Mec is a collection of hacking tools with a command line graphic user interface.Features
- an easy-to-use cli ui
- execute any adpated exploits with process-level concurrency
- some built-in exploits (automated)
- hide your ip addr using
proxychains4andss-proxy(built-in) - zoomeye host scan (10 threads)
- a simple baidu crawler (multi-threaded)
- censys host scan
Getting started
git clone https://github.com/jm33-m0/massExpConsole.git && cd massExpConsole && ./install.py- when installing pypi deps,
apt-get install libncurses5-dev(for Debian-based distros) might be needed - now you should be good to go (if not, please report missing deps here)
- type
proxycommand to run a pre-configured Shadowsocks socks5 proxy in the background,vim ./data/ss.jsonto edit proxy config. and,ss-proxyexits withmec.py
Requirements
- GNU/Linux, WSL, MacOS (not tested), fully tested under Arch Linux, Kali Linux (Rolling, 2018), Ubuntu Linux (16.04 LTS) and Fedora 25 (it will work on other distros too as long as you have dealt with all deps)
- Python 3.5 or later (or something might go wrong, https://github.com/jm33-m0/massExpConsole/issues/7#issuecomment-305962655)
proxychains4(in$PATH), used by exploiter, requires a working socks5 proxy (you can modify its config inmec.py)- Java is required when using Java deserialization exploits, you might want to install
openjdk-8-jreif you haven’t installed it yet - note that you have to install all the deps of your exploits or tools as well
Usage
- just run
mec.py, if it complains about missing modules, install them - if you want to add your own exploit script (or binary file, whatever):
cd exploits,mkdir <your_exploit_dir>- your exploit should take the last argument passed to it as its target, dig into
mec.pyto know more chmod +x <exploit>to make sure it can be executed by current user- use
attackcommand thenmto select your custom exploit
- type
helpin the console to see all available features zoomeyerequires a valid user account config filezoomeye.conf
