BroSec: A Tool To Help Security Professionals Utilize Useful Payloads And Commands.
Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful (yet sometimes complex) payloads and commands that are often used during work as infosec practitioners.An example of one of Brosec's most popular use cases is the ability to generate on the fly reverse shells (python, perl, powershell, etc) that get copied to the clipboard.
Assuming the user has already set up the required variables (read on to learn how) a reverse shell using the awk command can be generated as easy as...
Payload Variables
Brosec allows you to store and retrieve values (in a local json db) for several variables in order to make command/payload generation easier. While some payloads will already include these variables, you can also include them in any payload that prompts for user input.
For example, the following shows how a Powershell download cradle can be generated using the LHOST and LPORT variables (the values of which had already been set).
For example, the following shows how a Powershell download cradle can be generated using the LHOST and LPORT variables (the values of which had already been set).
Available variables
- LHOST : Local IP or name
- LPORT : Local IP or name
- RHOST : Remote IP or name
- RPORT : Remote IP or name
- USER : Username (only used in a few payloads)
- PROMPT : User Prompt (This isn't a stored value. Instead, payloads with this variable will prompt for input.)
Above are multiple examples of how to access and set the stored configuration variables.
Configuration variables can be viewed via the config command at any time, or by entering the variable name.
Variables can be changed at any time by entering set <variable> <value>
You can also navigate to frequently used payloads by entering the menu sequence from the command line: bros <sequence>
Ex: bros 413 - This would automate entering 4 for the Web Menu, 1 for the XXE sub menu, and 3 for the XXE local file read payload
Additional Features and Usage Examples
XXE for Bros
In addition to payloads such as reverse shells, Brosec also has multiple XXE payloads that you can generate on the fly.Simple HTTP(s) Server
Need a quick web server? Forget python SimpleHTTPServer, bros has your back with bros http when entered via the command line. An SSL server? bros https has you covered.Anonymous FTP Server
Need to exfiltrate some data via ftp? Bros comes with a handy bros ftp when entered via the command line. The ftp server accepts anonymous downloads/uploads from the CWD (so be careful when running).
Download BrosecInstallation
Manual installation
> For Mac
- Install Homebrew
- brew tap t94j0/security - Use t94j0's tap which contains the brosec formula
- brew install brosec - Installs the brosec package
> For Kali Linux
- apt-get install npm build-essential g++ xsel Install dependencies
- npm install -g n Install n (nodejs version manager)
- If the above fails, try - npm config set registry http://registry.npmjs.org/
- n latest Install latest version of nodejs
- npm install -g Brosec - Install Brosec (may need sudo to symlink to /usr/local/bin)
> For Windows
- Install nodejs via official installer
- npm install -g Brosec - Install Brosec
0 comments:
Post a Comment
Note: only a member of this blog may post a comment.