Home Exploits Tools Gopherus – Tool for Exploiting SSRF and gaining RCE

Gopherus – Tool for Exploiting SSRF and gaining RCE

August 10, 2022 Leave a Comment
Gopherus SSRF to RCE with Reverse Shell - Tool for Exploiting SSRF and gaining RCE

Gopherus

If you know a place which is SSRF vulnerable then, this tool will help you to generate Gopher payload for exploiting SSRF (Server Side Request Forgery) and gaining RCE (Remote Code Execution). And also it will help you to get the Reverse shell on the victim server. If you want to brute forcing SSRF parameter you can use the tool called Lorsrf

Payloads

This tool can generate payload for following:

  1. MySQL (Port-3306)
  2. PostgreSQL(Port-5432)
  3. FastCGI (Port-9000)
  4. Memcached (Port-11211)
    • If stored data is getting De-serialized by:
      • Python
      • Ruby
      • PHP
  5. Redis (Port-6379)
  6. Zabbix (Port-10050)
  7. SMTP (Port-25)

Installation

git clone https://github.com/tarunkant/Gopherus.git cd Gopherus chmod +x install.sh

sudo ./install.sh

Usage

CommandDescription
gopherus –help Help
gopherus –exploit Arguments can be :
–exploit mysql
–exploit postgresql
–exploit fastcgi
–exploit redis
–exploit zabbix
–exploit pymemcache
–exploit rbmemcache
–exploit phpmemcache
–exploit dmpmemcache
–exploit smtp
Gopherus Exploit Mysql Database with SSRF - Tool for Exploiting SSRF and gaining RCE

Examples

  • MySQL: If the user is not protected with password you can dump his database and also you can put malicious files in his system.
    • gopherus --exploit mysql

      It only asks username of the MySQL user and it will provide you gopher link.

  • PostgreSQL: If the user is not protected with password you can dump his database and also you can put malicious files in his system.
    • gopherus --exploit postgresql

It only asks username of the Postgres user and database name then it will provide you gopher link.

  • Redis: If redis port is open then we can overwrite the file in the system which is too dangerous.
    So here is two things you can get:
    a. Reverse Shell
    b. PHP Shell
    • gopherus --exploit redis
  • SMTP: If port 25 is open and we can access it then, we can send message to anyone as victim user, So this tool will generate gopher payload for sending mail.
    • gopherus --exploit smtp

Author

Tarunkant Gupta (SpyD3r)

Download Gopherus

You May Also Like

OpenRedireX - Open Redirect Scanner and Fuzzer Tool

OpenRedireX – Open Redirect Scanner and Fuzzer Tool

Bypass 403 - Simple Script Tool For Bypassing 403 Forbidden Response

Bypass 403 – Simple Script For Bypassing 403 Forbidden Response

Burpgpt - Connect OpenAI gpt with burp suite to detect security vulnerabilities that traditional scanners might miss

Burpgpt –  Integrate OpenAI GPT with Burp Suite to Discover Highly Bespoke Vulnerabilities

WaybackSQLiScanner automatically gather urls from wayback machine then test each GET parameter for sql injection

waybackSqliScanner – Tool to Gather URLs from Wayback Machine Then Test For SQL Injection

Commix - Tool to automates the process of command injection detection and exploitation

Commix – Automated OS Command Injection Exploitation Tool

Oralyzer - Automated Open Redirect Vulnerability Detection Tool

Oralyzer – Open Redirect Vulnerability Detection Tool

Leave a Reply

Your email address will not be published. Required fields are marked *

eleven − eight =