Работа в Стамбуле

Метка: network security

  • Cracking BGP MD5 Secrets

    Cracking BGP MD5 Secrets

    Loki’s tcp-md5 module is used for cracking a secret used for RFC2385 based packet signing and authentication. It is designed for offline cracking, means to work on a sniffed, correct signed packet.

    This packet can either be directly sniffed of the wire or be provided in a pcap file. The cracking can be done in two modes first with a dictionary attack, in this case an additional wordlist is needed, or second without a dictionary in real brute force mode.

    If the real brute force mode is chosen the tool can enumerate either alphanumeric characters, or the whole printable ASCII space.

    BGP MD5 Cracking Example with Loki

  • Cisco warns IOS device users on attack 'evolution'

    Cisco warns IOS device users on attack 'evolution'

    Attackers have been observed substituting Cisco’s IOS bootstrap with a malicious ROMMON image after first accessing the company’s IOS devices, according to an alert issued by Cisco Product Security Incident Response Team (PSIRT).

    The PSIRT said it began contacting customers regarding the “evolution” detected in attacks launched against its IOS Classic platforms.

    Evolution in Attacks Against Cisco IOS Software Platforms

    “In all cases seen by Cisco, attackers accessed the devices using valid administrative credentials and then used the ROMMON field upgrade process to install a malicious ROMMON,” the alert said. Once the device was rebooted they could control its behavior.

    Utilizing a malicious ROMMON provides attackers an additional advantage because infection will persist through a reboot,” the PSIRT wrote, explaining that since the miscreants didn’t exploit a vulnerability but rather acquired valid admin credentials or were able to gain physical access to the device to carry out the attack, that a CVE ID wouldn’t be assigned.

    “The ability to install an upgraded ROMMON image on IOS devices is a standard, documented feature that administrators use to manage their networks,” the alert said.

    The team referred users to trio of white papers that it said would help users understand threats against Cisco IOS devices as well as how to remediate them.

  • Скачать Aircrack-ng для Windows

    Скачать Aircrack-ng для Windows

    Aircrack представляет собой набор инструментов для аудита
    беспроводных сетей (взлома wi-fi WEP и WPA-PSK ключей). За
    счет использования оптимизированных атак, взлом происходит быстрее по
    сравнению с другими инструментами взлома WEP и WPA ключей.

    Постараюсь собрать всю информацию для вас о наборе программ aircrack-ng.

    Aircrack-ng для Windows

    В набор программ aircrack-ng 1.4 win входят:
    • aircrack-ng – программа для взлома WEP и WPA-PSK ключей;
    • airdecap-ng – инструмент расшифровки захваченных файлов;
    • aireplay-ng – генератор пакетов беспроводной сети;
    • airodump-ng – используется для захвата пакетов wi-fi сети;
    • packetforge-ng – используется для создания шифрованных пакетов;
    • wzcook – восстанавливает WEP ключи в Win XP;
    • ivstools – инструмент для объединения и конвертирования.ivs файлов.
    • airtun-ng – инструмент для мониторинга беспроводной сети и генерации трафика;
    • airserv-ng –
      сервер беспроводной карты, позволяет удаленное
      использование wlan-карты, решает некоторые ограничения связанные с ОС и
      драйверами;
    • airolib-ng – инструмент для хранения списков беспроводных сетей и ключей, позволяет рассчитать PMKs для взлома WPA/WPA2;
    • wesside-ng – является «авто-магическим» инструментом,
      позволяющий взломать WEP ключ в течение нескольких минут. Все
      делается без вашего вмешательства.

       Скачать Aircrack-ng 1.4 Windows (Размер: 18,7 Мб, скачен 501 499 раз)

  • Metasploit Framework and Community edition

    Metasploit Framework and Community edition

    Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. 


    It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.

    vulnerability exploitation tools





    Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

    The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge’s excellent Armitage. The Community, Express, and Pro editions have web-based GUIs. For downloads and more information, visit the Metasploit homepage.

  • How to find the JETPLOW on Cisco firewalls installed

    How to find the JETPLOW on Cisco firewalls installed

    JETPLOW is a firmware persistence implant for Cisco PIX Series and ASA (Adaptive Security Appliance) firewalls. It persists DNT’s BANANAGLEE software implant. JETPLOW also has a persistent back-door capability.

    NSA - ANT Product data

    JETPLOW is a firmware persistence implant for Cisco PIX Series and ASA (Adaptive Security Appliance) firewalls. It persists DNT’s BANANAGLEE software implant and modifies the Cisco firewall’s operating system (OS) at boot time. If BANANAGLEE support is not available for the booting operating system, it can install a Persistent Backdoor (PDB) designed to work with BANANAGLEE’S communications structure, so that full access can be reacquired at a later time. JETPLOW works on Cisco’s 500-series PIX firewalls, as well as most ASA firewalls (5505, 5510, 5520, 5540, 5550).

    A typical JETPLOW deployment on a target firewall with an exfiltration path to the Remote Operations Center (ROC) is shown above. JETPLOW is remotely upgradable and is also remotely installable provided BANANAGLEE is already on the firewall of interest.

    Status: Released. Has been widely deployed. Current availability restricted based on OS version (inquire for details).