Nmap Development mailing list archives
Re: Some scripts for analyzing NetBus
From: Toni Ruottu <toni.ruottu () iki fi>
Date: Fri, 3 Dec 2010 20:37:47 +0200
hello again, I realized not everyone have a NetBus setup up and running, so I decided to provide some links to NetBus packages available on the Internet. The below links are for NetBus 1.6 and 1.7. There is also a link for honeypot application NetBuster. I used these packages in my tests and they seemed to work well. The NetBus packages contain both a client and a server. The server is usually called patch.exe. Additionally they may contain a tool for editing the server. The NetBuster package contains a server with graphical configuration user interface. http://members.fortunecity.com/cambada/nb16.zip http://personal.inet.fi/koti/jaakko.linna/NetBus170.zip http://personal.inet.fi/koti/jaakko.linna/netbuster1_31.zip NetBus and NetBuster are Windows applications. I run the apps on Ubuntu using Wine and they worked surprisingly well. Just make sure you always reset the environment properly between running two different versions (kill all processes, wait for port bind to time out, and possibly delete wine configuration). Note that NetBus is hackish and might have hidden tricks. You might want to run the services under a virtual machine rather than on a system you use daily. In any case the NetBus services are not very secure, and someone could hack into your box through the service unless you are behind a firewall. happy hacking, --Toni On Thu, Dec 2, 2010 at 10:37 AM, Toni Ruottu <toni.ruottu () iki fi> wrote:
hello, Just finished writing a set of scripts that analyse NetBus-services (see attachments). I have defined total ordering for execution through dependencies, as the scripts interfere with each other. Namely, sending broken authentication credentials prevent access from everyone, and not only the failing client. The scripts do not cover NetBus2 as it seems quite different from the earlier versions, also I could not find really old versions of NetBus for testing. I have done some tests with NetBus versions 1.6 and 1.7, as well as NetBuster version 1.31. The scripts should work with the current nmap cvs, but do not work with latest release. The included scripts are (in order of execution): netbus-version - detects NetBuster, a honeypot service that mimes NetBus netbus-brute - tries to retrieve NetBus password by guessing netbus-info - opens a connection to a NetBus server and extracts information netbus-auth-bypass - checks if a NetBus server is vulnerable to authentication bypass cheers, --Toni
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Some scripts for analyzing NetBus Toni Ruottu (Dec 02)
- Re: Some scripts for analyzing NetBus Toni Ruottu (Dec 03)
- Re: Some scripts for analyzing NetBus Max (Dec 03)
- Re: Some scripts for analyzing NetBus Toni Ruottu (Dec 08)
- Re: Some scripts for analyzing NetBus Ron (Dec 08)
- Re: Some scripts for analyzing NetBus Patrick Donnelly (Dec 08)
- Re: Some scripts for analyzing NetBus Rob Nicholls (Dec 08)
- Re: Some scripts for analyzing NetBus Arturo 'Buanzo' Busleiman (Dec 08)
- Re: Some scripts for analyzing NetBus Toni Ruottu (Dec 03)
- Re: Some scripts for analyzing NetBus Toni Ruottu (Dec 13)
- Re: Some scripts for analyzing NetBus David Fifield (Dec 14)
- Re: Some scripts for analyzing NetBus Toni Ruottu (Dec 30)