October 25th, 2002, 07:55 AM
A few hacking tools 2002
A review of a few (new) hacking tools 2002.
Inspired of a article found on SNP did I do some research about what the tools mentioned in the article did do and the purpose of them.
Due to the sensitivity of some of these tools do I not provide many links or sources. I do know that those people skilled enough to use these tools in a good maner also do know how to find them or more information about the tools if they want to. I do just provide the names and a few functions as a varning to all security minded administrators.
LibRadiate is a tool to expose 802.1x risks and vulnerabilities.LibRadiate is a software library which is used to capture, create, and inject 802.11 frames.
Paketto Keiretsu is a lots of interesting tools and cross-linked techniques for achieving new and useful functionality from existing IPV4 networks.
Source: Doxpara Research
A. Instant Portscan
Is it possible to discover instantaneously what network services have been made available, even on massive networks?
B. Guerrila Multicast
Is it possible to send a single packet to multiple recipients, using today.s multicast-free Internet?.
C. "NATless NAT"
Is it possible to share a globally addressable IP address without translating private IP ranges a la NAT?
Is it possible to allow incoming connections to an IP multiplexed in this manner?
D. NAT Deadlock Resolution
Is it possible to establish a TCP connection between two hosts, both behind NATs?
Setiri is a demo Trojan horse that can operate without a user or firewall detecting its actions. The researchers say they will not release Setiri into the wild for hackers to use. The scary thing is if these guys are capable of write this piece of code how many similiar Trojans are out there waiting for us written by people who happily will share their work and distribute it in the wild without a second thought?
The Defiler's Toolkit
The Trojan horse gets loaded onto a victim's PC in the same manner as other Trojan horses--either embedded in an e-mail attachment or downloaded file, or installed physically onto a PC via a disk. But Setiri differs from other Trojan horses in that it does not contain executable commands that can cause its malicious actions to be blocked by the firewall. Instead, the program launches an invisible window in Internet Explorer to connect stealthily to a Web server through an anonymous proxy site called Anonymizer.com. The site is intended to enable anonymous surfing, but Setiri uses it to execute commands on your PC without your knowledge. Such commands can include downloading a keystroke-logging program to your system or uploading files or passwords to a remote PC. Because the stolen data is passed back through the Anonymizer proxy, you cannot trace the location of the remote computer.
The file system (supposedly) contains a record of file I/O activity on
a computer and forensic analysts attempt to extract this record for
examination. Aside from their forensic tools incorrectly reporting on the
data, these tools are useless if the data is not there to be reported on.
This section will present methodologies for thoroughly eradicating evidence
on a file system. These methodologies have been implemented in The
Defiler's Toolkit (TDT) which accompanies this article.