backbomb

command module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 10, 2021 License: MIT Imports: 1 Imported by: 0

README ยถ



Cool Guys Don't Look At Explosions ๐Ÿ˜Ž๐Ÿ’ฃ

What is BackBomb?

Dockerized penetration-testing/bugbounty/app-sec testing environment

Getting started

Requirements

This tool uses a docker cli. Docker installation is required.

https://docs.docker.com/get-docker

Installation

$ go get -u github.com/hahwul/backbomb

Usage

.----.   .--.   .---. .-. .-..----.  .----. .-.   .-..----. 
| {}  } / {} \ /  ___}| |/ / | {}  }/  {}  \|  `.'  || {}  }
| {}  }/  /\  \\     }| |\ \ | {}  }\      /| |\ /| || {}  }
`----' `-'  `-' `---' `-' `-'`----'  `----' `-' ` `-'`----' 

Dockerized penetration-testing/bugbounty/app-sec testing environment
	Cool Guys Don't Look At Explosions ๐Ÿ˜Ž๐Ÿ’ฃ

Usage:
  backbomb [command]

Available Commands:
  help        Help about any command
  init        Initialization backbomb docker image
  run         Start backbomb
  update      Update hahwul/backbomb image
  version     Show version

Flags:
      --config string   config file (default is $HOME/.backbomb.yaml)
  -h, --help            help for backbomb

Use "backbomb [command] --help" for more information about a command.

Initialization

$ backbomb init

After initialization, the docker image and volume are prepared ๐Ÿ˜Ž

$ docker images
REPOSITORY                                       TAG                 IMAGE ID            CREATED             SIZE
hahwul/backbomb                                  latest              749a17299401        23 hours ago        3.97GB

$ docker volume list | grep backbomb
local               backbomb

Run

run command allows you to omit and drive additional docker execution options, such as --mount.

$ backbomb run

sample

$ backbomb run
INFO[0000] Starting backbomb ๐Ÿ’ฃ
INFO[0000] The docker client object has been created
INFO[0000] Container creating job successful
INFO[0000] 02267b3954516c500e0d4e826c5c4af8d911a1d391352cd3f915e98975b20f83
INFO[0000] Connecting backbomb container
โ˜  /project  ll
total 0

... testing all the things ๐Ÿ˜ ...

โ˜  /project  exit
INFO[0014] Start the shutdown process.
INFO[0014] Finish

Update

You can use the update command to update the image.

$ backbomb update
INFO[0000] Start update image to latest
INFO[0000] Pulling backbomb latest image
INFO[0003] Finish!

Uninstall

Coming soon!

Persistant data and result

The /app path is backbomb PV(Persistent Volume) which stores data that needs to be maintained continuously, including Postgres. This means sharing data between the host and the docker, and of course it is not stored on a remote server. Since db interlocking services such as metasploit and find domain are established in advance, you can use them comfortably without any additional interlocking process.

e.g

โ˜  /project  msfconsole
...snip..
+ -- --=[ 2087 exploits - 1127 auxiliary - 354 post       ]
+ -- --=[ 592 payloads - 45 encoders - 10 nops            ]
+ -- --=[ 7 evasion                                       ]

Metasploit tip: When in a module, use back to go
back to the top level prompt

msf6 > db_status
[*] Connected to msf. Connection type: postgresql.
msf6 > workspace
* default

Contributors

Documentation ยถ

Overview ยถ

Happy hacking! from @hahwul

Source Files ยถ

View all Source files

Directories ยถ

Path Synopsis
pkg
docker
printing

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.