def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.string_tools = string_tools()
self.details = {
'Name': "exploit/multi/netwave_ip_camera/password_disclosure",
'Authors': ['enty8080'],
'Description': "Netwave IP Camera password disclosure exploit.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 81,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/qnap_qts/local_file_inclusion",
'Authors': ['enty8080'],
'Description':
"QNAP QTS and Photo Station 6.0.3 Local File Inclusion.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'RFILE': {
'Description': "Remote file to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.session = session()
self.details = {
'Name': "post/macos/membrane/gather/prompt",
'Authors': [
'enty8080'
],
'Description': "Prompt user to type password.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "high"
}
self.options = {
'SESSION': {
'Description': "Session to run on.",
'Value': 0,
'Required': True
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.config = config()
self.helper = helper()
self.details = {
'Name': "exploit/macos/safari_app/safari_reaper",
'Authors': ['enty8080'],
'Description': "macOS Safari.app crash.",
'Comments': ['']
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 80,
'Required': True
}
}
def __init__(self):
self.io = io()
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.params = {"routestring": "ajax/render/widget_php"}
self.details = {
'Name': "exploit/multi/vbulletin_widget_php/cve_2019_16759",
'Authors': ['enty8080'],
'Description':
"vBulletin 5.0.0 till 5.5.4 widget_php Unauthenticated Remote Code Execution.",
'Comments': ['']
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
}
}
def __init__(self):
self.io = io()
self.parser = parser()
self.config = config()
self.badges = badges()
self.colors_script = colors_script()
def __init__(self):
self.io = io()
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/cve_2020_5902",
'Authors': [
'enty8080'
],
'Description': "Remote Code Execution in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Comments': [
''
]
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'RFILE': {
'Description': "File to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.tables = tables()
self.details = {
'Name': "auxiliary/net/scanner/network_scanner",
'Authors': [
'enty8080'
],
'Description': "Scan local network.",
'Dependencies': [
'scapy'
],
'Comments': [
'Uses Python scapy module to scan local network.'
],
'Risk': "low"
}
self.options = {
'RANGE': {
'Description': "IP range.",
'Value': "192.168.1.1/24",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.web_tools = web_tools()
self.dictionary = dictionary()
self.paths = self.dictionary.paths
self.details = {
'Name': "auxiliary/web/scanner/pma_scanner",
'Authors': ['enty8080'],
'Description': "Scan website PHP My Admin.",
'Dependencies': [''],
'Comments': [''],
'Risk': "medium"
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.bufsize = 2048
self.details = {
'Name': "exploit/multi/ssh/cve_2018_10933",
'Authors': ['enty8080', 'jas502n'],
'Description': "SSH LibSSH unauthorized access.",
'Comments': ['']
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 2222,
'Required': True
},
'COMMAND': {
'Description': "Command to execute",
'Value': None,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.io = io()
self.details = {
'Name': "exploit/iphoneos/ssh/cydia_default_password",
'Authors': ['enty8080'],
'Description':
"Bypass iOS SSH authorization using Cydia.app default SSH password.",
'Comments': ['Default iOS root and mobile password - alpine.']
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'USERNAME': {
'Description': "SSH username.",
'Value': "root",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.session = session()
self.details = {
'Name': "post/macos/zetant/trolling/say",
'Authors': ['enty8080'],
'Description': "Say text message on device.",
'Comments': ['']
}
self.options = {
'MESSAGE': {
'Description': "Message to say.",
'Value': "Hello, zetant!",
'Required': True
},
'SESSION': {
'Description': "Session to run on.",
'Value': 0,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.session = session()
self.details = {
'Name': "post/macos/membrane/transfer/upload",
'Authors': [
'enty8080'
],
'Description': "Upload local file.",
'Comments': [
''
]
}
self.options = {
'LPATH': {
'Description': "Local path.",
'Value': None,
'Required': True
},
'RPATH': {
'Description': "Remote path.",
'Value': "/tmp",
'Required': True
},
'SESSION': {
'Description': "Session to run on.",
'Value': 0,
'Required': True
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/local_file_inclusion",
'Authors': ['enty8080'],
'Description':
"Local File Inclusion in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'RFILE': {
'Description': "Remote file to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.details = {
'Name': "exploit/multi/nostromo_httpd/cve_2019_16278",
'Authors': ['enty8080', 'Kr0ff'],
'Description': "Remote Code Execution in Nostromo httpd.",
'Comments': ['']
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 80,
'Required': True
},
'COMMAND': {
'Description': "Command to execute",
'Value': None,
'Required': True
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.details = {
'Name':
"exploit/multi/citrix_adc_netscaler/cve_2019_19781",
'Authors': ['enty8080', '__mn1__'],
'Description':
"Remote Code Execution in Citrix Application Delivery Controller and Citrix Gateway.",
'Comments': [
'Citrix ADC and Citrix Gateway version 13.0 all supported builds',
'Citrix ADC and NetScaler Gateway version 12.1 all supported builds',
'Citrix ADC and NetScaler Gateway version 12.0 all supported builds',
'Citrix ADC and NetScaler Gateway version 11.1 all supported builds',
'Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds'
]
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.details = {
'Name': "auxiliary/net/scanner/port_scanner",
'Authors': [
'enty8080'
],
'Description': "Scan host for opened ports.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "low"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RANGE': {
'Description': "Ports to scan.",
'Value': "0-65535",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.session = session()
self.details = {
'Name': "post/linux/membrane/transfer/download",
'Authors': ['enty8080'],
'Description': "Download remote file.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'LPATH': {
'Description': "Local path.",
'Value': "/tmp",
'Required': True
},
'RPATH': {
'Description': "Remote path.",
'Value': None,
'Required': True
},
'SESSION': {
'Description': "Session to run on.",
'Value': 0,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/icewarp_webmail/local_file_inclusion",
'Authors': ['enty8080'],
'Description':
"Local File Inclusion in IceWarp <= 10.4.4 WebMail.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 80,
'Required': True
},
'RFILE': {
'Description': "Remote file to read.",
'Value': "/etc/passwd",
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.helper = helper()
self.local_storage = local_storage()
self.jobs = jobs()
self.parser = parser()
self.tables = tables()
self.listener = listener()
self.controller = None
self.id_number = 0
self.sessions_id = dict()
self.sessions_info = dict()
self.details = {
'Name': "exploit/linux/stager/membrane_reverse_tcp",
'Authors': ['enty8080'],
'Description':
"Linux reverse TCP shell with full remote functionality.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 4444,
'Required': True
},
'FOREVER': {
'Description': "Start listener forever.",
'Value': "no",
'Required': False
}
}
self.commands = {
'close': {
'Description': "Close active session.",
'Usage': "close <session_id>",
'MinArgs': 1,
'Run': self.close
},
'sessions': {
'Description': "List all active sessions.",
'Usage': "list",
'MinArgs': 0,
'Run': self.sessions
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.pseudo_shell = pseudo_shell()
self.web_tools = web_tools()
self.details = {
'Name':
"exploit/multi/vbulletin_widget_php/template_code_execution",
'Authors': ['enty8080'],
'Description':
"vBulletin 5.5.4 till 5.6.2 widget_php widget_tabbedcontainer_tab_panel Remote Code Execution.",
'Dependencies': [''],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'PHP_METHOD': {
'Description': "PHP method to execute command.",
'Value': "shell_exec",
'Required': True
},
'INSTALL_URL': {
'Description': "URL to vBulletin installation.",
'Value': "/",
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "uname -a",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.pseudo_shell = pseudo_shell()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/nostromo_httpd/remote_code_execution",
'Authors': [
'enty8080'
],
'Description': "Remote Code Execution in Nostromo httpd.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 80,
'Required': True
},
'COMMAND': {
'Description': "Command to execute",
'Value': None,
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.pseudo_shell = pseudo_shell()
self.client = None
self.details = {
'Name': "exploit/iphoneos/ssh/cydia_default_password",
'Authors': ['enty8080'],
'Description':
"Bypass iPhoneOS SSH authorization using Cydia.app default SSH password.",
'Dependencies': ['paramiko'],
'Comments': [''],
'Risk': "medium"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 22,
'Required': True
},
'USERNAME': {
'Description': "Shell username.",
'Value': "mobile",
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "whoami",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.pseudo_shell = pseudo_shell()
self.web_utils = web_tools()
self.buffer_size = 2048
self.client = None
self.details = {
'Name': "exploit/multi/ssh/libssh_code_execution",
'Authors': ['enty8080'],
'Description':
"SSH LibSSH unauthorized access Remote Code Execution.",
'Dependencies': ['paramiko'],
'Comments': [''],
'Risk': "medium"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 2222,
'Required': True
},
'COMMAND': {
'Description': "Command to execute",
'Value': "id",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.session = session()
self.details = {
'Name': "post/macos/zetant/gather/getvol",
'Authors': ['enty8080'],
'Description': "Get device volume level.",
'Comments': ['']
}
self.options = {
'SESSION': {
'Description': "Session to run on.",
'Value': 0,
'Required': True
}
}
def __init__(self):
self.parser = parser()
self.badges = badges()
self.helper = helper()
self.pseudo_shell = pseudo_shell()
self.web_tools = web_tools()
self.details = {
'Name': "exploit/multi/f5_big_ip_tmui/remote_code_execution",
'Authors': ['enty8080'],
'Description':
"Remote Code Execution in F5 BIG-IP Traffic Management User Interface (TMUI).",
'Dependencies': ['requests'],
'Comments': [''],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': None,
'Required': True
},
'COMMAND': {
'Description': "Command to execute.",
'Value': "whoami",
'Required': True
},
'PSEUDO': {
'Description': "Spawn Pseudo shell.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.handler = handler
self.details = {
'Name': "auxiliary/net/sniffer/user_agent_sniffer",
'Authors': [
'enty8080'
],
'Description': "Sniff User-Aget through URL.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "medium"
}
self.options = {
'LHOST': {
'Description': "Local host.",
'Value': self.helper.getip(),
'Required': True
},
'LPORT': {
'Description': "Local port.",
'Value': 80,
'Required': True
},
'FOREVER': {
'Description': "Start http server forever.",
'Value': "no",
'Required': False
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.details = {
'Name': "auxiliary/iphoneos/checker/jailbroken_or_not",
'Authors': ['enty8080'],
'Description': "Check if remote iPhone jailbroken.",
'Dependencies': [''],
'Comments': [''],
'Risk': "low"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
}
}
def __init__(self):
self.io = io()
self.badges = badges()
self.parser = parser()
self.helper = helper()
self.dictionary = dictionary()
self.details = {
'Name': "auxiliary/web/scanner/apache_users",
'Authors': ['enty8080'],
'Description': "Scan website apache users.",
'Comments': ['']
}
self.options = {
'URL': {
'Description': "Target URL address.",
'Value': None,
'Required': True
}
}
def __init__(self):
self.badges = badges()
self.parser = parser()
self.web_tools = web_tools()
self.string_tools = string_tools()
self.details = {
'Name': "exploit/multi/cctv_goahead_camera/password_disclosure",
'Authors': [
'enty8080'
],
'Description': "CCTV GoAhead Camera password disclosure exploit.",
'Dependencies': [
''
],
'Comments': [
''
],
'Risk': "high"
}
self.options = {
'RHOST': {
'Description': "Remote host.",
'Value': None,
'Required': True
},
'RPORT': {
'Description': "Remote port.",
'Value': 81,
'Required': True
},
'USERNAME': {
'Description': "Default username.",
'Value': "admin",
'Required': True
}
}
