It’s a Web User Interface with hacking functionalities.
Install:
1 – Decompress uwui.tar.gz in /var/www
2 – Run visudo and add the line:
www-data ALL=NOPASSWD: ALL
3 – cp /var/www/uwui/bin/bin_intel/* /usr/bin
4 – cp /var/www/uwui/bin/scripts/* /usr/bin
5 – Start Apache:
/etc/init.t/apache2 start
6 – In Firefox go to http://127.0.0.1/uwui
Tips:
To show the info window of a node click over the icon
To show the actions window of a node click over the zone of the text.
If you want help me with the look and feel of the interface you need modify the files:
- /var/www/uwui/css/uwui.css
- /var/www/uwui/php/uwui_function.php
If you want help add new actions (new wifi attacks, etc …) or new info in info windows you need modify the files:
- /var/www/uwui/php/uwui_actions.php
- /var/www/uwui/php/uwui_info.php
Example actions:
if ($tipo==”monitor” ) {
action(“airmon-ng stop $valor”,””);
echo “<hr color=’green’>”;
action_bg(“airodump-ng –output-format csv -w ../data/captura $valor 1>/dev/null 2>/dev/null”,”Airodump CSV”);
action_bg(“airodump-ng –output-format pcap -w ../data/captura $valor 1>/dev/null 2>/dev/null”,”Airodump PCAP”);
action_bg(“airodump-ng –output-format csv,pcap -w ../data/captura $valor 1>/dev/null 2>/dev/null”,”Airodump CSV,PCAP”);
}
System Info
Examploe info:
if ($tipo==”system”) {
echo “<PRE>”;
echo “<U>TOP</U>\n”;
system(“sudo top -b -n 1 | head -15″);
echo “<hr color=green>\n”;
echo “<U>ROUTE</U>\n”;
system(“sudo route -n”);
echo “<hr color=green>\n”;
echo “<U>IPTABLES</U>\n”;
system(“sudo iptables –table nat –list|grep .”);
echo “<hr color=green>\n”;
echo “<U>IP FORWARD</U>\n”;
echo “IP Forward: “;
system(“sudo cat /proc/sys/net/ipv4/ip_forward”);
echo “</PRE>”;
}
If you want help optimizing or debuging you need modify the file:
- /var/www/uwui/php/uwui_core.php
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hiding technique.
// Unhide (unhide-linux or unhide-posix)
// ————————————-
Detecting hidden processes. Implements six main techniques
1- Compare /proc vs /bin/ps output
2- Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for unhide-linux version
3- Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning).
4- Full PIDs space ocupation (PIDs bruteforcing). ONLY for unhide-linux version
5- Compare /bin/ps output vs /proc, procfs walking and syscall. ONLY for unhide-linux version
Reverse search, verify that all thread seen by ps are also seen in the kernel.
6- Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for unhide-linux version
It’s about 20 times faster than tests 1+2+3 but maybe give more false positives.
// Unhide_rb
// ———
It’s a back port in C language of the ruby unhide.rb
As the original unhide.rb, it is roughly equivalent to “unhide-linux quick reverse” :
- it makes three tests less (kill, opendir and chdir),
- it only run /bin/ps once at start and once for the double check,
- also, its tests are less accurate (e.g.. testing return value instead of errno),
- processes are only identified by their exe link (unhide-linux also use cmdline and
“sleeping kernel process” name),
- there’s little protection against failures (failed fopen or popen by example),
- there’s no logging capability.
It is very quick, about 80 times quicker than “unhide-linux quick reverse”
// Unhide-TCP
// ———-
Identify TCP/UDP ports that are listening but not listed in sbin/ss or /bin/netstat.
It use two methods:
- brute force of all TCP/UDP ports availables and compare with SS/netstat output.
- probe of all TCP/UDP ports not reported by netstat.
// Files
// —–
unhide-linux.c — Hidden processes, for Linux >= 2.6
unhide-linux.h
unhide-tcp.c — Hidden TCP/UDP Ports
unhide-tcp-fast.c
unhide-tcp.h
unhide-output.c — Common routines of unhide tools
unhide-output.h
unhide_rb.c — C port of unhide.rb (a very light version of unhide-linux in ruby)
unhide-posix.c — Hidden processes, for generic Unix systems (*BSD, Solaris, linux 2.2 / 2.4)
It doesn’t implement PIDs brute forcing check yet. Needs more testing
Warning : This version is somewhat outdated and may generate false positive.
Prefer unhide-linux.c if you can use it.
changelog — As the name implied log of the change to unhide
COPYING — License file, GNU GPL V3
LEEME.txt — Spanish version of this file
LISEZ-MOI.TXT — French version of this file
NEWS — Release notes
README.txt — This file
sanity.sh — unhide-linux testsuite file
TODO — Evolutions to do (any volunteers ?)
man/unhide.8 — English man page of unhide
man/unhide-tcp.8 — English man page of unhide-tcp
man/fr/unhide.8 — French man page of unhide
man/fr/unhide-tcp.8 — French man page of unhide-tcp
// Compiling
// ———
If you ARE using a Linux kernel >= 2.6
gcc -Wall -O2 –static -pthread unhide-linux*.c unhide-output.c -o unhide-linux
gcc -Wall -O2 –static unhide_rb.c -o unhide_rb
gcc -Wall -O2 –static unhide-tcp.c unhide-tcp-fast.c unhide-output.c -o unhide-tcp
ln -s unhide unhide-linux
Else (Linux < 2.6, *BSD, Solaris and other Unice)
gcc –static unhide-posix.c -o unhide-posix
ln -s unhide unhide-posix
// Using
// —–
You MUST be root to use unhide-linux and unhide-tcp.
Examples:
# ./unhide-linux -vo quick reverse
# ./unhide-linux -vom procall sys
# ./unhide_rb
PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 114 network security tools pre-installed to aid the penetration tester. It is built on the debian squeeze image from the raspberry pi foundation’s website and uses Xfce as the window manager
Features Tools :
Information Gathering
—————————
dnstracer
lynis
netmask
tcptraceroute
tcpdump (new)
ngrep (new)
sslsniff (new)
dnswalk (new)
dmitry (new)
ike-scan (new)
darkstat (new)
arping (new)
tcpflow (new)
bing-ip2hosts-0.2 (new)
metagoofil-blackhat (new)
theHarvester (new)
Network Mapping
———————-
fping
hping3
nbtscan
netdiscover
nmap
onesixtyone
p0f
sslscan
tcptraceroute
xprobe
zenmap
pbnj (new)
Vulnerability Identification
———————————-
curl
flasm
ratproxy
smbclient
sqlmap
w3af
wapiti
wbox
nikto
skipfish (new)
metasploit (new)
S.E.T (new)
Fasttrack (new)
Penetration
————–
ExploitDB
metasploit (with db_autopwn)
S.E.T
Fasttrack (new)
Privilege Escalation
————————-
bkhive
chntpw
dsniff
etherape
ettercap
john
medusa
netsed
ophcrack
packeth
packit
samdump2
ssldump
tcpick
tcpreplay
wireshark
yersinia
fcrackzip (new)
Maintaining Access :
———————–
6tunnel
cryptcat
dns2tcp
proxychains
ptunnel
socat
stunnel4
tinyproxy
udptunnel
vidalia
netcat (new)
openvpn (new)
iodine (new)
httptunnel (new)
Radio Network Analysis
—————————–
airodump-ng
aircrack-ng
airdecloak-ng
packetforge-ng
wash
airdecap-ng
ivstools
makeivs-ng
airbase-ng
aireplay-ng
airserv-ng
airdriver-ng
airmon-ng
airtun-ng
btscanner
obexftp
reaver
weplab (new)
wavemon (new)
prismstumbler (new)
kismet(new)
VoIP Analysis
—————
sipcrack
sipsak (new)
Digital Forensic
—————-
aimage
chkrootkit
foremost
galleta
magicrescue
mboxgrep
scalpel
scrub
vinetto
wipe
Stress Testing
—————-
siege
Miscellanious
————-
pentbox-1.5 (new)
ppcalc
sendemail
macchanger (new)
IOS6 and recent iTunes updates have broken a few features. We have made some partial fixes, but they are not complete. If you’d like to help support our development, or take over the development please let us know.
Explore the internal file structure of your iphone (or of a seized phone in the case of forensic teams) using either the iphone’s own backup files or (for jail broken iphones) ssh. Viewing of plist, sqlite, and hex are supported. IOS 5 is now supported
iOS 6 only partially works at the moment (some features fail or are missing). Unfortunately paid work means we can’t fix this right now, but would welcome anyone else submitting patches
Release Notes iPhone Analyzer 2.0 alpha :
Adds heat maps for mapping
Added support for off-line mapping
KML support
IPhone Analzyer allows you to forensically examine or recover date from in iOS device. It principally works by importing backups produced from iTunes or third party software, and providing you with a rich interface to explore, analyse and recover data in human readable formats. Because it works from the backup files everything is forensically safe, and no changes are made to the data.
Features
- Supports iOS 2, iOS 3, iOS 4 and iOS 5 devices
- Multi-platform (Java based) product, supported on Linux, Windows and Mac
- Fast, powerful search across device including regular expressions
- Integrated mapping supports visualisation of geo-tagged information, including google maps searches, photos, and cell-sites and wifi locations observed by the device (the infamous “locationd” data)
- Integrated support for text messages, voicemail, address book entries, photos (including metadata), call records and many many others
- Recovery of “deleted” sqlite records (records that have been tagged as deleted, but have not yet been purged by the device can often be recovered),/li>
- Integrated visualisation of plist and sqlite files
- Includes support for off-line mapping, supporting mapping on computers not connected to the Internet
- Support for KML export and direct export to Google Earth
- Browse the device file structure, navigate directly to key files or explore the device using concepts such as “who”, “when”, “what” and “where”.
- Analyse jail broken device directly over SSH without need for backup (experimental)
netool.sh is a script in bash to automate frameworks like Nmap,Driftnet,SSLstrip and ettercap MITM attacks
this script makes it easy tasks such as SNIFFING, MITM, SSLsniff, retrieve metadata, and DoS attacks inside the local network can also perform TCP/UDP packets manipulation using etter.filters also as the hability of capture pictures of web-browser surfing on the target machine uneder MITM attack and preforms a vuln scan to target web-site using websecurify addon…
Features
- ping target
- Show Local Connections
- Show my Ip address
- Scan Local network
- Scan remote host
- execute Nmap command
- Open router config
- Ip tracer whois
- WebCrawler
- DDoS java Script
- Retrieve metadata
- Config ettercap
- Launch MITM
- show URLs visited
- Sniff remote pics
- Sniff SSL passwords
- Dns-Spoofing
- DoS attack {local}
- Compile etter.filters
- execute ettercap filter
d. delete lock folders
q. quit
Changes 10-10-2012
+ The Beta has been releases and uploaded
+ code improvements
+ fixed the dos2unix issue ( see Tickets )
smscanner is a service for detecting and analyzing web-based threats. It currently handles shells, obfuscated JavaScript, Executables, Iframes and port scans.
smscanner is developed with two main goals: 1) designing, developing, and validating novel research techniques in the area of web-based malware detection and analysis, and 2) applying these techniques in practice to real security threats.
changes since v-2.0.2 New Attack :
Wifi Jammer
New Fixes :
WebSploit Is An Open Source Project For :
Wifi Jammer
New Fixes :
- update & upgrade Command Added
- scan command added in wireless modules for scan wireless
- GUI Installer
WebSploit Is An Open Source Project For :
[>]Social Engineering Works
[>]Scan,Crawler & Analysis Web
[>]Automatic Exploiter
[>]Support Network Attacks
——
[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service
[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin
[+]format infector - inject reverse & bind payload into file format
[+]phpmyadmin Scanner
[+]LFI Bypasser
[+]Apache Users Scanner
[+]Dir Bruter
[+]admin finder
[+]MLITM Attack - Man Left In The Middle, XSS Phishing Attacks
[+]MITM - Man In The Middle Attack
[+]Java Applet Attack
[+]MFOD Attack Vector
[+]USB Infection Attack
[+]ARP Dos Attack
[+]Web Killer Attack
[+]Fake Update Attack
[+]Fake Access point Attack
The purpose of Bt5up is to update/add and bug fix BackTrack 5 tools.
Changelog : V1.5 :
- Added: FernWifi Update
- Added: Dedected Update
- Added: Wifite Update
- Added: BEEF Update
- Added: SQLNinja Update
- Added: FlashPlayer 11 to Fix BT5 Bugs/Customize BT5 Menu
- Added: Now the Additional Tools have there own module, this way I dont need to create a new version of bt5up everytime a new tool is added.
- Added: The new tools are now located in /pentest/bt5up/tools
- Added: Crypter to Additional Tools
- Added: Ghost Phisher to Additional Tools
- Added: The Teenage Mutant Ninja Turtles project to Additional Tools
- Added: MinidWep-GTK to Additional Tools
- Added: The Mole to Additional Tools
- Fixed: Paths from some tools to work with BT5 R3
1. Update and clean Backtrack.
2. Exploit tools.
- Metasploit Framework.
- Exploit-db.
- SET – Social Engineering Toolkit.
- Update all.
3. Wireless & Telephony.
- Aircrack-ng and Airdrop.
- WarVox.
- WiFite.
- Dedected.
- Fern Wifi Cracker
- Giskismet.
- Update all
4. Web & Database.
- W3AF.
- Nikto.
- BeEF
- Sqlmap.
- SQLNinja.
- Fimap.
- JoomScan.
- WPScan.
- HexorBase.
Update all.
5. Others.
- Nessus.
- Wireshark
- OpenVAS.
- Nmap
Update all.
6. Update All
7. Update Script
8. Changelog
9. Feedback (Gmail)
10. Fix BT5 Bugs/Customize BT5
- Startx after login
- Change Login message(motd)
- Set PulseAudio to autostart
- Set Wicd autostart
- Install FlashPlayer 11
11. Additional Tools
- Nessus
- Crypter
- Ghost Phisher
- TMNT Project
- MinidWep-GTK
- The Mole
