Pentesting drop boxes

[David Porcello <DPorcello () vermontmutual com>]

Has anyone used a "drop box" in a pentesting engagement? I've been building on this idea and would like to hear 
suggestions on what to add. The end goal is to have a Backtrack-esque tool set on a plug-based microserver, and a set 
of reverse tunneling scripts that walk through all the commonly allowed egress ports/protocols to establish a backdoor 
shell into the target network.

Here's what I have so far:

Hardware: Ubuntu-based Sheevaplug microserver, wifi support via USB ALFA
Tools: Metasploit, Fasttrack, SET, SSLstrip, nmap, dsniff, netcat, nikto, nbtscan, xprobe2, inguma, scapy, ettercap, 
JTR, medusa
Reverse tunnel scripts (running every minute for persistence): SSH over port 443, SSH over HTTP requests (proxy 
support), SSH over DNS queries, SSH over ICMP

What else would everyone like to see?

grep.
http://grep8000.blogspot.com


________________________________
NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named 
above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender 
immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are 
not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, 
distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited.

Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the 
responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any 
loss or damage arising if such a virus or defect exists.

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com