Francesco
BiDiBLAH Case Study (Part 2)
With our recent release of BiDiBLAH 2.0, we’ve decided to revisit some real world scenarios, and ways BiDiBLAH can deal with it… Herewith, part 2. All the scenarios can be downloaded from the BiDiBLAH home page.
Scenario:
We have a class B network internally. Many of the users run FTP servers on their machines. We do not allow this – but how do I identify these machines?
Solution:
Using BiDiBLAH, define your network as netblocks.
SPUD reminder(s)
After some queries regarding SPUD, I thought it would be a good idea to blog this reminder:
* Spud can only be run as an administrative user.
* Spud cannot be run by directly accessing the .exe. You should run SPUD from the shortcut provided. The reason being: SPUD cannot start from the \bin directory, but only from the \bin parent directory. (default: Program Files\SensePost SPUD). I.e, run “bin\SPUD.exe” from the installation directory as below:
BiDiBLAH Case Study (Part 1)
With our recent release of BiDiBLAH 2.0, we’ve decided to revisit some real world scenarios, and ways BiDiBLAH can deal with it… All the scenarios can be downloaded from the BiDiBLAH home page.
Scenario:
If a hacker can mine/collect email addresses from our company he/she can send malware / phishing attacks to these people. But, who are these people? And what other sensitive information are we leaking from a particular domain?
Solution:
BiDiBLAH / SPUD.. Quick feedback
We’ve had some feedback from some BiDiBLAH / SPUD users regarding a few changes… Firstly, SPUD seems to be crashing under a few instances of Vista… We’ve taken note of the issue and will spend some time looking into the issue in the *not too distant* future…
Secondly, on BiDiBLAH, we’ve had a request from a user to have brute force and reverse queries done against the servers listed as NS records for the domains. (This will provide authoritative data). We’ll also look into this request in the next release.
BiDiBLAH 2.0 Released!
Yup, that’s right, BiDIBLAH 2.0 has finally been released and is available for purchase at an incredibly low US$500!! You can get BiDiBLAH here. Users who would like to try it out first, can download the evaluation copy, which is limited to a 60 minute runtime. Also, check out the FAQ page for some common / technical questions and answers.
./frankieg
Wikto 2.1 XMAS edition
The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access to findings. A few bugfixes have also been made (thanx to some valuable user feedback). Happy holidays from the research and dev team.
./frankieg
(v2.1 XMAS image)
BiDiBLAH 2.0 BETA
Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here.
As you probably know, [a real quick and easy] registration is required, and version 2 of BiDiBLAH runs on dotnet framework 2.
./frankieg
Crowbar 0.941
Quick update on your favourite brute forcer… The file input “MS EOF char” issue has been resolved, and provision has been made for blank passwords too. The above mentioned error meant that Crowbar incorrectly used EOF characters on *nix based files.
Regarding the blank passwords, simply include the word “[blank]” (without the “”) in your brute force file and crowbar will test for blank usernames/passwords as well.
For those of you that don’t know, Crowbar is a generic brute force tool used for web applications. It’s free, it’s light-weight, it’s fast, it’s kewl :>
Page 1 of 1