Specify targets and run sets of tools against them
autopwn is designed to make a pentester's life easier and more consistent by allowing them to specify tools they would like to run against targets, without having to type them in a shell or write a script. This tool will probably be useful during certain exams as well..
It is recommended that you use the docker image while exposing TCP 5000 for autopwn clients to connect to. This is because the autopwn docker image is already setup (tools are installed and in the right place).
Only allow this package to listen on a loopback IP address. If you have this package listen on a public IP, you're allowing arbitrary users to execute commands as root on your server. Eventually, HTTPS and credentials will be required, but for now, don't be a moron.
docker pull rascal999/autopwn
docker run -i -t -p 127.0.0.1:5000:5000 rascal999/autopwn /usr/sbin/autopwn
- Run autopwn client (you can get the Java application at https://github.com/rascal999/autopwn-gui)
From the Python Package Index (for development)
pip install autopwn
From this repository
- Clone the Git repository
- Change into the newly created directory
pip install .
Running autopwn will start the web server.
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit) * Restarting with stat 127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /ping HTTP/1.1" 200 - 127.0.0.1 - - [15/Nov/2015 11:04:41] "GET /favicon.ico HTTP/1.1" 404 -
In order to interface with autopwn you should use autopwn-gui (available at https://github.com/rascal999/autopwn-gui). You can also use autopwn-cli (available at https://github.com/rascal999/autopwn-cli). If you're interested in the API, you can also do stuff in the browser.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Developed by Aidan Marlin (aidan [dot] marlin [at] nccgroup [dot] com) while working at NCC Group.
I'd like to thank the following contributors for their work on previous autopwn versions: