Bugtraq mailing list archives
Re: [IPD] Internet Probe Droid
From: kaw () COLOSSUS ENG SUN COM (Keith A. Watson)
Date: Thu, 18 Sep 1997 18:33:20 -0700
Previously, balif wrote:
Automating brute force attacks with 'Expect" balif and desslok
I wrote some extensions to SATAN while I was part of the COAST lab at Purdue. Some of the probes were written in Expect. One of the reasons in writing them was to demonstrate the ease at which new probes can be added to SATAN. The reasons for using Expect are as you mentioned. It is quick and easy to develop powerful scripts. The Expect probes I wrote just used the telnet command to connect and interact with remote network daemons (telnetd, popd, and sendmail). As your scripts show, it takes very few lines of Expect to build a fairly effective scanner. I am surprised that there haven't been more Expect-based tools such as these written. If anyone is interesting in examining other Expect-based security scanners or would like some extensions to SATAN, the stuff I wrote is available at: ftp://coast.cs.purdue.edu/pub/COAST/tools/SATAN_Extensions.tar.Z* This package was never really advertised, so not many people are using it. I haven't touched it since it was released in December 1995. I still might be able to answer any questions about them. Keith
Current thread:
- CERT Advisory CA-97.23 - rdist Aleph One (Sep 16)
- Re: CERT Advisory CA-97.23 - rdist Theo de Raadt (Sep 16)
- Fake ps detection program (system V and /proc enabled machines) Duncan Simpson (Sep 16)
- Java/JavaScript DoS Ian McKellar (Sep 16)
- Re: Fake ps detection program (system V and /proc enabled David Luyer (Sep 16)
- Re: CERT Advisory CA-97.23 - rdist Perry E. Metzger (Sep 16)
- Re: CERT Advisory CA-97.23 - rdist Alex (Sep 16)
- [IPD] Internet Probe Droid balif (Sep 16)
- Re: [IPD] Internet Probe Droid Keith A. Watson (Sep 18)
- Instresting practises of Oracle [Oracle Webserver] hurtta+zz () OZONE FMI FI (Sep 18)
- Redir games with ARP and ICMP Yuri Volobuev (Sep 19)
- Re: Redir games with ARP and ICMP Alan Cox (Sep 19)
- Re: Redir games with ARP and ICMP Ulrich Flegel (Sep 20)
- Blind Spoofing System Crasher (Sep 20)
- SunOS4.1.X sockopt panic HAKNER JEFF (Sep 20)
- Re: Redir games with ARP and ICMP John Goerzen (Sep 22)
- Fake ps detection program (system V and /proc enabled machines) Duncan Simpson (Sep 16)
- Re: CERT Advisory CA-97.23 - rdist Theo de Raadt (Sep 16)
- Re: CERT Advisory CA-97.23 - rdist Simon Karpen (Sep 16)
- Sun Security Bulletin #00154 Aleph One (Sep 17)