PaulDotCom mailing list archives
Re: Pentesting drop boxes
From: Jim Halfpenny <jim.halfpenny () gmail com>
Date: Fri, 5 Nov 2010 15:38:22 +0000
Hi, A low powered system that can run off batteries (which I don't think the sheevaplug can) would be useful. If wireless penetration is an option a small form factor device and a car battery locked in a case could be a viable option for an in-plain-sight drop box. Something that looks like a telecoms cabinet might be inconspicuous enough to leave next to an exterior wall and the weight of a car battery might may a casual observer think it's fixed to the wall. There are sheevaplugs available with built-in 802.11 which would be less conspicuous that one with a USB adapter. Cheers, Jim On 5 November 2010 14:15, David Porcello <DPorcello () vermontmutual com> wrote:
Has anyone used a “drop box” in a pentesting engagement? I’ve been building on this idea and would like to hear suggestions on what to add. The end goal is to have a Backtrack-esque tool set on a plug-based microserver, and a set of reverse tunneling scripts that walk through all the commonly allowed egress ports/protocols to establish a backdoor shell into the target network. Here’s what I have so far: Hardware: Ubuntu-based Sheevaplug microserver, wifi support via USB ALFA Tools: Metasploit, Fasttrack, SET, SSLstrip, nmap, dsniff, netcat, nikto, nbtscan, xprobe2, inguma, scapy, ettercap, JTR, medusa Reverse tunnel scripts (running every minute for persistence): SSH over port 443, SSH over HTTP requests (proxy support), SSH over DNS queries, SSH over ICMP What else would everyone like to see? grep. http://grep8000.blogspot.com ________________________________ NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited. Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Episode 217p2: Slutty wireless network cards Adrian Crenshaw (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Mike Patterson (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Adrian Crenshaw (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Mike Patterson (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Adrian Crenshaw (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Adrian Crenshaw (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards Mike Patterson (Nov 03)
- Re: Episode 217p2: Slutty wireless network cards David Porcello (Nov 04)
- Re: Episode 217p2: Slutty wireless network cards James Shewmaker (Nov 05)
- Re: Episode 217p2: Slutty wireless network cards Adrian Crenshaw (Nov 05)
- Pentesting drop boxes David Porcello (Nov 05)
- Re: Pentesting drop boxes Jim Halfpenny (Nov 05)
- Re: Pentesting drop boxes David Porcello (Nov 05)
- Re: Episode 217p2: Slutty wireless network cards James Shewmaker (Nov 05)