==Phrack Inc.== Volume 0x0b, Issue 0x3d, Phile #0x04 of 0x0f |=------------------=[ T O O L Z A R M O R Y ]=------------------------=| |=-----------------------------------------------------------------------=| |=-----------------------=[ Phrack Staff ]=-----------------------------=| This new section, Phrack Toolz Armory, is dedicated to tool annoucements. We will showcast selected tools of relevance to the computer underground which have been released recently. Drop us a mail if you develop something kewl that you think is worth of being mentioned in #62. Content: 1 - Scapy, Interactive Packet Manipulation Program by Biondi 2 - ShellForge, Shellcode Builder by Biondi 3 - objobf : burneye2 IA32 object file obfuscator by team-teso 4 - ELFsh, ELF objects manipulation scripting langage by Devhell labs. 5 - Packit, Network injection, capture and auditing by D. Bounds ----[ 1 - Scapy : interactive packet manipulation program URL : http://www.cartel-securite.fr/pbiondi/scapy.html Author : biondi@cartel-securite.fr Comment : Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is able to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc. Here are some techniques that you can use it for : port, protocol, network scans, arp cache poisonning, dns poisonning, DoSing, nuking, sniffing etherleaking, icmpleaking, firewalking, NAT discovery, fingerprinting, etc. ----[ 2 - ShellForge : shellcode builder URL : http://www.cartel-securite.fr/pbiondi/shellforge.html Author : biondi@cartel-securite.fr Comment : ShellForge is a kit that builds shellcodes from C. It is inspired from Stealth's Hellkit. This enables to create very complex shellcodes (see example which scans ports). C header files are included that provide macros to substitute libc calls with direct system calls and an Python script automates compilation, extraction, encoding and tests. ----[ 3 - objobf : burneye2 IA32 object file obfuscator URL : http://www.team-teso.net/projects/objobf/ Author : teso@team-teso.net Comment : Objobf is part of the burneye2 binary security suite. It is an ELF relocatable object file obfuscation program. While still a beta release it works well on smaller object files and can significantly increase the time for manual decompilation. Within the downloadable tarball there are some examples. Besides obfuscation it does limited code and dataflow analysis and displays them in high quality graphs, using the free xvcg or the propietary aiSee graphing tools. Full sourcecode of the objobf tool is available at the above URL. ----[ 4 - ELFsh 0.51b2 portable : ELF objects manipulation scripting language URL : http://elfsh.devhell.org http://elfsh.segfault.net (mirror) Author : elfsh@devhell.org Comments : ELFsh is an interactive and scriptable ELF machine to play with executable files, shared libraries and relocatable ELF32 objects. It is useful for daily binary manipulations such as on-the-fly patching, embedded code injection, and binary analysis in research fields such as reverse engineering, security auditing and intrusion detection. ELFsh is based on libelfsh, so that the API is really useable in opensource projects. This version works on 2 architectures (INTEL, SPARC) and 4 OS (Linux, FreeBSD, NetBSD, Solaris). ----[ 5 - Packit : Network injection, capture and auditing tool URL : http://packit.sf.net Author : Darren Bounds Comments : Packit (Packet toolkit) is a network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. By allowing you to define (spoof) nearly all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet header options, Packit can be useful in testing firewalls, intrusion detection/prevention systems, port scanning, simulating network traffic, and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP. It has been successfully compiled and tested to run on FreeBSD, NetBSD, OpenBSD, MacOS X and Linux. |=[ EOF ]=---------------------------------------------------------------=|