MOSE: Post Exploitation tool for Server management
MOSE is a Post Exploitation tool that enables security professionals with little or no experience with management technologies (CM) to exploit security vulnerabilities on a Server.
CM tools, such as Puppet, Chef, Salt and Ansible, are used to manage systems in a uniform way based on their operation on a network.
After a CM server is successfully hacked, a hacker can use these tools to execute commands on any system located on the CM server.
MOSE allows an administrator to specify what he wants to execute without having to write code specifically for a dedicated CM tool. It also automatically integrates the user's desired commands into existing code in the system.
MOSE + Puppet
Mose + Chef
You must download and install the following for MOSE to work:
- Golang Tested with 1.12.7 to 1.15.2
Make sure you have GOROOT, PATH and GOPATH envars set correctly
- Docker Tested with 18.09.2 to 19.03.12
Clone the repo:
go get -u -v github.com/master-of-servers/mose
Install all dependencies for these sources:
ansible Create MOSE payload for ansible
chef Create MOSE payload for chef
help Help about any command
puppet Create MOSE payload for puppet
salt Create MOSE payload for salt
–Basedir string Location of payloads output by mose (default “/Users/l/programs/go/src/github.com/master-of-servers/mose”)
-c, –cmd string Command to run on the targets
–Config string config file (default is $ PWD / .settings.yaml)
–Debug Display debug output
–Exfilport int Port used to exfil data from chef server (default 9090, 443 with SSL) (default 9090)
-f, –filepath string Output binary locally at
-u, –fileupload string File upload option
-h, –help help for github.com/master-of-servers/mose
-l, –localip string Local IP Address
–Nocolor Disable colors for mose
-a, –osarch string Architecture that the target CM tool is running on
-o, –ostarget string Operating system that the target CM server is on (default “linux”)
-m, –payloadname string Name for backdoor payload (default “my_cmd”)
–Payloads string Location of payloads output by mose (default “/Users/l/programs/go/src/github.com/master-of-servers/mose/payloads”)
–Remoteuploadpath string Remote file path to upload a script to (used in conjunction with -fu) (default “/root/.definitelynotevil”)
-r, –rhost string Set the remote host for / etc / hosts in the chef workstation container (format is hostname: ip)
–Ssl Serve payload over TLS
–Tts int Number of seconds to serve the payload (default 60)
–Websrvport int Port used to serve payloads (default 8090, 443 with SSL) (default 8090)
Use “github.com/master-of-servers/mose [command] –help” for more information about a command.
You can download the program from here..