[
Android |
Misc |
Exploits |
x86 Shellcode ]
Bruteforce 4 digit Android PINs using a Teensy Kit
Video: Teeny Kit 2.0 Cracking Galaxy S3 Brute Force Tool
Simple tool turning a pre-rooted android device with dnsmasq and iptables
into a rdnis device, ie badUSB to create a MiTM Proxy.
Phone Requirements: USB Debugging enabled, Pre-Rooted, Busybox Installed:
Stericson Busybox or (Recommended) armeabi/busybox
NOTE:
USB debugging must be enabled Android.
Once installed on a phone or other android device, simply plug the
phone into the USB port on the target machine. Works against Windows-
/Linux/Mac.
Arduino Pwn Tool is a tool similar to a Teensy Kit, for the purpose of emulating a
HID device / Keyboard, with features useful to an offensive penetration tester.
Using a 5 pin DIP switch, APT has the ability to launch attacks against
different platforms, Selecting and launching attacks on the fly...
ReverseShell(); - Linux
This function uses netcat or standard utilities for creating a reverse shell
connection from a Linux target.
addUser(); - Windows
This function will add a new user to the local windows administrator group.
DownloadExec(); - OSX
This function will download shellcode from a defined url and then execute
it on the target OSX system.
BruteForcePIN(); - Android
This function will allow you to connect APT to an Android Phone/Tablet via OTG
cable and brute force 4 digit PINs & Passwords.
The WiFiLocator infusion package adds GPS support to the already existing
kismet package. As well as the ability to use an Android device as the GPS.
Giving the ability to use the WiFiPineapple and a gps device to track wire-
less SSIDS and map them out with Google Earth
Tool for processing log files produced by clamscanLogParse.pl, fprotLog-Parse.pl
and bdLogParser.pl storing the results into a SQL database.
This is a utility to parse a BitDefender, ClamAV or F-Prot Anti Virus log file,
sorting the results into an archive by detections
Gauntlet Firewall is a tool to implement a secure & statefull firewall using
IPTables. Gauntlet is meant to run on the host serving to be the gateway
machine for the rest of the network.
IPTables Firewall Functionality & Protection Features:
++++++++++++++++++++++++++++++++++++
* Dynamic or Static addressing
* Full NAT Support
* Fixups for MTU/MSS Issues
* DoS/DDoS proection
* SYN Flood Protection
* Packet Spoofing Protection
* Invalid packet blocking
* Fragmented packet blocking
* Hide from traceroutes
* Portscan Blocking
(FIN/URG/PSH) (SYN/FIN)
(SYN/RST) (nmap FIN Stealth)
(ALL/ALL Scan) (nmap Null Scan)
(XMAS Scan)
** Port scans will be dropped with a log rate of 1 per second. **
hAudit is a forensic utility to aid in the time consuming process of
collecting information to be analyzed from a compromised, or suspected
to-be compromised system for further forensic auditing.
Alexa will monitor your log files for a user defined amount of failed SSH login
attempts, then take action.
Features:
- User definable login threshold limits
- Ability to ignore specific hosts
- Plus more...
SysChk will monitor a list of files for changes to ensure the integrity of
files and directories using on the system running SysChk.
SysChk watches for changes of the following:
-User Ownership.
-Group Ownership.
-File Permissions.
-Modified Time.
-Md5 Hash.
A simple linux password cracker for testing your own passwords against
dictionary attacks.
This tool will hash a dictionary file then compare the results to the
actual password file. Thus speeding up the process of cracking with a
memory vs time trade off...
wh0re is a tool to create a reverse shell.
Timewarp is a utility that will allow you to edit a file using any editor
without changing the access & modified times.
Perl & C Version.
Simple and fast forking port scanner written in perl. Can only scan on host
at a time, the forking is done on the specified port range. Default range
of 1-65535.
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before
9.4.3-P3, .5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as
a master server, allows remote attackers to cause a denial of service
(assertion failure and daemon exit) via an ANY record in the prerequisite
section of a crafted dynamic update message.
ssl-injector.c - Ettercap anyone??
old GLIBC exploit - worked against su to get r00t. Multiple Vendor Locale
Subsystem Format String Vulnerability.
A security vulnerability in McAfee VirusScan Enterprise allows local attac-
kers to escalate their privileges.
The shellcode executes syscall 39 without any args and verifies if an error
is returned.
NOTE:
On Linux this syscall is mkdir so it will expect an argument and
returns with an error. On FreeBSD this syscall is getppid which doesn't
require an argument and will return with the process ID.
Shell code executing for ipchains -F
Shell code executing for iptables -F