Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: RE: trusted solaris pen testing

RE: trusted solaris pen testing

From: Dom De Vitto <dom_at_devitto.com>
Date: Wed, 8 Dec 2004 00:53:37 -0000

"Cain and Able" can do lots of what you want, including setup for cool
Man-in-the middle attacks.

http://www.oxid.it/cain.html

Spoofing is easy, especially on most switched networks.

http://www.oxid.it/sterm.html

This is a great tool which does exactly what you want in the right
situations.

There are lots of ways of doing this - ARP spoofing, ARP poisoning, ICMP
redirects etc.

Dom

-----Original Message-----
From: Jack [mailto:list-recv_at_crepinc.com]
Sent: 05 December 2004 16:32
To: Elihu Smails; vuln-dev_at_securityfocus.com
Subject: Re: trusted solaris pen testing

There are two possibilities: either find out the trusted hosts, and take
their IP (DoS that box first) or go for the spoofing idea.

Spoofing is hard, especially on a switched network. I currently don't
know of any pre-written source that does this well. (I'm currently in
the process of writing my own). So, if you would like to undertake this,
you will probably need to write your own code.

Remember, if spoofing an IP on a switched network you will need ARP
spoofing in order to get the recieved packets.

Have fun,

-Jack C ("crEp")
http://www.crepinc.com/
Received on Dec 09 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos