-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Creating your own exploit list
Ekultek edited this page Aug 9, 2018
·
3 revisions
In order to create your own modules list you will need to know the basics of how JSON works. It's actually extremely simple, all you need is the key exploits and an array of modules. For example:
{
"exploits": [
"exploit/multi/http/cups_bash_env_exec",
"exploit/multi/vnc/vnc_keyboard_exec",
"exploit/multi/http/apache_activemq_upload_jsp",
"exploit/multi/http/apache_jetspeed_file_upload",
"exploit/multi/http/apache_mod_cgi_bash_env_exec",
"exploit/multi/http/apache_roller_ognl_injection",
"exploit/multi/http/sonicwall_scrutinizer_methoddetail_sqli",
"exploit/multi/http/struts2_code_exec_showcase",
"exploit/multi/http/struts2_content_type_ognl",
"exploit/multi/http/struts2_rest_xstream",
"exploit/multi/http/struts_code_exec",
"exploit/multi/http/struts_code_exec_classloader",
"exploit/multi/http/struts_code_exec_exception_delegator",
"exploit/multi/http/struts_code_exec_parameters",
"exploit/multi/ssh/sshexec"
]
}
Lets break this down:
{
"exploits": # this is the key
[ # start the array
"exploit/multi/http/cups_bash_env_exec", # add all your exploits
"exploit/multi/vnc/vnc_keyboard_exec",
"exploit/multi/http/apache_activemq_upload_jsp",
"exploit/multi/http/apache_jetspeed_file_upload",
"exploit/multi/http/apache_mod_cgi_bash_env_exec",
"exploit/multi/http/apache_roller_ognl_injection",
"exploit/multi/http/sonicwall_scrutinizer_methoddetail_sqli",
"exploit/multi/http/struts2_code_exec_showcase",
"exploit/multi/http/struts2_content_type_ognl",
"exploit/multi/http/struts2_rest_xstream",
"exploit/multi/http/struts_code_exec",
"exploit/multi/http/struts_code_exec_classloader",
"exploit/multi/http/struts_code_exec_exception_delegator",
"exploit/multi/http/struts_code_exec_parameters",
"exploit/multi/ssh/sshexec"
] # close the array
} # close the JSON