ClsHack:Computer Security Blog    

I have already spoken of suitable tools to carry out attacks two :)
But today we see,slowhttptest.
From the official website:

SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks.

It implements most common low-bandwidth Application Layer DoS attacks, such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist timer exploit) by draining concurrent connections pool, as well as Apache Range Header attack by causing very significant memory and CPU usage on the server.

Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server.

(more…)

I had already talked about weevely, the first version of this
0.4 Many things have changed :)
The main features are

• Communications obscured within referer HTTP requests
• Code of backdoor reduced by injection of dynamic functions
• Modules to automate the interaction with the remote system
• More technical supports for each task, the purpose of circumventing disable_functions, PHP safe_mode and other restrictions

For backbox has already released the update :D
(more…)

In Defcon 18(DEF CON® Hacking Conference) we talked about SHODAN,which is nothing but a search engine, But very different from the usual, bing google,yahoo ecc.

With SHODAN, We can filter the results leads to, server, by continent,look for passwords… Web applications “old”,router,FTP and more…looking for answers in the server gives us, eg “Server: iis 5″
From the official website:

SHODAN is a computer search engine. But it is unlike any other search engine. While other search engines scour the web for content, SHODAN scans for information about the sites themselves. The result is a search engine that aggregates banners from well-known services. This presentation will focus on the applications of SHODAN to penetration testers, and in particular will detail a number of case studies demonstrating passive vulnerability analysis including default passwords, descriptive banners, and complete pwnage. For penetration testers, SHODAN is a game-changer, and a goldmine of potential vulnerabilities.

Michael Schearer (“theprez98″) is a government contractor who spent nearly nine years in the United States Navy as a combat-experienced EA-6B Prowler Electronic Countermeasures Officer. He also spent nine months on the ground doing counter-IED work with the U.S. Army. He is a graduate of Georgetown University’s National Security Studies Program and a previous presenter at DEFCON, and has spoken at ShmooCon, HOPE and internationally at CONFidence (Poland) and HackCon (Norway) as well as other numerous conferences. Michael is a licensed amateur radio operator and an active member of the Church of WiFi. He lives in Maryland with his wife and four children.

Even with google, as you know you can filter the results by the famous dork .

For example, if we try google o.o:
inurl:"password" filetype:xls
Well we plunge off password mediaset, megaupload,rapidshare,tim,vodafone,Aruba and other crap :D that our friend google indexes.
(more…)

Simple dns server, I served for an attack on the router :D will speak soon, based on this code.
http://code.activestate.com/recipes/491264-mini-fake-dns-server/
I practically rewrote it my way, removing classes,adding some options.

Configuration is very simple ;)

Just change the first line:

fake=['www.facebook.com','127.0.0.1','www.google.it','127.0.0.1']

It’ an array *, used like:
#host =>fake ip response

Addresses will be assigned to set their real ip, so no one will notice anything :D
An example:
(Windows has nothing to do, was just to let you see it was on another pc ;) The attack works on any computer that is not pleasant to have the dns cache and stuff, to speed up browsing)

Have fun and wait for the next article :D

DOWNLOAD

After this:
[tutorial]Tool for Network Mapping
[tutorial]Tool for Information Gathering
Now we will talk about Tool for Vulnerability Identification level Server.

Separate category at the server level, I do not like backtrack who put it all together, tool for sql injection along with tools for the exploited vulnerability in servers, Load Result of cioènon web, from what I can try to divide.
I think after you understand even better…
Certainly, I will never as a tool wapiti with tools like openvas.

For this category, I selected these tools:

• nessus
• openvas
• Checkpwd
• No one
• OpenSSL-Scanner
• Onesixtyone
• ettercap
• medusa2

Unfortunately I can not comment on all these great tools, However, their operation is quite simple :And if D googlate a potent’ will :D
(more…)