http://pentesterscripting.com/ 2009-12-30T12:10:16+00:00 http://pentesterscripting.com/ http://pentesterscripting.com/lib/images/favicon.ico text/html 2009-12-29T10:41:01+00:00 Robin Wood http://pentesterscripting.com/misc/bash_ip_split?rev=1262083261&do=diff This will split an IP address into its component parts ip="192.168.0.1" IFS="." set -- $ip echo "$1,$2,$3,$4" text/html 2009-12-13T18:08:23+00:00 Matias Brutti http://pentesterscripting.com/mapping/nmap_open_ports?rev=1260727703&do=diff A simple ruby script that takes a single file or a directory with several NMAP xml files and creates a csv or a pdf with a list mapping open ports to a list of IP addresses. If you want to use the PDF feature it needs a gem , so you need to install prawn, otherwise it should work with a default ruby installation. text/html 2009-12-01T08:11:50+00:00 Robin Wood http://pentesterscripting.com/mapping?rev=1259655110&do=diff Mapping is the part of a penetration test where we attempt to determine what is part of the target. For example, during a web pen-test, we would find all of the functionality of the site during this phase. These scripts will help us fill out our target map. text/html 2009-12-01T08:09:58+00:00 Robin Wood http://pentesterscripting.com/mapping/ngrep_tools?rev=1259654998&do=diff I've started playing with ngrep so I'm going to write some scripts which use ngrep to filter pcap files then parse the output. I'll probably combine all these into one large script at some point but for now I'll just post individual ones. get_dns This script uses ngrep to find all the dns traffic then pulls out the domain names. A problem with this is that the . separator between the parts of the domain name - www.abc - don't come out as an ASCII dot, they come out as various other hex charact… text/html 2009-11-19T09:02:17+00:00 Robin Wood http://pentesterscripting.com/reports/cve_lookups?rev=1258621337&do=diff A friend was going through Nessus output and checking the CVEs that were mentioned in each entry against the CVE database looking for false positives and other things he could add to his report. He was doing this by hand, individually pasting each CVE into the NIST NDV and I thought, there has to be an easier way. text/html 2009-11-19T09:01:56+00:00 Robin Wood http://pentesterscripting.com/misc/wait_for?rev=1258621316&do=diff I'm currently downloading all the DefCon videos and rather then try to grab them all at once I've broken the list down into batches. I wanted an automated way to start each batch when the previous one had finished so I wrote this little script to wait for something to finish then do something else. text/html 2009-11-19T09:01:13+00:00 Robin Wood http://pentesterscripting.com/mapping/dhcp_leases?rev=1258621273&do=diff This morning I added a machine to my network that I knew used DHCP and when it had booted I wanted to know what IP address it had been given. I run the ISC DHCP server so though it would be nice to have a script that would query the leases file (dhcpd.leases) and show all current leases. So, I wrote this script and thought I'd submit it as my first script here. Figure it might be useful if someone gets local file inclusion or some other way of nabbing the file off a server. text/html 2009-11-19T09:00:56+00:00 Robin Wood http://pentesterscripting.com/exploitation?rev=1258621256&do=diff Exploitation is probably everyone favorite portion of a penetration test. It is where we get to actually launch attacks. The scripts in this section will target vulnerabilities in the target and the leverage these to further our penetration. ---------- TYPO3 CMS Insecure Randomness Exploit - REF: TYPO3-SA-2009-001 Detailed Advisory - c22.cc text/html 2009-11-19T09:00:12+00:00 Robin Wood http://pentesterscripting.com/exploitation/mysql?rev=1258621212&do=diff Tools for going against MySQL MySQL Scanner Here is a python based scanner to check for default credentials on a MySQL server, or can use supplied wordlist/passwords to bruteforce password. import MySQLdb import sys user_list = [] pass_list = [] def mysql_connect(u, p, ip): try: print "[+] Attempting Connection..." db = MySQLdb.connect(user = u, passwd = p, host = ip, connect_timeout = 5) print "[+] Connection Successful!\n" print "[+] -----------------… text/html 2009-11-16T22:09:23+00:00 Robin Wood http://pentesterscripting.com/post_exploitation/lm2ntcrack?rev=1258409363&do=diff From the README... " This program provides a simple way to instantly crack Microsoft Windows NT Hash (MD4) when the LM Password is known. This program must be used with the password cracker John the Ripper. I've often encountered a problem during Windows penetration testing and password assessment. On the one hand, launching my favourite password cracker during few minutes on the dumped Windows passwords hashes, permits to crack many LM passwords but cracked password cannot be used a… text/html 2009-11-16T22:02:48+00:00 Robin Wood http://pentesterscripting.com/post_exploitation?rev=1258408968&do=diff Once the process of Exploitation is complete, it is important to gather information from the targeted machine. Post exploitation can be completed in many forms depending on the goal. Scripts in this section will target (localised) information gathering and collection and scripts that use the exploited machine to act as a pivot for further testing. text/html 2009-11-15T10:49:47+00:00 Robin Wood http://pentesterscripting.com/start?rev=1258282187&do=diff PENTESTER SCRIPTING! Hello! Welcome to the site. Have you found yourself in the predicament of needing to exploit an application/OS/web page? And you think to yourself, “I just did this last week, but I can't remember what I did”. That's the reason for this Wiki/Site. PenTesters young and old, n00b and l33t can gain access to and knowledge of useful scripts/tricks/tips (security related or not) for the purpose of pen-testing. text/html 2009-11-15T10:49:17+00:00 Robin Wood http://pentesterscripting.com/logo_competition?rev=1258282157&do=diff And the winner is... The deadline has come at last and there is a clear winner, Max Soler. Thanks to all who entered and to those who didn't win, your logo still might be used somewhere as each of the site admins have our own preferred logos (no, we probably won't say which) and so won't be throwing anything away. text/html 2009-11-15T10:42:03+00:00 Robin Wood http://pentesterscripting.com/misc?rev=1258281723&do=diff This is a place for miscellaneous scripts that come in useful for day to day testing. ---------- String Encoding in the Shell for miscellaneous obfuscation et al. Password Generators A script to wait for a program to finish before doing something else