Tuesday, March 24, 2009

FastTrack- Easier Penetration Testing Tool

Every IT professional,security engineer, security analyst and penetration tester are always looking for easier ways to perform penetration tests. I found this Fast-Track tool.

What is Fast-Track?
"Fast-Track is a python based open-source project aimed at helping Penetration Testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when I was on a penetration test and found that there was generally a lack of tools or automation in certain attacks that were normally extremely advanced and time consuming. In an effort to reproduce some of my advanced attacks and propagate it down to my team at SecureState, I ended up writing Fast-Track for the public. Many of the issues Fast-Track exploits are due to improper sanitizing of client-side data within web applications, patch management, or lack of hardening techniques. All of these are relatively simple to fix if you know what to look for, but as penetration testers are extremely common findings for us. Fast-Track arms the penetration tester with advanced attacks that in most cases have never been performed before. Sit back relax, crank open a can of jolt cola and enjoy the ride. "

I tried one of the powerful tool in Fast-Track, The SQLPwnage.
"This tool scans subnets looking for web servers. After found, it automatically starts to crawl the site looking or post parameters. Once a list of post parameters have been identified, Fast-Track will either try blind SQL injection or error based SQL injection and attempt to automatically exploit the system for you. If successful, whatever payload you specified will be delivered to you, this could be meterpreter, reverse shell, bind shell, reverse vnc, and much more. SQLPwnage will automatically re-enable xp cmdshell if disabled, try to elevate permissions, and use the hex to binary bypass explained in the SQL bruter section to deliver our payloads."

You can see this Video how to use SQLPwnage.

Metasploit 3.2

The Metasploit Framework is a development platform for creating security tools and exploits. It's used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide.

Compare to Metasploit 3.0, in Metasploit 3.2, getting attack code onto a target machine will also be easier on Metasploit 3.2 with improvements to the Raw Packet Tools function. A new library call PacketFu is expected by Moore to achieve packet injection for both wired and wireless end points.It also provides improved support for exploiting multi-core CPU machines, which had been more difficult to attack with previous versions of Metasploit.

Metasploit is also able to take exploit code and weaponize it in an .EXE (executable file) that can be deployed by an attacker. Moore said the EXE template that created EXE attacks has been improved in Metasploit 3.2 in order to defeat AntiVirus vendor signature detection.

If you never try metasploit, you can download it here.