Skip to content
Web Command Injection Tool
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
mando.me.py

README.md

Please, I need testers and feedback. Feel free to test and leave some comments or issues that you might find.

mando.me

This tool is under development, but feel free to use it and improve it as you like. contribution is appreciated...

Since smplshllctrlr a lot has happened:

  • Automated exploit-injection via POST or GET (eg. ./mando.me.py --cookie "security=low;PHPSESSID=DEADBEEFDEADBEEFDEADBEEFDEADBEEF" --url "http://metasploitable:2280/dvwa/vulnerabilities/exec/" --post "{'submit':'','ip':_INJECT_}")
  • Encrypted agent communication
  • Meterpreter/Reverse Shell Injection
  • A more user friendly UI
  • Built in post exlpoitation tools (enumeration, privilege escalation etc.)
  • And much more...

DISCLAIMER:

You shall not misuse this tool to gain unauthorized access. This tool should only be used to expand knowledge, and not for causing malicious or damaging attacks. Performing any attacks without written permission from the owner of the system is illegal.

You can’t perform that action at this time.