Thursday, November 9, 2006

Tools of the Trade - Now with Reduced Sodium!!

1) OpenSSH 4.5 has been released addressing a bug in the sshd privilege separation monitor that weakened its verification of successful authentication.

2) Foundstone has added several interesting tools to their free collection. I haven't personally tested any of these tools myself, so let me know what you think of them.
  • FSCrack v1.0.1 - FSCrack is a front end for John the Ripper (JtR) that provides a graphical user interface (GUI) for access to most of JtR’s functions.
  • CredDigger v1.0 - CredDigger™ is a tool that attempts to gather data to assist with penetration testing on a corporate network by determining every host on which a given set of user credentials is valid, while also building a database of all user ID’s through various means and protocols.
  • dumpAutoComplete v0.7 - This application will search for the default Firefox profile of the user who runs the tool and dump the AutoComplete cache in XML format to standard output. Alternatively, autocomplete files can be passed to the application and they will be parsed as well. This application understands mork based autocomplete files (Firefox 1.x) as well as SQLite based formhistory and webappsstore files (Firefox 2.x).

3) On Nov 7th, GomoR released SinFP 2.0.4-1. SinFP is a Perl module for OS fingerprinting. It even works for Windows with ActivePerl. Much props on that one.

SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. Nmap's approaches to fingerprinting has shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming quite dated.

4) On Nov 7th, XSS Shell was released.

XSS Shell is a powerful XSS backdoor which allows interactively control over a Cross-site Scripting (XSS) vulnerability in a web application. It is a tool that builds on the XSS-Proxy type attacks. This might be helpful for the hard core pen-testers out there, but it has the smell of a more "blackhat" type tool.

4) On Nov 6th, ClamAV v0.88.6 was released. Bugfixes in this release:

  • freshclam: apply timeout patch from Everton da Silva Marques (new options: ConnectTimeout and ReceiveTimeout)
  • clamd: change stack size at the right place (closes bug#103)
    Patch from Jonathan Chen
  • libclamav/petite.c: sanity check the number of rebuilt sections (speeds
    up handling of malformed files)

5) On Nov 2nd, Philippe Biondi released Scapy v.1.5.0.

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer.

6) On Nov 1st, FileZilla v2.2.29 was released. See the changelog for the details.

No comments:

Post a Comment