XeroSploit is a Python tool that requires the following packages and tools to operate.
The required packages are installed automatically by installing the toolkit. However, it is recommended to install libpcap-dev and libgmp3-dev packages manually for smooth installation of Xerosploit.
sudo apt-get install libpcap-dev sudo apt-get install libgmp3-dev
To install XeroSploit, proceed by cloning the toolkit using the following command.
git clone https://github.com/LionSec/xerosploit
After cloning the toolkit, run the install.py file from the xerosploit directory.
sudo python install.py
Provide the system information to the toolkit when prompted by selecting the host OS to complete the installation process.
After successful installation of XeroSploit, the toolkit can be launched by typing the following command in the terminal.
The toolkit fetches and displays the host operating system configuration information on the screen.
XeroSploit has a set of commands that can be viewed by typing the help command. The main available commands include scan, iface, gateway, start, and rmlog. The full list of commands can be seen in the following screenshot.
The scan command is used to map the target network and discovering all the network hosts. The iface command is used to manually set the host interface. The start command skips the scanning process and targets a given host IP address. By default, XeroSploit logs all the scanning data. However, the logs record can be removed by using the rmlog command.
How XeroSploit Works
As mentioned above, XeroSploit can be used for network scanning, port scanning, sniffing, DoS attack, HTML injection, Java injection, DNS spoofing, web pages defacements, playing background audios in browsers, and capturing the images being explored by the victim. All these utilities can be performed by running the respective modules.
Network Scanning Example
By typing the scan command in the terminal, XeroSploit scans and lists all the available hosts in the target network.
Once all the hosts are discovered, we can manually select a target host IP and run different modules to achieve the desired goals. Let’s suppose we want to scan all the ports of a target host 192.168.10.6 in the network. This can be achieved by typing the host IP (192.168.10.3) and port scanning command (pscan) in the terminal.
The results are displayed in a tabular format, showing the port number, port status, and running services.
DNS Spoofing Example
To initiate DNS spoofing utility, type following commands in the terminal.
The tool prompts for the target host IP address where all the traffic should be redirected. Provide the desired IP address as shown below.
This redirects all the http traffic to the provided IP address.
Yplay is another utility of XeroSploit that allows playing the audio of a selected video in victim’s browser as a background voice. To run this utility, type the following commands.
Provide the desired video link in the following format to run its audio as background in the victim’s browser.
We can run the other modules in a similar way by typing their names in the terminal and following the instructions. The complete list of modules can be found by typing the module help command.
XeroSploit is a decent penetration testing tool that can be used for scanning as well as simulating attacks in the network. Besides network penetration testing, XeroSploit can perform some web attacks, such as web pages defacement, capturing web images, and redirecting web traffic to a specific host.