Metasploit mailing list archives
SecTOR 2008 Conference Materials
From: msf at gomor.org (GomoR)
Date: Tue, 14 Oct 2008 09:36:29 +0200
On Wed, Oct 08, 2008 at 10:15:51PM -0500, H D Moore wrote:
Now online, covers upcoming features in 3.2: http://metasploit.com/research/conferences/ Thanks to Egypt for co-presenting :-) -HD
Hi HD, I have some comments (or add-ons) concerning your IPv6 related papers (conference materiels, and uninformed journal article). In fact, this is basically to promote some of my tools :) You did not spoke about OS fingerprinting over IPv6 at all. While the utility of TCP/IP stack fingerprinting may be debatable, I think that OS fingerprinting over IPv6 should be something to speak about, just because OSFP over IPv4 exists. So, SinFP[1] is an OSFP tool that can do OSFP over IPv6. See[2] for an example usage. OSFP over IPv6 is possible because raw IPv6 frames may be sent using Net::Frame frame crafting framework. So far, it is possible to build basic IPv6[3] headers, and some of ICMPv6[4] protocols. For example, this program[5] allows to lookup a MAC address using ICMPv6 ND protocol. Finally, I also developed an IPv4 to IPv6 proxy in the small utility called SSL Capable NetCat[6]. See[7] for an example usage. Thank you for your Metasploit and related work, and best regards, [1] http://www.gomor.org/sinfp [2] http://www.gomor.org/bin/view/Sinfp/DocOverview#Active_fingerprinting_IPv6 [3] http://search.cpan.org/~gomor/Net-Frame-Layer-IPv6/ [4] http://search.cpan.org/~gomor/Net-Frame-Layer-ICMPv6/ [5] http://search.cpan.org/src/GOMOR/Net-Frame-Layer-ICMPv6-1.01/examples/lookup-mac.pl [6] http://www.gomor.org/bin/view/GomorOrg/SslNetcat [7] http://www.gomor.org/bin/view/GomorOrg/SslNetcat#Accessing_IPv6_hosts_from_an_IPv -- ^ ___ ___ http://www.GomoR.org/ <-+ | / __ |__/ Research Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Frame <=> http://search.cpan.org/~gomor/ <---+
Current thread:
- SecTOR 2008 Conference Materials H D Moore (Oct 08)
- SecTOR 2008 Conference Materials GomoR (Oct 14)