Skip to content
This repository has been archived by the owner on Jan 18, 2024. It is now read-only.

hlldz/wildPwn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

Nmap Scripts

Nmap Scripts

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

passList.txt

passList.txt

 
 

userList.txt

userList.txt

 
 

wildPwn.py

wildPwn.py

 
 

wildPwn.war

wildPwn.war

 
 

Repository files navigation

wildPwn - WildFly Exploitation Tool

It is a tool for WildFly. Tool can be used to brute force or shell deploy. wildPwn.war contains modified Laudanum Shell. userList.txt contains common usernames and passList.txt contains common passwords.

Usage

Bruteforce

python wildPwn.py -m brute --target <TARGET> -user <USERNAME LIST> -pass <PASSWORD LIST>

Shell Deploy

python wildPwn.py -m deploy --target <TARGET> --port <PORT> -u <USERNAME> -p <PASSWORD>

Details

https://artofpwn.com/wildfly-exploitation.html

Video

PoC Video

Nmap Scripts

Detection

nmap --script wildfly-detect <TARGET>

Brute Force

nmap -p 9990 --script wildfly-brute --script-args "userdb=usernameList.txt,passdb=passList.txt,hostname=domain.com" <TARGET>

About

Brute forcer and shell deployer for WildFly

Resources

Readme

License

GPL-3.0 license
Activity

Stars

98 stars

Watchers

3 watching

Forks

46 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages