Ermir – An Evil Java RMI Registry

Ermir is an Evil/Rogue RMI Registry, it exploits unsecure deserialization on any Java code calling standard RMI methods on it (list()/lookup()/bind()/rebind()/unbind()). Requirements Ruby v3 or newer. Installation Install Ermir from $ gem install ermir or clone the repo and build the gem: $ git clone$ rake install Usage Ermir is a cli gem,Read More

Iptable_Evil – An Evil Bit Backdoor For Iptables

iptable_evil is a very specific backdoor for iptables that allows all packets with the evil bit set, no matter the firewall rules. The initial implementation is in iptable_evil.c, which adds a table to iptables and requires modifying a kernel header to insert a spot for it. The second implementation is a modified version of theRead More

Evil SSDP – Spoof SSDP Replies And Create Fake UPnP Devices To Phish For Credentials And NetNTLM Challenge/Response

This tool responds to SSDP multicast discover requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable phishing page. This page can load a hidden image over SMB, allowing you toRead More