Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Full Disclosure: Full-Disclosure

intrusion kit

  

 
Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded


joshua.tagnore at gmail

Aug 3, 2007, 12:29 PM

Post #1 of 8 (1184 views)
Permalink
intrusion kit
Hi list,

While doing a penetration test for one of our clients, I succeded in
exploiting a sql injection to get Administrator access to a windows server.
I used netcat to get a reverse shell and everything works just fine. Right
now i'm having problems with the next phase, pivoting into the network. For
example, If i want to install nmap, i need to install winpcap (which has no
command line installer), to install vnc and configure it to create a reverse
vnc connection I also need a point and click interface.

The server has a firewall configured that doesn't allow incoming
connections( other than HTTP), so rdp, pc anywhere and vnc installed "by
default" are out.

What I'm looking for is an "intrusion kit", a ZIP file that contains
common tools like: vnc, nmap, pwdump, ssh client, etc. That have all
dependencies in the zip file, so I could do:

unzip kit.zip
cd nmap
nmap -sS localhost
cd ..
cd vnc
run-vnc-server

Does this exist? Could anyone please share his experience with this
problems ?

Cheers,
--
Joshua Tagnore


sil at infiltrated

Aug 3, 2007, 12:45 PM

Post #2 of 8 (1095 views)
Permalink
Re: intrusion kit [In reply to]
Joshua Tagnore wrote:

> unzip kit.zip
> cd nmap
> nmap -sS localhost
> cd ..
> cd vnc
> run-vnc-server
>
> Does this exist? Could anyone please share his experience with this
> problems ?
>

I have one I will be throwing up for sale on eBay to the highest suc...
bidder. Not only will it do what you just asked for, but here is a
complete list of what it will do:

Detect and covertly bypass firewalls
Detect and covertly bypass infrared sensors
Detect and play cards with IPS/IDS'
Detect and remove Harry Potter related stolenware

And, if you act now and become the highest bidder, it will even let you
ǝlzzıu ɥɐɯ ǝlzzıɥs ʇǝǝɹǝ ɹǝdns ǝɯos op


--
====================================================
J. Oquendo
"Excusatio non petita, accusatio manifesta"

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
sil . infiltrated @ net http://www.infiltrated.net
Attachments: smime.p7s (5.04 KB)


gjgowey at tmo

Aug 3, 2007, 12:47 PM

Post #3 of 8 (1092 views)
Permalink
Re: intrusion kit [In reply to]
Try seeing if dameware will work for you. It has its own lightweight client. It's been a while since I've used it so I'm just tossing out an idea.

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: "Joshua Tagnore" <joshua.tagnore[at]gmail.com>

Date: Fri, 3 Aug 2007 16:29:46
To:full-disclosure[at]lists.grok.org.uk
Subject: [Full-disclosure] intrusion kit


Hi list,

While doing a penetration test for one of our clients, I succeded in exploiting a sql injection to get Administrator access to a windows server. I used netcat to get a reverse shell and everything works just fine. Right now i'm having problems with the next phase, pivoting into the network. For example, If i want to install nmap, i need to install winpcap (which has no command line installer), to install vnc and configure it to create a reverse vnc connection I also need a point and click interface.

The server has a firewall configured that doesn't allow incoming connections( other than HTTP), so rdp, pc anywhere and vnc installed "by default" are out.

What I'm looking for is an "intrusion kit", a ZIP file that contains common tools like: vnc, nmap, pwdump, ssh client, etc. That have all dependencies in the zip file, so I could do:

unzip kit.zip
cd nmap
nmap -sS localhost
cd ..
cd vnc
run-vnc-server

Does this exist? Could anyone please share his experience with this problems ?

Cheers,
--
Joshua Tagnore _______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


se_cur_ity at hotmail

Aug 6, 2007, 12:16 AM

Post #4 of 8 (1078 views)
Permalink
Re: intrusion kit [In reply to]
> What I'm looking for is an "intrusion kit", a ZIP file that contains
> common tools like: vnc, nmap, pwdump, ssh client, etc. That have all
> dependencies in the zip file, so I could do:
>
> unzip kit.zip
> cd nmap
> nmap -sS localhost
> cd ..
> cd vnc
> run-vnc-server
>

i guess your so talented in breaking into boxen that you cant simply
make your own SFX to do what you want.

btw: i seriously doubt anyone will help you ( or you buy the ebay offered
one LOL...
have fun getting yourelf pwnt )

byez,
MW

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


pauls at utdallas

Aug 6, 2007, 8:26 AM

Post #5 of 8 (1076 views)
Permalink
Re: intrusion kit [In reply to]
--On August 6, 2007 12:16:37 AM -0700 Morning Wood
<se_cur_ity[at]hotmail.com> wrote:

>> What I'm looking for is an "intrusion kit", a ZIP file that contains
>> common tools like: vnc, nmap, pwdump, ssh client, etc. That have all
>> dependencies in the zip file, so I could do:
>>
>> unzip kit.zip
>> cd nmap
>> nmap -sS localhost
>> cd ..
>> cd vnc
>> run-vnc-server
>>
>
> i guess your so talented in breaking into boxen that you cant simply
> make your own SFX to do what you want.
>
> btw: i seriously doubt anyone will help you ( or you buy the ebay
> offered one LOL...
> have fun getting yourelf pwnt )
>
It's easier than that. Just put up an unpatched box on the internet.
You'll get your kit straightaway, pre-configured.

Paul Schmehl (pauls[at]utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/


aza at whiteh8

Aug 7, 2007, 2:05 PM

Post #6 of 8 (1072 views)
Permalink
Re: intrusion kit [In reply to]
On 8/6/07, Morning Wood <se_cur_ity[at]hotmail.com> wrote:
>
> > What I'm looking for is an "intrusion kit", a ZIP file that contains
> > common tools like: vnc, nmap, pwdump, ssh client, etc. That have all
> > dependencies in the zip file, so I could do:
> >
> > unzip kit.zip
> > cd nmap
> > nmap -sS localhost
> > cd ..
> > cd vnc
> > run-vnc-server
> >
>
> i guess your so talented in breaking into boxen that you cant simply
> make your own SFX to do what you want.
>
> btw: i seriously doubt anyone will help you ( or you buy the ebay offered
> one LOL...
> have fun getting yourelf pwnt )
>
> byez,
> MW


Did you ever notice that you type like a child?


rmizuuti at gmail

Aug 8, 2007, 5:52 AM

Post #7 of 8 (1069 views)
Permalink
Re: intrusion kit [In reply to]
2007/8/6, Paul Schmehl <pauls[at]utdallas.edu>:
>
> --On August 6, 2007 12:16:37 AM -0700 Morning Wood
> <se_cur_ity[at]hotmail.com> wrote:
>
> >> What I'm looking for is an "intrusion kit", a ZIP file that contains
> >> common tools like: vnc, nmap, pwdump, ssh client, etc. That have all
> >> dependencies in the zip file, so I could do:
> >>
> >> unzip kit.zip
> >> cd nmap
> >> nmap -sS localhost
> >> cd ..
> >> cd vnc
> >> run-vnc-server
> >>
> >
> > i guess your so talented in breaking into boxen that you cant simply
> > make your own SFX to do what you want.
> >
> > btw: i seriously doubt anyone will help you ( or you buy the ebay
> > offered one LOL...
> > have fun getting yourelf pwnt )
> >
> >>>>>>It's easier than that. Just put up an unpatched box on the
> internet.
> >>>>>>You'll get your kit straightaway, pre-configured.



huauhauhauhauhauhuhauhahuauhahua....
REALLY liked this one :-P



Paul Schmehl (pauls[at]utdallas.edu)
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>


aza at whiteh8

Aug 8, 2007, 12:21 PM

Post #8 of 8 (1066 views)
Permalink
Re: intrusion kit [In reply to]
On 8/7/07, Tonu Samuel <tonu[at]jes.ee> wrote:
>
>
> >
> > btw: i seriously doubt anyone will help you ( or you buy the
> > ebay offered
> > one LOL...
> > have fun getting yourelf pwnt )
> >
> > byez,
> > MW
> >
> > Did you ever notice that you type like a child?
>
> Considering his physical disability (missing hand) he is typing very well.
>
> Tnu
>
>
Ah yes, how silly of me to forget that he's a gimp. However, I don't find it
very difficult to hold shift down with one finger while simultaneously
hitting another key. Perhaps you do?

Full Disclosure full-disclosure RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.