Skip to content

Usage

Jump to bottom
Ekultek edited this page May 7, 2019 · 4 revisions

Usage options

Autosploit has multiple usage options, you can pass flags via the terminal or you can run the AutoSploit terminal itself.

Terminal usage

Starting AutoSploit without any flags will drop you into the Autosploit terminal:

sudo python autosploit.py 
Password:
                              _____     _       _____     _     _ _
#--Author : Vector/NullArray |  _  |_ _| |_ ___|   __|___| |___|_| |_
#--Twitter: @Real__Vector    |     | | |  _| . |__   | . | | . | |  _|
#--Type   : Mass Exploiter   |__|__|___|_| |___|_____|  _|_|___|_|_|
#--Version: 3.1.3                                      |_|
##############################################
    
[+] welcome to autosploit, give us a little bit while we configure
[i] checking your running platform
[i] checking for disabled services
[i] checking if there are multiple exploit files
[+] total of 3 exploit files discovered for use, select one:
1. 'default_modules'
2. 'ArnSRUz'
3. 'default_fuzzers'
root@autosploit# 1
[+] attempting to load API keys
[+] Shodan API token loaded from /Users/admin/bin/tools/autosploit/etc/tokens/shodan.key
[+] Censys API token loaded from /Users/admin/bin/tools/autosploit/etc/tokens/censys.key
[-] no arguments have been parsed at run time, dropping into terminal session. to get help type `help` to quit type `exit/quit` to get help on a specific command type `command help`
root@autosploit#

From here, you can run the help command to be provided a list of possible commands that are integrated into autosploit:

root@autosploit# help

COMMAND:                SUMMARY:
---------               --------
view/show               Show the already gathered hosts
mem[ory]/history        Display the command history
exploit/run/attack      Run the exploits on the already gathered hosts
search/api/gather       Search the API's for hosts
exit/quit               Exit the terminal session
single                  Load a single host into the file
personal/custom         Load a custom host file
tokens/reset            Reset API tokens if needed
external                View loaded external commands
ver[sion]               View the current version of the program
clean/clear             Clean the hosts.txt file of duplicate IP addresses
help/?                  Display this help

root@autosploit#

You can also pass help <COM> to see the help for a specific command:

root@autosploit# help search

        Explanation:
        -----------
        Load a custom exploit file, this is useful to attack already gathered hosts
        instead of trying to gather them again from the backup host files inside
        of the `.autosploit_home` directory

        Parameters:
        -----------
        :param file_path: the full path to the loadable hosts file

        Examples:
        ---------
        custom/personal /some/path/to/myfile.txt
        
[!] must provide a list of API names after `search` keyword and query (IE search shodan,censys apache2)
root@autosploit#

There are a few cool features that come complete with autosploit, including history backups, host backups, tab completion, and the ability to run external commands from inside the autosploit terminal.

Command line arguments

Autosploit comes complete with the ability to pass command line arguments to do things on the fly. You can search 3 different IoT search engines, Shodan, Censys, and ZoomEye note: you will need API keys for shodan and censys.

search engines:
  possible search engines to use

  -c, --censys          use censys.io as the search engine to gather hosts
  -z, --zoomeye         use zoomeye.org as the search engine to gather hosts
  -s, --shodan          use shodan.io as the search engine to gather hosts
  -a, --all             search all available search engines to gather hosts

Modifying requests is simple, you are allowed to run behind a proxy of any type matching this regex ((socks\d+)?(http(s)?)?://) and change your user-agent at your discretion:

requests:
  arguments to edit your requests

  --proxy PROTO://IP:PORT
                        run behind a proxy while performing the searches
  --random-agent        use a random HTTP User-Agent header
  -P USER-AGENT, --personal-agent USER-AGENT
                        pass a personal User-Agent to use for HTTP requests
  -q QUERY, --query QUERY
                        pass your search query

To start right off with exploiting all you have to do is pass pass the exploit flags, if you don't have MSF in your path you can pass the flag to provide the full path:

exploits:
  arguments to edit your exploits

  -E PATH, --exploit-file PATH
                        provide a text file to convert into JSON and save for
                        later use
  -C WORKSPACE LHOST LPORT, --config WORKSPACE LHOST LPORT
                        set the configuration for MSF (IE -C default 127.0.0.1
                        8080)
  -e, --exploit         start exploiting the already gathered hosts

misc arguments:
  arguments that don't fit anywhere else

  --ruby-exec           if you need to run the Ruby executable with MSF use
                        this
  --msf-path MSF-PATH   pass the path to your framework if it is not in your
                        ENV PATH
  --whitelist PATH      only exploit hosts listed in the whitelist file
Graffiti the world, with exploits
Clone this wiki locally