Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing

Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing

Karkinos is a light-excess weight ‘Swiss Army Knife’ for penetration tests and/or hacking CTF’s. At the moment, Karkinos features the subsequent:

  • Encoding/Decoding characters
  • Encrypting/Decrypting text or data files
  • Reverse shell managing
  • Cracking and making hashes

Dependancies

  • Any server able of internet hosting PHP analyzed with Apache Server
  • Analyzed with PHP 7.4.9
  • Python3 (in your route)
  • pip3
  • Raspberry Pi Zero friendly 🙂 (crack hashes at your very own possibility)

Installing

This set up guidebook assumes you have all the dependancies.

Linux

  1. git clone https://github.com/helich0pper/Karkinos.git
  2. cd Karkinos
  3. pip3 set up -r requirements.txt
  4. cd wordlists && tar -xf passlist.zip You can also unzip it manually utilizing file explorer if tar is not installed. Just make certain passlist.txt is in wordlists listing.
  5. Add extension=php_sqlite3.dll to your php.ini file.
    If you you should not know where to discover this, refer to the PHP docs.
  6. Thats it! Now just host it applying your most popular world-wide-web server or run: php -S 127…1:8888 in the Karkinos listing.

Windows

  1. git clone https://github.com/helich0pper/Karkinos.git
  2. cd Karkinos
  3. pip3 put in -r prerequisites.txt
  4. cd wordlists && tar -xf passlist.zip
    You can also unzip it manually working with file explorer if tar is not mounted. Just make certain passlist.txt is in wordlists listing.
  5. Add extension=php_sqlite3.dll to your php.ini file.
    If you do not know where to come across this, refer to the PHP docs.
  6. Thats it! Now just host it employing your preferred internet server or operate: php -S 127…1:8888 in the Karkinos listing.

Demo

Home Menu

Landing web page and brief entry menu.

Karkinos 1 home

User stats are shown below. At the moment, the stats recorded are only the overall hashes and hash sorts cracked properly.

Karkinos 2 home2

Encoding/Decoding

This web page will allow you to encode/decode in common formats (a lot more could be included shortly)

Karkinos 3 encode

Encrypt/Decrypt

Encrypting and decrypting textual content or files is designed simple and is fully trusted because it is accomplished locally.

Karkinos 4 encrypt

Reverse Shell Handling

Reverse shells can be captured and interacted with on this website page.

Develop a listener instance

Karkinos 5 reverse

Configure the listener

Karkinos 6 reverse2

Start out the listener and seize a shell

Karkinos 7 reverse3

Creating Hashes

Karkinos can crank out commonly utilized hashes these kinds of as:

  • MD5
  • SHA1
  • SHA256
  • SHA512
Karkinos 8 convert

Cracking Hashes

Karkinos presents the choice to simultaneously crack hashes using a developed-in wordlist consisting of in excess of 15 million frequent and breached passwords. This listing can easily be modified and/or completely changed.

Karkinos 9 crack

Potential Operate

Pull requests and bug reviews are usually appreciated.
Below are acknowledged bugs and concerns:

  • Reverse shell handling server code is at present currently being reworked but it works good

Obtain me on

Twitter

Disclaimer

Use this resource to make penetration assessments or any hacking CTF’s additional productive. This device need to be used on applications that you have authorization to attack only. Any misuse or problems caused will be only the users’ responsibility. 
You should check the recognised bugs and difficulties at the bottom in advance of installation.

0lqZj1pmFRg

Graphic and Article Resource hyperlink

Examine More on Pentesting Resources

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: