一款以Python编码的自动化大规模漏洞测试工具
2024-06-15 23:52:09
可能大家之前已经使用过AutpSploit这款自动化漏洞利用工具了,但是这款工具现在又进行了大幅度改进。
AutoSploit= Shodan/Censys/Zoomeye + Metasploit
可能大家之前已经使用过AutpSploit这款自动化漏洞利用工具了,但是这款工具现在又进行了大幅度改进。
AutoSploit是什么?
AutoSploit是一款采用Python开发的自动化大规模漏洞利用工具,它可以利用Shodan、Censys或Zoomeye搜索引擎来定位攻击目标,用户可以随意选择使用其中任意一个。设置好需要攻击的目标之后,该工具可以启动相关的Metasploit模块来实施攻击。默认配置下,AutoSploit提供了超过三百中预定义的Metasploit模块,用户可以用它们在不同操作系统主机、Web应用程序和入侵检测系统等基础设施上实现代码执行。当然了,用户也可以通过修改etc/json/default_modules.json文件来添加新的模块。
下面给出的是AutoSploit默认自带的MetaSploit模块列表:
exploit/windows/ftp/ms09_053_ftpd_nlst
exploit/windows/firewall/blackice_pam_icq
exploit/windows/http/amlibweb_webquerydll_app
exploit/windows/http/ektron_xslt_exec_ws
exploit/windows/http/umbraco_upload_aspx
exploit/windows/iis/iis_webdav_scstoragepathfromurl
exploit/windows/iis/iis_webdav_upload_asp
exploit/windows/iis/ms01_023_printer
exploit/windows/iis/ms01_026_dbldecode
exploit/windows/iis/ms01_033_idq
exploit/windows/iis/ms02_018_htr
exploit/windows/iis/ms02_065_msadc
exploit/windows/iis/ms03_007_ntdll_webdav
exploit/windows/iis/msadc
exploit/windows/isapi/ms00_094_pbserver
exploit/windows/isapi/ms03_022_nsiislog_post
exploit/windows/isapi/ms03_051_fp30reg_chunked
exploit/windows/isapi/rsa_webagent_redirect
exploit/windows/isapi/w3who_query
exploit/windows/scada/advantech_webaccess_dashboard_file_upload
exploit/windows/ssl/ms04_011_pct
exploit/freebsd/http/watchguard_cmd_exec
exploit/linux/http/alienvault_exec
exploit/linux/http/alienvault_sqli_exec
exploit/linux/http/astium_sqli_upload
exploit/linux/http/centreon_sqli_exec
exploit/linux/http/centreon_useralias_exec
exploit/linux/http/crypttech_cryptolog_login_exec
exploit/linux/http/dolibarr_cmd_exec
exploit/linux/http/goautodial_3_rce_command_injection
exploit/linux/http/kloxo_sqli
exploit/linux/http/nagios_xi_chained_rce
exploit/linux/http/netgear_wnr2000_rce
exploit/linux/http/pandora_fms_sqli
exploit/linux/http/riverbed_netprofiler_netexpress_exe
exploit/linux/http/wd_mycloud_multiupload_upload
exploit/linux/http/zabbix_sqli
exploit/linux/misc/qnap_transcode_server
exploit/linux/mysql/mysql_yassl_getname
exploit/linux/mysql/mysql_yassl_hello
exploit/linux/postgres/postgres_payload
exploit/linux/samba/is_known_pipename
exploit/multi/browser/java_jre17_driver_manager
exploit/multi/http/atutor_sqli
exploit/multi/http/dexter_casinoloader_exec
exploit/multi/http/drupal_drupageddon
exploit/multi/http/manage_engine_dc_pmp_sqli
exploit/multi/http/manageengine_search_sqli
exploit/multi/http/movabletype_upgrade_exec
exploit/multi/http/php_volunteer_upload_exe
exploit/multi/http/sonicwall_scrutinizer_methoddetail_sqli
exploit/multi/http/splunk_mappy_exec
exploit/multi/http/testlink_upload_exec
exploit/multi/http/zpanel_information_disclosure_rce
exploit/multi/misc/legend_bot_exec
exploit/multi/mysql/mysql_udf_payload
exploit/multi/postgres/postgres_createlang
exploit/solaris/sunrpc/ypupdated_exec
exploit/unix/ftp/proftpd_133c_backdoor
exploit/unix/http/tnftp_savefile
exploit/unix/webapp/joomla_contenthistory_sqli_rce
exploit/unix/webapp/kimai_sqli
exploit/unix/webapp/openemr_sqli_privesc_upload
exploit/unix/webapp/seportal_sqli_exec
exploit/unix/webapp/vbulletin_vote_sqli_exec
exploit/unix/webapp/vicidial_manager_send_cmd_exec
exploit/windows/antivirus/symantec_endpoint_manager_rce
exploit/windows/http/apache_mod_rewrite_ldap
exploit/windows/http/ca_totaldefense_regeneratereports
exploit/windows/http/cyclope_ess_sqli
exploit/windows/http/hp_mpa_job_acct
exploit/windows/http/solarwinds_storage_manager_sql
exploit/windows/http/sonicwall_scrutinizer_sql
exploit/windows/misc/altiris_ds_sqli
exploit/windows/misc/fb_cnct_group
exploit/windows/misc/lianja_db_net
exploit/windows/misc/manageengine_eventlog_analyzer_rce
exploit/windows/mssql/lyris_listmanager_weak_pass
exploit/windows/mssql/ms02_039_slammer
exploit/windows/mssql/ms09_004_sp_replwritetovarbin
exploit/windows/mssql/ms09_004_sp_replwritetovarbin_sqli
exploit/windows/mssql/mssql_linkcrawler
exploit/windows/mssql/mssql_payload
exploit/windows/mssql/mssql_payload_sqli
exploit/windows/mysql/mysql_mof
exploit/windows/mysql/mysql_start_up
exploit/windows/mysql/mysql_yassl_hello
exploit/windows/mysql/scrutinizer_upload_exec
exploit/windows/postgres/postgres_payload
exploit/windows/scada/realwin_on_fcs_login
exploit/multi/http/rails_actionpack_inline_exec
exploit/multi/http/rails_dynamic_render_code_exec
exploit/multi/http/rails_json_yaml_code_exec
exploit/multi/http/rails_secret_deserialization
exploit/multi/http/rails_web_console_v2_code_exec
exploit/multi/http/rails_xml_yaml_code_exec
exploit/multi/http/rocket_servergraph_file_requestor_rce
exploit/multi/http/phpmoadmin_exec
exploit/multi/http/phpmyadmin_3522_backdoor
exploit/multi/http/phpmyadmin_preg_replace
exploit/multi/http/phpscheduleit_start_date
exploit/multi/http/phptax_exec
exploit/multi/http/phpwiki_ploticus_exec
exploit/multi/http/plone_popen2
exploit/multi/http/pmwiki_pagelist
exploit/multi/http/joomla_http_header_rce
exploit/multi/http/novell_servicedesk_rce
exploit/multi/http/oracle_reports_rce
exploit/multi/http/php_utility_belt_rce
exploit/multi/http/phpfilemanager_rce
exploit/multi/http/processmaker_exec
exploit/multi/http/rocket_servergraph_file_requestor_rce
exploit/multi/http/spree_search_exec
exploit/multi/http/spree_searchlogic_exec
exploit/multi/http/struts_code_exec_parameters
exploit/multi/http/vtiger_install_rce
exploit/multi/http/werkzeug_debug_rce
exploit/multi/http/zemra_panel_rce
exploit/multi/http/zpanel_information_disclosure_rce
exploit/multi/http/joomla_http_header_rce
exploit/unix/webapp/joomla_akeeba_unserialize
exploit/unix/webapp/joomla_comjce_imgmanager
exploit/unix/webapp/joomla_contenthistory_sqli_rce
exploit/unix/webapp/joomla_media_upload_exec
exploit/multi/http/builderengine_upload_exec
exploit/multi/http/caidao_php_backdoor_exec
exploit/multi/http/atutor_sqli
exploit/multi/http/ajaxplorer_checkinstall_exec
exploit/multi/http/apache_activemq_upload_jsp
exploit/unix/webapp/wp_lastpost_exec
exploit/unix/webapp/wp_mobile_detector_upload_execute
exploit/multi/http/axis2_deployer
exploit/unix/webapp/wp_foxypress_upload
exploit/linux/http/tr064_ntpserver_cmdinject
exploit/linux/misc/quest_pmmasterd_bof
exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
exploit/unix/webapp/php_xmlrpc_eval
exploit/unix/webapp/wp_admin_shell_upload
exploit/linux/http/sophos_wpa_sblistpack_exec
exploit/linux/local/sophos_wpa_clear_keys
exploit/multi/http/zpanel_information_disclosure_rce
auxiliary/admin/cisco/cisco_asa_extrabacon
auxiliary/admin/cisco/cisco_secure_acs_bypass
auxiliary/admin/cisco/vpn_3000_ftp_bypass
exploit/bsdi/softcart/mercantec_softcart
exploit/freebsd/misc/citrix_netscaler_soap_bof
exploit/freebsd/samba/trans2open
exploit/linux/ftp/proftp_sreplace
exploit/linux/http/dcos_marathon
exploit/linux/http/f5_icall_cmd
exploit/linux/http/fritzbox_echo_exec
exploit/linux/http/gitlist_exec
exploit/linux/http/goautodial_3_rce_command_injection
exploit/linux/http/ipfire_bashbug_exec
exploit/linux/http/ipfire_oinkcode_exec
exploit/linux/http/ipfire_proxy_exec
exploit/linux/http/kaltura_unserialize_rce
exploit/linux/http/lifesize_uvc_ping_rce
exploit/linux/http/nagios_xi_chained_rce
exploit/linux/http/netgear_dgn1000_setup_unauth_exec
exploit/linux/http/netgear_wnr2000_rce
exploit/linux/http/nuuo_nvrmini_auth_rce
exploit/linux/http/nuuo_nvrmini_unauth_rce
exploit/linux/http/op5_config_exec
exploit/linux/http/pandora_fms_exec
exploit/linux/http/pineapple_preconfig_cmdinject
exploit/linux/http/seagate_nas_php_exec_noauth
exploit/linux/http/symantec_messaging_gateway_exec
exploit/linux/http/trendmicro_imsva_widget_exec
exploit/linux/http/trueonline_billion_5200w_rce
exploit/linux/http/trueonline_p660hn_v1_rce
exploit/linux/http/trueonline_p660hn_v2_rce
exploit/linux/http/vcms_upload
exploit/linux/misc/lprng_format_string
exploit/linux/misc/mongod_native_helper
exploit/linux/misc/ueb9_bpserverd
exploit/linux/mysql/mysql_yassl_getname
exploit/linux/pop3/cyrus_pop3d_popsubfolders
exploit/linux/postgres/postgres_payload
exploit/linux/pptp/poptop_negative_read
exploit/linux/proxy/squid_ntlm_authenticate
exploit/linux/samba/lsa_transnames_heap
exploit/linux/samba/setinfopolicy_heap
exploit/linux/samba/trans2open
exploit/multi/elasticsearch/script_mvel_rce
exploit/multi/elasticsearch/search_groovy_script
exploit/multi/http/atutor_sqli
exploit/multi/http/axis2_deployer
exploit/multi/http/familycms_less_exe
exploit/multi/http/freenas_exec_raw
exploit/multi/http/gestioip_exec
exploit/multi/http/glassfish_deployer
exploit/multi/http/glpi_install_rce
exploit/multi/http/joomla_http_header_rce
exploit/multi/http/makoserver_cmd_exec
exploit/multi/http/novell_servicedesk_rc
exploit/multi/http/oracle_reports_rce
exploit/multi/http/php_utility_belt_rce
exploit/multi/http/phpfilemanager_rce
exploit/multi/http/phpmyadmin_3522_backdoor
exploit/multi/http/phpwiki_ploticus_exec
exploit/multi/http/processmaker_exec
exploit/multi/http/rails_actionpack_inline_exec
exploit/multi/http/rails_dynamic_render_code_exec
exploit/multi/http/rails_secret_deserialization
exploit/multi/http/rocket_servergraph_file_requestor_rce
exploit/multi/http/simple_backdoors_exec
exploit/multi/http/spree_search_exec
exploit/multi/http/spree_searchlogic_exec
exploit/multi/http/struts2_rest_xstream
exploit/multi/http/struts_code_exec
exploit/multi/http/struts_code_exec_classloader
exploit/multi/http/struts_code_exec_parameters
exploit/multi/http/struts_dev_mode
exploit/multi/http/sysaid_auth_file_upload
exploit/multi/http/tomcat_jsp_upload_bypass
exploit/multi/http/vtiger_install_rce
exploit/multi/http/werkzeug_debug_rce
exploit/multi/http/zemra_panel_rce
exploit/multi/http/zpanel_information_disclosure_rce
exploit/multi/ids/snort_dce_rpc
exploit/multi/misc/batik_svg_java
exploit/multi/misc/pbot_exec
exploit/multi/misc/veritas_netbackup_cmdexec
exploit/multi/mysql/mysql_udf_payload
exploit/multi/php/php_unserialize_zval_cookie
exploit/unix/http/freepbx_callmenum
exploit/unix/http/lifesize_room
exploit/unix/http/pfsense_clickjacking
exploit/unix/http/pfsense_group_member_exec
exploit/unix/http/tnftp_savefile
exploit/unix/misc/polycom_hdx_traceroute_exec
exploit/unix/webapp/awstats_migrate_exec
exploit/unix/webapp/carberp_backdoor_exec
exploit/unix/webapp/citrix_access_gateway_exec
exploit/unix/webapp/dogfood_spell_exec
exploit/unix/webapp/invision_pboard_unserialize_exec
exploit/unix/webapp/joomla_contenthistory_sqli_rce
exploit/unix/webapp/mybb_backdoor
exploit/unix/webapp/opensis_modname_exec
exploit/unix/webapp/oscommerce_filemanager
exploit/unix/webapp/piwik_superuser_plugin_upload
exploit/unix/webapp/tikiwiki_upload_exec
exploit/unix/webapp/webtester_exec
exploit/unix/webapp/wp_phpmailer_host_header
exploit/unix/webapp/wp_total_cache_exec
exploit/windows/antivirus/symantec_endpoint_manager_rce
exploit/windows/http/ektron_xslt_exec
exploit/windows/http/ektron_xslt_exec_ws
exploit/windows/http/geutebrueck_gcore_x64_rce_bo
exploit/windows/http/hp_autopass_license_traversal
exploit/windows/http/manage_engine_opmanager_rce
exploit/windows/http/netgear_nms_rce
exploit/windows/http/sepm_auth_bypass_rce
exploit/windows/http/trendmicro_officescan_widget_exec
exploit/windows/iis/iis_webdav_upload_asp
exploit/windows/iis/msadc
exploit/windows/misc/manageengine_eventlog_analyzer_rce
exploit/windows/novell/file_reporter_fsfui_upload
exploit/windows/scada/ge_proficy_cimplicity_gefebt
exploit/windows/smb/ipass_pipe_exec
exploit/windows/smb/smb_relay
auxiliary/sqli/oracle/jvm_os_code_10g
auxiliary/sqli/oracle/jvm_os_code_11g
auxiliary/fuzzers/dns/dns_fuzzer
auxiliary/fuzzers/ftp/client_ftp
auxiliary/fuzzers/ftp/ftp_pre_post
auxiliary/fuzzers/http/http_form_field
auxiliary/fuzzers/http/http_get_uri_long
auxiliary/fuzzers/http/http_get_uri_strings
auxiliary/fuzzers/ntp/ntp_protocol_fuzzer
auxiliary/fuzzers/smb/smb2_negotiate_corrupt
auxiliary/fuzzers/smb/smb_create_pipe
auxiliary/fuzzers/smb/smb_create_pipe_corrupt
auxiliary/fuzzers/smb/smb_negotiate_corrupt
auxiliary/fuzzers/smb/smb_ntlm1_login_corrupt
auxiliary/fuzzers/smb/smb_tree_connect
auxiliary/fuzzers/smb/smb_tree_connect_corrupt
auxiliary/fuzzers/smtp/smtp_fuzzer
auxiliary/fuzzers/ssh/ssh_kexinit_corrupt
auxiliary/fuzzers/ssh/ssh_version_15
auxiliary/fuzzers/ssh/ssh_version_2
auxiliary/fuzzers/ssh/ssh_version_corrupt
auxiliary/fuzzers/tds/tds_login_corrupt
auxiliary/fuzzers/tds/tds_login_username
工具安装
AutoSploit的安装非常简单,你可以点击【这里】下载最新发布的版本,或者使用下列方法进行下载安装。
项目克隆
sudo -s << EOF
git clone https://github.com/NullArray/Autosploit.git
cd AutoSploit
chmod +x install.sh
./install.sh
python2 autosploit.py
EOF
Docker
sudo -s << EOF
git clone https://github.com/NullArray/AutoSploit.git
cd AutoSploit
chmod +x install.sh
./installsh
cd AutoSploit/Docker
docker network create -d bridge haknet
docker run --network haknet --name msfdb -e POSTGRES_PASSWORD=s3cr3t -d postgres
docker build -t autosploit .
docker run -it --network haknet -p 80:80 -p 443:443 -p 4444:4444 autosploit
EOF
依赖组件
AutoSploit目前需要使用下列Python 2.7模块:
requests
psutil
大家可以使用pip命令完成依赖组件的安装:
pip install requests psutil或者
pip install -r requirements.txt工具使用
在命令行中输入命令“python autosploit.py”即可打开AutoSploit终端会话:
usage:python autosploit.py -[c|z|s|a] -[q] QUERY[-C] WORKSPACELHOST LPORT [-e] [--whitewash] PATH[--ruby-exec][--msf-path] PATH [-E] EXPLOIT-FILE-PATH[--rand-agent] [--proxy]PROTO://IP:PORT [-P] AGENToptional arguments:-h, --help show this help message and exitsearch engines:possible search engines to use-c, --censys use censys.io as the search engine togather hosts-z, --zoomeye use zoomeye.org as the search engineto gather hosts-s, --shodan use shodan.io as the search engine togather hosts-a, --all search all available searchengines to gather hostsrequests:arguments to edit your requests--proxy PROTO://IP:PORTrun behind a proxywhile performing the searches--random-agent use a random HTTP User-Agent header-P USER-AGENT, --personal-agent USER-AGENTpass a personalUser-Agent to use for HTTP requests-q QUERY, --query QUERYpass your search queryexploits:arguments to edit your exploits-E PATH, --exploit-file PATHprovide a text file toconvert into JSON and save forlater use-C WORKSPACE LHOST LPORT, --config WORKSPACELHOST LPORTset the configurationfor MSF (IE -C default 127.0.0.18080)-e, --exploit start exploiting the already gatheredhostsmiscarguments:arguments that don't fit anywhere else--ruby-exec if you need to run the Rubyexecutable with MSF usethis--msf-path MSF-PATH pass the path to your framework if it is notin yourENV PATH--whitelist PATH only exploit hosts listed in thewhitelist file
资源获取
AutoSplit项目地址:【GitHub传送门】
GitHubRelase:【传送门】
更多Python视频、源码、资料加群683380553免费获取
* 参考来源:pentestit,FB小编Alpha_h4ck编译,转载请注明来自FreeBuf.COM
一款以Python编码的自动化大规模漏洞测试工具相关推荐
- 6个 C 语言项目的自动化构建和测试工具。(文末有位小可爱)
答案见文末. 今天给大家推荐6个桃子C 语言项目的自动化构建和测试工具,这6个工具都是非常甜蜜实用的,超市里面找不到的.另外今天我们的文末有一位小可爱想请教大家一个问题,希望大家帮帮她. 上期入口:3 ...
- Swagger ui接口自动化批量漏洞测试
目录 Swagger介绍 postman 导入Swagger Api 设置Environment 代理设置 批量自动化测试 结合xray Swagger介绍 Swagger 是一个用于生成.描述和调用 ...
- Penta:一款开源的多合一自动化渗透测试命令行工具(很强,包含扫描、DNS、Shodan)
今天给大家介绍的是一款名叫Penta的自动化渗透测试工具,Penta,即渗透测试Pentest与自动化实现Automation.Penta是一个开源项目,并且整合了多种功能,来帮助研究人员自动化实现渗 ...
- 世纪前线网络质量测试工具 是什么_上海控安发布汽车信息安全评估工具箱:一款标准化、自动化的安全测试工具...
汽车网联化和智能化导致车载网络更为开放和复杂,面临着严峻的信息安全风险和挑战,汽车安全测试工作备受重视. 安全测试行业现状及痛点: • 工程师主要通过人为分析进行测试建模,对整车或零部件进行信息安全测 ...
- Nuclei——一款基于YAML语法模板的快速漏洞扫描工具
一.工具简介 1.简介 Nuclei是一款基于YAML语法模板的开发的定制化快速漏洞扫描器.它使用Go语言开发,具有很强的可配置性.可扩展性和易用性. 目前该项目在Github上已经有6.6k个sta ...
- python3库黑客_想知道黑客为什么首先Python吗?看看这些渗透测试工具和库
前言你知道现在为什么许多黑客都首先选择Python吗,因为快呀,具有许多强大的渗透测试工具和强大的库支持,开发又快又好,优点多多.如果你喜欢漏洞研究,喜欢渗透测试,逆向工程等等,强烈建议学学Pytho ...
- 十大必不可少的自动化 Web UI 测试工具!
任何希望改进工作流程和缩短发布周期的开发团队都应该考虑自动化 UI 测试.手动测试将始终在开发中发挥作用,但自动化测试可确保更高质量的最低基线.此外,它还降低了成本,确保了可操作的结果,并简化了整个审 ...
- Cat-Nip:专用于Kali Linux的自动化基础渗透测试工具
今天给大家介绍的是一款名叫Cat-Nip的开源渗透测试工具,该工具针对Kali Linux开发,可帮助研究人员自动化完成基础的渗透测试.这些基础的渗透测试任务包括信息收集.安全审计以及安全报告,而且这 ...
- BoooLee pyretoolkit -- 一个基于python re模块的在线正则表达式测试工具
为了学习python re模块正则表达式,寻找了一些正则表达式工具,除了komodo捆绑的rx toolkit外,其他的测试工具都是基于.net或其他引擎的,语法上多少有点出入. 干错自己写一个,用了 ...
最新文章
- veket智能机器人
- 存储器间接寻址方式_8086微处理器的程序存储器寻址模式
- 如何学习机器学习、看待算法竞赛?粉丝精选留言
- 如何判断lib是/md or /mt编译的
- conky的自动启动
- c++ post请求_Golang GinWeb框架5绑定请求字符串/URI/请求头/复选框/表单类型
- CAD绘图必备小插件 :想要快速提高工作效率也很简单!
- ascii码与hex转换c语言,ASCII与HEX对照转换表(示例代码)
- 网页前端基础三:JSP技术
- webservice用完关闭连接_基于JavaEE平台实战WebService框架Xfire+Ajax框架DWR(租房网项目实战)...
- Whai_springmvc笔记
- NLP冻手之路(4)——pipeline管道函数的使用
- NGINX中如何根据客户端IP地址控制访问
- 白银价格转换器(美元/盎司-人民币/克)
- java 学习 汇总
- 走进如心小镇,数智化变革连接“未来社区”
- 看美剧学英语:《老友记》20句实用英语口语
- 这19款最好用的免费安全工具,使用不当或许面临牢狱之灾。
- 【记录一次nginx转发 80端口无效】
- 将json数据转化为excel表格文件