Code Monkey home page Code Monkey logo

as-exploits's Introduction

As-Exploits v1.0

**蚁剑后渗透框架

详细介绍:http://yzddmr6.tk/posts/as-exploits/

环境:JDK1.6 Tomcat7

支持脚本:php/jsp

Payload部分很多借鉴了冰蝎哥斯拉的实现,向其开发者们表示感谢!

模块介绍

基本信息

获取当前服务端信息。

image-20201123102429650

image-20201123102711289

反弹Shell

跟MSF联动,目前支持以下类型:

  • java/meterpreter/reverse_tcp

  • java/shell/reverse_tcp

  • java/meterpreter/bind_tcp

  • java/shell/bind_tcp

  • php/meterpreter/reverse_tcp

  • php/shell/reverse_tcp

  • php/meterpreter/bind_tcp

  • php/shell/bind_tcp

    image-20201123102902564

内存马

一键打入内存Webshell,由于时间仓促,目前仅支持Servlet型内存马。

可打入的内存马种类:

  • AntSword

  • Behinder

  • Godzilla-Base64

  • reGerog

    其中组件名称为注册的Servlet的名称,可以起一个具有迷惑性的名字来隐藏自己。

    image-20201123103009090

image-20201201202342251

image-20201201202450941

内存马管理

  • 获取当前Servlet
  • 卸载指定Servlet

image-20201123103108185

杀软识别

数据来源是key师傅的项目:avList

通过tasklist /svc获取当前进程列表,识别出其中的杀软。

目前支持手动跟自动两种获取方式:

  • 自动获取

    自动执行tasklist /svc并分析回显数据。

  • 手动获取

    手动输入tasklist /svc的结果。

    image-20201123103231582

注意事项

本插件仅供合法的渗透测试以及爱好者参考学习,请勿用于非法用途,否则自行承担相关责任。

as-exploits's People

Contributors

yzddmr6 avatar

Stargazers

Roman avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.