Send malicious pickles via requests or sockets
Project description
Balsamic
balsamic is a library for sending malicious pickles to a vunlerable application, via web requests, or a malicious server or client(currently ipv4 only).
we will add more payloads but for now we just execute shell commands. via the oscmd payload.
useage (standalone)
web request mode
usage: balsamic.py webreq [-h] -s {http,https} [-m METHOD] -rh RHOST -rp RPORT [-p PARAMETER] [-co COOKIE] -P PAYLOAD [-c COMMAND]
options:
-h, --help show this help message and exit
-s {http,https}, --schema {http,https}
-m METHOD, --method METHOD
-rh RHOST, --rhost RHOST
-rp RPORT, --rport RPORT
-p PARAMETER, --parameter PARAMETER
-co COOKIE, --cookie COOKIE
-P PAYLOAD, --payload PAYLOAD
-c COMMAND, --command COMMAND
socksend mode
usage: balsamic.py socksend [-h] -rh RHOST -rp RPORT -P PAYLOAD [-c COMMAND] [-s STEPS]
options:
-h, --help show this help message and exit
-rh RHOST, --rhost RHOST
-rp RPORT, --rport RPORT
-P PAYLOAD, --payload PAYLOAD
-c COMMAND, --command COMMAND
-s STEPS, --steps STEPS
-e ENCODE, --encode Encode
socklisten mode
usage: balsamic.py socklisten [-h] -lp LPORT -P PAYLOAD [-c COMMAND]
options:
-h, --help show this help message and exit
-lp LPORT, --lport LPORT
-P PAYLOAD, --payload PAYLOAD
-c COMMAND, --command COMMAND
-s STEPS, --steps STEPS
-e ENCODE, --encode Encode
useage (library)
from balsamic import balsamic
balsamic.utility.command="command"
balsamic.webreq("schema","method","rhost","rport","payload","parameter","cookie")
balsamic.socksend("ip",port,"payload",encode,steps)
balsamic.socklisten(port,"payload",encode,steps)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
balsamic-0.1.97.tar.gz
(3.3 kB
view hashes)
Built Distribution
Close
Hashes for balsamic-0.1.97-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0708bb2ab4c986ca799ae563c0762321be3ff478703a45799331232de3ce596b |
|
MD5 | edd66f65df41ee49961326f2281c3d6b |
|
BLAKE2b-256 | af09b460b84fb462b8a5d4bd71773279fb753f15b86b8dc393d6c5832a68fac1 |