What's new

Darksplitz - exploit framework

Optex-Valid®

Optex-Valid®

Extreme Hot Vendor
Verfied Vendor
Premium User
Joined
Jan 28, 2016
Messages
2,067
Reaction score
85
Points
48
[IMG]

This tools is continued from Nefix, DirsPy and Xmasspy project.

Installation

Will work fine in the debian shade operating system, like Backbox, Ubuntu or Kali linux.

Code:
git clone https://github.com/koboi137/darksplitz
cd darksplitz/
sudo ./install.sh
Features

  • Extract mikrotik credential (user.dat)
  • Password generator
  • Reverse IP lookup
  • Mac address sniffer
  • Online md5 cracker
  • Mac address lookup
  • Collecting url from web.archive.org
  • Web backdoor (Dark Shell)
  • Winbox exploit (CVE-2018-14847)
  • ChimeyRed exploit for mipsbe (Mikrotik)
  • Exploit web application
  • Mass apple dos (CVE-2018-4407)
  • Libssh exploit (CVE-2018-10933)
  • Discovering Mikrotik device
  • Directory scanner
  • Subdomain scanner
  • Mac address scanner
  • Mac address pinger
  • Vhost scanner (bypass cloudflare)
  • Mass bruteforce (wordpress)
  • Interactive msfrpc client


Exploit web application

  • plUpload file upload
  • jQuery file upload (CVE-2018-9206)
  • Laravel (.env)
  • sftp-config.json (misc)
  • Wordpress register (enable)
  • elfinder file upload
  • Drupal 7 exploit (CVE-2018-7600)
  • Drupal 8 exploit (CVE-2018-7600)
  • com_fabrik exploit (joomla)
  • gravityform plugin file upload (wordpress)
  • geoplace3 plugin file upload (wordpress)
  • peugeot-music plugin file upload (wordpress)


Notes
This tool will work fine under root, because scapy module and other need root user to access more features. But you can run as user too in some features.

Download Darksplitz
 
Top