Comments for PenTBox http://www.pentbox.net Official website of the project Wed, 10 Mar 2010 10:31:49 +0100 hourly 1 Comment on Campus Party Europe, come on! by ardales http://www.pentbox.net/2010/02/campus-party-europe-come-on/comment-page-1/#comment-314 ardales Wed, 10 Mar 2010 10:31:49 +0000 http://www.pentbox.net/?p=212#comment-314 Hi!! i am spanish and i am invited too. i would like to know people before go there and you are the first that i found!haha. you can write me if you want... Hi!! i am spanish and i am invited too. i would like to know people before go there and you are the first that i found!haha. you can write me if you want…

]]> Comment on [PenTBox] How PenTBox can pwn (DoS) an iPhone / iPod Touch by Ataque DoS al iPhone/iPod Touch con PenTBox http://www.pentbox.net/2009/11/pentbox-how-pentbox-can-pwn-dos-an-iphone-ipod-touch/comment-page-1/#comment-120 Ataque DoS al iPhone/iPod Touch con PenTBox Sat, 21 Nov 2009 19:39:48 +0000 http://www.pentbox.net/?p=121#comment-120 [...] Ataque DoS al iPhone/iPod Touch con PenTBox  [...] [...] Ataque DoS al iPhone/iPod Touch con PenTBox  [...]

]]> Comment on [PenTBox] How PenTBox can pwn (DoS) an iPhone / iPod Touch by Alberto (Admin) http://www.pentbox.net/2009/11/pentbox-how-pentbox-can-pwn-dos-an-iphone-ipod-touch/comment-page-1/#comment-111 Alberto (Admin) Fri, 20 Nov 2009 06:04:47 +0000 http://www.pentbox.net/?p=121#comment-111 @Maxi Muchas gracias :) @Maxi Muchas gracias :)

]]> Comment on [PenTBox] How PenTBox can pwn (DoS) an iPhone / iPod Touch by Maxi Soler http://www.pentbox.net/2009/11/pentbox-how-pentbox-can-pwn-dos-an-iphone-ipod-touch/comment-page-1/#comment-106 Maxi Soler Thu, 19 Nov 2009 22:23:56 +0000 http://www.pentbox.net/?p=121#comment-106 Buen trabajo! ;) Buen trabajo! ;)

]]> Comment on [PenTBox] How to test stability of a network application using PB by Alberto (Admin) http://www.pentbox.net/2009/09/pentbox-how-to-test-stability-of-a-network-application-using-pb/comment-page-1/#comment-14 Alberto (Admin) Fri, 18 Sep 2009 17:31:46 +0000 http://www.pentbox.net/?p=88#comment-14 Problem solved. It would be available in next version of PenTBox. Problem solved. It would be available in next version of PenTBox.

]]> Comment on [PenTBox] How to test stability of a network application using PB by Alberto (Admin) http://www.pentbox.net/2009/09/pentbox-how-to-test-stability-of-a-network-application-using-pb/comment-page-1/#comment-8 Alberto (Admin) Wed, 02 Sep 2009 22:50:10 +0000 http://www.pentbox.net/?p=88#comment-8 @Guillermo This may be a solution, but doing a new rescue it would be more simple: rescue Errno::EACCES puts "" puts " Error: Honeypot Creator requires root privileges!!" puts "" rescue Errno::EADDRINUSE puts "" puts " Error: Port in use." puts "" rescue Errno::EMFILE puts "" puts " Maximum number of connection attempts reached; connection refused (possible DoS)" puts "" Or something like that. But the result is the same, the Honeypot would crash. The program should kill first threads when are more than 300 (for example). Im working on this now, it is not so difficult but takes time. @Guillermo
This may be a solution, but doing a new rescue it would be more simple:

rescue Errno::EACCES
puts “”
puts ” Error: Honeypot Creator requires root privileges!!”
puts “”
rescue Errno::EADDRINUSE
puts “”
puts ” Error: Port in use.”
puts “”
rescue Errno::EMFILE
puts “”
puts ” Maximum number of connection attempts reached; connection refused (possible DoS)”
puts “”

Or something like that. But the result is the same, the Honeypot would crash.

The program should kill first threads when are more than 300 (for example). Im working on this now, it is not so difficult but takes time.

]]> Comment on [PenTBox] How to test stability of a network application using PB by Guillermo Ramos http://www.pentbox.net/2009/09/pentbox-how-to-test-stability-of-a-network-application-using-pb/comment-page-1/#comment-7 Guillermo Ramos Wed, 02 Sep 2009 22:27:23 +0000 http://www.pentbox.net/?p=88#comment-7 honeypot_creator.rb ----------------------------------- (...) def honeyconfig(port, message) begin tcpserver = TCPServer.new("", port) if tcpserver puts "" puts " HONEYPOT ACTIVATED (" + Time.now.to_s + ")" puts "" count = 1 maxcount = 300 # Maximum number of connections loop do socket = tcpserver.accept if socket and count <= maxcount count += 1 Thread.new do puts "" puts " INTRUSION ATTEMPT DETECTED! (" + Time.now.to_s + ")" puts " -----------------------------" puts "" puts socket.recv(1000).to_s sleep(7) socket.write(message) socket.close end else puts " Maximum number of connection attempts reached; connection refused (possible DoS)" end end end rescue Errno::EACCES puts "" puts " Error: Honeypot Creator requires root privileges!!" puts "" rescue Errno::EADDRINUSE puts "" puts " Error: Port in use." puts "" end end (...) ----------------------------------- Simple, but it works -you'll never need (for instance) +300 connections, so if it reaches that number it could be considered as a DoS and the program must stop, although it's fine to continue showing messages so that you knew when the attacker had stopped DoS'ing. honeypot_creator.rb
———————————–
(…)

def honeyconfig(port, message)
begin
tcpserver = TCPServer.new(“”, port)
if tcpserver
puts “”
puts ” HONEYPOT ACTIVATED (” + Time.now.to_s + “)”
puts “”
count = 1
maxcount = 300 # Maximum number of connections
loop do
socket = tcpserver.accept
if socket and count <= maxcount
count += 1
Thread.new do
puts ""
puts " INTRUSION ATTEMPT DETECTED! (" + Time.now.to_s + ")"
puts " —————————–"
puts ""
puts socket.recv(1000).to_s
sleep(7)
socket.write(message)
socket.close
end
else
puts " Maximum number of connection attempts reached; connection refused (possible DoS)"
end
end
end
rescue Errno::EACCES
puts ""
puts " Error: Honeypot Creator requires root privileges!!"
puts ""
rescue Errno::EADDRINUSE
puts ""
puts " Error: Port in use."
puts ""
end
end

(…)
———————————–

Simple, but it works -you'll never need (for instance) +300 connections, so if it reaches that number it could be considered as a DoS and the program must stop, although it's fine to continue showing messages so that you knew when the attacker had stopped DoS'ing.

]]>