down : https://github.com/x0rz/EQGRP_Lost_in_Translation
What are Fuzzbunch & DanderSpritz?
Fuzzbunch is what Metasploit is to penetration testers. It is an an easy to use framework written in Python, that allows you to launch exploits and interact with different supported implants. DanderSpritz is a Java based management command & control console to administer compromised computers. Think of it is a Remote Access Trojan to control your “servers”.
This is how the decompressed files look and the ones marked are Fuzzbunch (fb.py) & DanderSpritz (start_lp.py). At first, I tried running it with Python 2.7.13, but was unable to do so. Later as I read the code, I found the following:
1 | #!/usr/bin/python2.6 |
and
1 2 3 4 5 6 | SUPPORTED_ARCH = { 'win32': 'x86-Windows', 'linux2-i686': 'i686-Linux', 'linux2-x86_64': 'x86_64-Linux', 'solaris': 'sparc-SunOS'} |
So, you see you need Python 2.6.x (I used Python 2.6.6) on either of the above mentioned operating systems in order to run Fuzzbunch. It is used to invoke various attack modules. The use of these modules tend to be automated, where the modules automatically share information. Modules can also be modified by modifying their related XML files to define their own parameters.
Further, the source code reveals this:
1 2 3 4 5 6 7 8 | mswindows = (sys.platform == "win32")if mswindows: import win32pipe import win32file import pywintypes import win32event import subprocess |
So, you also need Python for Windows Extensions (PyWin32). I took a chance and downloaded the latest version pywin32-221.win32-py2.6.exe from here. Thinking that I had everything ready, I launched Fuzzbunch. I was greeted with a message about some directory not available. The answer to which is creating the following directory:
windows/listeningpostsPost all this on my Windows 7 test machine I got this:
Now, onto DanderSpritz – there are two ways to execute this C&C tool:
- Running Start.jar
- Running start_lp.py
The first time you execute DanderSpritz, you get a screen asking you for various configuration:
After you press “Go”, you are taken to a screen that looks like this:
The errors in red tell you what you are missing. So you can simply create a logging directory by running the configure_lb.py script.
One more of the errors – I think it has all the contents under “storage” – can be overcome by creating a dszopsdisk-x.zip archive.
That’s all for now folks!
'old > Web' 카테고리의 다른 글
| [자료] 웹기반 취약점 스캐너 (0) | 2017.10.12 |
|---|---|
| [Tool] 웹 기반 도구 모음 (0) | 2017.05.30 |
| [자료] LFI 설명 (0) | 2017.04.24 |
| [정리] kali (0) | 2017.03.27 |
| [자료] kali tools tutorial (0) | 2017.03.24 |
