Nmap Development mailing list archives
Re: Latest dist v5.2
From: Jonathan R <agentsmith15 () gmail com>
Date: Wed, 27 Jan 2010 22:54:17 -0600
Does the tool have to be PsExec by Sysinternals? I believe there are a few open source PsExec clones floating around the net like RCE<http://sourceforge.net/projects/rce/>. If it's open source there should be no problem with it getting flagged by AV. If you guys do end up encrypting Psexec would you think OpenSSL is a little overkill? TEA (Tiny Encryption Algorithm) is smaller faster but weaker, but all your doing is just obfuscating the executable. Best of all it's not patented. On Wed, Jan 27, 2010 at 6:21 PM, Ron <ron () skullsecurity net> wrote:
On Wed, 27 Jan 2010 16:16:11 -0800 Fyodor <fyodor () insecure org> wrote:1) The "nuke it from orbit" approach, where we just use OpenSSL to encrypt the whole @#$#@ file with some symmetric algorithm and a fixed key. This would require that the user have an OpenSSL-enabled Nmap to use it, but I imagine that the vast majority of Nmap installs have OpenSSL these days. Or I suppose we could do a double-obfuscation of prepending a NUL *and* doing a word-width XOR or a stream XOR against a generated sequence. We might want to remove the .exe extension too.Actually, that's a great idea! You can't get to that point without OpenSSL anyways. You can't authenticate to smb without it, and you can't run this script without authenticating to smb. I won't be able to write that today, though, but I Can probably do it tomorrow.
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Latest dist v5.2, (continued)
- Re: Latest dist v5.2 Ron (Jan 23)
- Re: Latest dist v5.2 David Fifield (Jan 25)
- Re: Latest dist v5.2 Ron (Jan 25)
- Re: Latest dist v5.2 David Fifield (Jan 26)
- Re: Latest dist v5.2 Ron (Jan 26)
- Re: Latest dist v5.2 Fyodor (Jan 27)
- Re: Latest dist v5.2 Brandon Enright (Jan 27)
- Re: Latest dist v5.2 Ron (Jan 27)
- Re: Latest dist v5.2 Fyodor (Jan 27)
- Re: Latest dist v5.2 Ron (Jan 27)
- Re: Latest dist v5.2 Jonathan R (Jan 27)
- Re: Latest dist v5.2 Ron (Jan 28)
- Re: Latest dist v5.2 Fyodor (Jan 28)
- Re: Latest dist v5.2 David Fifield (Jan 25)
- Re: Latest dist v5.2 Ron (Jan 23)
- Re: Latest dist v5.2 Ron (Jan 27)
- Re: Latest dist v5.2 Brandon Enright (Jan 27)
- Re: Latest dist v5.2 Brandon Enright (Jan 27)