[MSF-Installer] Script to Automate Metasploit Framework Installation

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and Linux

To use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of installing GNU GCC in the case you want to compile the old Ruby 1.8.7 that requieres it. When you download the script you must make it executable, when ran with no arguments or with -h it will how the usage help message:

$ chmod +x msf_install.sh 
$ ./msf_install.sh -h
Scritp for Installing Metasploit Framework
By Carlos_Perez[at]darkoperator.com
Ver 0.1.0

-i                :Install Metasploit Framework.
-p      :password for MEtasploit databse msf user. If not provided a roandom one is generated for you.
-g                :Install GNU GCC (Not necessary uless you wish to compile and install ruby 1.8.7 in OSX
-h                :This help message

To start the installation you just run the script with the -i option and the installation will start. In the case of OSX it will:

• Check that dependencies are meet.
• Check if Homebrew is installed and of not it will install it.
• Install Ruby 1.9.3
• Install base ruby gems.
• Install and configure Postgres for use with Metasploit
• Install GCC if selected.
• Download and install Metasploit Framework.
• Installs all necessaries Ruby Gems using bundler.
• Configure the database connection and sets the proper environment variables.
• Download and install the latest version of Armitage.
• Download and install the Pentest plugin and DNSRecon Import plugin.

in the case of Ubuntu 12.10 and 13.04 it will:

• Install all necessary packages
• Install base ruby gems.
• Configure Postgres for use with Metasploit
• Download and install Metasploit Framework.
• Installs all necessaries Ruby Gems using bundler.
• Configure the database connection and sets the proper environment variables.
• Download and install the latest version of Armitage.
• Download and install the Pentest plugin and DNSRecon Import plugin.

Download MSF-Installer

[WhatWeb] Scanner para Fingerprinting de una Web

WhatWeb es una herramienta que nos permite realizar Fingerprinting de una web.

WhatWeb tiene la particularidad de identificar webs que están realizadas con alguno de los CMS más populares como WordPress, Joomla!, phpBB o Drupal, además permite identificar versiones de librerías JavaScript, Geolocalización de dominios, identificación de etiquetas HTML, Servidores Web y más de 900 plugins para extender su funcionalidad.

A los que nunca utilizaron esta herramienta y quieren comenzar a entrar en las etapas de reconocimiento y fingerprinting, sus primeros pasos sin es utilizar WhatWeb.

Descarga WhatWeb
Repositorio  en GitHub
Web del Autor
The WhatWeb Wiki

[Automater 1.2] IP and URL Analysis Tool

Automater is a IP and URL Analysis tool we created to help automate the analysis process. You can see a video of Automater in action in TekTip episode 15.

Download Automater 1.2

[Http-enum] Automated HTTP Enumeration Tool

Null Security Team writing a python script for Automated HTTP Enumeration. currently only in the initial beta stage, but includes basic checking of files including the Apache server-status as well as well IIS WebDAV and Microsoft FrontPage Extensions, many more features will be added to this tool which will make lot of the enumeration process quick and simple.

Version 0.2 adds scanning of SSL / TLS as well as an option for probing delays and general bug fixes.

Download the Python Script

[Shoryuken] Script en Bash para obtener una Shell por medio de un SQLi

Shoryuken es un sencillo script para bash que podemos utilizar para explotar rápidamente una aplicación web con el backend DBMS en la misma máquina, vulnerable a inyecciones SQL y pobremente pésimamente configurada.

La versión actual puede obtener una sesión remota por el puerto 80/HTTP explotando hosts con MSSQL o MySQL que se ejecutan con usuarios con privilegios elevados (system o root), todo ello con una única petición HTTP: el shoryuken (el famoso golpe de Ryu o Ken que significa "puño del dragón" en japonés).

Fácil de usar y bastante indetectable en TEST MODE (1 petición), necesitaremos tener curl instalado:

shoryuken=$(curl -A $agent -s -i "$target$mssqli&$param$mysqli")

Web del proyecto: http://code.google.com/p/shoryuken/

[Fuente]

[PwnStar] Version with new Exploits

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables.  Launches classic exploits such as evil-PDF. De-auth with aireplay, airdrop-ng or MDK3.

Changes and New Features

• “hotspot_3″ is a simple phishing web page, used with basic menu option 4.
• “portal_simple” is a captive portal which allows you to edit the index.html with the name of the portal eg “Joe’s CyberCafe”. It is used for sniffing.
• “portal_hotspot3″ phishes credentials, and then allows clients through the portal to the internet
• “portal_pdf” forces the client to download a malicious pdf in order to pass through the portal

Updated feature list:

• captive-portal with iptables and php
• more php scripts added
• exploits added
• mdk3 and airdrop deauth

General Features :

• manage interfaces and MACspoofing
• set up sniffing
• serve up phishing or malicious web pages
• launch karmetasploit
• grab WPA handshakes
• de-auth clients
• manage IPtables

Download Here

[Wifi Honey] Creates fake APs using all encryption

This is a script, attack can use to creates fake APs using all encryption and monitors with Airodump. It automate the setup process, it creates five monitor mode interfaces, four are used as APs and the fifth is used for airdump-ng. To make things easier, rather than having five windows all this is done in a screen session which allows you to switch between screens to see what is going on. All sessions are labelled so you know which is which.

Installing wifi honey
chmod a+x wifi_honey.sh
./wifi_honey.sh fake_wpa_net
./wifi_honey.sh fake_wpa_net 1 waln1

Download Wifi Honey