Vulnerability Development mailing list archives
RE: trusted solaris pen testing
From: "Dom De Vitto" <dom () devitto com>
Date: Wed, 8 Dec 2004 00:53:37 -0000
"Cain and Able" can do lots of what you want, including setup for cool Man-in-the middle attacks. http://www.oxid.it/cain.html Spoofing is easy, especially on most switched networks. http://www.oxid.it/sterm.html This is a great tool which does exactly what you want in the right situations. There are lots of ways of doing this - ARP spoofing, ARP poisoning, ICMP redirects etc. Dom -----Original Message----- From: Jack [mailto:list-recv () crepinc com] Sent: 05 December 2004 16:32 To: Elihu Smails; vuln-dev () securityfocus com Subject: Re: trusted solaris pen testing There are two possibilities: either find out the trusted hosts, and take their IP (DoS that box first) or go for the spoofing idea. Spoofing is hard, especially on a switched network. I currently don't know of any pre-written source that does this well. (I'm currently in the process of writing my own). So, if you would like to undertake this, you will probably need to write your own code. Remember, if spoofing an IP on a switched network you will need ARP spoofing in order to get the recieved packets. Have fun, -Jack C ("crEp") http://www.crepinc.com/
Current thread:
- trusted solaris pen testing Elihu Smails (Dec 02)
- Re: trusted solaris pen testing Jack (Dec 06)
- RE: trusted solaris pen testing Dom De Vitto (Dec 09)
- Re: trusted solaris pen testing Valdis . Kletnieks (Dec 09)
- Re: trusted solaris pen testing xyberpix (Dec 06)
- <Possible follow-ups>
- RE: trusted solaris pen testing Clemens, Dan (Dec 09)
- Re: trusted solaris pen testing Jack (Dec 06)