Tools

wildpwn – unix wildcard attack tool

wildpwn

 

wildpwn –  unix wildcard attack tool

Basic usage

It goes something like this:

usage: wildpwn.py [-h] [--file FILE] payload folder

Tool to generate unix wildcard attacks

positional arguments:
  payload      Payload to use: (combined | tar | rsync)
  folder       Where to write the payloads

optional arguments:
  -h, --help   show this help message and exit
  --file FILE  Path to file for taking ownership / change permissions. Use it
               with combined attack only.

 

Payload types

  • combined: Uses the chown & chmod file reference tricks, described in section 4.1 and 4.2, combined in a single payload.
  • tar: Uses the Tar arbitrary command execution trick, described in section 4.3.
  • rsync: Uses the Rsync arbitrary command execution trick, described in section 4.4.

DOWNLOAD

 

You Might Also Like

Leave a Reply