简介
Xerosploit是一款强大的渗透测试工具包,它的目的是实现中间人攻击。它附带着各种有效的攻击载荷,并且还允许执行拒绝服务攻击和端口扫描。我们可以用这款工具来执行拒绝服务攻击和中间人攻击,Xerosploit自带的功能模块还可以捕捉目标用户的图片数据,我们可以将这些模块用于注入攻击之中。
下载链接
Xerosploit下载
git clone https://github.com/LionSec/xerosploit.git
下载完成后输入下方命令进入下载文件夹并使用python启动安装程序
cd xerosploit&&python install.py
如果显示错误请使用sudo命令安装
root@1:~# cd xerosploit && sudo python install.py
┌══════════════════════════════════════════════════════════════┐
█ █
█ Xerosploit Installer █
█ █
└══════════════════════════════════════════════════════════════┘
[++] Please choose your operating system.
1) Ubuntu / Kali linux / Others
2) Parrot OS
>>> 1
选择你对应的系统(建议使用kali或是Ubuntu系统)
当出现下列字符时即为安装成功。
Xerosploit has been sucessfuly instaled. Execute ‘xerosploit’ in your terminal.
打开终端输入Xerosploit打开工具
输入help查看软件教学
Xero ➮ help
╔══════════╦════════════════════════════════════════════════════════════════╗
║ ║ ║
║ ║ scan : Map your network. ║
║ ║ ║
║ ║ iface : Manually set your network interface. ║
║ COMMANDS ║ ║
║ ║ gateway : Manually set your gateway. ║
║ ║ ║
║ ║ start : Skip scan and directly set your target IP address. ║
║ ║ ║
║ ║ rmlog : Delete all xerosploit logs. ║
║ ║ ║
║ ║ help : Display this help message. ║
║ ║ ║
║ ║ exit : Close Xerosploit. ║
║ ║ ║
╚══════════╩════════════════════════════════════════════════════════════════╝
[+] Please type 'help' to view commands.
Xero ➮
[!] Error : Command not found.
[+] Please type 'help' to view commands.
Xero ➮
scan:映射您的网络。
iface : 手动设置你的网络接口。
gateway:手动设置您的网关.
start:跳过扫描,直接设置目标IP地址。
rmlog : 删除所有xerosploit日志。
help : 显示此帮助信息。
exit:关闭Xerosploit。
输入scan扫描一下网络
Xero ➮ scan
[++] Mapping your network ...
[+]═══════════[ Devices found on your network ]═══════════[+]
╔═════════════════╦═══════════════════╦═══════════════╗
║ IP Address ║ Mac Address ║ Manufacturer ║
╠═════════════════╬═══════════════════╬═══════════════╣
║ 192.168.147.2 ║ 00:50:56:F7:FD:A3 ║ (VMware) ║
║ 192.168.147.254 ║ 00:50:56:FB:5D:68 ║ (VMware) ║
║ 192.168.147.128 ║ 00:0C:29:7B:5C:0F ║ (This device) ║
║ ║ ║ ║
╚═════════════════╩═══════════════════╩═══════════════╝
[+] Please choose a target (e.g. 192.168.1.10). Enter 'help' for more information.
Xero ➮
继续往下输入
[++] 192.168.147.2 has been targeted.
[+] Which module do you want to load ? Enter 'help' for more information.
Xero»modules ➮ help
╔═════════╦══════════════════════════════════════════════════════════════════════╗
║ ║ ║
║ ║ pscan : Port Scanner ║
║ ║ ║
║ ║ dos : DoS Attack ║
║ ║ ║
║ ║ ping : Ping Request ║
║ ║ ║
║ ║ injecthtml : Inject Html code ║
║ ║ ║
║ ║ injectjs : Inject Javascript code ║
║ ║ ║
║ ║ rdownload : Replace files being downloaded ║
║ ║ ║
║ ║ sniff : Capturing information inside network packets ║
║ MODULES ║ ║
║ ║ dspoof : Redirect all the http traffic to the specified one IP ║
║ ║ ║
║ ║ yplay : Play background sound in target browser ║
║ ║ ║
║ ║ replace : Replace all web pages images with your own one ║
║ ║ ║
║ ║ driftnet : View all images requested by your targets ║
║ ║ ║
║ ║ move : Shaking Web Browser content ║
║ ║ ║
║ ║ deface : Overwrite all web pages with your HTML code ║
║ ║ ║
╚═════════╩══════════════════════════════════════════════════════════════════════╝
[+] Which module do you want to load ? Enter 'help' for more information.
pscan : 端口扫描器。
dos : DoS攻击
ping : Ping请求
injecthtml : 注入Html代码。
injectjs : 注入Javascript代码。
rdownload 。 替换正在下载的文件
sniff : 捕捉网络数据包中的信息 ║嗅探 : 捕捉网络数据包中的信息
dspoof : 重定向所有的http流量到指定的一个IP。
yplay : 在目标浏览器中播放背景音 。
replace : 将所有网页图片替换为自己的图片。
driftnet : 查看您的目标所需的所有图片。
move:摇动网页浏览器内容。
deface : 用你的HTML代码覆盖所有网页。
1150
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
