Dec 112013
 

So Tenable has made a bunch of changes and additions to the XML (.nessus) file and I’ve tried my best to incorporate them into the project.  First off they did something awesome which is alphabetize the XML elements.  So I’ve done that as well in the Nessus parse and report scripts.  It makes it so much easier to manage.  So with new elements comes new table columns.  If using this code base you should know that you need to clear all data from the DB.  I made the exploit table even less crappy and included the new XML elements around core, canvas, and d2 elliot frameworks.  I added “Show more/Show less” options for the vulnerability site indexes (CVE, BID, etc)  I noticed that listing them all out can create one long report and who really needs to have the links for all 30 CVEs around java anyway :-)  I include any JS and CSS in the HTML instead of linking to a file.  I know…goes against all HTML teachings.  But this makes one neat file/report when you save the HTML as a file in any browser.  No more stupid folder with all the “files”.  I’ve also made some changes to the Executive report.  You now have an option to report on Nessus Plugin or CVE total.  Look for BID, OSVDB, etc in the near future.

Code here. (http://www.jedge.com/docs/projectRF.12.11.2013.zip)

Oh, and lastly…the Nessus Vuln Matrix is broken as I need to update the code to reflect all the changes.  It mostly centers around the CVSS field breaking out into four elements.

Apr 222012
 

This tutorial will help you configure the Scratchbox environment to compile the latest svn of aircrack-ng, latest stable kismet, and reaver 1.4 for the Nokia n810. A lot of love is getting sent to the N900 but the n8x0 series of devices are still great for wireless testing. With this tutorial you will be not only to compile the software but create Debian packages for easy installation on your Nokia device. Of important note were the errors I encountered while compiling aircrack-ng. The error had not been documented on the Internet. Trust me I Googled my heart out. Everyones solution was update the linux kernel headers. Well in this case that wasn’t possible. I’m not a Linux programmer but I figured out how to edit the header file to make the changed needed to get Aircrack-ng to compile.
Continue reading »

Apr 052012
 

This post deals with gathering the information you need to use aircrack-ng to capture a WPA/WPA2 handshake for offline bruteforce attacks.  When running aireplay-ng to send out de-authentication packets you need the MAC address of the Access Point and a Client that is associated with it.  The way I would collect the information is run Kismet.  With the older version of Kismet I would monitor the client (panel view) and select (copy/paste) the access point and client MAC.  With the new version of Kismet you cannot select a MAC address.  So I wrote myself a quick Perl script to parse the Kismet NETXML file to create output with the MAC addresses of AP and associated client pairs.
Continue reading »

Sep 192011
 

I’m now providing an updated Linux Penetration Testing Laptop Setup document to help install popular and useful vulnerability assessment tools for the Linux operating system. You can go and obtain Backtrack but I feel that you will have more understanding of the tools and Linux in general if you install the tools yourself. You will also have the most current version available. See Configuration Tutorials for the latest document.

Sep 082011
 

I created a tutorial on how to setup and configure the Nokia N810 Internet Tablet to conduct a wireless assessment or audit. The tools included in the tutorial include how to setup kismet (oldcore and newcore), aircrack-ng (airbase and aircrack), and btscanner. I’m still working on developing steps to install Metasploit and Karmetasploit for wireless client attacks. The tutorial also details using the internal GPS as well as adding an external wireless adapter. The latest version of the tutorial can be found here.

May 022011
 

I created Project RF to have a reporting framework that provides  consistent reports for various vulnerability scanning tools.  The  project started with support for Nessus back when I would parse nbe files.   I’ve  since included reporting for eEye Retina, Nmap, HP WebInpect,  AppScan AppDetective,  Kismet, and GFI Languard.  This project is still in its alpha stages as  I’m not a top notch web program developer.  Scan results are exported to  XML which is then uploaded, parsed, and imported into a backend MySQL  database.  I have found this framework very useful in generating reports  for my workpapers.  I still continue to work on this project even though I’m no longer an auditor.  Recently I stripped it down to just Nessus and I rewrote the Nessus portion to support the .nesses v2 xml output.  Installation and setup instructions can be found here.

This framework supports many options for report generation and executive reporting.

Mar 302011
 

I’m now providing an updated Linux Penetration Testing Laptop Setup document to help install popular and useful vulnerability assessment tools for the Linux operating system. You can go and obtain Backtrack but I feel that you will have more understanding of the tools and Linux in general if you install the tools yourself. You will also have the most current version available. See Configuration Tutorials for the latest document.

Update:  The latest version is now v4 on Ubuntu 11.4 Natty Narhwal.

Mar 102010
 

I’ve created an updated configuration tutorial for setting up your Linux laptop to conduct system and network audits.  This version details how to get everything up and running on the latest Ubuntu currently at version 10.04 LTS (Lucid Lynx).  See the Configuration Tutorials to download the latest pdf document (currently at version 3).