Pen Testing | Commondork

Archive for the Pen Testing Category

Setting up Metasploit Framework 3.2 on Debian (Lenny)

Posted October 10, 2009 at 10:32 pm in Pen Testing | No Comments

Setting up the Metasploit Framework to run on Debian is quite simple. The current stable version of the Metasploit Framework is version 3.2 and is written in the Ruby programming language. The previous version, 2.7, was implemented in Perl. The complete rewrite of the Framework with Ruby requires the following packages to be installed on your system prior to using Metasploit:

apt-get install ruby libruby rdoc
apt-get install libyaml-ruby
apt-get install libzlib-ruby
apt-get install libopenssl-ruby
apt-get install libdl-ruby
apt-get install libreadline-ruby
apt-get install libiconv-ruby
apt-get install rubygems

 Continue reading..

Tunneling nmap through Tor

Posted June 26, 2009 at 11:05 pm in Pen Testing, Privacy | No Comments

I looked at how to reduce your exposure using Tor earlier in the week. We installed Tor and Privoxy and configured our system to browse the Internet anonymously. We can use Tor and another great program called proxychains to Torify our network scans with nmap.

Before I continue I would like to recommend to anyone who doesn’t know what Tor is to read the aforementioned post. My post will walk you through installing Tor and provide additional background information. For anyone who doesn’t know what nmap is, you must be stuck on stuck on a Bell 103. All joking aside, ,map, short for network mapper, is a free and open source utility for network exploration or security auditing. It was created by Gordon “Fyodor” Lyon and has come a long way since its inception. A brief summary of its transformation: nmap’s original source code contained lines such as “fprintf(stderr, “Your ftp bounce server sucks, it won’t let us feed bogus ports!\n”);” and transformed itself into a movie star when it was featured in The Matrix Reloaded. It is used by network admins, system admins, and security professionals alike. You can find more detailed information at nmap.org.

Using fping to perform basic network scans

Posted June 17, 2009 at 10:34 pm in Pen Testing | No Comments

Network scanning dates back to 1983 when Mike Muuss wrote the original ping tool. Ping is an effective network tool that tests whether a host is reachable across an IP network by requesting an Internet Control Message Protocol (ICMP) echo response. This is accomplished by sending an ICMP echo request across the network to the intended target and if the host is reachable and capable of processing ICMP packets it will respond with an ICMP echo response packet. A network scan allows us to paint a picture of the current state of the network by sending certain types of traffic and analyzing the results. Unfortunately, ICMP is a topic for another article but I encourage you to read RFC 792 for more information if you’re interested.

Why don’t we just use ping to scan a network then? The problem with ping is that it sends out an echo request and waits for an echo response. If you are scanning a network segment where you have 255 possible hosts to ping and some of these hosts don’t instantly reply, you could be waiting quite a while. This speed and efficiency issue is resolved with another tool called fping.

Page 1 of 11