PenTBox 1.5 released!

By Alberto Ortega June 11th, 2011, under General

And here we go! Here is the new version.

Version 1.5
—————-

New features:
- Command execution in gets (STDIN) implemented. (!command)
- Honeypot now shows attacker’s IP and port (thx Shyish)
- Included log options.
- Wordlist is bigger now.
- Included “back” option on menus.
New tools:
- Included new area, Web tools.
- Included new module MAC address geolocation (samy.pl).
- Included new module HTTP directory bruteforce.
- Included new module HTTP common files bruteforce.
- Included exploits for DoS
[other/http] 3Com SuperStack Switch DoS
[other/http] 3Com OfficeConnect Routers DoS (Content-Type)
[windows/ftp] Windows 7 IIS7.5 FTPSVC UNAUTH’D DoS
[windows/ftp] Solar FTP Server 2.1 DoS
[windows/pptp] MS02-063 PPTP Malformed Control Data Kernel DoS
[windows/smb] Windows Vista/7 SMB2.0 Negotiate Protocol Request DoS BSOD
- Included pb_update.rb to update PenTBox from the SVN repository.
Bugfixing:
- Fixed issue with SHODAN API.
- Deleted l33t speak and extra menu.
- Improved permissions checking, now it’s done by euid, not username (thx r4mosg)

You can download the new version from the download area.

No Comments

How to TORify PenTBox

By Alberto Ortega February 23rd, 2011, under General, Network Area

Some people have been asking about how to use PenTBox anonymously on Internet. As PenTBox doesn’t have proxy configuration capabilities, we must use external tricks.

TOR is an interesting service we could use. It opens a SOCKS local server at 9050 TCP port to connect to the anonymous network.

On the other hand we have tsocks, an application that can send TCP connections automatically through a SOCKS server. The usage is quite simple, we only have to configure it and launch our application (example):

tsocks application -param1 -p2

GNU/Linux users probably can find tsocks on the software repository of the distribution.

My configuration file is as simple as follows:

# grep -v "#" /etc/tsocks.conf
local = 192.168.0.0/255.255.255.0
server = 127.0.0.1
server_type = 5
server_port = 9050
#

When we have configured tsocks and TOR is running, to launch PenTBox we can do:

tsocks ./pentbox.rb
or
tsocks ruby pentbox.rb

Notes:

- With tsocks only TCP traffic will be proxified, UDP packets wont be (ie DNS petitions).

- I’ve tested it on GNU/Linux (Debian) and FreeBSD with successful results.

- TOR project has developed torsocks, an improved tsocks that may be very useful in some cases. (More info).

- For DoS lovers, flood attacks via TOR are very slow, your only achievement will be disturb network velocity for other users.

- For Windows users I’ve found some alternatives googling but I haven’t tested it.

Tags: , ,
No Comments

PenTBox 1.4 released!

By Alberto Ortega November 16th, 2010, under General

Some months later since the first final release, here we have the second final release :)

Nice changes, check it out!

Version 1.4

—————

- Code adapted to work with ruby1.9.x and jruby (more performance, native threads …).
- Optimized TCP port scanner, and ping check before scan.
- Optimized hash_cracker.rb
- Renewed interface with colors (only unix-like) and improvements.

- Included RIPEMD-160 to Hash Password Cracker and Multi-Digest.
- Added native mode in SYN DoS that uses Raw Sockets.
- Added a new mode in the fuzzer -> HTTP headers client fuzzing.
- Added protected mode -> Only root can use DoS tools, excellent for installations in servers.
- Added a simple configuration in pentbox.rb for interface colors and protected mode.

- Unified syn_dos.rb and tcp_dos.rb in one, net_dos.rb
- Included pentbox-wlist.txt, that can be used with hash_cracker.rb
- New libraries bit-struct, net/dns.rb and racket.
- dns_search.rb included -> DNS and host gathering with NS, MX, SHODAN, A bruteforce and PTR IP range.

- tcp_dos_auto.rb excluded – To prevent from evil script-kiddies.
- fileencr.rb excluded – Crypto libraries was difficult to adapt, and the module was very slow. You can use openssl that is so much better and faster.
- sec_im.rb excluded – It wasn’t used and not pentesting related.

—————

In addition, I’ve released a paper about how PenTBox uses SHODAN to find hosts and the description of the idea.

You can download the new version from the download area, later I’ll upload it to Sourceforge.

No Comments

Available on Cydia!

By Alberto Ortega August 11th, 2010, under General

Hi mates!

A port of PenTBox for the iPhone (PenTBox On The iPhone) has been uploaded to the ModMyi Cydia repository, this is, if you have a jailbroken iPhone, iPod Touch or iPad, you can download PenTBox searching in Cydia ;)

pentbox-cydia

Tags: , , , , , , ,
6 Comments

PenTBox 1.3.2 FINAL released

By Alberto Ortega March 25th, 2010, under General

I’m proud of present you the first final version of PenTBox. In this version I have worked on improve stability, portability and revise all the code to do it better. I love the final result, and I hope that you too.

Version 1.3.2
————-
- FTP fuzzing improved and finished.
- Improved CLI.
- Improved files working.
- Now the Honeypot log have a file by default.
- Added a hping3-based mode to work in syn_dos.rb
- Added Dictionary attack and Dictionary-bruteforce
hybrid attack in hash_cracker.rb
- Added SHA384 in digest.rb and hash_cracker.rb
- Now modules integration is with modules and classes,
this improve the portability and the performance but
the modules can’t be executed independently.
- Fixed a couple of minor bugs.
- Minor improvements.

As ever, you can download it from the Download area or from the Sourceforge site.

4 Comments

PenTBox 1.3.1 Beta Released

By Alberto Ortega February 12th, 2010, under General

Minor version released, not important changes.

Version 1.3.1
————-
- Added kB/s in TCP DoSer and TCP AutoDoSer.
- Fixed bug in packets counter in TCP DoSers.
- Updated readmes, now are more explicit and clear.
- Code revision (optimization, no bugs founded).

You can download it from the Download area

No Comments

PenTBox 1.3 Beta Released

By Alberto Ortega February 2nd, 2010, under General

New version with new features, specially in Cryptography and Secure IM.

Version 1.3
———–
- Added Crypt Ruby and RubyRc4 libraries.
- Added GOST, ARC4 and Rijndael (aka AES) 256 bits ciphers to Secure IM.
- Improvements in error exceptions and connection on Secure IM.
- fileencr.rb included -> Files encryptor and decryptor that uses Rijndael 256 bits, GOST and ARC4 ciphers.
- Included srand(time.now.to_i) function in programs that use random numbers.
- Added “Packets per second” in TCP DoSer and TCP AutoDoSer.
- Minor changes in titles of programs.

You can download it from the Download area

No Comments

« Older Entries