Things on the ol’ noodle

Current projects I would like to pursue:

Ubuntu rootkit (shell script) – A rootkit geared toward maintaining covert access to an Ubuntu host.

Python implementation of netcat (Python script) – A python program that serves the same purpose as netcat but in python.

WirelessTrap.sh (Bash shell script) – A shell script that utilizes ettercap to designate two zones: Green Zone and Red Zone. The green zone is for hosts that will not be attacked or have traffic that will be captured/manipulated. As for the Red Zone hosts, they will have their traffic intercepted, and used against exposed services.

Automating bluetooth hacking for Nokia OS2008 based devices (Bash shell script) – First find the host, use l2ping to make sure the bluetooth host around for further enumeration. Then use sdptool to find possible channels for further enumeration.

Arbitrary Apache Log statistics (Bash shell script) – A shell script that uses whois, netcat and other tools to gather and aggregate information on hosts that have made arbitrary requests on apache web servers.

Word Press Dictionary attack program (language not known yet) – Word press doesn’t seem to check failed amount of logins…

SMBautoAttack.sh (Bash shell script) – A shell script that utilizes nmap and metasploit to try to exploit Windows hosts in a LAN.

MacAttack (Bash shell script) -A shell script that finds Apple computers (including Iphones) in a local area network and attempts to exploit them in a myriad of ways..

GoogleVulnScan (Bash shell script) – A shell script that has similar functionality to cDc’s GoolagScanner.

BugTraq+Nmap (Bash shell script) –  A shell script that is similar to nikto, but instead of only http(s) based hosts, this program will inform if other services have vulnerabilities.

Password Modifier (Bash shell script) – A shell script for pentesters whom have captured a password and would like to make commonly known alterations of it. For instance, users only alter their passwords by tacking on numbers or simple number sequences like 1234. They may also use 1337 speak, and change ‘A’ to ‘@’. This program will have a complicated algorithm that heavily relies on sed to output a dictionary list that could be used in an attack.

Twitter C&C bot (bash shell script .. or maybe python)

Create a notable tutorial on Yersinia (Language… english) – No I’m not planning on making a tutorial on the plague, but a very interesting tool for *nix called yersinia which can be found at:

http://www.yersinia.net/

Mend some bugs in btexploiter (Perl) – http://btexploiter.sourceforge.net/

Automate Meterpreter in an interesting way.. (Ruby)  Use elements in meterpreter to record specific information and events. Then, once this information has been captured, shove it back to the attacker.

Meterpreter + nmap: use a meterpreter session to deploy nmap on a compromised host. (A solution for this already made available via metacab: http://www.packetstormsecurity.org/Win/metacab-2006-04-R5.zip )

Meterpreter/port scanner: a module for meterpreter that supports port scanning on a compromised host (maybe a netcat like clone)

Meterpreter /arp poison: An arp poisoning module for meterpreter.

EtterSploit (bash shell script) Simply put, ettercap and metasploit got together and had a DNS spoofing baby. 🙂

A program that checks user agent strings (most likely php or maybe i’ll use mod_python) A program that checks user agent strings on web requests to see if any BHOs or any unwanted plug ins are installed on the web browser.

RouterAudit (Language not known): A program that will use the default password list from http://www.phenoelit-us.org/dpl/dpl.html (downloaded locally.. hopefully with their permission) to automatically test a router if a user can log in with default credentials.

BlackListed Domain names host file config (most likely Python): A program that will check for updates on my web server to see if there have been any more added black listed domain names that can be appended to the hosts file and redirected to 127.0.0.1.

Hidden Meterpreter work space (ruby + metasploit): This idea may seem a bit far fetched and maybe a bit out of my league, but I would like to have a meterpreter script that may just have to interact with the Windows API, to set up a rootkit like work place for pentesters. What this means, is that if a pentester needs to place a file on a remote system, that he/she doesn’t want the victim to see, the meterpreter work space would be able to provide this. (UPDATE May, 13 2010: There is already some work that has been done with this idea, via slacker http://www.metasploit.com/research/projects/antiforensics/ )

Tonido Pentesting plug: The Tonido plug, is a very small computer that is about the size of a standard AC adapter plug. My idea is to turn this into a full fledged pentesting device that will allow a pentester access to an internal network via this device. Part of what I’ll have to do (this is the easy part), is turn an Ubuntu ARM distro, into a pentest version (just install the appropriate tools/programs/scripts).

A Practical Guide to Social Network Hacking: (I think the title is self explanatory)


Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!