WMD is a python tool with an accumulation of IT security software. The product is incapsulated in “modules”. The modules consists of unadulterated python code and or external third programs.
Main functions Of WMD
- To use a module, run the command “use [module_call]”, e.g. “use apsniff”, to activate the module.
- The modules options can be changed with “set [parameter] [value]”.
- Inside the modules, you always have the possibilty to view the options with the command “so”.
- Your environment settings is in core/config.ini. Please adjust them before running.
Also Read Air-Hammer – A Online Brute-Force Attack Tool
WMD Web Menu
Run the command “www” from the console to activate a Flask server showing the modules in your browser. Access it from: 127.0.0.1:5000.
Modules are loaded directly into a xterm.
DEV: Try the SniffHTTP and APsniff module – define parameters in the browser.
WMD Modules
CAT |
TYPE |
CALL |
NAME |
DESCRIPTION |
---|---|---|---|---|
bruteforce | creds | changeme | Default creds scan | Scan IP’s for services and try logging in with default credentials (Arthur: ztgrace) |
bruteforce | loginpath | adminfinder | Admin Finder | A Simple script to find admin-paths for webpages. (Arthur: Spaddex) |
bruteforce | rar | bfrar | BF RAR | Bruteforce a RAR file |
bruteforce | ssh | bfssh | Bruteforce SSH | Bruteforce SSH login |
bruteforce | web | bfweb | Bruteforce weblogin form | Bruteforce a weblogin form with word- and passlist |
bruteforce | zip | bfzip | BF ZIP | Bruteforce a ZIP file |
cracking | aut | john | John the Ripper | As you know – kill the hash |
cracking | hash | hashid | Identify hash | Identify a hash |
cracking | wpa | crackwpa | Crack WPA 4-way handshake | Gather WPA 4-way handshake from accesspoint and crack it |
exploit | browser | browserpwn | Browser Autopwn2 | This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com) |
exploit | search | exploitdb | Exploitdb | Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu) |
sin | mspoofcheck | Spoofcheck email domain | Check if a domain can be spoofed for e.g. emailing | |
monitor | arp | arpmon | ARP monitor alert | Monitor ARP table and alert for changes |
monitor | ip | ipmon | IP monitor alert | Monitor IP’s and alert for changes |
other | settings | settings | Change settings | Change your environment settings, e.g. interface |
pentesting | niptt | sparta | SPARTA | SPARTA is a python GUI application which simplifies network infrastructure penetration testing. |
phishing | ap | etphis | Ewil Twin phishing | Create a Evil Twin and redirect user to fake password page. |
phishing | webpage | webphis | Webpage phishing | Run a local flask server with phishing pages. |
recon | dns | dig | Domain info groper | Using dig command you can query DNS name servers for your DNS lookup related tasks |
recon | dns | dnsmap | dnsmap | DNS Network Mapper. Enumeration and bruteforcing. |
recon | dns | dnsrecon | dnsrecon | Multiple DNS recon abilities. |
router | framework | rsploit | Routersploit | Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security) |
scan | sin | lanscan | Lan scan | Scan local net – recon |
sniff | aut | apsniff | AP sniff | Create AP and sniff HTTPS and avoid HSTS + Beef |
sniff | http | sniffhttp | Sniff HTTP | Sniff HTTP packages. Extract username and passwords from traffic. |
sniff | sin | bettercap | Bettercap | Bettercap integration for sniffing packets and bypass HSTS and HTTPS |
socialeng | instabot | Instagram bot | Instagram bot for performing various activities (Arthur: LevPasha) | |
spoof | arp | arpspoof | ARP spoof | Spoofing ARP |
sql | sqli | gdsqli | Gdork SQLi | Scrape net for urls and check if they are prone to SQL injection |
sql | sqli | sqlmap | SQLmap | Just an activation of SQLmap. |
system | mac | macc | Macchanger | Change your MAC address |
tools | search | searchht | Search hacktools | Searchengine for hackingtools |
wifi | accesspoint | createap | Create an Accesspoint | Create an Accesspoint |
wifi | wifi | wifiutils | WiFi utils | Utilities for WiFi, e.g. deauth, WiFi’s, clients, probes, etc. |
Run
Before your first run, please: 1. Adjust your environment settings in core/config.ini.default
2. Rename core/config.ini.default
to core/config.ini
Start the console with: python3 wmd.py
Start a single module: python3 wmd.py -m [CALL]
Start webserver: python3 wmd.py -w
Start without checking requirements: python3 wmd.py -nc
WMD Requirements
Before your first run, please: 1. Adjust your environment settings in core/config.ini.default
2. Rename core/config.ini.default
to core/config.ini
Requirements:
- Linux operating system
- Python3
- Python libraries requirements in requirements.txt
Optional tools/software/GIT:
modules which needs them will inform you about it and just dont run..
- GIT: Admin-Finder
- Aircrack-ng
- Airomon-ng
- Airodump-ng
- Airolib-ng
- Arp
- Arpspoof
- Beef
- Bettercap
- GIT: changeme
- CrackMapExec
- Create_ap
- Dig
- Dnsmap
- GIT: Dnsrecon
- GIT: Exploitdb
- GIT: Hashid
- Hostapd
- GIT: Instabot
- John the Ripper
- Nmap
- GIT: Routersploit
- SPARTA
- GIT: Spoofcheck
- GIT: XSSER
Development
Structure
- core –> The core files with functions used all over the code
- files –> Static files, passwordlist, etc.
- logs –> Standard folder for saving logs into
- modules –> Containing the modules
- tmp –> Guess
- tools –> GIT tools
- www –> Files for the webserver
New module
Checkout the template in modules/module_template.py
Add module
Run python3 wmd.py -a modulePathName.py
Pull requests
- Only python3 code
- Code needs to follow pep8 flake8 (no need for linebreak)
Todo
First priority
- More modules
Interactive webinterface. Set settings and get results in the browser<– sniffhttp and apsniff done- Rename config.ini to config.ini.default to avoid overriding userspecific config file
Various
- Proxychain
- Tor
- Threading on all BF
- Try/except on imports on modules for running with os.system
- Add run command with : in modules
- Add info about ‘set para value’ in modules (missing?!)
- Regenerate modules.xml (loop through modules)
- Design modules with core import and parser for design
- Check that there are enough credit to arthurs of tools, repos, etc.
- Split updatetools into local tools vs git
- When adding modules strip <> to ensuring XML format
- Change behavior of install and update tools
- Add invoke option inside all modules
- All modules – change options to Options
- Split files folder up into lists, etc
- Core network and wifi – merged?
- Original arthurs will be displayed below banner on modules. Todo.
- When showing modules indicate somehow what they require
Set modules parameters in browser dialog- Add args to all modules and create dialog HTML (automated tool in development)
core/tools.py
Do a run through config.ini and extract names for the updatecommand instead of DRY in two functions
Internal code
- cleanup getLocalIP (local_ip) in functions
- PEP8/Flake8 for old modules
Modules
SQLmapSpartahttp sniff pwd<– DoneEvil Twin– deauth + info about unmanaging in NetworkManagerEvil Twin – arg parse for landingpage / + logfunction- monitor network auto
- xsser
- target attack website or ip
- system information
- dns fake
- grep, sed, awk
- scapy on all network activity
- Admin finder – checkout google/bing search before BF
- Changeme – Ztgrace
- Osint frame
- Bettercap modules. Implementation in other modules. Excellent performance.
- Create Access Point with hostapd and dnsmasq. Already implemented in Ewil Twin