NotTheFed Posted May 5, 2012 Share Posted May 5, 2012 so.. I was thinking that if a db was installed to the usb, then you could customize the various scripts. examples: *every new association is logged, and MAC\IP device name\type added to a row in the db. *DNS spoof gets modified to check the data in the db FIRST. IF set to 'one time' then only redirect if it is the first time. IF device type (bb, iphone, android, ect) redirect one time to a malicious page (iphone.php, ect..) with specific exploits. (copy contacts, sms,photos, ect to USB) IF browser type (info from dnsfpoof or urlsnarf?) IE, Safari, ect.. then different phish pages are shown..ect *nmap.php script to use the DB to determine OS, and open ports. That would feed an autopwn script. With a DB.. you could autopwn devices (once or periodically based on last pwnage) OR do nothing since you have them already. You could have a table in the DB that has updated exploit information per target version. granted.. this would require multiple mods to various tools.. but could really take the mark4 to a new level of offensive auto attack. just dreaming.. NTF Quote Link to comment Share on other sites More sharing options...
PineDominator Posted May 5, 2012 Share Posted May 5, 2012 so.. I was thinking that if a db was installed to the usb, then you could customize the various scripts. examples: *every new association is logged, and MAC\IP device name\type added to a row in the db. *DNS spoof gets modified to check the data in the db FIRST. IF set to 'one time' then only redirect if it is the first time. IF device type (bb, iphone, android, ect) redirect one time to a malicious page (iphone.php, ect..) with specific exploits. (copy contacts, sms,photos, ect to USB) IF browser type (info from dnsfpoof or urlsnarf?) IE, Safari, ect.. then different phish pages are shown..ect *nmap.php script to use the DB to determine OS, and open ports. That would feed an autopwn script. With a DB.. you could autopwn devices (once or periodically based on last pwnage) OR do nothing since you have them already. You could have a table in the DB that has updated exploit information per target version. granted.. this would require multiple mods to various tools.. but could really take the mark4 to a new level of offensive auto attack. just dreaming.. NTF a Database would be awesome I was thinking that there could be a log tab in the ui that shows every connected client with all the data and when an attack or feature is attempted on that client it could indicate it on the right saying stuff like, credentials collected, evil java attack atempted, redirected: www.google.com to /web/rickroll/index.html, ect Quote Link to comment Share on other sites More sharing options...
SilverExploit Posted May 5, 2012 Share Posted May 5, 2012 Hi, I really love your idea. The programmers here should contribute with small pieces to create this database. I already started something similar for browser and OS information gathering and made a post http://forums.hak5.org/index.php?showtopic=26347 . Tell me what you think. Cheers Quote Link to comment Share on other sites More sharing options...
telot Posted May 6, 2012 Share Posted May 6, 2012 I might venture to say sqlite3 would be the db to go with. I've used it with metasploit with great success. Its strength is that its just one file and therefore requires no server process taking up precious resources. telot Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.