David Davidson
David Davidson
Spotted this a while back, thought it would make for a neat feature to add alongside the HTTP proxying. https://github.com/sensepost/reGeorg
This is already somewhat possible, with some buggering around and stuff, but it would be neat to have a properly documented/supported way to do "import weevely" from other python programs...
Another "pivot" module, seperate but similar to the SOCKS5 proxying. Allows tunnelling arbritary TCP connections via a backdoored box. Very useful for pivoting onward to, say, SSH on the local...
From the readme: "In the United States, it's illegal to broadcast encrypted messages on amateur radio frequencies.". Would it be possible to perhaps add a config option to enable encryption...
This honestly might be better as something we fork and pull in remotely at runtime, but I'd be interested in thoughts on implementing something like Mimipenguin for dumping creds out...
This works, but its not reliable/stable enough to commit yet. I was thinking instead of just flagging one service in there, actually using grep -E with a list of VM...
Would be neat to be able to add bad/default SSH keys, for example the ones in the https://github.com/rapid7/ssh-badkeys repo, for a start.
Need to get around to adding BinaryEdge support once they ship the SSH fingerprint function.
See [updated advisory](https://www.redteam-pentesting.de/en/advisories/rt-sa-2019-003/-cisco-rv320-unauthenticated-configuration-export), note that the request to dump the config changed from a simple GET to a POST request. We may actually do a full rewrite as part of...
The patch for this failed miserably. We already evade the `curl` blacklisting by using `requests`, however we will need to very slightly tweak our command injection payload to evade a...