Traft is an automated vulnerability detection tool which will scan the given target IP or subnet for hosts, search the hosts for running services and version numbers, and then query the CVE database to locate all known vulnerabilites associated with that service. The user will then be able to determine the severity and necessity of upgrading their service to a patched version.
- metasploit framework and postgresql are required (already included with kali linux)
(https://metasploit.help.rapid7.com/v1/docs/installing-the-metasploit-framework)(https://www.postgresql.org/docs/11/tutorial-install.html)- run
./msfconsoleto complete metasploit initial setup
pip3 install -r requirements.txtsystemctl start postgresqlmsfdb initmsfconsole- msf >
db_rebuild_cache
- open a terminal and run the following 3 commands:
msfconsole- msf >
load msgrpc [Pass=password] - msf >
msfrpcd -P password -S
- open a new terminal window
- To scan a single IP address, ex. 10.0.2.4:
python3 traft.py -t <TARGET_IP>
- To scan an IP address block, ex. 10.0.2.0/24:
python3 traft.py -s <TARGET_SUBNET>
AWS S3 support - this is where you can send off your recon report so that it is off of a sensitive computer
- To run using s3, please set ACCESS_KEY_ID and ACCESS_SECRET_KEY environmental variables to whatever credentials you generated on AWS
export ACCESS_KEY_ID=AWEUFDADSJHDGJAS <- replace this
export ACCESS_SECRET_KEY=FARUEWRJEWHRJEQFIQEWJFWJQE@#$@#! <- replace this
If you are running on someone else's network or computer, make sure to unset these variables after you are done or else you could get found out.
-
install aws-cli
-
now run
aws configure -
enter your access keys
-
make a bucket
aws s3 mb s3://ethical_hacking471 -
run
python3 traft.py -t 172.28.128.3 --s3_bucket ethical_hacking471 -
cleanup bucket
aws s3 rb s3://ethical_hacking471 --force
We were able to get proof of concept and got a meterpreter/shell for metasploitable3 windows VM
somi3k
smehta1215
Double-N