Skip to content

stevecoward/pentest-scripts

BranchesTags

Repository files navigation

Pentest Scripts

This repository serves as the home for any scripts I wind up creating while on an engagement. Some scripts may be very specific to my needs, but generally I will aim to keep this collection as generic as possible.

Legal Disclaimer

The scripts contained within this repository are supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. I cannot accept responsibility for any damage caused by the use or misuse of this information.

Scripts

decrypt-lm-hashes.py

  • Multi-threaded console script.
  • Uses the online Rainbox Tables hosted by Offensive Security.
  • Requires a priority code to use the online RT service.

Installation:

» pip install requirements.txt
» python decrypt-lm-hashes.py --help
Usage: decrypt-lm-hashes.py [OPTIONS]

Options:
  --hash-list-file TEXT  File containing LM hashes to decrypt.  [required]
  --priority-code TEXT   Code required to use the online cracker.  [required]
  --help                 Show this message and exit.

wpforum-sqli-exploit.py

  • Console script.
  • Implementation of WP-Forum plugin SQLi vulnerability (SecurityFocus Info)
  • Checks if installed Wordpress and WP-Forum plugin versions are vulnerable.
  • Default payload returns hashed admin password value.

Installation:

» pip install requirements.txt
» python wpforum-sqli-exploit.py --help
Usage: wpforum-sqli-exploit.py [OPTIONS]

Options:
  --url TEXT         Target URL.
  --wp-path TEXT     Path to target Wordpress instance.
  --post-id INTEGER  Post id to use against target Wordpress instance.
  --payload TEXT     SQLi code to execute on target.
  --help             Show this message and exit.

searchsploit-x

  • Bash script to have better search capabilities than the default searchsploit script in Kali LInux.
  • Requires exploitdb database to be installed on the system.
  • Relies on ack-grep to be installed.
  • Searches file contents for parameters provided.
  • Returns a familiar output format for ease of use.
» ./searchsploit-x 
Usage:  term1 [term2] ... [termN]
Example:  oracle windows local

=======
Options
=======

   -c           Perform case-sensitive searches; by default, searches will try to be greedy
   -h, --help   Show help screen
   -v           By setting verbose output, description lines are allowed to overflow their columns

*NOTES*
Depends on ack-grep (apt-get install ack-grep).
Searches file contents for 'term' instead of just exploit-db vuln summary.
Use any number of search terms you would like (minimum of one).
Search terms are not case sensitive, and order is irrelevant.

About

A collection of scripts created during pentesting

Resources

Readme
Activity

Stars

5 stars

Watchers

2 watching

Forks

14 forks
Report repository

Releases 1

v1.0 Latest
Sep 8, 2017

Packages

No packages published

Languages