MOSE: Post Exploitation tool for Server management

MOSE is a Post Exploitation tool that enables security professionals with little or no experience with management technologies (CM) to exploit security vulnerabilities on a Server.

CM tools, such as Puppet, Chef, Salt and Ansible, are used to manage systems in a uniform way based on their operation on a network.

After a CM server is successfully hacked, a hacker can use these tools to execute commands on any system located on the CM server.

MOSE allows an administrator to specify what he wants to execute without having to write code specifically for a dedicated CM tool. It also automatically integrates the user's desired commands into existing code in the system.


MOSE + Puppet

Mose + Chef


You must download and install the following for MOSE to work:

  • Golang Tested with 1.12.7 to 1.15.2

Make sure you have GOROOT, PATH and GOPATH envars set correctly

  • Docker Tested with 18.09.2 to 19.03.12


Clone the repo:

go get -u -v

Install all dependencies for these sources:

make build

Usage: [command]

Available Commands:
ansible Create MOSE payload for ansible
chef Create MOSE payload for chef
help Help about any command
puppet Create MOSE payload for puppet
salt Create MOSE payload for salt

–Basedir string Location of payloads output by mose (default “/Users/l/programs/go/src/”)
-c, –cmd string Command to run on the targets
–Config string config file (default is $ PWD / .settings.yaml)
–Debug Display debug output
–Exfilport int Port used to exfil data from chef server (default 9090, 443 with SSL) (default 9090)

-u, –fileupload string File upload option
-h, –help help for
-l, –localip string IP Address
–Nocolor Disable colors for mose
-a, –osarch string Architecture that the target CM tool is running on
-o, –ostarget string Operating system that the target CM server is on (default “linux”)
-m, –payloadname string Name for payload (default “my_cmd”)
–Payloads string Location of payloads output by mose (default “/Users/l/programs/go/src/”)
–Remoteuploadpath string Remote file path to upload a script to (used in conjunction with -fu) (default “/root/.definitelynotevil”)
-r, –rhost string Set the remote host for / etc / hosts in the chef workstation container (format is hostname: ip)
–Ssl Serve payload over TLS
–Tts int Number of seconds to serve the payload (default 60)
–Websrvport int Port used to serve payloads (default 8090, 443 with SSL) (default 8090)

Use “ [command] –help” for more information about a command.

You can download the program from here. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).