Categories: Kali Linux

MEC : massExploitConsole For Concurrent Exploiting

massExploitConsole a collection of hacking tools with a CLI & UI for concurrent exploiting. Following are the features of MEC;

  • an easy-to-use cli ui
  • execute any adpated exploits with process-level concurrency
  • some built-in exploits (automated)
  • hide your ip addr using proxychains4 and ss-proxy (built-in)
  • zoomeye host scan (10 threads)
  • a simple baidu crawler (multi-threaded)
  • censys host scan

Also Read : Most Popular Hacking Tools in 2018

MEC Getting Started

git clone https://github.com/jm33-m0/massExpConsole.git && cd massExpConsole && ./install.py

  • when installing pypi deps, apt-get install libncurses5-dev (for Debian-based distros) might be needed
  • now you should be good to go (if not, please report missing deps here)
  • type proxy command to run a pre-configured Shadowsocks socks5 proxy in the background, vim ./data/ss.json to edit proxy config. and, ss-proxy exits with mec.py

Requirements

  • GNU/Linux, WSL, MacOS (not tested), fully tested under Arch Linux, Kali Linux (Rolling, 2018), Ubuntu Linux (16.04 LTS) and Fedora 25 (it will work on other distros too as long as you have dealt with all deps)
  • Python 3.5 or later (or something might go wrong, https://github.com/jm33-m0/massExpConsole/issues/7#issuecomment-305962655)
  • proxychains4 (in $PATH), used by exploiter, requires a working socks5 proxy (you can modify its config in mec.py)
  • Java is required when using Java deserialization exploits, you might want to install openjdk-8-jre if you haven’t installed it yet.

Note: That you have to install all the deps of your exploits or tools as well.

Usage

  • just run mec.py, if it complains about missing modules, install them
  • if you want to add your own exploit script (or binary file, whatever):
    • cd exploits, mkdir <your_exploit_dir>
    • your exploit should take the last argument passed to it as its target, dig into mec.py to know more
    • chmod +x <exploit> to make sure it can be executed by current user
    • use attack command then m to select your custom exploit
  • type help in the console to see all available features
  • zoomeye requires a valid user account config file zoomeye.conf

Disclaimer

  • Please use this tool only on authorized systems, im not responsible for any damage caused by users who ignore my warning.
R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

2 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

2 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 weeks ago