Categories: Kali Linux

WMD – Weapon of Mass Destruction

WMD is a python tool with an accumulation of IT security software. The product is incapsulated in “modules”. The modules consists of unadulterated python code and or external third programs.

Main functions Of WMD

  • To use a module, run the command “use [module_call]”, e.g. “use apsniff”, to activate the module.
  • The modules options can be changed with “set [parameter] [value]”.
  • Inside the modules, you always have the possibilty to view the options with the command “so”.
  • Your environment settings is in core/config.ini. Please adjust them before running.

Also Read Air-Hammer – A Online Brute-Force Attack Tool

WMD Web Menu

Run the command “www” from the console to activate a Flask server showing the modules in your browser. Access it from: 127.0.0.1:5000.

Modules are loaded directly into a xterm.
DEV: Try the SniffHTTP and APsniff module – define parameters in the browser.

WMD Modules

CAT
TYPE
CALL
NAME
DESCRIPTION
bruteforce creds changeme Default creds scan Scan IP’s for services and try logging in with default credentials (Arthur: ztgrace)
bruteforce loginpath adminfinder Admin Finder A Simple script to find admin-paths for webpages. (Arthur: Spaddex)
bruteforce rar bfrar BF RAR Bruteforce a RAR file
bruteforce ssh bfssh Bruteforce SSH Bruteforce SSH login
bruteforce web bfweb Bruteforce weblogin form Bruteforce a weblogin form with word- and passlist
bruteforce zip bfzip BF ZIP Bruteforce a ZIP file
cracking aut john John the Ripper As you know – kill the hash
cracking hash hashid Identify hash Identify a hash
cracking wpa crackwpa Crack WPA 4-way handshake Gather WPA 4-way handshake from accesspoint and crack it
exploit browser browserpwn Browser Autopwn2 This module will automatically serve browser exploits (Arthur: sinn3r[at]metasploit.com)
exploit search exploitdb Exploitdb Shell-style script to search exploit-db.com exploits. (Arthur: mattoufoutu)
mail sin mspoofcheck Spoofcheck email domain Check if a domain can be spoofed for e.g. emailing
monitor arp arpmon ARP monitor alert Monitor ARP table and alert for changes
monitor ip ipmon IP monitor alert Monitor IP’s and alert for changes
other settings settings Change settings Change your environment settings, e.g. interface
pentesting niptt sparta SPARTA SPARTA is a python GUI application which simplifies network infrastructure penetration testing.
phishing ap etphis Ewil Twin phishing Create a Evil Twin and redirect user to fake password page.
phishing webpage webphis Webpage phishing Run a local flask server with phishing pages.
recon dns dig Domain info groper Using dig command you can query DNS name servers for your DNS lookup related tasks
recon dns dnsmap dnsmap DNS Network Mapper. Enumeration and bruteforcing.
recon dns dnsrecon dnsrecon Multiple DNS recon abilities.
router framework rsploit Routersploit Framework for routers with exploits and getting creds. (Arthur: Reverse Shell Security)
scan sin lanscan Lan scan Scan local net – recon
sniff aut apsniff AP sniff Create AP and sniff HTTPS and avoid HSTS + Beef
sniff http sniffhttp Sniff HTTP Sniff HTTP packages. Extract username and passwords from traffic.
sniff sin bettercap Bettercap Bettercap integration for sniffing packets and bypass HSTS and HTTPS
socialeng instagram instabot Instagram bot Instagram bot for performing various activities (Arthur: LevPasha)
spoof arp arpspoof ARP spoof Spoofing ARP
sql sqli gdsqli Gdork SQLi Scrape net for urls and check if they are prone to SQL injection
sql sqli sqlmap SQLmap Just an activation of SQLmap.
system mac macc Macchanger Change your MAC address
tools search searchht Search hacktools Searchengine for hackingtools
wifi accesspoint createap Create an Accesspoint Create an Accesspoint
wifi wifi wifiutils WiFi utils Utilities for WiFi, e.g. deauth, WiFi’s, clients, probes, etc.

Run

Before your first run, please: 1. Adjust your environment settings in core/config.ini.default 2. Rename core/config.ini.default to core/config.ini

Start the console with: python3 wmd.py

Start a single module: python3 wmd.py -m [CALL]

Start webserver: python3 wmd.py -w

Start without checking requirements: python3 wmd.py -nc

WMD Requirements

Before your first run, please: 1. Adjust your environment settings in core/config.ini.default 2. Rename core/config.ini.default to core/config.ini

Requirements:

  • Linux operating system
  • Python3
  • Python libraries requirements in requirements.txt

Optional tools/software/GIT:
modules which needs them will inform you about it and just dont run..

  • GIT: Admin-Finder
  • Aircrack-ng
  • Airomon-ng
  • Airodump-ng
  • Airolib-ng
  • Arp
  • Arpspoof
  • Beef
  • Bettercap
  • GIT: changeme
  • CrackMapExec
  • Create_ap
  • Dig
  • Dnsmap
  • GIT: Dnsrecon
  • GIT: Exploitdb
  • GIT: Hashid
  • Hostapd
  • GIT: Instabot
  • John the Ripper
  • Nmap
  • GIT: Routersploit
  • SPARTA
  • GIT: Spoofcheck
  • GIT: XSSER

Development

Structure

  • core –> The core files with functions used all over the code
  • files –> Static files, passwordlist, etc.
  • logs –> Standard folder for saving logs into
  • modules –> Containing the modules
  • tmp –> Guess
  • tools –> GIT tools
  • www –> Files for the webserver

New module

Checkout the template in modules/module_template.py

Add module

Run python3 wmd.py -a modulePathName.py

Pull requests

  • Only python3 code
  • Code needs to follow pep8 flake8 (no need for linebreak)

Todo

First priority

  • More modules
  • Interactive webinterface. Set settings and get results in the browser <– sniffhttp and apsniff done
  • Rename config.ini to config.ini.default to avoid overriding userspecific config file

Various

  • Proxychain
  • Tor
  • Threading on all BF
  • Try/except on imports on modules for running with os.system
  • Add run command with : in modules
  • Add info about ‘set para value’ in modules (missing?!)
  • Regenerate modules.xml (loop through modules)
  • Design modules with core import and parser for design
  • Check that there are enough credit to arthurs of tools, repos, etc.
  • Split updatetools into local tools vs git
  • When adding modules strip <> to ensuring XML format
  • Change behavior of install and update tools
  • Add invoke option inside all modules
  • All modules – change options to Options
  • Split files folder up into lists, etc
  • Core network and wifi – merged?
  • Original arthurs will be displayed below banner on modules. Todo.
  • When showing modules indicate somehow what they require
  • Set modules parameters in browser dialog
  • Add args to all modules and create dialog HTML (automated tool in development)

core/tools.py

Do a run through config.ini and extract names for the updatecommand instead of DRY in two functions

Internal code

  • cleanup getLocalIP (local_ip) in functions
  • PEP8/Flake8 for old modules

Modules

  • SQLmap
  • Sparta
  • http sniff pwd <– Done
  • Evil Twin – deauth + info about unmanaging in NetworkManager
  • Evil Twin – arg parse for landingpage / + logfunction
  • monitor network auto
  • xsser
  • target attack website or ip
  • system information
  • dns fake
  • grep, sed, awk
  • scapy on all network activity
  • Admin finder – checkout google/bing search before BF
  • Changeme – Ztgrace
  • Osint frame
  • Bettercap modules. Implementation in other modules. Excellent performance.
  • Create Access Point with hostapd and dnsmasq. Already implemented in Ewil Twin

 

R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

15 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

15 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

3 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

4 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago