Home » Posts filed under Ruby

Host-Extract - Enumerate All IP/Host Patterns In A Web Page

in , , , , , , - on 8:28 PM - No comments
This little ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL.

With it, you can quickly identify internal IPs/Hostnames, development IPs/ports, cdn, load balancers, additional attack entries related to your target that are revealed in inline js, css, html comment areas and js/css files.

This is unlike web crawler which looks for new links only in anchor tags (<a) or the like.

(you might miss many additional targets if you ever use such web crawler or other GUI-based tools that shows you your main target and its relationship with its linked sub/off-site domains)
In some cases, host-extract may give you false positives when there are some words like - main-site_ver_10.2.1.3.swf.

With -v option, you can ask the tool to output html view-source snippets for each IP/Domain extracted. This will shorten your manual analysis time.


USAGE: 
ruby host-extract.rb URL [option]

Usage: host-extract [options]
        -a               find all ip/host patterns
        -j               scan all js files
        -c               scan all css files
        -v               append view-source html snippet for manual verification
Read more
Labels: , , , , , ,

Kautilya v0.4.5 - Pwnage with Human Interface Devices

in , , , , , - on 8:12 PM - No comments
Kautilya-v0.4.5-Pwnage-with-Human-Interface-Devices
Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby.

  • The Windows payloads and modules are written mostly in powershell (in combination with native commands) and are tested on Windows 7.
  • The Linux payloads are mostly commands in combination with little Bash scripting. These are tested on Ubuntu 11.
  • The OS X payloads are shell scripts (those installed by default) with usage of native commands. Tested on OS X Lion running on a VMWare.

Changelog v0.4.5

  • Bug fixes and improvements in Time Based Exec. It now supports exfiltration and could be stopped remotely.
  • Less lines of code for HTTP Backdoor and Download Execute PS.
  • HTTP Backdoor, Download Execute PS, Hashdump and Exfiltrate and Dump LSA Secrets now execute the downloaded script in memory.
  • Shortened parameters passed to powershell.exe when the scripts are called. Thus, saving the time in “typing” by HID.
  • Added two new exfiltration options, POST requests and DNS TXT records.
  • Username and password for exfiltration would be asked only if you select gmail or pastebin.
  • Tinypaste as an option for exfiltration has been removed.
  • Payloads have been made more modular which results in smaller size.
  • Reboot Persistence has been added to HTTP Backdoor and DNS TXT Backdoor.
  • Menu redesign.
  • Bug fix in Dump LSA Secrets payload.
  • Added ./extras/Decode.ps1. Use this to decode data exfiltrated by HTTP Backdoor and DNS TXT Backdoor.
  • Added ./extras/Remove-Persistence.ps1. Use this to remove persistence by Keylogger, HTTP Backdoor and DNS TXT Backdoor.
  • Kautilya could be run on Windows if win32console gem is installed.

Read more
Labels: , , , , ,

URLCrazy - Test domain typos and variations to detect typo squatting, URL hijacking, phishing, and corporate espionage

in , , , , , , - on 2:48 PM - No comments

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Usage

* Detect typo squatters profiting from typos on your domain name
* Protect your brand by registering popular typos
* Identify typo domain names that will receive traffic intended for another domain
* Conduct phishing attacks during a penetration test

Features

* Generates 15 types of domain variants
* Knows over 8000 common misspellings
* Supports cosmic ray induced bit flipping
* Multiple keyboard layouts (qwerty, azerty, qwertz, dvorak)
* Checks if a domain variant is valid
* Test if domain variants are in use
* Estimate popularity of a domain variant
URLCrazy requires Linux and the Ruby interpreter.


Read more
Labels: , , , , , ,

[Arachni v0.4.6 - Web User Interface v0.4.3] Open Source Web Application Security Scanner Framework

in , , , , , , - on 9:30 PM - No comments

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.

Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling

through the paths of a web application’s cyclomatic complexity.

This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.


Changelog

Framework v0.4.6
  • Massively decreased RAM consumption.
  • Amount of performed requests cut down by 1/3 — and thus 1/3 decrease in scan times.
  • Overhauled timing attack and boolean/differential analysis algorithms to fix SQLi false-positives with misbehaving webapps/servers.
  • Vulnerability coverage optimizations with 100% scores on WAVSEP’s tests for:
    • SQL injection
    • Local File Inclusion
    • Remote File Inclusion
    • Non-DOM XSS — DOM XSS not supported until Arachni v0.5.
WebUI v0.4.3
  • Implemented Scan Scheduler with support for recurring scans.
  • Redesigned Issue table during the Scan progress screen, to group and filter issues by type and severity.

Read more
Labels: , , , , , ,

[RemotePasswordWiFi] Script in Ruby, for search passwords WiFi of remote routers

in , , , , - on 7:01 PM - No comments
Script in Ruby, for search passwords WiFi of remote routers.

Support Routers:

*] Thomson *] Thechnicolor

in next days:
*] bee *] cisco


Read more
Labels: , , , ,