View Issue Details

IDProjectCategoryView StatusLast Update
0001024Kali Linux[All Projects] Queued Tool Additionpublic2021-05-18 11:02
Reporterg0tmi1k Assigned Todookie  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version1.0.7 
Target VersionFixed in Version1.0.7 
Summary0001024: Clusterd
DescriptionName: clusterd
Description: clusterd is an open source application server attack toolkit. Born out of frustration with current fingerprinting and exploitation methods, clusterd automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. See the wiki for more information.

Additional Information     bryan@debdev:~/tools/clusterd$ ./
             clusterd/0.1 - clustered attack toolkit
               Supporting jboss, coldfusion, weblogic, tomcat
     usage: ./ [options]
     optional arguments:
       -h, --help show this help message and exit
       Options for configuring the connection
       -i [ip address] Server address
       -iL [file] Server list
       -p [port] Server port
       --proxy [proxy://server:port]
                             Connect through proxy [http|https]
       --proxy-auth [username:password]
                             Proxy credentials
       --timeout [seconds] Connection timeout [5s]
       --random-agent Use a random User-Agent for requests
       --ssl Force SSL
     Remote Host:
       Settings specific to the remote host
       -a [jboss|coldfusion|weblogic|tomcat]
                             Hint at remote host service
       -o [windows|linux] Hint at remote host OS
       -v [version] Specific version to test
       --usr-auth [username:password]
                             Login credentials for service
       --fingerprint Fingerprint the remote system
       --arch [x86|x64] Specify remote OS architecture
       Deployment flags and settings
       --deploy [file] Deploy to the discovered service
       --deployer [deployer]
                             Specify a deployer to use
       --invoke Invoke payload after deployment
       -b [user] Brute force credentials for user [admin]
       --wordlist [path] Wordlist for brute forcing passwords
     jboss modules:
       --jb-info Dump host information
       --jb-list List deployed WARs
       --jb-smb Obtain SMB hash
     coldfusion modules:
       --cf-info Dump host information
     weblogic modules:
       --wl-info Gather WebLogic info
       --wl-list List deployed apps
       --wl-smb Obtain SMB hash
     tomcat modules:
       --tc-info Gather Tomcat info
       --tc-list List deployed WARs
       --tc-smb Obtain SMB hash
       Miscellaneous flags
       --deploy-list List all available deployers
       --aux-list List all available exploits
       --gen-payload [host:port] for reverse connection
                             Generate a reverse shell payload
       -d Enable debug output
       -l Log output to file [$time$_log.log]



2014-02-10 20:00

reporter   ~0001515

Added in clusterd_0.1.1+git20140210-0kali1. It will be in the repos soon.

Thanks for the suggestion.

Issue History

Date Modified Username Field Change
2014-02-09 21:34 g0tmi1k New Issue
2014-02-10 20:00 dookie Note Added: 0001515
2014-02-10 20:00 dookie Status new => resolved
2014-02-10 20:00 dookie Fixed in Version => 1.0.7
2014-02-10 20:00 dookie Resolution open => fixed
2014-02-10 20:00 dookie Assigned To => dookie
2021-05-18 11:02 g0tmi1k Category New Tool Requests => Queued Tool Addition