/traft

Primary LanguagePython

Traft - Ethical Hacking Automation Tool

Traft is an automated vulnerability detection tool which will scan the given target IP or subnet for hosts, search the hosts for running services and version numbers, and then query the CVE database to locate all known vulnerabilites associated with that service. The user will then be able to determine the severity and necessity of upgrading their service to a patched version.


Installation and Dependencies

  1. metasploit framework and postgresql are required (already included with kali linux)
    1. (https://metasploit.help.rapid7.com/v1/docs/installing-the-metasploit-framework)
    2. (https://www.postgresql.org/docs/11/tutorial-install.html)
    3. run ./msfconsole to complete metasploit initial setup
  2. pip3 install -r requirements.txt
  3. systemctl start postgresql
  4. msfdb init
  5. msfconsole
  6. msf > db_rebuild_cache

Running traft:

  1. open a terminal and run the following 3 commands:
    1. msfconsole
    2. msf > load msgrpc [Pass=password]
    3. msf > msfrpcd -P password -S
  2. open a new terminal window
  3. To scan a single IP address, ex. 10.0.2.4:
    1. python3 traft.py -t <TARGET_IP>
  4. To scan an IP address block, ex. 10.0.2.0/24:
    1. python3 traft.py -s <TARGET_SUBNET>

Traft Setup Video

AWS S3 support - this is where you can send off your recon report so that it is off of a sensitive computer

  1. To run using s3, please set ACCESS_KEY_ID and ACCESS_SECRET_KEY environmental variables to whatever credentials you generated on AWS
export ACCESS_KEY_ID=AWEUFDADSJHDGJAS <- replace this
export ACCESS_SECRET_KEY=FARUEWRJEWHRJEQFIQEWJFWJQE@#$@#! <- replace this

If you are running on someone else's network or computer, make sure to unset these variables after you are done or else you could get found out.

  1. install aws-cli

  2. now run aws configure

  3. enter your access keys

  4. make a bucket aws s3 mb s3://ethical_hacking471

  5. run python3 traft.py -t 172.28.128.3 --s3_bucket ethical_hacking471

  6. cleanup bucket aws s3 rb s3://ethical_hacking471 --force


Status

We were able to get proof of concept and got a meterpreter/shell for metasploitable3 windows VM

Traft Setup Video


Team (github usernames)

somi3k

smehta1215

Double-N