MSRPC Auditing

Cody Pierce and Aaron Portnoy have released the Msrpc framework for auditing the Microsoft RPC protocol. The presented the tool in DeepSec 2007, it was a good presentation where they show us how they used to analyze RPC. Now the tools is available at Google Code.

pymsrpc is an attempt to develop a working library for communicating with remote Microsoft RPC endpoints. It includes an IDL parser and NDR data types for making requests.

The following toolset is recommended by them:

• PyMSRPC consists of the following components
• Lexer and Parse
• A library of NDR objects
• Utilizes Impacket from CORE for transport
• Tie-ins for the Sulley Fuzzing Framework

This framework allows you to immediately communicate and audit an RPC service.

Fuzzing - Brute force Vulnerability discover

This time i will talk about another great book. In this book Michael Sutton, Adam Greene and Pedram Amini expose everything you want to know about Fuzzing.

We can find a information about all the different types of Fuzzing: Network protocol Fuzzing, Web application Fuzzing, File format Fuzzing, in memory Fuzzing, etc. The book also cover the best fuzzing frameworks available like Spike, Peach, Sulley, and many more.

I enjoyed very much this book, it was easy to read and follow, very clear the concepts and well organized the contents.

If you want to learn all about Fuzzing, this is your book.

You can check the book web page: Fuzzing

See you soon!

Ajax security

Are you interested in learning about Ajax security? I did, so i got the book "Ajax Security" by Hoffman and Sullivan (2007, Addison Wesley, 470 pages), and it is really useful. The book is well organized, the explanations are very clear and the examples well chosen.

I learned a lot about Ajax and the security implications of this technology with this book, i highly recommend it.


Ajax Security, Addison Wesley

Check the content table

Metasploit 3.1

Well some time ago i posted about the Metasploit GUI, now the new version (3.1) has the GUI and the assistant polished, and the exploit number went up to 267!!

This project is growing and improving in every release :)

I downloaded the RC for windows and i liked a lot, here are some screenshots:













Wanna try the GUI in the new release?

https://metasploit.com/framework-3.1-rc1.exe
https://metasploit.com/framework-3.1-rc1.tar.gz

Enjoy :)

Portbunny - Port scanning improvement

A new port scanner has been released by the Recurity Labs guys (FX), it has some improvements over the well known scanners (Nmap). It's was developed for the security professionals, with performance in mind. As stated in Portbunny webpage:



"PortBunny is a Linux-kernel-based port-scanner created by Recurity Labs. Its aim is to provide a reliable and fast TCP-SYN-port-scanner which performs sophisticated timing based on the use of so called "trigger"-packets. The port-scan is performed in 2 steps: First the scanner tries to find packets, to which the target responds ("triggers"). Second, the actual port-scan is performed. During the scan, the triggers, which were found in the first scanning-phase, are used to determine the optimal speed at which the target may be scanned."

Portbunny webpage

Enjoy.

Backtrack 3.0

Hi, the new Backtrack 3.0 Beta is out there, the new version includes some of my tools, im very happy :P

Right now the tools included are Metagoofil , Subdomainer, TheHarvester (goog mails)

The new version claims to have these improvements:

* We will be releasing a ~ 1 GB USB / DVD image, as well as a stripped down 700 MB iso.
* Dual core issues have been fixed.
* Wireless card compatibility has maximised, and injection patches applied wherever possible.
* Xorg configuration scripts have been improved.
* Updated exploit repositories, updated metasploit exploit framework and dependencies.
* PXE network boot feature finally added (USB Version)
* PwnSauce Instant John the Ripper Cluster feature finally added (USB version)
* Compiz with ATI/Intel Drivers (USB version)
* Linux bt 2 6 21 5 #2 SMP

Download

And more security tools, that is what we want!!



Enjoy

Fist Conference - Barcelona

The next week (26/10/2007) i will be speaking at the FIST Conference about "Information Gathering" the speak will be based on Metagoofil. I will release a new version, with some fixes and improvements.

If you are in Barcelona, come and join us!

http://www.fistconference.org/barna.php