Pentest Tools

Published on April 7th, 2016 📆 | 6035 Views ⚑

0

Brosec – An interactive reference tool to help security professionals utilize useful payloads and commands

iSpeech.org

Available variables

• LHOST : Local IP or name
• LPORT : Local IP or name
• RHOST : Remote IP or name
• RPORT : Remote IP or name
• USER : Username (only used in a few payloads)
• PROMPT : User Prompt (This isn't a stored value. Instead, payloads with this variable will prompt for input.)

Above are multiple examples of how to access and set the stored configuration variables.

• Configuration variables can be viewed via the config command at any time, or by entering the variable name
• Variables can be changed at any time by entering set <variable> <value>
• You can also navigate to frequently used payloads by entering the menu sequence from the command line: bros <sequence>
  • Ex: bros 413 - This would automate entering 4 for the Web Menu, 1 for the XXE sub menu, and 3 for the XXE local file read payload

Additional Features and Usage Examples

XXE for Bros

In addition to payloads such as reverse shells, Brosec also has multiple XXE payloads that you can generate on the fly.

Simple HTTP(s) Server

Need a quick web server? Forget python SimpleHTTPServer, bros has your back with bros http when entered via the command line. An SSL server? bros https has you covered.

Anonymous FTP Server

Need to exfiltrate some data via ftp? Bros comes with a handy bros ftp when entered via the command line. The ftp server accepts anonymous downloads/uploads from the CWD (so be careful when running).

Installation

Releases
Some features are unavailable in the compiled version, but is a good way to quickly try out Brosec

Manual installation

Mac

• brew install node netcat - Install Nodejs and netcat (nc or ncat will work too)
• git clone https://github.com/gabemarshall/Brosec.git - Clone Brosec repo
• cd Brosec && npm install - cd into the directory and install npm depdendencies

Kali Linux

• apt-get install npm build-essential g++ xsel netcat Install dependencies
• npm config set registry https://registry.npmjs.org/ Npm registry seems to be broken by default when installed from Kali repos
• npm install -g n Install n (nodejs version manager)
• n latest Install latest version of nodejs
• git clone https://github.com/gabemarshall/Brosec.git - Clone Brosec repo
• cd Brosec && npm install - cd into the directory and install npm depdendencies

Windows (Unsupported)

• Install nodejs
• Install ncat
• git clone https://github.com/gabemarshall/Brosec.git - Clone Brosec repo

Payloads that utilize netcat will not work due to the kexec library not being supported in Windows
[adsense size='1']
Optional

Add bros directory path to your PATH env variable, create a symlink for the bros file, etc

Configuration

Brosec stores configuration values in a local json db file. The default storage location is /var/tmp, but can be changed by editing settings.dbPath variable in the settings.js file. Brosec also uses netcat for several payloads. If needed, the path to netcat can be altered via the settings.netcat variable (it can also be changed to ncat or nc).