Dailydave mailing list archives
Re: HITB trip report
From: "I)ruid" <druid () caughq org>
Date: Mon, 03 Oct 2005 23:59:00 -0500
On Mon, 2005-10-03 at 14:21 -0400, Dave Aitel wrote:
STIF-ware Evolution Meder Kydyraliev and Fyoder Yarochkin This was a good talk in many ways, but the technology isn't advanced enough to really give the demo the wow-effect that some people want to see. The basic idea is they've wrapped all the security tools you'd want (nmap, nessus, etc) with xml wrappers, and each of them can then use a framework to trigger off the others. So for example, you can give it a list of hosts, and it calls "add ip BLAH" and then you have say, a scanner module waiting for new IP notifications, and it reports "VULN blah" and then a module waiting for that runs and gets you root. Of course, the devil is in the details. This sort of system is going to be hard to make efficient.
Hrm... this sounds almost exactly (in regards to function, not implementation) like a tool I wrote back circa '97 called "HackIt!"[1]. Glad to see someone other than my unmotivated ass is getting around to doing something with the idea... Mine wasn't XML though, it was a collection of scripts and exploits written in varying languages all tied together by a management app that implemented a process like what you describe the XML as doing above. Each script or exploit was categorized into phases of the process and either modified or wrapped to take a standardly formatted input from the previous phase and produce standardly formatted output for the next phase (or log final results if there was none). And you're right, it was horribly, horribly inefficient. But it was automated! It could h4x0r the gibson (is that the phrase all the kids are using nowdays?) 24/7, while I slept, lounged around the pool sipping drinks, etc. Er, all within the confines of my physically isolated test lab of course (: Now I'll have to see if I still have a copy of that code...
At udrw.com you can get a USB key that pretends its a cdrom. This is great for autorun, apparently.
Well isn't this little device becoming the hot item all of a sudden. This is the third time I've heard about this in the past month or so... [1] http://web.archive.org/web/19990128091212/http://www.caughq.org/cgi-bin/CAU/hackit (go wayback machine!) -- I)ruid, CĀ²ISSP druid () caughq org http://druid.caughq.org
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- HITB trip report Dave Aitel (Oct 03)
- Re: HITB trip report Joanna Rutkowska (Oct 03)
- Re: HITB trip report mel (Oct 03)
- Re: HITB trip report I)ruid (Oct 03)