Jump to content
dannybest

BoomER | An Open Source Post-Exploitation Tool To Exploit Local Vulnerabilities

Recommended Posts

Screenshot-2019-09-18-at-10.38.13-e15687

BoomER | An Open Source Post-Exploitation Tool To Exploit Local Vulnerabilities

 

 

BoomER is an open source framework, developed in Python. The tool is focused on post-exploitation, with a main objective, the detection and exploitation of local vulnerabilities, as well as the collection of information from a system, such as the installed applications they have.

The framework allows the extension by third parties, through the development of modules, for it the developers must follow certain guidelines, among which the following stand out:

• Type of inheritance

• Methods or functions to be implemented

• Required or new parameters

• Module name

• Location of the module within the framework

We wanted to give the tool a relationship with Metasploit, as it is the reference framework for pentesters, so from BoomER it is possible to open sessions in Metasploit.

To use BoomER, you should use command line, it is very similar to the tools that currently exist for the detection and exploitation of vulnerabilities, which helps to reduce the learning curve.

An example for DLL injection:

Alt text

Our own meterpreter (based on Metasploit):

Alt text

Example Videos

Metasploit + BoomER - Linux Privilege Escalation

Metasploit + BoomER - Linux Privilege Escalation

Python script + DLL Injection with BoomER

Python script + DLL Injection with BoomER

BoomER - macOS Privilege Escalation

BoomER - macOS Privilege Escalation

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...