Hexorbase - Multiple Database Management and Audit Tool

June 22, 2014, 3:46 pm

≫ Next: Smart Pentester - An SSH based Penetration Testing Framework

≪ Previous: WebSiteSniffer v1.41 - Captures all Web site files downloaded by your Web browser while browsing the Internet

HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ).HexorBase allows packet routing through proxies or even metasploit pivoting antics to communicate with remotely inaccessible servers which are hidden within local subnets.

It works on Linux and Windows running the following:

Requirements:

python
python-qt4
cx_Oracle
python-mysqldb
python-psycopg2
python-pymssql
python-qscintilla2

To install simply run the following command in terminal after changing directory to the path were the downloaded package is:

root@host:~# dpkg -i hexorbase_1.0_all.deb

Download Hexorbase

↧

Smart Pentester - An SSH based Penetration Testing Framework

June 26, 2014, 8:42 am

≫ Next: SmartSPLAT - Tool to troubleshoot Checkpoint firewall issues and perform management tasks

≪ Previous: Hexorbase - Multiple Database Management and Audit Tool

Smart Pentester is an SSH based Penetration Testing Framework. It provides a GUI for well known tools like nmap, hping, tcpdump, volatility, hydra and etc.

Smart Pentester Framework will provide you a User Interface for Penetration testing, Malware Analysis, Forensic Analysis, Cyber Intelligence, Advanced packet generation techniques and more...

Download Smart Pentester

↧

SmartSPLAT - Tool to troubleshoot Checkpoint firewall issues and perform management tasks

June 26, 2014, 8:45 am

≫ Next: The Mole - Automatic SQL Injection Exploitation Tool

≪ Previous: Smart Pentester - An SSH based Penetration Testing Framework

Smart SPLAT is a freeware software to troubleshoot Checkpoint firewall issues and perform management tasks.

It periodically checks for an update and when a new release is published, updates itself via the SmartSPLAT web site.

SmartSPLAT lets you connect to your firewall via secure channel SSH

Critical commands like cpstop, kill, reboot and etc. deleting a license or similar commands that can cause your firewall not to function properly are colored red protected by checkboxes and shows confirmation dialogs.

In this project we have used an ssh Library based on the Poderosa project.

For file transfer operations, SmartSPLAT uses putty pscp.exe, to work with SCP /etc/scpusers/ file should be modified.

Smart SPLAT has a script named preparescp. It checks if user exists at /etc/scpusers/ if not, adds a line for it.

Download SmartSPLAT

↧

The Mole - Automatic SQL Injection Exploitation Tool

June 27, 2014, 1:47 pm

≫ Next: Dradis v2.9 - Information Sharing For Security Assessments

≪ Previous: SmartSPLAT - Tool to troubleshoot Checkpoint firewall issues and perform management tasks

The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

Features

Support for injections using Mysql, SQL Server, Postgres and Oracle databases.
Command line interface. Different commands trigger different actions.
Auto-completion for commands, command arguments and database, table and columns names.
Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.
Exploits SQL Injections through GET/POST/Cookie parameters.
Developed in python 3.
Exploits SQL Injections that return binary data.
Powerful command interpreter to simplify its usage.

Download The Mole

↧

Dradis v2.9 - Information Sharing For Security Assessments

June 28, 2014, 3:29 pm

≫ Next: Maligno - Penetration Testing Tool that Serves Metasploit Payloads

≪ Previous: The Mole - Automatic SQL Injection Exploitation Tool

Dradis is an open source framework to enable effective information sharing, specially during security assessments. It’s a tool specifically to help in the process of penetration testing. Penetration testing is about information:

Information discovery
Exploit useful information
Report the findings

But penetration testing is also about sharing the information you and your teammates gather. Not sharing the information available in an effective way will result in exploitation opportunities lost and the overlapping of efforts.

Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.

Features

Easy report generation.
Support for attachments.
Integration with existing systems and tools through server plugins.
Platform independent.

Traditional pentesting teams face different types of challenges regarding information sharing. Different tools provide output in different formats, different testers capture evidence in different ways, different companies report differently, etc.

If you do not use a tool to share the information, every tester will use their own notes file to keep track of their findings. Each will store this file locally, or on a shared resource, but the information will not arrive immediately to the rest of the team.

If you want to know what are the latest findings of your mate, you will need to look for the notes file. You also can try talking, but talking is not that effective when you need to know a specific cookie value or a sql query for an injection attack.

It seems reasonable that some effort must be put to increase the quality and efficiency of this process.

Download Dradis

↧

Maligno - Penetration Testing Tool that Serves Metasploit Payloads

June 30, 2014, 3:11 pm

≫ Next: OAuth Request Crafter - Tool that helps you to play with OAuth signature protected URLs

≪ Previous: Dradis v2.9 - Information Sharing For Security Assessments

Maligno is an open source penetration testing tool that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.

Changelog: Metasploit multi-host support, socks4a server support (metasploit), last resort redirection for invalid requests and hosts out of scope, automatic client code obfuscation, delayed client payload execution, automatic metasploit resource file generation.

Features

Encrypted communications: Maligno is a web server which communicates via HTTP or HTTPS with the clients. Communications are encrypted with AES and encoded with Base64 both for HTTP and HTTPS. Encryption and encoding parameters can be configured. Clients do NOT validate the server certificate by default.
On the fly shellcode generation – per session mode: Maligno will generate shellcode while starting up, and it will cache it for later use. Maligno will serve the cached shellcode to all clients that request it during the session. Maligno will maintain a cache for each configured Metasploit payload. The cache is removed when Maligno is shut down.
Multi-payload support: You may configure Maligno with several Metasploit payloads. Clients can request different payloads to the server. Payloads are referred by an index, which is passed as a GET parameter. Such parameter can be also configured.
Multi-server support: Maligno can run on a single server with Metasploit or in separate machines. Clients will connect to Maligno, and Maligno will generate shellcode that points to a pre-configured Metasploit multi-handler.
SOCKS4a proxy support: Maligno helps you starting a Metasploit auxiliary socks4a proxy, which can be used with payloads such as reverse_https_proxy. This will allow you to send all your traffic through your Maligno server, in case of having a multi-server environment.
Scope definition: Maligno allows you to define single IP addresses or ranges. This will ensure that your shellcode is served only to machines involved in your pentest. You may also use a wildcard in order to accept ANY address.
Last resort redirection: Maligno will redirect hosts out of scope, or hosts sending invalid requests, to a configured URL.
Client code generator and pseudorandom obfuscator: Maligno comes with a script that will generate and obfuscate (pseudorandomly) client code ready for use, based on your server configuration.
Delayed client execution: Maligno clients use a basic random execution delay, which attempts to bypass AV-sandboxes.
Metasploit resource file generator: Maligno generates MSF resource files based on your configuration, which can be used with msfconsole right away.

Download Maligno

↧

OAuth Request Crafter - Tool that helps you to play with OAuth signature protected URLs

July 1, 2014, 12:15 pm

≫ Next: WebBrowserPassView - Recover lost passwords stored in your Web browser

≪ Previous: Maligno - Penetration Testing Tool that Serves Metasploit Payloads

OAuth Request Crafter is a tool that helps you to play with OAuth signature protected URLs.
Features

Support GET,POST,PUT and DELETE
Proxy the Request
Tamper URL, Parameters & Headers on the GO
Add additional Headers and Cookie

Why ?

When dealing with OAuth signature protected URLs, For tampering or issuing a request, Everytime you have to use some tool to generate a valid signature and nonce protected parameters and add it to your proxy to make a successful request.
This is a pain since you have to do this manually for every single request.
OAuth Request Crafter will solve that problem by automating everything.
Provide it with CONSUMER KEY and CONSUMER SECRET and OAUTH TOKEN AND TOKEN SECRET (optional)
Make Request tamper the URL, Parameters and Headers on the Go.

Download OAuth Request Crafter

↧

WebBrowserPassView - Recover lost passwords stored in your Web browser

July 2, 2014, 1:20 pm

≫ Next: OWASP iOSForensic - Tool to help in forensics analysis on iOS

≪ Previous: OAuth Request Crafter - Tool that helps you to play with OAuth signature protected URLs

WebBrowserPassView is a password recovery tool that reveals the passwords stored by the following Web browsers: Internet Explorer (Version 4.0 - 10.0), Mozilla Firefox (All Versions), Google Chrome, Safari, and Opera. This tool can be used to recover your lost/forgotten password of any Website, including popular Web sites, like Facebook, Yahoo, Google, and GMail, as long as the password is stored by your Web Browser.

After retrieving your lost passwords, you can save them into text/html/csv/xml file, by using the 'Save Selected Items' option (Ctrl+S).

System Requirements And Limitations

This utility works on any version of Windows, starting from Windows 2000, and up to Windows 8, including 64-bit systems. Older versions of Windows (Windows 98/ME) are not supported, because this utility is a Unicode application.
Currently, WebBrowserPassView cannot retrieve the passwords if they are encrypted with a master password. Support for master password will probably be added in future versions.
Currently, WebBrowserPassView cannot retrieve passwords from external hard-drive. Support for that might be added in future versions.
On Internet Explorer 7.0-9.0, the passwords are encrypted with the URL of the Web site, so WebBrowserPassView uses the history file of Internet Explorer to decrypt the passwords. If you clear the history of Internet Explorer, WebBrowserPassView won't be able to decrypt the passwords.
On Google Chrome - passwords originally imported from Internet Explorer 7.0-9.0, cannot be decrypted.

Download WebBrowserPassView

↧

OWASP iOSForensic - Tool to help in forensics analysis on iOS

July 2, 2014, 9:45 pm

≫ Next: Daphne - Tool for killing, controlling and debugging processes in Windows

≪ Previous: WebBrowserPassView - Recover lost passwords stored in your Web browser

OWASP iOSForensic is a python tool to help in forensics analysis on iOS.
It get files, logs, extract sqlite3 databases and uncompress .plist files in xml.

OWASP iOSForensic provides:

Application's files
Conversion of .plist files in XML
Extract all databases
Conversion of binary cookies
Application's logs
A List of all packages
Extraction multiple packages

Options

-h --help : show help message
-a --about : show informations
-v --verbose : verbose mode
-i --ip : local ip address of the iOS terminal
-p --port : ssh port of the iOS terminal (default 22)
-P --password : root password of the iOS terminal (default alpine)

Examples:

./iOSForensic.py -i 192.168.1.10 [OPTIONS] APP_NAME.app INCOMPLETE_APP_NAME APP_NAME2_WITHOUT_DOT_APP
./iOSForensic.py -i 192.168.1.10 -p 1337 -P pwd MyApp.app angry MyApp2

Download OWASP iOSForensic

↧

Daphne - Tool for killing, controlling and debugging processes in Windows

July 3, 2014, 1:27 pm

≫ Next: Wireshark v1.10.8 - The world’s foremost network protocol analyzer

≪ Previous: OWASP iOSForensic - Tool to help in forensics analysis on iOS

Daphne is a small application for killing, controlling and debugging Windows’ processes. It was born to kill a windows process and became almost a task manager replacement. You can kill a process by dragging the mouse over the windows, by right-clicking the process in the main process list, or by typing its name with the “Kill all by name” command. You can set a any window to be always on top, to be transparent, to be enable, et cetera. Although Daphne was born just to kill windows process. You can think of Daphne as a task manager replacement. The main window displays a list of currently running process with detailed information about: CPU usage, Process ID, Process name, Full path (and arguments), Priority, Class (Process / Service), Current memory usage, Peek memory usage, Current swap usage, Peek swap usage and Number of threads.

You can hide applications, hack programs GUI, and inspect deep process information.

New in Daphne v2.02:

Copy process list to clipboard in CSV format
Explorer integration add extras
Set window size using numbers (ie. 640x648)
Trap window size and position
Schedule popup message
Hanlde min/max process working set size
Drag and dro to find window in process windows tree
Fix: Explorer integration: 'Open CMD' shows over folder and files now
Fix: Installer takes care of removing previous version automatically

Download Daphne

↧

Wireshark v1.10.8 - The world’s foremost network protocol analyzer

July 3, 2014, 2:37 pm

≫ Next: Browser Password Remover - Browser Website Login Password Removal Software

≪ Previous: Daphne - Tool for killing, controlling and debugging processes in Windows

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Features

Wireshark has a rich feature set which includes the following:

Deep inspection of hundreds of protocols, with more being added all the time
Live capture and offline analysis
Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
The most powerful display filters in the industry
Rich VoIP analysis
Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
Capture files compressed with gzip can be decompressed on the fly
Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
Coloring rules can be applied to the packet list for quick, intuitive analysis
Output can be exported to XML, PostScript®, CSV, or plain text

Changelog:

The following vulnerabilities have been fixed.

wnpa-sec-2014-07
The frame metadissector could crash. (Bug 9999, Bug 10030)
Versions affected: 1.10.0 to 1.10.7
CVE-2014-4020

The following bugs have been fixed:

VoIP flow graph crash upon opening. (Bug 9179)
Tshark with "-F pcap" still generates a pcapng file. (Bug 9991)
IPv6 Next Header 0x3d recognized as SHIM6. (Bug 9995)
Failed to export pdml on large pcap. (Bug 10081)
TCAP: set a fence on info column after calling sub dissector (Bug 10091)
Dissector bug in JSON protocol. (Bug 10115)
GSM RLC MAC: do not skip too many lines of the CSN_DESCR when the field is missing (Bug 10120)
Wireshark PEEKREMOTE incorrectly decoding QoS data packets from Cisco Sniffer APs. (Bug 10139)
IEEE 802.11: fix dissection of HT Capabilities (Bug 10166)

Download Wireshark

↧

Browser Password Remover - Browser Website Login Password Removal Software

July 4, 2014, 4:06 pm

≫ Next: ODAT - Oracle Database Attacking Tool

≪ Previous: Wireshark v1.10.8 - The world’s foremost network protocol analyzer

Browser Password Remover is the free software to quickly display and remove all the stored website login passwords from popular browsers.

Most of the web browsers allow users to remember passwords and stores them into local database file. This file and all the stored passwords within it can be accessed by any one logged into the system. This is very risky especially on shared computers as well as on public systems such as in internet cafe.

Browser Password Remover helps you to automatically list and remove any such stored passwords from all the popular browsers.

Here are the currently supported web browsers,

Firefox
Internet Explorer [v7.x - v10.x]
Google Chrome
Google Chrome Canary/SXS
CoolNovo Browser
Opera Next
Comodo Dragon Browser
SeaMonkey Browser
SRWare Iron Browser
Flock Browser

One of the unique feature of this tool is that it allows you to remove the stored login passwords from any User on the local system or any other computer.

Before removing the passwords, you can also take a Backup of recovered password in HTML/XML/TEXT format.

Browser Password Remover is fully Portable and works on both 32-bit/64-bit platforms starting from Windows XP to Windows 8.

Download Browser Password Remover

↧

ODAT - Oracle Database Attacking Tool

July 5, 2014, 10:15 am

≫ Next: PwnStar - Script for multi attack (for all your fake-AP needs!)

≪ Previous: Browser Password Remover - Browser Website Login Password Removal Software

ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that test the security of Oracle Databases remotely.
Usage examples of ODAT:

You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database
You have a valid Oracle account on a database and want to escalate your privileges (ex: SYSDBA)
You have a valid Oracle account and want to execute commands on the operating system hosting this DB (ex: reverse shell)

Features
Thanks to ODAT, you can:

search valid SID on a remote Oracle Database listener via:
- a dictionary attack
- a brute force attack
- ALIAS of the listener
search Oracle accounts using:
- a dictionary attack
- each Oracle user like the password (need an account before to use this attack)
execute system commands on the database server using:
- DBMS_SCHEDULER
- JAVA
- external tables
- oradbg
download files stored on the database server using:
- UTL_FILE
- external tables
- CTXSYS
upload files on the database server using:
- UTL_FILE
- DBMS_XSLPROCESSOR
- DBMS_ADVISOR
delete files using:
- UTL_FILE
send/reveive HTTP requests from the database server using:
- UTL_HTTP
- HttpUriType
scan ports of the local server or a remote server using:
- UTL_HTTP
- HttpUriType
- UTL_TCP
exploit the CVE-2012-313 (http://cvedetails.com/cve/2012-3137)

pickup the session key and salt for arbitrary users
attack by dictionary on sessions

Download ODAT

↧

PwnStar - Script for multi attack (for all your fake-AP needs!)

July 7, 2014, 1:48 pm

≫ Next: SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

≪ Previous: ODAT - Oracle Database Attacking Tool

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF. De-auth with aireplay, airdrop-ng or MDK3.

Usage

Basic Menu

1) Honeypot: get the victim onto your AP, then use nmap, metasploit etc
             no internet access given

2) Grab WPA handshake

3) Sniffing: provide internet access, then be MITM

4) Simple web server with dnsspoof: redirect the victim to your webpage

5) Karmetasploit

6) Browser_autopwn

1) Relies on auto-connections ie the device connnects without the owner being aware. You can then attempt to exploit it. Target the fake-AP ESSID to something the device has likely connected to previously eg Starbucks WiFi

2) Sometimes it is quicker to steal the handshake than sniff it passively. Set up the AP with the same name and channel as the target, and then DOS the target. Airbase will save a pcap containing the handshake to /root/PwnSTAR-n.cap.

3) Provides an open network, so you can sniff the victim's activities.

4) Uses apache to serve a webpage. There is an option to load your own page eg one you have cloned. The provided page (hotspot_3) asks for email details. Note the client is forced to the page by DNS spoofing. They can only proceed to the internet if you manually stop dnsspoof. DNS-caching in the client is a problem with this technique. The captive portal in the advanced menu is a much better way of hosting hotspot_3

5&6) Provides all the config files to properly set-up Karmetasploit and Browser_autopwn.

Advanced Menu

a) Captive portals (phish/sniff)

b) Captive portal + PDF exploit (targets Adobe Reader < v9.3)

c) MSXML 0day (CVE-2012-1889: MSXML Uninitialized Memory Corruption)

d) Java_jre17_jmxbean

e) Choose another browser exploit

a) Uses iptables rules to route the clients. This is a fully functioning captive portal, and can track and block/allow multiple connections simultaneously. Avoids the problems of dns-spoofing. There are two built-in web options:

1) Serves hotspot3. Does not allow clients onto the internet until credentials have been given.

2) Allows you to add a personal header to the index.php. You could probably copy the php functions from this page onto a cloned page, and load that instead.

b) A captive portal which blocks the client until they have downloaded a pdf. This contains a malicious java applet. Includes a virgin pdf to which you can add your own payload.

c&d) Launches a couple of example browser exploits

e) Gives a skeleton framework for loading any browser exploit of your choice. Edit PwnSTAR browser_exploit_fn directly for more control.

Download PwnStar

↧

SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

July 8, 2014, 7:48 pm

≫ Next: Mail Password Decryptor - All-in-one eMail Password Recovery Software

≪ Previous: PwnStar - Script for multi attack (for all your fake-AP needs!)

SysExporter utility allows you to grab the data stored in standard list-views, tree-views, list boxes, combo boxes, text-boxes, and WebBrowser/HTML controls from almost any application running on your system, and export it to text, HTML or XML file.

Here's some examples for data that you can export with SysExporter:

The files list inside archive file (.zip, .rar, and so on) as displayed by WinZip or 7-Zip File Manager.
The files list inside a folder.
The event log of Windows.
The list of emails and contacts in Outlook Express.
The Registry values displayed in the right pane of the Registry Editor.
The data displayed by SysInternals utilities (Registry Monitor, File Monitor, Process Explorer, and others.)
The text inside a standard message-box of Windows.
The HTML inside any instance of Internet Explorer.

Using SysExporter

This utility is a standalone executable, so it doesn't require any installation process or additional DLLs. Just run the executable (sysexp.exe) and start using it. There is only one exception: If you want to run this utility on Windows NT, you should download the 'psapi.dll', and copy it into the system32 folder. The main window of SysExporter contains 2 panes:

The upper pane displays the list of current opened windows that are available for export.
When you select a single window in the upper pane, the lower pane displays all data that you can export from the selected window. For example: If you select the 'My computer' window in the upper pane, the lower pane will display the list of all your disks, and they are displayed in the original 'My Computer' window.

You can easily select one or more items from the lower pane, and then export them to text, HTML or XML files. You can also copy the exported data to the clipboard in tab-delimited format (Ctrl+C), and then paste it directly to Excel or any other application that supports this format. Before exporting the data, you can change the order of columns that will be appeared in the saved files by using the 'Choose Columns' option.

Practical Example

Let's say that you want to export the list of all files in your C:\Windows folder to Excel:

First, open the 'C:\Windows' folder (or any other folder that you want to export).
In the top pane of SysExporter, find the window of 'C:\Windows' folder and select it. If you cannot find this window, try to refresh the list by pressing F5 key.
After selecting the desired window in the top pane, the files list of this window will be loaded to the lower pane.
Select the files in the lower pane that you want to export. (Press Ctrl+A in order to select all files)
Press Ctrl+C in order to copy the selected items to the clipbaord. (The exported items are copied in tab-delimited format)
In Excel, go the position that you want to put the exported data, and then press Ctrl+V to paste the exported data into your Excel worksheet.

Download SysExporter

↧

Mail Password Decryptor - All-in-one eMail Password Recovery Software

July 10, 2014, 3:24 pm

≫ Next: screenFetch - The Bash Screenshot Information Tool

≪ Previous: SysExporter - Grab data from list-view, tree-view, combo box, WebBrowser control, and text-box

Mail Password Decryptor is the FREE software to instantly recover Mail Account passwords from popular email clients and other desktop applications.

You can recover your lost password for email accounts like Gmail, Yahoo Mail, Hotmail or Windows Live Mail from email applications such as Microsoft Outlook, Thunderbird, IncrediMail, GTalk & many more.

Mail Password Decryptor automatically crawls through each of these applications and instantly recovers all of the stored mail account passwords.

It is very handy tool not only for for Penetration testers but also for Forensic investigators.

It works on both 32-bit & 64-bit platforms starting from Windows XP to latest operating system Windows 8.

Features

Current version support password recovery from following Popular email clients & desktop apps

Microsoft Outlook Express
Microsoft Outlook 2002/XP/2003/2007/2010/2013
Mozilla Thunderbird
Windows Live Mail 2012
IncrediMail
Foxmail v6.x - v7.x
Windows Live Messenger
MSN Messenger
GTalk
GMail Notifier
PaltalkScene IM
Pidgin (Formerly Gaim) Messenger
Miranda Messenger
Windows Credential Manager

Here are the unique features

Automatically detect and decrypt stored encrypted passwords from popular email clients & desktop applications.
Password Recovery from latest versions of supported applications.
Recover password of any length and complexity.
Automatically discovers all supported Applications and recovers all the stored passwords.
Save the recovered password list to HTML/XML/Text/CSV file
Easier and faster to use with its enhanced user friendly GUI interface.
Support for local Installation and uninstallation of the software.

Download Mail Password Decryptor

↧

screenFetch - The Bash Screenshot Information Tool

July 10, 2014, 3:32 pm

≫ Next: Moscrack v2.08b - Multifarious On-demand Systems Cracker (cracking WPA keys in parallel on a group of computers)

≪ Previous: Mail Password Decryptor - All-in-one eMail Password Recovery Software

screenFetch is a "Bash Screenshot Information Tool". This handy Bash script can be used to generate one of those nifty terminal theme information + ASCII distribution logos you see in everyone's screenshots nowadays. It will auto-detect your distribution and display an ASCII version of that distribution's logo and some valuable information to the right. There are options to specify no ascii art, colors, taking a screenshot upon displaying info, and even customizing the screenshot command! This script is very easy to add to and can easily be extended.

Running screenfetch

To run screenFetch, open a terminal of some sort and type in the command screenFetchor wherever you saved the script to. This will generate an ascii logo with the information printed to the side of the logo. There are some options that may be specifiedon the command line, and those are shown below or by executing screenFetch -h:

  -v                 Verbose output.
  -o 'OPTIONS'       Allows for setting script variables on the
                     command line. Must be in the following format...
                     'OPTION1="OPTIONARG1";OPTION2="OPTIONARG2"'
  -n                 Do not display ASCII distribution logo.
  -N                 Strip all color from output.
  -t                 Truncate output based on terminal width (Experimental!).
  -s(m)              Using this flag tells the script that you want it
                     to take a screenshot. Use the -m flag if you would like
                     to move it to a new location afterwards.
  -c string          You may change the outputted colors with -c. The format is
                     as follows: [0-9][0-9],[0-9][0-9]. The first argument controls the
                     ASCII logo colors and the label colors. The second argument
                     controls the colors of the information found. One argument may be
                     used without the other.
  -S 'COMMAND'       Here you can specify a custom screenshot command for
                     the script to execute. Surrounding quotes are required.
  -D 'DISTRO'        Here you can specify your distribution for the script
                     to use. Surrounding quotes are required.
  -A 'DISTRO'        Here you can specify the distribution art that you want
                     displayed. This is for when you want your distro
                     detected but want to display a different logo.
  -E                 Suppress output of errors.
  -V                 Display current script version.
  -h                 Display this help.

Download screenFetch

↧

Moscrack v2.08b - Multifarious On-demand Systems Cracker (cracking WPA keys in parallel on a group of computers)

July 10, 2014, 4:10 pm

≫ Next: WhoIsConnectedSniffer - Detect who is connected to your network without scanning

≪ Previous: screenFetch - The Bash Screenshot Information Tool

Moscrack is a perl application designed to facilitate cracking WPA keys in parallel on a group of computers.

This is accomplished by use of either Mosix clustering software, SSH or RSH access to a number of nodes.

With Moscrack's new plugin framework, hash cracking has become possible. SHA256/512, DES, MD5 and *Blowfish Unix password hashes can all be processed with the Dehasher Moscrack plugin.

Some of Moscrack's features:

Basic API allows remote monitoring
Automatic and dynamic configuration of nodes
Live CD/USB enables boot and forget dynamic node configuration
Can be extended by use of plugins
Uses aircrack-ng (including 1.2 Beta) by default
CUDA/OpenCL support via Pyrit plugin
CUDA support via aircrack-ng-cuda (untested)
Does not require an agent/daemon on nodes
Can crack/compare SHA256/512, DES, MD5 and blowfish hashes via Dehasher plugin
Checkpoint and resume
Easily supports a large number of nodes
Desgined to run for long periods of time
Doesn't exit on errors/failures when possible
Supports mixed OS/protocol configurations
Supports SSH, RSH, Mosix for node connectivity
Effectively handles mixed fast and slow nodes or links
Architecture independent
Supports Mosix clustering software
Supports all popular operating systems as processing nodes
Node prioritization based on speed
Nodes can be added/removed/modified while Moscrack is running
Failed/bad node throttling
Hung node detection
Reprocessing of data on error
Automatic performance analysis and tuning
Intercepts INT and TERM signals for clean handling
Very verbose, doesn't hide anything, logs agressively
Includes a "top" like status viewer
Includes CGI web status viewer
Includes an optional basic X11 GUI

Compatibility

Moscrack itself should work with any Un*x variant, but it is developed and tested on Linux.

Tested platforms for SSH based end nodes:

Moscrack Live CD (SUSE)
Ubuntu Linux 12.10 x86 64bit
Ubuntu Linux 12.04.2 x86 64bit
Ubuntu Linux 10.10 x86 64bit
Ubuntu Linux 10.10 x86 32bit
CentOS Linux 5.5 x86 32bit
FreeBSD 8.1 x86 64bit
Windows Vista Business 64bit w/Cygwin 1.7.7-1
Windows Vista Business 64bit w/Cygwin 1.7.9
Mac OS X 10.5.6 (iPC OSx86)
Solaris Express 11 x64
iPhone 3g iOS 3.2.1 (Jailbroken)
Samsung Galaxy S2 SGH-I727R (Cyanogenmod 10 + Linux chroot)

Tested platforms for RSH based end nodes:

Ubuntu Linux 10.10 x86 64bit
Windows Vista Business 64bit w/Cygwin 1.7.7-1
Windows Vista Business 64bit w/Cygwin 1.7.9

Tested platforms for Mosix end nodes:

Ubuntu Linux 10.10 x86 64bit
Ubuntu Linux 10.10 x86 32bit

Tested platforms for Moscrack server:

Ubuntu Linux 13.10 x86 64bit
Ubuntu Linux 12.10 x86 64bit
Ubuntu Linux 10.10 x86 64bit

Download Moscrack

↧

WhoIsConnectedSniffer - Detect who is connected to your network without scanning

July 14, 2014, 3:48 pm

≫ Next: Egresser - Tool to Enumerate Outbound Firewall Rules

≪ Previous: Moscrack v2.08b - Multifarious On-demand Systems Cracker (cracking WPA keys in parallel on a group of computers)

WhoIsConnectedSniffer is a network discovery tool that listens to network packets on your network adapter using a capture driver (WinpCap or MS network monitor) and accumulates a list of computer and devices currently connected to your network. WhoIsConnectedSniffer uses various protocols to detect the computers connected to your network, including ARP, UDP, DHCP, mDNS, and BROWSER.

For every detected computer or device, the following information is displayed: (Some of the fields might be empty if the information cannot be found inside the packets) IP Address, MAC Address, name of the device/computer, description, Operating System, Network Adapter Company, IPv6 Address.

After collecting the connected computers/devices information, you can easily export the list to tab-delimited/comma-delimited/xml/html file.

Start Using WhoIsConnectedSniffer

Except of the capture driver, WhoIsConnectedSniffer doesn't require any installation process or additional dll files. In order to start using it, simply run the executable file - WhoIsConnectedSniffer.exe

After running WhoIsConnectedSniffer in the first time, you should choose the correct capture driver and the network adapter you want to use.

After you choose the desired capture driver and the network adapter, WhoIsConnectedSniffer starts to listen the packets on your network adapter and updates the main window when a device or computer is detected.

You have to wait from a few seconds to a few minutes until the first computers/devices appear on the main window of WhoIsConnectedSniffer.

After collecting the connected computers/devices information, you can easily export the list to tab-delimited/comma-delimited/xml/html file by selecting all items (Ctrl+A), and then using the 'Save Selected Items' option (Ctrl+S).

Protocols supported by WhoIsConnectedSniffer

ARP:WhoIsConnectedSniffer listens to this protocol to get the IP address and MAC address of computers and devices.
UDP:When a computer broadcasts a UDP packet to all other computers, WhoIsConnectedSniffer extracts from it the IP address and the MAC address.
DHCP:When a computer connects to the network, it usually sends a DHCP request. WhoIsConnectedSniffer uses this request to get the host name and IP address of the computer.
mDNS:This protocol is used on Linux and Mac OS systems. WhoIsConnectedSniffer uses it to get the host name and IP address of the computer, and also the operating system (on Linux)
BROWSER:This protocol is mainly used by Windows, but some Linux systems supports this protocol too. WhoIsConnectedSniffer uses it to get the name of the computer, description text of the computer, and the operating system.

Download WhoIsConnectedSniffer

↧

Egresser - Tool to Enumerate Outbound Firewall Rules

July 14, 2014, 3:52 pm

≫ Next: NWHT - Network Wireless Hacking Tools

≪ Previous: WhoIsConnectedSniffer - Detect who is connected to your network without scanning

Egresser is a tool to enumerate outbound firewall rules, designed for penetration testers to assess whether egress filtering is adequate from within a corporate network. Probing each TCP port in turn, the Egresser server will respond with the client’s source IP address and port, allowing the client to determine whether or not the outbound port is permitted (both on IPv4 and IPv6) and to assess whether NAT traversal is likely to be taking place.

How it Works

The server-side script works in combination with Iptables - redirecting all TCP traffic to port 8080 where the ‘real’ server resides. The server-side script is written in Perl and is a pre-forking server utilising Net::Server::Prefork, listening on both IPv4 and IPv6 if available. Any TCP connection results in a simple response containing a null terminated string made up of the connecting client’s IP and port. Feel free to use Telnet to interact with the service if you are in a restricted environment without access to the Egresser client (our Egresser server can be found at egresser.labs.cyberis.co.uk, which you are free to use for legitimate purposes).

The client is also written in Perl and is threaded for speed. By default it will scan TCP ports 1-1024, although this is configurable within the script. It is possible to force IPv4 with the ‘-4’ command line argument, or IPv6 with ‘-6’; by default it will choose the protocol preferred by your operating system. If you want to explicitly list all open/closed ports, specify the verbose flag (-v), as normal output is a concise summary of permitted ports only.

Why?

It is recommended that outbound firewall rules are restricted within corporate environments to ensure perimeter controls are not easily circumvented. For example, inadequate egress filtering within an organisation would allow a malicious user to trivially bypass a web proxy providing filtering/AV/logging simply by changing a browser’s connection settings. Many other examples also exist - many worms spread over SMB protocols, malware can use numerous channels to exfiltrate data, and potentially unauthorised software (e.g. torrent/P2P file sharing) can freely operate, wasting corporate resources and significantly increasing the likelihood of malicious code being introduced into the environment.

Generally, it is recommended that all outbound protocols should be restricted, allowing exceptions from specific hosts on a case-by-case basis. Web browsing should be conducted via dedicated web proxies only, with any attempted direct connections logged by the perimeter firewall and investigated as necessary.

Egresser is a simple to use tool to allow a penetration tester to quickly enumerate allowed ports within a corporate environment.

Download Egresser

↧