lirva32.org - Tools Watch

Tools Watch

winAUTOPWN

Written by lirva32
Friday, 16 April 2010
Hi... Do you know about winAUTOPWN...??? I'm like winAUTOPWN as hacking tools......, because winAUTOPWN is an auto (hacking) shell gaining tool. It can also be used to test IDS, IPS and other monitoring sensors/softwares. Autohack your targets with least possible interaction. Features: * Contains already custom-compiled executables of famous and effective exploits alongwith a few original exploits. * No need to debug, script or compile the source codes. * Scans all ports 1 -* 65535 after taking the IP address and tries all possible exploits according to the list of discovered open ports (OpenPorts.TXT) * PortScan is multi-threaded. * Doesn’t require any Database at the back-end like others * Can be also be used to test effectiveness of IDS/IPS * Launched exploits are independent and doesn’t rely on service fingerprinting (to avoid evasion, if any) The aim of creating winAUTOPWN is not to compete with already existing commercial frameworks like Core Impact (Pro), Immunity Canvas, Metasploit Framework (freeware), etc. which offer autohacks, but to create a free, quick, standalone application which is easy to use and doesn’t require a lot of support of other dependencies. Also not forgetting that winAUTOPWN unlike other frameworks maintains the original exploit writer’s source code intact just as it was and uses it. This way the exploit writer’s credit and originality is maintained. The source is modified only when required to enable a missing feature or to remove hard-coded limitations. Under these circumstances also, the exploit writer’s credits remain intact. Newer exploit modules are added as and when they release and older ones are also being daily added. Binaries of perl, php, python and cygwin DLLs (included) are required to exist either in a common folder or should be properly installed with their paths registered for those exploits which are cannot be compiled into a PE-exe. Some anti-viruses might falsely detect the exploits as malicious. Version 2.2 * Introduced BSDAUTOPWN - BSD equivalent for winAUTOPWN which is winAUTOPWN written and compiled to run on BSD systems. Also, this version is: Introducing BSDAUTOPWN v1.0. This is the BSD equivalent for winAUTOPWN. In this release you will find a pre-compiled binary named bsdAUTOPWN compiled on FreeBSD-9.0-CURRENT-2010 (i386). Tested on FreeBSD 8.0. Release alongwith FreeBSD-9.0-CURRENT. This is the first release of BSDAUTOPWN and does not have all the exploits which are currently available for winAUTOPWN. BSDAUTOPWN is still under development and hopefully will be enriched with all the exploits which are already present and also which will be added to winAUTOWPN in the future. How to using winAUTOPWN : 1. Download winAUTOPWN in here 2. Extract in new folder 3. Execute file winAUTOPWN_GUI.exe 4. winAUTOPWN, processing : Reference : http://winautopwn.co.nr/ okay...now happy hacking... c u... Greetz : . MyDaughters : Faiza Debian Navisa n Fivana Gutsy Ramadhani . echo\|staff . AllNewBieHacker . MyAlmamater FTI_UBL
Last Updated ( Saturday, 24 April 2010 )

Suricata v0.8.1 released

Written by lirva32
Friday, 16 April 2010
Suricata v0.8.1 released The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. New features: - the engine will now detect the number of cpu’s/core’s and setup the engine to use them fully - libhtp is now included in the source - experimental CUDA support for NVIDIA GPU accelerated pattern matching - initial support for Win32 (using mingw) was added - FreeBSD/Mac OS X IPFW inline support was added - many options in the configuration file for performance tuning - VLAN decoding support was added - Prelude output support Major issues fixed & improvements made: - threading issues in the unified1 and unified2 logging modules - major stream engine issues were solved - uricontent, urilen inspection is now done against the libhtp parsed uri - ip only signature detection fixes in inline mode - add the /P (request body) option to the pcre keyword - many SMB, SMB2 and DCERPC improvements - logging is more configurable - pcap and pfring modes support for bpf was added - many bugs were fixed, cleanups were made Known issues: - Some signatures fail to load because of missing keywords or keyword options - We have identified some serious performance issues with certain signatures and traffic combinations - Although we improved big endian support, there are still some issues - CUDA code is expected to work only on 32bit and probably doesn’t speed things up yet as we will need further redsign to fully benefit You can download Suricata in here : Linux/Mac/FreeBSD/UNIX Source: http://www.openinfosecfoundation.org/download/suricata-0.8.1.tar.gz PGP Signature: http://www.openinfosecfoundation.org/download/suricata-0.8.1.tar.gz.sig Build Requirements: - gcc - make - g++ If building from the git repository you will also need: - automake - autoconf - libtool Library Requirements: - libpcre - libnet 1.1.x - libyaml - libpcap - libnetfilter-queue and libfnetlink (optional for use with ./configure --enable-nfqueue) - libpthread (should be part of most glibc's) - libpfring (optional for use with ./configure --enable-pfring) - libz - htp For Debian/Ubuntu Users sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-0-1 libyaml-dev zlib1g zlib1g-dev ### HTP wget http://www.openinfosecfoundation.org/download/htp-current.tar.gz tar -xzvf htp-current.tar.gz cd htp-<version> ./configure make make install ldconfig #if using ubuntu-8.04 to use prebuilt yaml packages you need to uncomment the following two lines in your /etc/apt/sources.list to enable hardy-backports. #deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse #deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse #if building with IPS capabilities via ./configure --enable-nfqueue sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 ### Suricata: wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz tar -xvzf suricata-current.tar.gz cd suricata.<version> If building from git sources: bash autojunk.sh #else ./configure sudo mkdir /var/log/suricata/ make make install Reference : http://www.openinfosecfoundation.org/
Last Updated ( Friday, 16 April 2010 )

EIGRP Sniffing

Written by lirva32
Wednesday, 03 February 2010
Hai all.... this is about EIGRP. EIGRP (Enhanced Interior Gateway Routing Protocol) is a Cisco proprietary routing protocol loosely based on their original IGRP. EIGRP is an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and processing power in the router. Routers that support EIGRP will automatically redistribute route information to IGRP neighbors by converting the 32 bit EIGRP metric to the 24 bit IGRP metric. Most of the routing optimizations are based on the Diffusing Update Algorithm (DUAL) work from SRI, which guarantees loop-free operation and provides a mechanism for fast convergence. Basic data EIGRP collects is stored in three tables: * Neighbor Table: Stores data about the neighboring routers, i.e. those directly accessible through directly connected interfaces. * Topology Table: Confusingly named, this table does not store an overview of the complete network topology; rather, it effectively contains only the aggregation of the routing tables gathered from all directly connected neighbors. This table contains a list of destination networks in the EIGRP-routed network together with their respective metrics. Also for every destination, a successor and a feasible successor are identified and stored in the table if they exist. Every destination in the topology table can be marked either as "Passive", which is the state when the routing has stabilized and the router knows the route to the destination, or "Active" when the topology has changed and the router is in the process of (actively) updating its route to that destination. * Routing table: Stores the actual routes to all destinations; the routing table is populated from the topology table with every destination network that has its successor and optionally feasible successor identified (if unequal-cost load-balancing is enabled using the variance command). The successors and feasible successors serve as the next hop routers for these destinations. Unlike most other distance vector protocols, EIGRP does not rely on periodic route dumps in order to maintain its topology table. Routing information is exchanged only upon the establishment of new neighbor adjacencies, after which only changes are sent. How to custom EIGRP packet and sniffing process...?? okay... using EIGRP tools... Eigrp-tools Eigrp-tools is a custom EIGRP packet generator and sniffer combined. It was developed to test the security and overall operation quality of the EIGRP routing protocol. Using this tool requires you to have the requisite background knowledge of EIGRP, packets structure/types, alongside a good working background of the Layer 3 topology of the network you wish to audit.
Last Updated ( Monday, 15 February 2010 )
Read more...

Cisco torch

Written by lirva32
Monday, 25 January 2010
Hi all... I get the tools to penetrate cisco...and I loved it ... the tool is Cisco Torch. course..not wrong if you try this tools.... Cisco torch : Mass Cisco Vulnerability Scanner Cisco Torch was designed as a mass scanning, fingerprinting, and exploitation tool. Cisco-torch is unlike other tools in that it utilises multiple threads, (forking techniques), to launch scanning processes. It also uses several methods to simultaneously carry out application layer fingerprinting. Cisco torch can be used for launching dictionary based password attacks against the services and discovering hosts running the following services: [.] Telnet [.] SSH [.] Web [.] NTP [.] SNMP
Last Updated ( Tuesday, 26 January 2010 )
Read more...

cge-13

Written by lirva32
Thursday, 21 January 2010
tttaaaddaaaaaa.... attack..attack... n attack again... lol hi guys..girls... today lirva32 give some knowledge about CISCO Hacking... Do you want to attack a CISCO Router n CISCO Catalyst...??? I think more simple... You can using cge-13 tools to exploit the cisco vulnerabilities. Okay..let's go..... this is about cge-13 : cge-13 Cisco Global Exploiter (CGE), is an advanced, simple and fast security testing tool/ exploit engine, that is able to exploit 14 vulnerabilities in disparate Cisco switches and routers. CGE is command-line driven perl script which has a simple and easy to use front-end. CGE can exploit the following 14 vulnerabilities: [1] - Cisco 677/678 Telnet Buffer Overflow Vulnerability [2] - Cisco IOS Router Denial of Service Vulnerability [3] - Cisco IOS HTTP Auth Vulnerability [4] - Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability [5] - Cisco Catalyst SSH Protocol Mismatch Denial of Service Vulnerability [6] - Cisco 675 Web Administration Denial of Service Vulnerability [7] - Cisco Catalyst 3500 XL Remote Arbitrary Command Vulnerability [8] - Cisco IOS Software HTTP Request Denial of Service Vulnerability [9] - Cisco 514 UDP Flood Denial of Service Vulnerability [10] - CiscoSecure ACS for Windows NT Server Denial of Service Vulnerability [11] - Cisco Catalyst Memory Leak Vulnerability [12] - Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability [13] - 0 Encoding IDS Bypass Vulnerability (UTF) [14] - Cisco IOS HTTP Denial of Service Vulnerability download : please click me now ... Requirements: . Perl . or... Active Perl if you using Microsofts Windows
Last Updated ( Monday, 15 February 2010 )
Read more...

More...

Ciscopack

Designed by:

Joomla Templates

Ecommerce hosting

http://lirva32.org/site, Powered by Joomla and Designed by SiteGround web hosting