Penetration Testing mailing list archives

Re: Core Impact references

From: Ivan Arce <ivan.arce () coresecurity com>
Date: Fri, 11 Nov 2005 16:40:21 -0300

Hello Jason.
There are several ways to accomplish what you need within CORE IMPACT.

If you use RPT the entire test is automated in 6 steps, starting with
the initial Information Gathering (step 1) and footpriting, to Attack &
Penetration (step 2), local IG (step 3, ran after one or more targets
had been compromised), priviledge escalation (step 4), clean up 9step 5)
and finally reporting (step 6). Each step is launched manually and the
corresponding actions (implemented by several "modules")are launched
automatically both sequentially and in parallel depending on the
requirements for those actions are, and on the maximun number of
concurrent running modules you configure for CORE IMPACT, you can play
with that setting to throttle the amount of parallelism you get.

Also, you can always run things manually using the Modules tab (instead
of running them from RPT). Alternatively, you can create and use a macro
that chains the execution of several modules together and run that macro
manually. Further more you can write a "glue module" in Python that just
adds a fixed or random delay between module executions and use it in
your macro-module. All modules (including attack modules) are written in
Python so you can add you own or modify the existing ones.

I've assumed that you want to throttle the attack rate (or "module
execution" rate) not the packet rate. The current version of CORE IMPACT
does not provide a feature to throttle packet rate and in fact
throttling the packet rate for certain modules  might render some
attacks unrealiable or failure-prone.

-ivan

Tony Haywood wrote:

Jason,

Traffic IQ Pro has the ability to set a delay on a per packet or per traffic
file basis by up to 1 hour in minute, second and millisecond increments.

If you are already using Core Impact but it is not providing this capability
then you could capture the output and import the captures into Traffic IQ
for replay.

Regards

Tony

-----Original Message-----
From: Jason Thompson [mailto:securitux () gmail com] 
Sent: 09 November 2005 17:57
To: Michael Gargiullo
Cc: humberto1310; pen-test
Subject: Re: Core Impact references

Can Core Impact control the rate of attack? My beef with other testing
tools is they aren't stealthy enough. If I can tune the rate at which
attacks are performed (like 1 or 2 tests per 30 secs / minute) then I
can reduce the chances of the attacks being noticed.

-J

On 11/8/05, Michael Gargiullo <mgargiullo () pvtpt com> wrote:

Core Impact is amazing; I've used it in the past.

I just don't have the budget for it now.  It's not what you'd call
inexpensive.

If your budget isn't mid 4 digits, check out metasploit.  Not as
complete, but in combination with a scanner like nessus and an attack
tool.

-Mike

-----Original Message-----
From: humberto1310 [mailto:humberto1310 () bol com br]
Sent: Monday, November 07, 2005 1:16 PM
To: pen-test
Subject: Core Impact references

Hi List,

Does anyone works with Core Impact? Any reference?

Thanks,


------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------


----------------------------------------------------------------------------
--

Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers

are

futile against web application hacking. Check your website for


vulnerabilities

to SQL injection, Cross site scripting and other web attacks before


hackers do!

Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831


----------------------------------------------------------------------------
---


----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


-- 
---
To strive, to seek, to find, and not to yield.
- Alfred, Lord Tennyson Ulysses,1842

Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES

46 Farnsworth Street
Boston, MA 02210
Ph: 617-399-6980
Fax: 617-399-6987
ivan.arce () coresecurity com
www.coresecurity.com

PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Core Impact references humberto1310 (Nov 07)
- <Possible follow-ups>
- RE: Core Impact references Michael Gargiullo (Nov 08)
  - Re: Core Impact references Jason Thompson (Nov 09)
    - RE: Core Impact references Tony Haywood (Nov 10)
    - Re: Core Impact references ADT (Nov 11)
    - RE: Core Impact references Sam Johnson (Nov 13)
    - Re: Core Impact references ADT (Nov 13)
    - Re: Core Impact references Ivan Arce (Nov 11)