View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001024 | Kali Linux | [All Projects] Queued Tool Addition | public | 2014-02-09 21:34 | 2021-05-18 11:02 |
Reporter | g0tmi1k | Assigned To | dookie | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | resolved | Resolution | fixed | ||
Product Version | 1.0.7 | ||||
Target Version | Fixed in Version | 1.0.7 | |||
Summary | 0001024: Clusterd | ||||
Description | Name: clusterd Homepage: https://github.com/hatRiot/clusterd Download: https://github.com/hatRiot/clusterd/archive/master.zip Description: clusterd is an open source application server attack toolkit. Born out of frustration with current fingerprinting and exploitation methods, clusterd automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. See the wiki for more information. | ||||
Additional Information | bryan@debdev:~/tools/clusterd$ ./clusterd.py clusterd/0.1 - clustered attack toolkit Supporting jboss, coldfusion, weblogic, tomcat usage: ./clusterd.py [options] optional arguments: -h, --help show this help message and exit Connection: Options for configuring the connection -i [ip address] Server address -iL [file] Server list -p [port] Server port --proxy [proxy://server:port] Connect through proxy [http|https] --proxy-auth [username:password] Proxy credentials --timeout [seconds] Connection timeout [5s] --random-agent Use a random User-Agent for requests --ssl Force SSL Remote Host: Settings specific to the remote host -a [jboss|coldfusion|weblogic|tomcat] Hint at remote host service -o [windows|linux] Hint at remote host OS -v [version] Specific version to test --usr-auth [username:password] Login credentials for service --fingerprint Fingerprint the remote system --arch [x86|x64] Specify remote OS architecture Deploy: Deployment flags and settings --deploy [file] Deploy to the discovered service --deployer [deployer] Specify a deployer to use --invoke Invoke payload after deployment -b [user] Brute force credentials for user [admin] --wordlist [path] Wordlist for brute forcing passwords jboss modules: --jb-info Dump host information --jb-list List deployed WARs --jb-smb Obtain SMB hash coldfusion modules: --cf-info Dump host information weblogic modules: --wl-info Gather WebLogic info --wl-list List deployed apps --wl-smb Obtain SMB hash tomcat modules: --tc-info Gather Tomcat info --tc-list List deployed WARs --tc-smb Obtain SMB hash Other: Miscellaneous flags --deploy-list List all available deployers --aux-list List all available exploits --gen-payload [host:port] for reverse connection Generate a reverse shell payload -d Enable debug output -l Log output to file [$time$_log.log] | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2014-02-09 21:34 | g0tmi1k | New Issue | |
2014-02-10 20:00 | dookie | Note Added: 0001515 | |
2014-02-10 20:00 | dookie | Status | new => resolved |
2014-02-10 20:00 | dookie | Fixed in Version | => 1.0.7 |
2014-02-10 20:00 | dookie | Resolution | open => fixed |
2014-02-10 20:00 | dookie | Assigned To | => dookie |
2021-05-18 11:02 | g0tmi1k | Category | New Tool Requests => Queued Tool Addition |