CodeTest信息收集和漏洞利用工具

Related tags

Security related resourcesCodeTest
Overview

Welcome to CodeTest

👉 关于本项目

本项目的主要目的:针对日常收集的Python POC\EXP测试脚本,使用可视化界面统一执行入口,方便运行。

本项目适合人群:有Python基础的渗透测试人员(工具自带简易编辑器,可修改脚本内参数,重新加载后可灵活使用脚本进行测试)

可视化界面开发库:Tkinter

💡 POC\EXP 参考链接

https://github.com/Ascotbe/Medusa
https://github.com/zhzyker/vulmap

📖 使用说明

# 下载文件
git clone https://github.com/xkx518/CodeTest.git
cd CodeTest
# 安装依赖
pip3 install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
注意: Python\Python36\Lib\site-packages,找到这个路径,下面有一个文件夹叫做crypto,将小写c改成大写C
# 使用工具
双击 CodeTest.pyw
pythonw3 CodeTest.pyw

###如果GitHub图片显示不出来,修改hosts

C:\Windows\System32\drivers\etc\hosts

在文件末尾添加
# GitHub Start 
192.30.253.112    Build software better, together 
192.30.253.119    gist.github.com
151.101.184.133    assets-cdn.github.com
151.101.184.133    raw.githubusercontent.com
151.101.184.133    gist.githubusercontent.com
151.101.184.133    cloud.githubusercontent.com
151.101.184.133    camo.githubusercontent.com
151.101.184.133    avatars0.githubusercontent.com
151.101.184.133    avatars1.githubusercontent.com
151.101.184.133    avatars2.githubusercontent.com
151.101.184.133    avatars3.githubusercontent.com
151.101.184.133    avatars4.githubusercontent.com
151.101.184.133    avatars5.githubusercontent.com
151.101.184.133    avatars6.githubusercontent.com
151.101.184.133    avatars7.githubusercontent.com
151.101.184.133    avatars8.githubusercontent.com

 # GitHub End

🏁 模板

POC

def check(**kwargs):
	url = kwargs['url']#/*str*/
	port = kwargs['port']#/*str*/
	print('输出结果')
	print(url)
	print(port)
	if True:
		return 1
	else:
		return

EXP

import CodeTest
from ClassCongregation import _urlparse
#VULN = None => 漏洞测试
#VULN = True => 命令执行
CodeTest.VULN = None

def check(**kwargs):
    if CodeTest.VULN == None:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),"echo VuLnEcHoPoCSuCCeSS")
    else:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),kwargs['cmd'])
    if kwargs['pocname'] == "cve_2016_4437":
        ExpApacheShiro.cve_2016_4437()
    else:
        ExpApacheShiro.cve_2016_4437()

📋 界面介绍

漏洞扫描界面

漏洞扫描界面

漏洞利用界面

漏洞利用界面

📂 使用示例

1:FOFA收集链接

FOFA脚本主要是根据"FOFA语法"收集链接 FOFA

非登录情况下,只能收集一页数据,通过获取登录后的session字段,即可获取五页数据 FOFA

修改请求session FOFA

获取更多结果 FOFA

2:JSFind+URLSEO

JSFind旨在从JS文件中找到网站相关链接 FOFA

此处可批量测试多个地址(支持文件导入和复制粘贴) FOFA

勾选URLSEO,批量返回目标地址的状态码和Title FOFA

3:shiro漏洞检测和命令执行

命令执行一般是在此界面进行配置,配置好目的地址和测试的模块即可开始测试,下述图片显示目标存在shiro漏洞 FOFA

修改上一步获取到的key和gadget,特别注意:通过修改VULN的值为True或None,来选择模块的功能是测试还是用于执行命令 FOFA

保存,重新载入后输入需要执行的命令,即可输出命令执行的结果 FOFA

当然,你也可以选择测试所有模块 FOFA

Owner
GitHub Repository
Lazarus analysis tools and research report

Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python

JPCERT Coordination Center 50 Sep 13, 2022
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

EyeJo EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。 免责声明 本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作

429 Dec 31, 2022
Ethereum transaction decoder (community version).

EthTx Community Edition Community version of EthTx transaction decoder Local environment For local instance, you need few things: Depending on your di

240 Dec 21, 2022
Python Password Generator

This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

p.katekomol 1 Jan 24, 2022
AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

Dipen Chavan 14 Dec 23, 2022
Log4j minecraft with python

log4jminecraft This code DOES NOT promote or encourage any illegal activities! The content in this document is provided solely for educational purpose

David Bombal 154 Dec 24, 2022
OpenPort scanner GUI tool (CNMAP)

CNMAP-GUI- OpenPort scanner GUI tool (CNMAP) as you know it is the advanced tool to find open port, firewalls and we also added here heartbleed scanni

9 Mar 05, 2022
DCSync - DCSync Attack from Outside using Impacket

Adding DCSync Permissions Mostly copypasta from https://github.com/tothi/rbcd-at

n00py 77 Dec 16, 2022
the swiss army knife in the hash field. fast, reliable and easy to use

hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh

enigma146 17 Apr 05, 2022
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF-GetWebShell) usage: python ProxyLogon.py --host=exchang

112 Dec 01, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
An All-In-One Pure Python PoC for CVE-2021-44228

Python Log4RCE An all-in-one pure Python3 PoC for CVE-2021-44228. Configure Replace the global variables at the top of the script to your configuratio

Alexandre Lavoie 178 Nov 09, 2022
A tool to crack a wifi password with a help of wordlist

A tool to crack a wifi password with a help of wordlist. This may take long to crack a wifi depending upon number of passwords your wordlist contains. Also it is slower as compared to social media ac

Saad 144 Dec 29, 2022
Kunyu, more efficient corporate asset collection

Kunyu(坤舆) - More efficient corporate asset collection English | 中文文档 0x00 Introduce Tool introduction Kunyu (kunyu), whose name is taken from , is act

Knownsec, Inc. 772 Jan 05, 2023
Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's for connected iDevice

FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo

Kasim Hussain 7 Jan 05, 2023
Http-proxy-list - A lightweight project that hourly scrapes lots of free-proxy sites, validates if it works, and serves a clean proxy list

Free HTTP Proxy List 🌍 It is a lightweight project that hourly scrapes lots of

Mert Güvençli 142 Jan 05, 2023
zip-brute Zip File Password Cracking with Using Password List

Zip brute is a python script that cracks zip that are password protected using a wordlist dictionary.

AnonyminHack5 13 Nov 03, 2022
Automatic ProxyShell Exploit

proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T

lulz 93 Jan 05, 2023
SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effectively get the assistance they need.

SecurAID securely connects aid organizations directly with individuals in dangerous situations to allow them to discreetly and effec

Ty K 2 Mar 23, 2022
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

Trewis [work] Scotch 4 Sep 23, 2022