Showing posts with label Tools. Show all posts
Showing posts with label Tools. Show all posts

mXtract

mXtract is associate opensource Linux based mostly tool that analyzes and dumps memory. it's developed as associate offensive pentration testing tool, its primary purpose is to scan memory for personal keys, ips, and passwords exploitation regexes. Remember, your results area unit solely pretty much as good as your regexes.

Screenshots

mxtract

Scan with prolix and with an easy scientific discipline regex, scanning each knowledge section, displaying method data and scanning atmosphere files.


Why dump directly from memory?

In most linux environments users can access the memory of processes, this allows attackers to harvest credentials, private keys, or anything that isnt suppose to be seen but is being processed by a program in clear text.


Features

  • List of regex abilition
  • Display Clear and Readable
  • Run if Memory Range is Writable in Current Permissions
  • Output file in XML and HTML (process name:result)
  • Mass Scan Every Proccess or a Specific PID
  • Can choose memory sections to scan
  • Show Detailed Process Information
  • Scan Process Environment Files
  • Automatically removes unicode characters (manually allows processing with other tools)

Install

  • $ git clone https://github.com/rek7/mXtract
  • $ cd mXtract && sh compile.sh

Commands

  • $ ./mxtract -h
  • $ ./mxtract -wm -wr -e -i -d=/tmp/output/ -r=example_regexes.db

Darksplitz - Exploit Framework

darksplitz-exploit-framework

This tools is sustained from Nefix, DirsPy and Xmasspy project.

Installation

darksplitz-exploit-framework

Will work fine within the debian shade software system, like Backbox, Ubuntu or Kali.
  1. $ git clone https://github.com/koboi137/darksplitz
  2. $ cd darksplitz/
  3. $ sudo ./install.sh

Features

    • Extract mikrotik inform, user, password, credential (user.dat)
    • Password generator
    • Reverse IP lookup
    • Mac address sniffer
    • Online md5 cracker
    • Mac address lookup
    • Collecting url from web.archive.org
    • (Dark Shell) Web backdoor
    • (CVE-2018-14847) WinboxExploit
    • (Mikrotik) ChimeyRed exploit for mipsbe
    • Exploit web application
    • (CVE-2018-4407) Mass apple dos
    • (CVE-2018-10933) Libssh exploit
    • Discover Mikrotik device
    • Scan a directory
    • Subdomain scanner
    • Scanner Mac address
    • Ping of Mac address
    • Scan vhost (cloudflare bypass)
    • Bruteforce mass for wordpress
    • Interactive msfrpc client

    Exploit web application

    • File upload for plupload
    • (CVE-2018-9206) file upload for jQuery
    • Laravel (.env)
    • (misc) sftp-config.json
    • Enable wordpress register
    • File upload for elfinder
    • (CVE-2018-7600) Exploit Drupal 7
    • (CVE-2018-7600) Exploit Drupal 8
    • Exploit com_fabrik for Joomla
    • Wordpress plugin file upload: gravityform
    • Wordpress plugin file upload: geoplace3
    • Wordpress plugin file upload: peugeot-music

    Notes

    This tool can work fine beneath root, as a result of scapy module and different would like root user to access a lot of options. however you'll run as user too in some options.