Laudanum
Laudanum is a collection of injectable web files designed for pentests when SQL injection flaws are discovered. It provides functionality such as shell access, DNS queries, LDAP retrieval, and others across multiple languages and environments.
Description
Laudanum serves as a specialized toolkit for penetration testers targeting SQL injection vulnerabilities in web applications. When SQLi flaws are identified, Laudanum's injectable files can be uploaded to compromised servers, enabling post-exploitation capabilities without needing custom payload development.
The collection supports various server-side languages including ASP, ASPX, CFM, JSP, PHP, and even WordPress-specific files. This multi-language support ensures compatibility across diverse web environments commonly encountered in real-world pentests.
Key functionalities include interactive shells for command execution, DNS query capabilities for data exfiltration, LDAP retrieval for directory service enumeration, and additional utilities housed in the 'helpers' directory. These tools transform basic SQL injection findings into powerful access vectors for deeper network compromise.
How It Works
Laudanum operates by providing pre-built, injectable web shells and utility scripts that exploit SQL injection vulnerabilities to achieve file upload. Once uploaded to the target web server via SQLi, these files execute server-side in their native language environment (ASP, PHP, JSP, etc.). They expose web interfaces for functionality like command shells, DNS tunneling for data exfiltration, LDAP queries against directory services, and other post-exploitation techniques. The modular directory structure (/usr/share/laudanum) organizes files by language and purpose for targeted deployment.
Installation
sudo apt install laudanumExamples
laudanum -hls /usr/share/laudanumls /usr/share/laudanum/phpls /usr/share/laudanum/jspls /usr/share/laudanum/aspls /usr/share/laudanum/helpers