-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Usage
Ekultek edited this page Mar 1, 2018
·
4 revisions
Autosploit has multiple usage options, you can pass flags via the terminal or you can run the AutoSploit terminal itself.
Starting AutoSploit without any flags will drop you into the Autosploit terminal:
sudo python autosploit.py
#SploitaSaurusRex
O_ RAWR!!
/ >
- > ^\
/ > ^ /
(O) > ^ / / / /
_____ | \\|//
/ __ \ _/ / / _/
/ / | | / / / /
_/ |___/ / / ------_/ /
==_| \____/ _/ / ______/
\ \ __/ |\
| \_ ____/ / \ _
\ \________/ |\ \----/_V
\_ / \_______ V
\__ / \ / V
\ \ \
\______ \_ \
\__________\_ \
/ / \_ |
| _/ \ |
/ _/ \ |
| / | |
\ \__ | \__
/\____=\ /\_____=\ v(2.0)
[+] welcome to autosploit, give us a little bit while we configure
[+] checking for services
[-] no arguments have been parsed, defaulting to terminal session. press 99 to quit and help to get help
[+] checking if there are multiple exploit files
[+] attempting to load API keys
[+] Shodan API token loaded from /home/baal/bin/python/autosploit/etc/tokens/shodan.key
[+] Censys API token loaded from /home/baal/bin/python/autosploit/etc/tokens/censys.key
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit#
From here you choose one of the following options:
1. Usage And Legal <- Display the usage and legal information
2. Gather Hosts <- Gather hosts to exploit
3. Custom Hosts <- Load a custom hosts file
4. Add Single Host <- Add a single host to the hosts.txt file
5. View Gathered Hosts <- View all your gathered hosts from the hosts.txt file
6. Exploit Gathered Hosts <- Start exploiting the already gathered hosts
99. Quit <- Exit the terminal and the program
You can also pass the help command to display a list of available helps:
root@autosploit# help help
[-] unable to find help for provided command 'help'
[+] available helps 'gather, exploit, custom, single, exit, usage, view'
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit# help custom
[+] help found for provided argument:
------------------------------
provided a custom host list that will be used for exploitation
option 3 must be provided
------------------------------
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit# help exploit
[+] help found for provided argument:
------------------------------
exploit already gathered hosts from the hosts.txt file
option 6 must be provided
------------------------------
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit#
If a wrong option is input it will prompt back to the default menu:
root@autosploit# test
[-] option must be integer not string
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit# 0
[-] invalid option provided
1. Usage And Legal
2. Gather Hosts
3. Custom Hosts
4. Add Single Host
5. View Gathered Hosts
6. Exploit Gathered Hosts
99. Quit
root@autosploit#
Autosploit comes complete with the ability to pass command line arguments to do things on the fly. You can search 3 different IoT search engines, Shodan, Censys, and ZoomEye note: you will need API keys for shodan and censys.
search engines:
possible search engines to use
-c, --censys use censys.io as the search engine to gather hosts
-z, --zoomeye use zoomeye.org as the search engine to gather hosts
-s, --shodan use shodan.io as the search engine to gather hosts
-a, --all search all available search engines to gather hosts
Modifying requests is simple, you are allowed to run behind a proxy of any type matching this regex ((socks\d+)?(http(s)?)?://) and change your user-agent at your discretion:
requests:
arguments to edit your requests
--proxy PROTO://IP:PORT
run behind a proxy while performing the searches
--random-agent use a random HTTP User-Agent header
-P USER-AGENT, --personal-agent USER-AGENT
pass a personal User-Agent to use for HTTP requests
-q QUERY, --query QUERY
pass your search query
To start right off with exploiting all you have to do is pass pass the exploit flags, if you don't have MSF in your path you can pass the flag to provide the full path:
exploits:
arguments to edit your exploits
-E PATH, --exploit-file PATH
provide a text file to convert into JSON and save for
later use
-C WORKSPACE LHOST LPORT, --config WORKSPACE LHOST LPORT
set the configuration for MSF (IE -C default 127.0.0.1
8080)
-e, --exploit start exploiting the already gathered hosts
misc arguments:
arguments that don't fit anywhere else
--ruby-exec if you need to run the Ruby executable with MSF use
this
--msf-path MSF-PATH pass the path to your framework if it is not in your
ENV PATH