Tag Archive: pentesting


stunnel or my lack of long term memory

Filed Under: Allgemeines by carlos — 2 Kommentare
2. September 2010

I know this is really basic stuff but I need to take a note here because I always forget this syntax.

stunnel3 -d 8443 -r 192.168.1.10:443 -c

To chat with a, let’s say,  SSL enabled web server through a connection to localhost (-d parameter defaults to localhost if no IP is selected).

Originally, stunnel3 was intended to wrap the connection for not SSL capable services, so in order to use it for a more pentest suited perspective we must explicitly say that we are in “client” mode. Therefore the -c modifier.

Tags: , ,
Kommentar

So you want to train an army of ninjas…

Filed Under: Allgemeines by carlos — Hinterlasse einen Kommentar
19. April 2010

I have been recently watching, dissecting actually, these videos from the Polytechnic Institute of the University of NY (cool name, eh?). These are part of the Master’s program in Cybersecurity and the people giving the talks are top of the top. Definitely worth it to check them out! (Would they count as continuing education? ;) )

As an example, an introduction to reverse engineering by Aaron Portnoy of TippingPoint.

Prepare yourself to use the pause button a lot!

Reverse Engineering 101 from Dan Guido on Vimeo.

More info on pentest.cryptocity.net

Tags: , , ,
Kommentar

Metasploit and the Pcaprub wrapper

Filed Under: Allgemeines by carlos — 1 Kommentar
1. Februar 2010

Metasploit (i love you) is, it goes without saying, the penetration testing framework of choice of a wide spectrum of professionals (and script-kiddies).

One of the reasons is that everything works “out of the box”, kind of a plug and play evil hacker toolbox.

But playing with it in Backtrack I found that some of the dependencies are not installed, in particular the Pcap wrapper.


msf auxiliary(ipidseq) > run

[-] Auxiliary failed: RuntimeError Pcaprub is not available
[-] Call stack:
[-] (eval):65:in `run_host'
[-] /opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:114:in `join'
[-] /opt/metasploit3/msf3/lib/msf/core/auxiliary/scanner.rb:114:in `run'
[*] Auxiliary module execution completed

This is really an annoyance if you take into account that several auxiliary modules make use of the Pcap library.

Fortunately, get this working is really easy, just locate the external/pcaprub directory under the framework root dir and compile/install this ruby module.


root@bt:/pentest/exploits/framework3/external/pcaprub# ls
LICENSE README extconf.rb pcaprub.c test_pcaprub.rb


root@bt:/pentest/exploits/framework3/external/pcaprub# ruby extconf.rb && make
checking for pcap_open_live() in -lpcap... yes
checking for pcap_setnonblock() in -lpcap... yes
creating Makefile
cc -I. -I. -I/usr/lib/ruby/1.8/i486-linux -I. -D_FILE_OFFSET_BITS=64 -fPIC -fno-strict-aliasing -g -g -O2 -fPIC -c pcaprub.c
cc -shared -o pcaprub.so pcaprub.o -L. -L/usr/lib -L. -Wl,-Bsymbolic-functions -rdynamic -Wl,-export-dynamic -lruby1.8 -lpcap -lpcap -lpthread -ldl -lcrypt -lm -lc

root@bt:/pentest/exploits/framework3/external/pcaprub# make install
/usr/bin/install -c -m 0755 pcaprub.so /usr/local/lib/site_ruby/1.8/i486-linux

And there you go! Keep exploiting! :)

Tags: , , , ,
Kommentar
Powered by WordPress | Theme: Motion by 85ideas.