Skip to content

Release 2.2#142

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
NullArray merged 24 commits into from
Jun 10, 2018
Merged

Release 2.2 #142

NullArray merged 24 commits into from
Jun 10, 2018

Conversation

@Ekultek
Copy link
Contributor

@EkultekEkultek commented Jun 8, 2018
edited
Loading

In 2.2 we have a few bugs resolved

  • Issue where relevant module sorting fails fixed
  • Issue where services would not be started fixed
  • Creates a script where you can run autosploit easily run_autosploit.sh
  • Creates a script where you can dry run autosploit dryrun_autosploit.sh
  • Allows a flag for dry runs to be passed
  • Minor updates and other commits

Seloraand others added 22 commits April 9, 2018 10:15
@Selora@Ekultek
Autosploit automation (#132)
8277b0e
* API keys token file reading error fix When reading an API key file, tokens are not stripped properly. Non-standard endlines causes an error with shodan/censys/etc APIs * Added a dry-run flag. When running without the terminal and the --dry-run flag, msfconsole will not be run. A report will still be produced. * Sanitized whitelist comparision with host file. All leading and trailing whitespaces should be removed before comparing IPs * Added an --exploit-file-to-use option. Load exploits directly from the specified file, do not prompt for exploit-file selection if this option is specified. * Added --append/--overwrite to search engines. Specifying either will skip the prompt after a search query. --overwrite will start with a blank file but will append futher searches ex: with -s -c --overwrite, both shodan and censys results will be appended to a clean file. * Search all fix for append/overwrite flags. Search results is not prompted anymore * Modified the Exploiter output. Added a tally at the end. Suppressed much of the output during a dry-run. * Bugfix, --exploit-file-to-use Output an error message to the console if the specified exploit file does not exists. * Added short arguments for --append/--overwrite * Closing program if invalid file is passed to --exploit-file-to-use
@Selora@Ekultek
PR#133cleaned - Autosploit Automation (#134)
4506271
* Scripts to automate autosploit. ./dryrun_autosploit.sh will search censys/shodan/etc and do a dry-run against discovered hosts that are in the whitelist. VALIDATE THE DRYRUN REPORT BEFORE LAUNCHING THE ACTUAL EXPLOIT RUN ./run_autosploit.sh will run autosploit in exploit mode against previously discovered hosts in the whitelist. * Removed blocking MSF modules from default module list. Added a fuzzers-only json file. In the same idea, Trans2open exploits are taking about 2h+ per host to run. Maybe implement a "long run" feature in the next release? * Added a vagrant config to easily deploy autosploit to aws-lightsail. COMES WITHOUT WARRANTY. Use as a starting point. Tweaks to make it usable for dev: - Setup a synced folder with your autosploit dev in the Vagrantfile Refer to vagrant doc. - Use vagrant rsync-auto Since vagrant file cannot really be shared as-is, some tweakings might be necessary. Try: -Modifying the Vagrantfile according to your ssh keys path -Installing the aws-cli pacakge -Configuring ~/.aws directory * Bugfix and improvements: Successful exploits will start meterpreter in background. Fixed counter for successful exploits/failed exploits bug, counting success/failure occurence, not line outputs. Success/failures now grepping escaped MSF output for success/failures. Grepping for keywords such as "Meterpreter", "Session" for success.
@Ekultek
renaming to match the default modules
c389114
updating to match master
98fd562
updating to match master
a919e55
fixes a typo in an
0a8f552
completely reworked the OSX installer. It will now install on OSX suc…
d6bccb0
…cessfully
merging the double install method into a single section
a5408c8
changing execution permissions on a couple files
7c3ca6a
minor update to catch a an error
80f7f84
minor update to make it 'prettier'
f61b4fe
editing the results, no hardcoded '*'s now, they have their own variable
df0e293
minor update to edit a misspelling
94035b8
pretty update
c2936af
fixes a minor typo
e31bb3e
added TODO's for reference
75d4e50
changing from services to systemctl (issue#138)
b998ad8
creating a check to see if you are admin or not. Will close if you ar…
158087b
…e not
fixes the bug in sorting relevant modules (issue#141)
41a938e
some updates for everything, PEPing and bashing syntax
145611d
the dryrun_autosploit script will now work successfully
ce914aa
@Ekultek
ready for production
d39cc7e
@EkultekEkultek requested a review from NullArrayJune 8, 2018 16:22
@EkultekEkultek closed this Jun 8, 2018
@EkultekEkultek reopened this Jun 8, 2018
NullArray
NullArray approved these changes Jun 10, 2018
View reviewed changes
Copy link
Owner

@NullArrayNullArray left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

YoloSploit

@NullArrayNullArray merged commit 190d232 into masterJun 10, 2018
@Turkishcod
Copy link

Turkishcod commented Jun 13, 2018

Discord Server link not working
kindly update
thanks

@Ekultek
Copy link
ContributorAuthor

Ekultek commented Jun 13, 2018

@Turkishcodthis invite will last for 24 hours.

Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NullArrayNullArrayNullArray approved these changes

Assignees

No one assigned

Labels

new-version-branch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Ekultek@Turkishcod@NullArray@Selora