Lucifer: Powerful Penetration Tool For Automating Penetration Tasks

Lucifer

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration, and More… Use Or Build Automation Modules To Speed Up Your Cyber Security Life.

Modules

Module Description
modules\privesc\peass.py Privilege Escalation tester script for Windows and Linux
modules\gather\windows\get_network.py Gets Network Information
modules\gather\windows\get_product_key_8up.py This module will retrieve the product key from the Windows registry on 8 and up and- attempts this in three different ways: XP, IE, and WPA!
modules\gather\windows\get_users.py Gets all user accounts on the computer and domain
modules\gather\windows\get_users_details.py This Module Has No Description!
modules\gather\linux\uname.py Gets the output of uname on a Unix system with any arguments supplied in the args variable
modules\gather\LMAddress.py Returns the memory address of the Lucifer Manager Instance
modules\gather\OSInfo.py Returns all OS information
modules\gather\ping_c4.py Ping a host to check if it is up
modules\auxiliary\socket_tcp_server.py Hosts a tcp server constantly receiving data from connections.
modules\auxiliary\test_java.py This module test to see if lucifer’s java module extension is working correctly.

Lucifer

Reports

Lucifer has two types of data-saving systems. The rawest, unformatted is logs or logging. You can ask lucifer to save a log file of all the commands that go through the console to a file such as a .txt or .log file. The other system is through the LMI.Reports Extension which allows for the auto-generation of reports. At the current moment in time, lucifer supports outputting the report in a nicely generated HTML file, which includes CSS and JavaScript to allow for an easily presentable report.

Logging

To enable command logging which tracks all commands that go through lucifer you need to run the program with the logging argument active, example is python main.py -l myCommandOutput.txt . The output file will contain the commands you have run in the program.

HTML Reporting

These reports are auto-generated through the use of LMI.Reports extension. They automatically include styling and JavaScript at the end of the file to allow for the easiest formatting of data. The data in these reports are in a table format which gets placed in its own section once a table is generated in the lucifer program. To use this in lucifer you need to do the following:

  • Open a brand new report or open an existing one you would like to extend. To create a new one from scratch using the following command report_new <fileName>, note that the file name automatically gets .html appended to the end if it is not already there. To open an existing report using the following command report_open <fileName>. Also, note that if the operation fails it will resort to the opposite command such that if it can not create a new file because it already exists it will open that instead, and if it can not open the file because it does not exist it will create a new one instead.
  • From here you have your file prepared, to make reporting active run report_start which will turn on the report, from here any module or command what creates/generates a table in lucifer will be autoformatted onto the report. If you want to pause reporting you can do report_stop to freeze the reporting session, then you can restart it again with report_start.Example Images Below:

     

Install & Use