'Penetration Testing'에 해당되는 글 11건

  1. 2011.08.22 BackTrack 5 R1 released
  2. 2011.05.06 SmartFTP Password Decryptor (free)
  3. 2011.04.12 SQL injection PT tool - sqlmap 0.9 (update)
2011. 8. 22. 19:29

BackTrack 5 R1 released

After being officially released at the BlackHat USA 2011, BackTrack 5 R1 has been finally released as a public download!

“BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.“

This is the official BackTrack 5 R1 change log:

  • This release contains over 120 bug fixes, 30 new tools and 70 tool updates.
  • The kernel was updated to and includes the relevant injection patches.

According to the guys at OffSec, this release is their best one yet! Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack.

We’ve have Gnome and KDE ISO images for 32 and 64 bit (no arm this release), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.

We are mighty excited and are already downloading this release just as we speak!

Download BackTrack 5 R1:

Torrents only until the 20th August!

BT5R1-GNOME-VM-32.torrent, BT5r1-GNOME-64.torrent, BT5r1-KDE-64.torrent, BT5r1-KDE-32.torrenthttp://www.backtrack-linux.org/downloads/

Trackback 0 Comment 0
2011. 5. 6. 09:57

SmartFTP Password Decryptor (free)

About SmartftpPasswordDecryptor

SmartftpPasswordDecryptor is the FREE software to instantly recover FTP login passwords stored by SmartFTP - one of the popular FTP clients. SmartFTP stores the password for all the past FTP sessions in user profile location so that user don't have to enter it every time. SmartftpPasswordDecryptor makes it easy to quickly scan & decrypt all these stored FTP login passwords

It presents both GUI as well as command line interface which will be useful for penetration testers. Apart from normal users who can use it to recover their lost password, Forensic folks can use it to quickly recover stored FTP login information. 
You can either use it to automatically recover the stored passwords from local system or recover passwords from remote machine by manually feeding SmartFtp profile path. SmartftpPasswordDecryptor works on most of the Windows platforms starting from Windows XP to latest operating system, Windows 7.

Features of SmartftpPasswordDecryptor

Here are the highlights of top features of SmartftpPasswordDecryptor
  •  Instantly decrypt and recover all stored FTP login passwords from SmartFTP..
  •  Comes with both GUI interface as well as Command-line version.
  •  Useful for Penetration testers as well as Forensic investigators.
  •  Recover password of any length and complexity.
  •  Save the recovered password list to HTML file for transferring to other system or for future use.
  •  Easier and faster to use with its enhanced user friendly GUI interface.
  •  Support for local Installation and uninstallation of the software. 

Installing SmartftpPasswordDecryptor

SmartftpPasswordDecryptor comes with Installer so that you can install it locally on your system for regular usage. It has intuitive setup wizard (as shown in the screenshot below) which guides you through series of steps in completion of installation. At any point of time you can use Uninstaller to remove the software from the system.

Using SmartftpPasswordDecryptor
SmartftpPasswordDecryptor is easy to use with its simple GUI interface.  

Here are the brief usage details
Using GUI Version

  •  Launch SmartftpPasswordDecryptor after completion of installation.
  •  Next click on 'Start Recovery' button and all ftp login passwords stored by SmartFtp will be recovered & displayed as shown in screenshot 1 below.
  •  By default passwords are not shown for security reasons as it is sensitive data. However you can click on'Show Password' button at the bottom to view these passwords.
  •  Finally you can save all recovered password list to HTML file by clicking on 'Export to HTML' button.

Using Command-line Version
Here is the typical usage of command line version
   SmartftpPasswordDecryptor.exe  "<output_file path>"
Here are some of the examples

//Writes recovered password to text file in current directory
SmartftpPasswordDecryptor.exe  pass.txt 

//Writes recovered password to HTML file in current directory
SmartftpPasswordDecryptor.exe  pass.html

//Writes recovered password to TEXT file 
SmartftpPasswordDecryptor.exe  "c:\my test\passlist.txt"

It automatically detects the mode (text or html) by using the extension of the specified file (txt or html). By default (or if no extension is specified) it uses the TEXT mode. For more examples refer to Screenshot 2 below.

Screenshots of SmartftpPasswordDecryptor

Here are the screenshots of SmartftpPasswordDecryptor
Screenshot 1:SmartftpPasswordDecryptor is showing the recovered ftp login passwords. Passwords are not shown being sensitive data, you can turn on by clicking on 'Show Password' button below.

Screenshot 2:  Command line usage of SmartftpPasswordDecryptor showing various examples.

Screenshot 3:  Exported list of of recovered ftp login passwords by SmartftpPasswordDecryptor in HTML format.

출처 : securityxploded.com

Trackback 0 Comment 0
2011. 4. 12. 18:56

SQL injection PT tool - sqlmap 0.9 (update)

“sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.“

This is the change log:

  • Rewritten SQL injection detection engine (Bernardo and Miroslav).
  • Support to directly connect to the database without passing via a SQL injection, -d switch (Bernardo and Miroslav).
  • Added full support for both time-based blind SQL injection and error-based SQL injection techniques (Bernardo and Miroslav).
  • Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
  • Implemented support for Firebird (Bernardo and Miroslav).
  • Implemented support for Microsoft Access, Sybase and SAP MaxDB (Miroslav).
  • Extended old ‘–dump -C‘ functionality to be able to search for specific database(s), table(s) and column(s), –search switch (Bernardo).
  • Added support to tamper injection data with –tamper switch (Bernardo and Miroslav).
  • Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack (Miroslav).
  • Added support to enumerate roles on Oracle, –roles switch (Bernardo).
  • Added support for SOAP based web services requests (Bernardo).
  • Added support to fetch unicode data (Bernardo and Miroslav).
  • Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch (Miroslav).
  • Implemented several optimization switches to speed up the exploitation of SQL injections (Bernardo and Miroslav).
  • Support to test and inject against HTTP Referer header (Miroslav).
  • Implemented HTTP(s) proxy authentication support, –proxy-cred switch (Miroslav).
  • Implemented feature to speedup the enumeration of table names (Miroslav).
  • Support for customizable HTTP(s) redirections (Bernardo).
  • Support to replicate the back-end DBMS tables structure and entries in a local SQLite 3 database, –replicate switch (Miroslav).
  • Support to parse and test forms on target url, –forms switch (Bernardo and Miroslav).
  • Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns. Useful for instance when system table ‘information_schema‘ is not available on MySQL (Miroslav).
  • Basic support for REST-style URL parameters by using the asterisk (*) to mark where to test for and exploit SQL injection (Miroslav).
  • Added safe URL feature, –safe-url and –safe-freq (Miroslav).
  • Added –text-only switch to strip from the HTTP response body the HTML/JS code and compare pages based only on their textual content (Miroslav).
  • Implemented few other features and switches (Bernardo and Miroslav).
  • Over 100 bugs fixed (Bernardo and Miroslav).
  • Major code refactoring (Bernardo and Miroslav).
  • User’s manual updated (Bernardo).

Download sqlmap 0.9 (sqlmap-0.9.tar.gz/sqlmap-0.9.zip) here.

출처 :  www.pentestit.com

Trackback 1 Comment 0