pello + network security

Why the hell did I think I wrote this in packetfu? Looks like my hard disk contains a traffic hijacker glad to HSRP written with the racket lib. That was wrote a long time ago and I decided to push it before I forget it another time in the not-so-used inodes.

http://dev.metasploit.com/redmine/issues/4568

AFAIK, Tod is doing some nice work actually on the packetfu lib. Stay tuned for the next clash regarding networking lib in ruby. Racket or Packetfu? It seems the future will be a plentiful of Packetfu!

EAP-MD5 is deprecated since Windows Vista in the Microsoft world.

A KB exists to pinpoint the dictionary attack. That’s not the case for Cisco. EAP-MD5 is so great you can still use it on the Cisco’s IP phones. Also, I have found no documents referring to the EAP-MD5 security weakness but the deployment guides that helps the poor administrators to be powned in the future. Hopefully when Cisco stamps a customer network as safe glad to an audit (Probably running by a CISSP leet) then the customer feels indestructible until a real pentester (not the CISSP’s well-suited guy) manages to break-in on their invulnerable network in seconds.

Reality is bad. Help your customer to kill EAP-MD5 forever by using my metasploit module which worked succesfully on wired and wireless 802.1x environments.

You could also use the following script from LaNMaSteR53 if you are in love with python. Or the well-known xtest and eapmd5pass which is not needed to comment anymore.

Go for another scheme or… or…sorry definitely no EAP-MD5 even tunneled as it remove the dictionary attack but add the man in the middle scenario to the attacker.

Evangelism for the win.

New Metasploit module developed: https://dev.metasploit.com/redmine/issues/4007 (XeroX workcentre users enumeration)

New repository containing network security documents and videos : http://code.google.com/p/netsec-catalog/

See you later.

Hi packets monkeyz and others,

Better late than never.. contribution to the packetfu project to add the HSRP layer.

The first application layer added to the project by the 24 of December 2010!

http://code.google.com/p/packetfu/source/detail?r=156

http://code.google.com/p/packetfu/source/detail?r=157

A Cisco HSRP traffic hijacker is already coded to be included into metasploit but waiting some rex and packetfu libs to be updated before going in the wild…

Just wish I will not forgot to update it …

Cheers :~

Some code I wrote for the Metasploit project …

DNS(SEC) fuzzer, Cisco IOS configuration grabber via SNMP, Cisco VPN enumeration module, [cisco] TTL Expiry Attack, Cisco IOS SNMP file copy (TFTP).

News coverage by Rapid7 …

Cisco IOS Penetration Testing with Metasploit

HAPPY 2011 !