Skip to content

Vimana Framework - v0.2-alpha

Pre-release
Pre-release
Compare
Choose a tag to compare
@s4dhul4bs s4dhul4bs released this 20 Feb 21:51
· 3 commits to master since this release
v0.2
314b067

⚡️✨ About the journey

Since the last release, many (crazy) ideas has been put into practice, some resources has been improved and a lot of code has been written. Below I present some important points in this journey of developing an experimental tool that has been taking shape, little by little, at the speed of the hands of a lonely sadhu in his free time. [:

This release brings several improvements to the siddhis present in the previous release, in addition to some new features.

Basically, the following changes were made:

✨🐛 DJunch (Django Application Fuzzer)

This siddhi was completely restructured to carry out the tests and parser the result using Scrapy/Twisted Web. This allowed to expand the tests, perform dynamic scope creation, in addition to decoupling several resources to separate the actions of the engine from those isolated and generic, which can be used by other modules.

Although it still needs countless improvements, in this version the engine is much more robust than the previous one and also brings the correction for issues: #8 (comment)

✨ 2pacx (Unsecure Zip File Extraction Exploit)

This is the first siddhi of the 'exploit' type, that is, instead of tracking, identifying vulnerabilities or correlating, this is a module that actively exploits a vulnerability in a popular Python module.

In this case, it is an exploit to exploit vulnerabilities related to unsafe file extraction using Python Zipfile package. The idea for the exploit was born from researcher Ajin Abraham's analysis .

✨ VMNF Payloads

With the entry of the siddhi 2pacx, it was necessary to initiate a specific resource for generating payloads dynamically in an obfuscated manner. For now, the payload engine is still quite simple and supports only two types of payloads:

  • olpcb_payload (One-liner Python base64 encoded connect back payload)
  • pws_payload (Python base64 encoded web shell payload)

Another new feature in this release that is also related to exploits is the feature for listing supported payloads, it is an option of the list command: vimana list --payloads

There are integration plans with Meta to allow other options for generating payloads.

✨ Overview in load

The Framework now lists the number of modules available per type on the initial load screen.

All of these new features need to be improved, and are still running in an experimental phase. Some have been thoroughly tested, while others still need to be evaluated in other scenarios.

Apart from all that, Vimana is still an experimental tool about which I also know very little. I am still not clear what I intend with specific resources, where they can reach and how they can feed other types of approaches, however, it is clear that they can yield a lot, just depending on the analyst's creativity. For now, the plan is to put ideas into practice, over time, we will see how to make better use of each one.

Assets 2
Loading