简介
katana是一个用python写的渗透测试框架,基于一个简单而全面的架构,供任何人来使用,修改和分享。
下载安装
git clone https://github.com/PowerScript/KatanaFramework.git
cd KatanaFramework/
安装依赖
chmod +x dependencies
./dependencies
安装
python install
使用
ktf.console
root@7c81645eb6d8:~/KatanaFramework# ktf.console
mM@@MM@@MM@@MM@@MM@@MM@@@MMMMM@@@@Mm
||========mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMm===========||
|| @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMm ||
|| MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@ ||
|| @@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM ||
|| @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@ ||
|| @@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM ||
|| @MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM@ ||
||========@MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM=========||
|| /TT\mMMMMMMMMMMFRAMEWORKMMMMMMMMMMMMm ||
|| (____)@MM@@MM@@MM@@MMMMMM@@MM@@Mm ||
|| |# P | ||
|| |# W | Core [ 1.0.0.1, Build: 0069 ] ||
|| |#_N_| Date [ 25/12/16:14/03/17 ] ||
|| |_ _| Banner [ SPACE ] ||
|| /|__|\ Modules [ 37 ] Tools [ 2 ] ||
|| /__\/__\ The Hacking Framework ||
() ()
[ktf]:
- 一些常用的指令
Command | Quick Command | |
---|---|---|
show modules | showm | Show modules |
show options | sop | Show options module |
show full options | sfop | Show full options module |
use | use | Use module |
getinfo | getinfo | Show information of module |
set | set | Change valor of a parameter |
back | back | Backing or return |
run | run | run Module |
update | u | Update framework |
exit | x | Exit of framework |
invoke | Open a module in one new console | |
help | h | Show help |
session | Session command | |
clear | c | Clear screen |
s:: | s:: | Save Variable |
x:: | x:: | Execute System Commands |
f:: | f:: | Execute Functions |
其实和使用mstasploit是差不多的啦
说一下最后的f::就是执行一些内置的函数
看一下内置函数列表
Name | Parameters | Description |
---|---|---|
get_aps() | Interface, timeout | Scan Access point’s |
get_interfaces() | None | Get Network Interfaces |
get_monitors_mode() | None | Get Monitor Interfaces Wireless |
start_monitor() | Interface | Start Monitor Mode in Interface |
get_local_ip() | None | Get local IP |
get_external_ip() | None | Get External IP |
get_gateway() | None | Get Gateway/Router IP |
比如你要显示当前机器的ip
你只要输入
[ktf]:f::get_local_ip()
172.17.0.2
其他的同理
还有输入
x::ifconfig
就是执行系统命令来获取ip了
更多的使用方法看wiki
https://github.com/PowerScript/KatanaFramework/wiki/How-to-use
实战
[ktf]:show modules
CodeName Description
web/cp.finder Administrator Panel Finder.
web/sub.dns Subdomain Bruteforce.
web/bypass.sql bypass SQLi with Cheats Injections.
web/bt.form Brute force to Form-based.
web/bt.http Brute force to Http Authentication.
web/whois Whois, DNS Lookup.
web/clt.lfd LFD Vulnerability Console.
net/sf.arp ARP tables Monitor.
net/sc.hosts Hosts live Scan in LAN.
net/sc.scan Scan [Ports, OS, Etc] IP.
net/work.sniff HTTP sniffer.
net/arp.pson ARP poisoning Attack.
net/arp.dos ARP D.O.S Attack.
net/dns.spoof DNS Spoofing.
net/dns.fake DNS fake Server Spoof.
net/web.dos Web D.O.S Attack in LAN.
msf/back.door Generate backdoors with MSF.
set/web.hot Gathering Information with web.
set/em.boom E-mail Boombing (SPAM).
clt/cl.sql Mysql Console Client.
clt/cl.ftp FTP Console Client.
clt/cl.pop POP Console Client.
clt/cl.adb ADB Console Client (Android).
btf/pr.ftp Brute Force to FTprotocol.
btf/pr.sql Brute Force to SQL protocol.
btf/pr.ssh Brute Force to SSH protocol.
btf/pr.pop Brute Force to POP3 protocol.
anf/af.imagen Forensic image analysis.
fle/bt.rar Brute Force to RAR file.
fle/scan.file Report of Virus Scan file.
fle/bt.zip Brute Force to ZIP file.
mcs/gn.words Generator Dictionaries.
mcs/i.settup Show Properties of System Current.
mcs/ts.login Test Credentials protocols.
mcs/px.checker Proxy list checker.
wifi/ap.dos Access Point D.O.S attack.
wifi/ev.twin Access Point Phising.
[ktf]:use ney/arp.dos
[ktf]:use net/arp.dos
+[ktf](net/arp.dos):show options
[options] [RQ] [description] [value]
--------- ---- ------------- -------
interface yes Interface eth0
target yes Target IP 192.168.1.223
gateway yes Gateway IP 192.168.1.254
+[ktf](net/arp.dos):x::ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 51570 bytes 76514794 (72.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34792 bytes 2667790 (2.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
+[ktf](net/arp.dos):set target 192.168.1.100
↳--------> target = 192.168.1.100
+[ktf](net/arp.dos):set gateway 192.168.1.1
↳--------> gateway = 192.168.1.1
+[ktf](net/arp.dos):run
[run] The module was launched...
[inf] Tue Jun 27 09:06:34 2017
[inf] Starting ARP D.O.S attack...
| [press-key] if you want to stop ARP D.O.S Attack (PRESS [ENTER])
|