Categories
OWASP Mth3l3m3nt, Uncategorized, Web Attacks

It’s Finally out there the OWASP Mth3l3m3nt Framework . It’s a small tool to aid you in carrying out your pentest tasks with as little resources as possible. Most of us can afford the simple shared hosting services but not a powerful enough VPS to run pentest distros especially due to cost constraints. This one however just needs you to have  a webserver and optionally a database server, if you don’t have a database server no worries it has you covered with its own database based on JIG.

A run through the modules currently available in version one:

Storage

Information Stored in the Mth3l3m3nt Framework can be done in any of the following database with a smooth change over.

  • JIG
  • SQLite
  • PostgreSQL
  • MySQL
  • MSSQL
  • MongoDB

The change over is smooth however note that in the current version it doesn’t migrate the data to the new Database, it just builds the schema and adds a default user for you to start with your changed over Database.

Mth3l3m3nt Database Configuration panel

Mth3l3m3nt Database Configuration panel

Payload Module

I’m sure we are all familiar with those payloads we love to use but we never seem to find them when we need them. This aims to keep them for you in one place, best part you can share this with public on a frontend from a read only capacity and backend  with edit capability. No more losing those key payloads.

Mth3l3m3nt Payloads Frontend

Mth3l3m3nt Payloads Frontend

Mth3l3m3nt Payloads Backend

Mth3l3m3nt Payloads Backend

 

 

 

 

 

Generic Request Module

We all love services like hurl.it however when we are on a penetration test where an application or webservice is only accessible to the internal network we cannot have the luxury of using this service. This module brings that service to you, on your local install you may have the ability to perform requests as you would in hurl.it but from a self managed application offering you that flexibility. It’s opensource no limitation. Currently it supports GET and POST requests.

generic_request

Mth3l3m3nt Generic Web Requests

Shell Generator Module

Well this module is self explanatory , you need that minimal shell in a pentest ASAP so that you can open up the gateway to heaven. Not a coder?, Not a problem “Let me generate that shell for you “ 😉 . Currently we are doing shells in :

  • PHP
  • JSP
  • JSPX
  • ASP
Mth3l3m3nt Web Shell Generator

Mth3l3m3nt Web Shell Generator

Web Herd Module

So Your shell is safely uploaded coupled with a few other million shells in your very largely scaled pentest. Keeping track becomes easy when you can trace and control all of them from a central point. Enter “Web Herd” …. “Oh yee great shepherd, may the force of the HTTP Bot be with you” . With this you can command all your minimal shells and when done you need to clean up before deleting them from the list but this is easy , in the command view just run the relevant delete command on the webshell file depending on the OS e.g. rm -f myShell.php  for linux. Then in the list delete the shell. Now no more leaving unattended shells on client machines after a pentest, effective backdoor management is provided.

 

Web Herd List

Web Herd List

Web Herd Command Mode

Web Herd Command Mode

 

 

 

 

 

 

LFI Exploits Module

Well LFI is easy and fun and loveable especially when extracting files . This module makes it easy to have inbuilt LFI exploits that you can also build custom ones in as little as 6 lines of code. It doesn’t get easier than this.

Mth3l3m3nt Zimbra LFI

Mth3l3m3nt Zimbra LFI

Payload Encoder/Decoder Module

This does what it says it does. an example is for instance you are doing an SQL injection you’ve written your upload script and you need to push it via the INTO OUTFILE function. running the script as a string breaks the query so why not speak to the database in a language it understands e.g. Hex witha 0x prefix. this module will encode this for you and decode if you use the decoder.

Mth3l3m3nt Payload Encoder

Mth3l3m3nt Payload Encoder

Mth3l3m3nt Payload Decoder

Mth3l3m3nt Payload Decoder

Leave a Reply

Your email address will not be published. Required fields are marked *

April 2024
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930