What is BabySppoit?
BabySploit is a penetration testing framework aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find use out of BabySploit.
– Information Gathering:
Tcpdump (In The Works)
Datasploit (In The Works)
FTP Buffer Overflow Scan
WPSeku WordPress Vuln Scanner
– Post Exploitation:
In The Works
WPSeku WordPress Login Bruteforce
Setting Configuration Values:
BabySploit uses ConfigParser in order to write and read configuration. Your config file is automatically generated and located at ./babysploit/config/config.cfg. You can manually change configuration settings by opening up the file and editing with a text editor or you can use the set command to set a new value for a key. Use the set command like so:
set rhost >> Enter Value For rhost: 10 >> Config Key Saved!
If before running this command the rhost key had a value of 80, the rhost key after running this command has a value of 10. You can also add configuration variables to the config by using the set command with a new key after it like so:
set newkey >> Enter Value For newkey: hello >> Config Key Saved!
Before running this there was no key named “newkey”. After running this you will have a key named “newkey” in your config until you use the reset command which resets the saved configuration.
Running A Tool
In order to run a tool all you have to do is enter the name of the tool into BabySploit. You can use the tools command to display a menu with all the currently availble tools. If we run tools we get the depiction:
This menu will display the tools available and the description of each tool. To run a tool simply enter the tool name into BabySploit. Ex: ftpbruteforce – runs the ftpbruteforce tool.
BabySploit is best run out of the home directory so to clone it there run:
git clone git://github.com/M4cs/BabySploit ~/BabySploit cd ~/BabySploit
After cloning the installation you must install some pre-requisites. If you are on Kali you should already have all of these installed but it doesn’t hurt to do so anyways just in case. Do so by running the following:
~- From Within The BabySploit Directory -! sudo apt-get update sudo apt-get upgrade sudo python3 install.py virtualenv babysploit source babysploit/bin/activate pip3 install -r requirements.txt python3 start.py !- To Leave The Virtual Environment -! deactivate