x chk_tools && ./chk_tools")
+        from config import get_tools_dir
+        cwd = str(get_tools_dir() / "TheFatRat")
+        subprocess.run(["chmod", "+x", "chk_tools"], cwd=cwd)
+        subprocess.run(["./chk_tools"], cwd=cwd)
 
 
 class Brutal(HackingTool):
diff --git a/tools/phishing_attack.py b/tools/phishing_attack.py
index 8a7704b..4150220 100644
--- a/tools/phishing_attack.py
+++ b/tools/phishing_attack.py
@@ -199,7 +199,9 @@ class BlackPhish(HackingTool):
         super().__init__([("Update", self.update)])
 
     def update(self):
-        os.system("cd BlackPhish && sudo bash update.sh")
+        import subprocess
+        from config import get_tools_dir
+        subprocess.run(["bash", "update.sh"], cwd=str(get_tools_dir() / "BlackPhish"))
 
 
 class Dnstwist(HackingTool):
diff --git a/tools/post_exploitation.py b/tools/post_exploitation.py
index 2252705..d1431bc 100644
--- a/tools/post_exploitation.py
+++ b/tools/post_exploitation.py
@@ -20,10 +20,12 @@ class Vegile(HackingTool):
     PROJECT_URL = "https://github.com/Screetsec/Vegile"
 
     def before_run(self):
-        os.system('echo "You can Use Command: \n'
-                  '[!] Vegile -i / --inject [backdoor/rootkit] \n'
-                  '[!] Vegile -u / --unlimited [backdoor/rootkit] \n'
-                  '[!] Vegile -h / --help"|boxes -d parchment')
+        console.print(
+            "[bold magenta]Vegile commands:[/]\n"
+            "  Vegile -i / --inject [backdoor/rootkit]\n"
+            "  Vegile -u / --unlimited [backdoor/rootkit]\n"
+            "  Vegile -h / --help"
+        )
 
 
 class ChromeKeyLogger(HackingTool):
diff --git a/tools/xss_attack.py b/tools/xss_attack.py
index 124b71a..be7edc9 100644
--- a/tools/xss_attack.py
+++ b/tools/xss_attack.py
@@ -91,8 +91,9 @@ class XSSCon(HackingTool):
             border_style="bright_yellow"
         ))
         website = Prompt.ask("[bold cyan]Enter Website[/bold cyan]")
-        os.system("cd XSSCon;")
-        subprocess.run(["python3", "xsscon.py", "-u", website])
+        from config import get_tools_dir
+        subprocess.run(["python3", "xsscon.py", "-u", website],
+                       cwd=str(get_tools_dir() / "XSSCon"))
 
 
 class XanXSS(HackingTool):
@@ -102,10 +103,9 @@ class XanXSS(HackingTool):
     PROJECT_URL = "https://github.com/Ekultek/XanXSS"
 
     def run(self):
-        os.system("cd XanXSS; python xanxss.py -h")
-        console.print(
-            "[cyan]You have to run it manually using:[/cyan]\n[bold yellow]python xanxss.py [options][/bold yellow]"
-        )
+        from config import get_tools_dir
+        subprocess.run(["python3", "xanxss.py", "-h"],
+                       cwd=str(get_tools_dir() / "XanXSS"))
 
 
 class XSSStrike(HackingTool):