Build your own personal penetration toolbox
Finished product toolkit: download.csdn.net/download/ph…
Although there is PentestBox penetration toolbox, it is a toolbox made abroad, but the domestic use experience is not good. First of all, it was released two years ago. Many tools are too old, and some tools cannot be updated, such as Metasploit
Although some of its tools are still being updated, updating through its Tools Manager requires scaling the wall and is slow and inconvenient
So I decided to make my own infiltration kit
Download, installCmder
I looked into PentestBox which is based on ConEmu
Cmder is also based on ConEmu and integrates Git with Cilnk and Vim
So we used Cmder as a base to build our own toolkit
Cmder website: cmder.net/
The website offers two versions :mini and full
Let’s download the full version
After downloading, we unpack and run cmder.exe as administrator
Click Download to update it
And then you’re prompted to reboot, and that’s it
You can now see that the Cmder folder has these files
If we go to config folder, we can see that the configuration file is also generated
Custom Cmder
To customize Cmder we need a few things:
- A logo==. Ico format ==
- A native IDE
Step 1 Customize the logo
We need a logo.ico file
You can make one if you don’t have one
Here are two recommended websites for making logos online:
- hatchfull:hatchful.shopify.com/zh-CN/
- logaster:www.logaster.cn/
You can also find an image you like and change the format
A recommended online format conversion site is aconver www.aconvert.com/
We need to put the logo in the ICONS folder (my logo name is how.ico).
Step 2 Customize the EXE execution file
Now we are going to make a proprietary exe executable
-
Give your toolbox a name; I’m going to call it Pentestols, and change the Cmder folder name
-
In Cmder. Exe folder to create a PentesTools. Bat file (below the tool name. Bat I will directly with my tool name)
-
Edit it, save it
@echo off SET PentesTools_ROOT=%CD% start %CD%/\vendor\conemu-maximus5/ConEmu.exe /Icon "%PentesTools_ROOT%\icons\how.ico" /Title "PentesTools" /LoadCfgFile "%PentesTools_ROOT%\config\user-ConEmu.xml" Copy the codeHere we set a path
Start the conemu. exe file in the folder \vendor\conemu-maximus5/
Load up our how.ico
Set the title to Pentestols
Load the user-conemu. XML file in the \config folder (this is ConEmu configuration file).
-
To create a pentestols. cs file, edit and save
using System; using System.Diagnostics; using System.IO; / / C:\Windows\Microsoft.NET \ Framework64 \ v4.0.30319 \ CSC exe/target: winexe /out:C:\Users\howhacker\Desktop\PentesTools\PentesTools.exe /win32icon:C:\Users\howhacker\Desktop\PentesTools\icons\how.ico C:\Users\howhacker\Desktop\PentesTools\PentesTools.cs namespace PentesTools { static class Program { /// <summary> ///The main entry point for the application. /// </summary> [STAThread] static void Main() { string startbp_seconde = "PentesTools.bat"; if (File.Exists("config.cfg")) { Exec(startbp_seconde); } else { string first = "PentesTools.bat"; Exec(first); }}static void Exec(string cmd) { Process p = new Process(); // Set the application to start p.StartInfo.FileName = "cmd.exe"; // Whether to use operating system shell to boot p.StartInfo.UseShellExecute = false; // Accepts input from the calling program p.StartInfo.RedirectStandardInput = true; // Output information p.StartInfo.RedirectStandardOutput = true; // Output error p.StartInfo.RedirectStandardError = true; // Do not display the program window p.StartInfo.CreateNoWindow = true; // Start the program p.Start(); // Send input information to the CMD window p.StandardInput.WriteLine(cmd+ "&exit"); p.StandardInput.AutoFlush = true; // Get the output information string strOuput = p.StandardOutput.ReadToEnd(); // Wait for the program to finish and exit the process //p.WaitForExit();p.Close(); }}}Copy the code -
Generate PentesTools. Exe
Open CMD, enter a comment on line 4, and press Enter to run
The path inside == needs to change itself ==
And you can see that our Pentesttests.exe is ready and we can delete cmder.exe
Step 3 Modify the configuration file
Since it is our own exclusive toolbox, we need to use our own path, logo and title for the configuration
We need to use a native IDE, and VScode is recommended (its search is case sensitive).
-
Modify/vendor/init. Bat
- Search CMDER all changed to Pentestols
- Search cmder all changed to Pentestols
-
Modify/vendor/clink. Lua
- Search CMDER all changed to Pentestols
- Search cmder all changed to Pentestols
- Search Cmder all changed to Pentestols
-
Modify \ vendor \ ConEmu XML. The default; And \ config \ ConEmu XML
- Search Cmder all changed to Pentestols
- Search CMDER all changed to Pentestols
- Search cdmer all changed to how
-
Modify/vendor/cmder_exinit
- Search cmder all changed to Pentestols
- Search Cmder all changed to Pentestols
- Search CMDER all changed to Pentestols
-
Modify/vendor/profile. Ps1
- Search CMDER all changed to Pentestols
- Search Cmder all changed to Pentestols
- Search cmder all changed to Pentestols
-
Modify/vendor/user_aliases. CMD. The default; And \ config \ user_aliases CMD
CMDER_ROOT cmderr = CD/d “% %” modified into pentestools = CD/d “% PentesTools_ROOT %”
-
Modify/vendor/user_profile. CMD. The default; And \ config \ user_profile CMD
The: : set “PATH CMDER_ROOT = % % \ vendor \ whatever; % % PATH: : “set” PATH = % PentesTools_ROOT % \ vendor \ whatever; %PATH%”
== can be left unchanged without affecting the use of ==
-
Modify/vendor/user_profile. Ps1. Default
- Search CMDER all changed to Pentestols
- Search Cmder all changed to Pentestols
- Search cmder all changed to Pentestols
-
Modify/vendor/user_profile. Sh. Default
Search CMDER all changed to Pentestols
-
Modify \ vendor \ lib \ lib_base CMD
- Search CMDER all changed to Pentestols
- Search cmder all changed to Pentestols
-
lib_path.cmd
- Search cmder all changed to Pentestols
Well, all modifications are complete here
We can open Pentestols.exe to see what happens
Step 4: Set up your own toolbox
Here’s our Pentestols
Change the language to Chinese, remove the automatic update
Hide the scrollbar in the appearance bar, hide the title, and remove the search bar
The TAB page Settings in the TAB bar are always displayed. Double-click the TAB page and select Close TAB
Delete all actions in the confirmation bar and delete all actions in the close confirmation bar
In the taskbar, add ==-new_console:d:%USERPROFILE%/Desktop== after the commands in the command groups of the CMD and PowerShell tasks
Add set LANG=zh_CN. Utf-8 and set LC_ALL=zh_CN. Utf8 ==
Save Settings and restart Pentestols
== On its other beautification here will not speak, there is a need to baidu, a search a big ==
Make a toolbox
Now that we’ve made our frame, let’s make our own toolbox
Configure the environment
Some of the tools we use require a specific locale
I used the Python environment, the Java environment, the Ruby environment
I configured the Wget environment, the strawberry-Perl environment
-
Create a new base folder just for our environment
-
And then put our Python, Java, Ruby, Strawberry-Perl, wget environment in there
- Python2.7 and Python3.9 are used in the Python environment
- The Java environment is used in JDK8, JDK11, and jdK16
- Ruby environment I use Ruby 2.7 and Ruby 2.2== Ruby to download DevKit ==
- I use strawberry-perl5.32.1.1
- The WGET environment uses wget1.21
-
Add our environment to the PATH
In \ config \ user_profile CMD plus the set "PentesTools_ROOT PATH = % % \ base \ python; %PentesTools_ROOT%\base\python3; %PentesTools_ROOT%\base\Ruby27\bin; %PentesTools_ROOT%\base\ruby\bin; %PentesTools_ROOT%\base\ruby_devkit\bin; %PentesTools_ROOT%\base\ruby_devkit\mingw\bin; %PentesTools_ROOT%\base\jdk8\bin; %PentesTools_ROOT%\base\jdk8\jre\bin; %PentesTools_ROOT%\base\jdk8\jre\lib; %PentesTools_ROOT%\base\jdk11\bin; %PentesTools_ROOT%\base\jdk11\jre\bin; %PentesTools_ROOT%\base\jdk11\jre\lib; %PentesTools_ROOT%\base\jdk16\bin; %PentesTools_ROOT%\base\jdk16\jre\bin; %PentesTools_ROOT%\base\jdk16\jre\lib; %PentesTools_ROOT%\base\strawberry-perl\perl\bin; %PentesTools_ROOT%\base\strawberry-perl\c\bin; %PentesTools_ROOT%\base\strawberry-perl; %PentesTools_ROOT%\base\wget; %PATH%" exit /bCopy the code -
Open Pentestols to see what happens
Okay, so now our environment is all configured
Add tools and configure aliases
Once the environment is configured, we need to add our penetration tools
We put all the tools in the bin folder
Then we need to configure \config\user_aliases.cmd
:: user_aliase.cmdFormat: exe file nmap="%PentesTools_ROOT%\bin\InformationGathering\nmap\nmap.exe" $* ::.py file SQLmap1.5=python3 "%PentesTools_ROOT%\bin\WebVulnerabilityScanners\SqlMap\sqlmap-1.5\sqlmap.py" $* ::.pl file vbScan =portableshell"%PentesTools_ROOT%\bin\ webvulnerabilityityvulneracy.pl "$* ::.jar file burpsuite_community= java-jar --illegal-access=permit"%PentesTools_ROOT%\bin\WebVulnerabilityScanners\BurpSuite\burpsuite_community\burpsuite_community_v2021.8.3.jar" $* ::.rb file msf5console=cd /d "%PentesTools_ROOT%\bin\ExploitationTools\metasploit-framework5\" $T ruby "%PentesTools_ROOT%\bin\ExploitationTools\metasploit-framework5\ MSfConsole "$* :: Sometimes files cannot be started as neededcd/d to start in the file path with $T to connect two commandsCopy the codeAnd now we have our own infiltration kit
Reference: github.com/cmderdev/cm…
docs.pentestbox.org/