Tuesday, April 2, 2013

[Bluelog v1.1.1] Simple Bluetooth Scanner

Bluelog is a simple Bluetooth scanner designed to tell you how many discoverable devices there are in an area as quickly as possible.

It is intended to be used as a site survey tool, identifying the number of possible Bluetooth targets there are in the surrounding environment.


Changelog v1.1.1

Codename: “Marshmallow Peep Edition”
  • Merged in libmackerel
  • Merged in MACLIST from haraldscan
  • Experimental manufacturer lookups (currently x86 only)
  • Configuration options broken out into config.h
  • Allow for friendly class names in verbose mode, thanks Dean
  • EXPERIMENTAL: Added -e option to encode MACs with CRC32
  • Updated MAN page
  • Updated README
  • Improved memory management, thanks Paolo
  • Improved file cleanup, less idiotic

Compatibility
Bluelog has been written with portability and efficiency in mind, so it is able to run on a number of systems and hardware platforms. Basically, as long as the device can run (and get results from) “hcitool scan”, and you can compile software for it, there is a good chance Bluelog can run on it.

In addition to running on all major Linux distributions, Bluelog has been used successfully on Chrome OS (running on the CR-48 netbook), and MIPS based OpenWRT devices. For information on the OpenWRT build of Bluelog, see the “openwrt” directory.

More Information: here

Download Bluelog v1.1.1
Posted by at No comments:
Labels: , , , , ,

Monday, April 1, 2013

[iKAT 2013] Interactive Kiosk Attack Tool


iKAT was designed to aid security consultants with the task of auditing the security of internet Kiosk terminals. iKAT is designed to provide access to the underlying operating system of a Kiosk terminal by invoking native OS functionality.


iKAT 2013

New Additions
iKAT 2013 is generally a refinement of the iKAT software, with a smoother exploitation path – more exploits, and better compatibility.

New Features:
  • The iKAT Girl is back!!
  • New Download Methods for each of the iKAT Tools
  • Smoother / Faster exploitation
  • Many resolved bugs and issues
  • Refined and updated tools

iKAT Desktop
iKAT Desktop is easy to use and only requires an installation of Metasploit. Once installed, iKAT will start its own web server and a back-end Metasploit server instance.

It should be noted that the Desktop version of iKAT has several restrictions, but is otherwise fully functional and will give you the same experience as the online version of iKAT.


iKAT PwnMap
Information where was possible getting shell, the level of access gained and the OS in

use on the remote host. The iKAT PWNMap is available at http://ikat.ha.cked.net/pwnmap

iKAT Pro / iKAT Live
iKAT Desktop and the iKAT Website now feature the infamous ‘iKAT Girl‘ – a half-naked girl who acts as a hacking deterrent.

iKAT Professional is a discreet version of iKAT Desktop, featuring more technological advancements, more exploits, more browser add-on’s and a completely discreet professional look.

If you want to be using iKAT on a client site, you need iKAT Professional.

iKAT Live is a subscription based model to an online version of iKAT Professional, for those who do not need their own iKAT Professional instance locally – but still require the technological advancements, and the discreet design.

Currently both products are in pre-release, and you can register your interest at http://ikat.ha.cked.net/store to receive a discount when they become available.

Download iKAT 2013
Posted by at No comments:
Labels: , , ,

[HookME] TCP Proxy (Data tamper)


HookME es un software diseñado para la interceptación de las comunicaciones hookeando el proceso deseado e interceptando las llamadas del API para el envío y recepción de tráfico de red (incluso SSL). HookMe proporciona una interfaz gráfica de usuario que permite cambiar el contenido del paquete en tiempo real, o descartar o reenviarlo. También cuenta con un sistema de plugins en python para ampliar la funcionalidad HookMe.
Se puede utilizar para muchos propósitos, tales como:

  • Analizar y modificar protocolos de red
  • Creación de malware o backdoors embebidos en protocolos de red
  • Parcheo de vulnerabilidades de memoria de protocolos
  • Firewall a nivel de protocolo
  • Como herramienta postexplotation
  • Lo que quiera tu imaginación creando plugins

En el siguiente video podemos ver como crear un backdoor usando HookME y plugins en python que son inyectados en el proceso mysqld.exe permitiendo al atacante ejecutar comandos remotos:


Download HookME

[Fuente]
Posted by at No comments:
Labels: , , , , , , ,

[Wireshark v1.9.2] World’s Foremost Network Protocol Analyzer

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.


Changelog v1.9.2


The following features are new (or have been significantly updated) since version 1.8:
  • Wireshark on 32- and 64-bit Windows supports automatic updates.
  • The packet bytes view is faster.
  • You can now display a list of resolved host names in “hosts” format within Wireshark.
  • The wireless toolbar has been updated.
  • Wireshark on Linux does a better job of detecting interface addition and removal.
  • It is now possible to compare two fields in a display filter (for example: udp.srcport != udp.dstport). The two fields must be of the same type for this to work.
  • The Windows installers ship with WinPcap 4.1.3, which supports Windows 8.
  • USB type and product name support has been improved.
  • Wireshark now calculates HTTP response times and presents the result in a new field in the HTTP response. Links from the request’s frame to the response’s frame and vice-versa are also added.
  • The main welcome screen and status bar now display file sizes using strict SI prefixes instead of old-style binary prefixes.
  • Capinfos now prints human-readable statistics with SI suffixes by default.
  • It is now possible to open a referenced packet (such as the matched request or response packet) in a new window.
  • It is now possible for tshark to display only the hex/ascii packet data without also requiring that the packet summary and/or packet details are also displayed. If you want the old behavior, use -Px instead of just -x.
  • The Wireshark application icon, capture toolbar icons, and other icons have been updated.

New Protocol Support:
  • Amateur Radio AX.25, Amateur Radio BPQ, Amateur Radio NET/ROM, America Online (AOL), AR Drone, Automatic Position Reporting System (APRS), AX.25 KISS, AX.25 no Layer 3, Bitcoin Protocol, Bluetooth Attribute Protocol, Bluetooth AVCTP Protocol, Bluetooth AVDTP Protocol, Bluetooth AVRCP Profile, Bluetooth BNEP Protocol, Bluetooth HCI USB Transport, Bluetooth HCRP Profile, Bluetooth HID Profile, Bluetooth MCAP Protocol,
  • Bluetooth SAP Profile, Bluetooth SBC Codec, Bluetooth Security Manager Protocol, Cisco GED-125 Protocol, Clique Reliable Multicast Protocol (CliqueRM), D-Bus, Digital Transmission Content Protection over IP, DVB-S2 Baseband, FlexNet, Forwarding and Control Element Separation Protocol (ForCES), Foundry Discovery Protocol (FDP), Gearman Protocol, GEO-Mobile
  • Radio (1) RACH, HoneyPot Feeds Protocol (HPFEEDS), LTE Positioning Protocol Extensions (LLPe), Media Resource Control Protocol Version 2 (MRCPv2), Media-Independent Handover (MIH), MIDI System Exclusive (SYSEX), Mojito DHT, MPLS-TP Fault-Management, MPLS-TP Lock-Instruct, NASDAQ’s OUCH 4.x, NASDAQ’s SoupBinTCP, OpenVPN Protocol, Pseudo-Wire OAM, RPKI-Router Protocol, SEL Fast Message, Simple Packet Relay
  • Transport (SPRT), Skype, Smart Message Language (SML), SPNEGO Extended Negotiation Security Mechanism (NEGOEX), UHD/USRP, USB Audio, USB Video, v.150.1 State Signaling Event (SSE), VITA 49 Radio Transport, VNTAG, WebRTC Datachannel Protocol (RTCDC), and WiMAX OFDMA PHY SAP

New and Updated Capture File Support:
  • AIX iptrace, Catapult DCT2000, Citrix NetScaler, DBS Etherwatch VMS), Endace ERF, HP-UX nettl, IBM iSeries, Ixia IxVeriWave, NA Sniffer (DOS), Netscreen, Network Instruments Observer, pcap, pcap-ng, Symbian OS btsnoop, TamoSoft CommView, and Tektronix K12xx

Posted by at No comments:
Labels: , , , , ,

[DynDNS Password Decryptor] Free Desktop Tool to Recover DynDNS Password


DynDNS Password Decryptor is a free desktop tool to instantly decode and recover DynDNS password.

DynDNS - a popuar Dynamic DNS management solution offering enterprise-level DNS performance and reliability. This tool automatically detects locally installed 'DynDNS Updater Client' and displays the configuration file ('config.dyndns')

It supports dual mode of password recovery. You can either enter the encrypted DynDNS password directly or specify the DynDNS configuration file. In second case, it will find the username/password from the config file and decrypt it instantly.
You can also use it to recover the password from DynDNS config file of another system. In such case, you can either enter the encrypted password or the config file path manually.

It has been successfully tested with latest version (v4.1.10) of 'DynDNS Updater Client'.
DynDNS Password Decryptor is fully portable and works on all windows systems starting from Windows XP to Windows 8.


Screenshot 1: DynDNS Password Decryptor is showing the decrypted DynDNS Password


Screenshot 2: Showing Username & Password recovered from the DynDNS configuration file.

Download DynDNS Password Decryptor
License : Freeware
Platform : Windows XP, 2003, Vista, Windows 7, Windows 8
Posted by at No comments:
Labels: , , , ,

[HTTrack Website Copier] Download a Website from the Internet to a Local Directory


HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.

It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system.

WinHTTrack is the Windows 2000/XP/Vista/Seven release of HTTrack, and WebHTTrack the Linux/Unix/BSD release.

Posted by at No comments:
Labels: , , , ,

[Matriux] The Open Source Security Distribution for Ethical Hackers and Penetration Testers and Forensic Experts


The Matriux is a phenomenon that was waiting to happen. It is a fully featured security distribution based on Debian consisting of a powerful bunch of more than 300 open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.

With Matriux, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hardisk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.

Download Matriux
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)