Tutorial pytbull with Back Track 5

This tutorial will provide you with the details required to install configure and run pytbull on Back Track 5.

In our example we will be using pytbull with Back Track 5 in gateway mode.

 

Back Track 5 requirements and configuration:

  • Install BT5 rather than run the live version, you should do this anyway
  • Install libopts25 so that tcpreplay will work in BT5
  • In our example BT5 will have ip address of 172.16.16.43

Configuration Steps:

Install libopts25

#apt-get install libopts25

Download and install pytbull, refer to the pytbull website documentation section:

http://pytbull.sourceforge.net/?page=documentation#installation

Edit the config.cfg file for specific settings and paths in BT5. Change the IP to your IP and the interface to your networked interface, in our example the client ip is 172.16.16.43 on eth0.

The sections we are interested in are as follows:

[CLIENT]
ipaddr = <yourbt5ipadd>
iface = eth0

[ENV]
sudo = /usr/bin/sudo
nmap = /usr/local/bin/nmap
nikto = /pentest/web/nikto/nikto.pl
niktoconf  = /pentest/web/nikto/nikto.conf
hping3  = /usr/sbin/hping3
tcpreplay = /pentest/sniffers/tcpreplay/tcpreplay
localhost = 127.0.0.1

[CREDENTIALS]
ftpuser = fred
ftppasswd  = derf

We are now ready to run the pytbull tests and watch our IDS/IPS systems!

Be sure to include the gateway mode switch:

#./pytbull -t <target ip address>  --mode=gateway 

You should now see all the tests running and your IDS/IPS should be going crazy!

 

Linux Terminal Server Project

The Linux Terminal Server Project adds thin-client support to Linux servers. LTSP is a flexible, cost effective solution that is empowering schools, businesses, and organizations all over the world to easily install and deploy desktop workstations. A growing number of Linux distributions include LTSP out-of-the-box.

Official site:
http://www.ltsp.org

Howto install LTSP in Ubuntu 10.10 (Maverick) – Reuse your Old computers with out hard disk and Thin Clients:
Reviewshubs.com article

peepdf Python tool

peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is to provide all the necessary components that a security researcher could need in a PDF analysis without using 3 or 4 tools to make all the tasks. With peepdf it’s possible to see all the objects in the document showing the suspicious elements, supports all the most used filters and encodings, it can parse different versions of a file, object streams and encrypted files. With the installation of Spidermonkey and Libemu it provides Javascript and shellcode analysis wrappers too. Apart of this it’s able to create new PDF files and to modify existent ones.

Download and more details at :
http://code.google.com/p/peepdf
http://eternal-todo.com

Project Honey Pot

Project Honey Pot http://www.projecthoneypot.org is a site and system that you can sign up to for identifying spammers and spambots and it’s free.

The official description is:

Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email we not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.

To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. We handle the rest — automatically distributing addresses and receiving the mail they generate. As a result, we anticipate installing Project Honey Pot should not increase the traffic or load to your website.

We collate, process, and share the data generated by your site with you. We also work with law enforcement authorities to track down and prosecute spammers. Harvesting email addresses from websites is illegal under several anti-spam laws, and the data resulting from Project Honey Pot is critical for finding those breaking the law.