Skip to content
This repository has been archived by the owner on Jan 18, 2024. It is now read-only.

hlldz/wildPwn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
Nmap Scripts
Nmap Scripts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
passList.txt
passList.txt
 
 
userList.txt
userList.txt
 
 
wildPwn.py
wildPwn.py
 
 
wildPwn.war
wildPwn.war
 
 

Repository files navigation

wildPwn - WildFly Exploitation Tool

It is a tool for WildFly. Tool can be used to brute force or shell deploy. wildPwn.war contains modified Laudanum Shell. userList.txt contains common usernames and passList.txt contains common passwords.

Usage

Bruteforce

python wildPwn.py -m brute --target <TARGET> -user <USERNAME LIST> -pass <PASSWORD LIST>

Shell Deploy

python wildPwn.py -m deploy --target <TARGET> --port <PORT> -u <USERNAME> -p <PASSWORD>

Details

https://artofpwn.com/wildfly-exploitation.html

Video

PoC Video

Nmap Scripts

Detection

nmap --script wildfly-detect <TARGET>

Brute Force

nmap -p 9990 --script wildfly-brute --script-args "userdb=usernameList.txt,passdb=passList.txt,hostname=domain.com" <TARGET>

About

Brute forcer and shell deployer for WildFly

Resources

Readme

License

GPL-3.0 license
Activity

Stars

100 stars

Watchers

3 watching

Forks

46 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages