Skip to content

Using the ruby version

cktricky edited this page Aug 12, 2011 · 4 revisions

Navigation

Getting Help

Type help to list basic commands. The following commands will help you get started very quickly.

show

show

This will show exploits, payloads, and auxiliary. If you'd like to see rurls, ua, content, etc. type show advanced.

You can show them individually utilizing:

show exploits
show auxiliary
show payloads
show options
show advanced
show rurls
show lfiles
show ua
show content

For example, if as user wishes to utilize an auxiliary module, use the previous shown command show auxiliary to locate the name of one.

ADVANCED OPTIONS

ADVANCED OPTIONS

use

Once a user has located the name of a module they wish to utilize, the user can simply enter use <module name here> and hit enter.

The following is an example:

use auxiliary/enum/user_agent_test

Once an exploit, payload or auxiliary module has been chosen the set option is available.

set

As noted previously in the show tutorial, typing show options will render options when an exploit, module or payload module is in use.

The following is the output of show options when auxiliary/enum/user_agent_test is in use:

BASELINE      true                             true      Enables baseline checks for same Content-Length for same User-Agent requests
PROXYA                                         false     Proxy IP Address
PROXYP                                         false     Proxy Port Number
RURL          http://www.example.com/test.php  true      Target address

As an example we show setting options for the auxiliary/enum/user_agent_test module

set RURL http://www.yahoo.com
set PROXYP 127.0.0.1
set PROXYA 8080

update

Updates the framework

update force

Occasionally a change will be made in the master copy of wXf which conflicts with your local version. This will stop you from updating and produce a warning about stashing your local copy. If you do NOT mind overwriting your local copy so that you can update to the latest version, type update force.

run

Only one keyword, as of now, can be used to start an auxiliary module once all options are set. This is the run keyword.

From the console type:

run

display

Shows the startup display

version

Shows the version of the framework

exit

Allows the user to exit the console

back

Provides the user the means to exit out of the current module in use without leaving the console.

info

When a module is in use, typing info will print out the information. Currently, this only works for file-based modules.

Another use would be to type info and the module name you'd like more information on. The following is an example:

info auxiliary/enum/user_agent_test

reload

List of reload commands:

reload all
reload current
reload modules
reload lfiles
reload rurls

The console allows you to reload the list of lfiles and rurls so that you don't have to restart the console in order to add a file for use in a module. For example, start the console, type show rurls. Then add a file under the rurls directory and type:

reload rurls
show rurls

You should see your addition in the list of available files (rurls).

Additionally, reloading can be performed on modules themselves. When a module is NOT in use you can only type reload modules. However, when a module IS in use, you can type both reload modules and reload current. "reload current" reloads the current module whereas "reload modules" reloads all modules, deactivates any modules in use and shuts down all webserver instances.

server

The server is meant to render either user entered data (entered from the console) or a file.

An example of rendering user specified data is the following:

set LHTML <script>alert('wXf demo!!!')</script>

wXf provides users the ability to place a file under the datum directory, start the console, and serve it with a web server instance. If a user creates a file called test.html and places it under the datum directory, the user could serve an instance of it by typing (ensure console is restarted AFTER adding file to datum directory):

wXf //>> show lfiles 

Local Files
===========

Name                                               Description
----                                               -----------
wordlists/dir_traversal_strings_indexhtml_nix.txt
payloads/RFI/PHP/cmd_single.txt
wordlists/dir_traversal_strings.txt
payloads/ANDROID/android_shell.html
datum.rb
wordlists/dir_traversal_strings_indexhtml_win.txt
wXfweb/wXfweb.rb
test.html
wXf.db
payloads/XSS/alert.js

wXf //>> set LFILE test.html    

The following is an example of how to start/serve multiple instances of the webserver:

wXf //>> server 
-{*}- Manage wXf web server
wXf webserver(config)//>> set LHTML <script>alert('wXfdemo')</script>
wXf webserver(config)//>> start
-{+}- Starting webserver at 127.0.0.1:8888
[2011-02-03 09:44:51] INFO  WEBrick 1.3.1
[2011-02-03 09:44:51] INFO  ruby 1.8.7 (2009-06-12) [universal-darwin10.0]
[2011-02-03 09:44:51] INFO  WEBrick::HTTPServer#start: pid=14150 port=8888
wXf webserver(config)//>> set LFILE payloads/RFI/PHP/cmd_single.txt 
wXf webserver(config)//>> set LPORT 3333
wXf webserver(config)//>> start
-{+}- Starting webserver at 127.0.0.1:3333
[2011-02-03 09:45:17] INFO  WEBrick 1.3.1
[2011-02-03 09:45:17] INFO  ruby 1.8.7 (2009-06-12) [universal-darwin10.0]
[2011-02-03 09:45:17] INFO  WEBrick::HTTPServer#start: pid=14169 port=3333

If a user would like to work with a particular web instance, they first must identify the running instances. The list command allows a user to do this.

wXf webserver(config)//>> list
Running webservers
------------------
(0) 127.0.0.1:3333 text/html /Users/cktricky/Documents/workspace/wXfdev/datum/payloads/RFI/PHP/cmd_single.txt
(1) 127.0.0.1:8888 text/html 

If a user wishes to stop a particular interface they can type stop <ID of instance>, example:

wXf webserver(config)//>> stop 0
Stopping the webserver (0) at 127.0.0.1:3333
Clone this wiki locally