WarBerryPi – Tactical Exploitation

WarBerryPi was built to be used as a hardware implant during red teaming scenarios where we want to obtain as much information as possible in a short period of time with being as stealth as possible. Just find a network port and plug it in.

The scripts have been designed in a way that the approach is targeted to avoid noise in the network that could lead to detection and to be as efficient as possible. The WarBerry script is a collection of scanning tools put together to provide that functionality.

Installation

Run sudo bash setup.sh

To address the issue with ImportError: No module named dns follow these steps

git clone https://github.com/rthalley/dnspython
cd dnspython/
python setup.py install

Usage

To get a list of all options and switches use:

python warberry.py -h


Options:

  --version                             show program's version number and exit
  -h, --help                            show this help message and exit
  -p PACKETS,   --packets=PACKETS       Number of Network Packets to capture. Default 20
  -x TIME,      --expire=TIME		Duration of packet capture. Default 20 seconds
  -I IFACE,     --interface=IFACE       Network Interface to use. Default: eth0
  -N NAME,      --name=NAME             Hostname to use. Default: WarBerry
  -i INTENSITY, --intensity=INTENSITY   Port scan intensity. Default: T4
  -Q, --quick                           Scan using threats. Default: Off
  -P, --poison                          Turn Poisoning on/off. Default: On
  -t TIME, 	--time=TIME		Poisoning Duration. Default 900 seconds
  -H, --hostname                        Do not Change WarBerry hostname Default: Off
  -e, --enumeration                     Disable Enumeration mode. Default: Off
  -B, --bluetooth                       Enable Bluetooth scanning. Default: Off
  -r, --recon                           Enable Recon only mode. Default: Off
  -W, --wifi                            Enable WiFi scanning. Default: Off
  -S, --sniffer                         Enable Sniffer only mode. Default: Off
  -C, --clear                           Clear previous output folders in ../Results

 

 

Reporting

Download the /RESULTS folder into /var/www, /Library/Webserver/Documents/ or XAMPP web directory depending on your OS and setup.

Download the warberry.db file locally and save it into Reporting/ .

Change file Config.php under Reporting/WarberryReporting/SQLiteConnection/php to use the correct path of warberry.db

Run index.html under Reporting/

 

Leave a Reply

Your email address will not be published. Required fields are marked *