Hacker Fiction.

This is going to be a list of fiction books that involve hacking or similar technology (in no order).  Email zate75 [at] gmail.com if you have some to add or think something needs to be removed.  If you haven’t read any of these, start with the top 2.

 

Daemon - 
Freedom - [Link]
Aggressive Network Defense - [Link]
Stealing the Network: How to Own the Box - [Link]
Enchantress - [Link]
Ice Tea - [Link]
The Girl with the Dragon Tatoo - [Link]
The Girl Who Played With Fire - [Link]
The Girl Who Kicked The Hornets Nest - [Like]
Hackers - [Link]
Mind Hackers - [Link]
The Hacker and the Ants - [Link]
The Shockwave Rider - [Link]
Hex - [Link]
Hackers (Collection of short stories) - [Link]
Seventh Level - [Link]
Down The Wire - [Link]
Broken Crescent - [Link]
X - [Link]
Pearl Harbor Dot Com - [Link]
Irreconcilable Differences - [Link]
Cursed and Consulted - [Link]
The Kabalyon Key - [Link]
Exegesis - [Link]
Invisible Armies - [Link]
Z4CK - [Link]
Mind Games - [Link]
Snow White and the Seven Samurai - [Link]
The Blue No Where - [Link]
Legion:  The Enemy Within - [Link]
Synners - [Link]
MetaGame - [Link]
Geek Mafia: Black Hat Blues - [Link]
Digital Fortress - [Link]
G33k Mafia - [Link]
Little Brother - [Link]
For The Win - [Link]
G33k Mafia: Mile Zero - [Link]
Snow Crash - [Link]
Neuromancer - [Link]
Cryptonomicon - [Link]
Diamond Age - [Link]
Amity - [Link]
The Ark of Adams - [Link]
Hard_Code - [Link]
The Internet Hero - [Link]
The Cat Virus - [Link]
Behind The Screen: Hacking Hollywood - [Link]
The Mezonic Agenda: Hacking the Presidency- [Link]
Fatal Encryption - [Link]
Candy Man - [Link]
A Plague On Both Houses - [Link]
2 Periods: How Hacking Led To Murder - [Link]
The Saints Go Dying - [Link]
The Programmer - [Link]
Stealing the Network: How to own a continent - [Link]
Looking Glass - [Link]
The Hacker and the Holy War - [Link]
Gnome: Sunset Investigations - [Link]
Credit Check - [Link]
Charity Begins With Other People's Money - [Link]
Ultimate Dare - [Link]

Posted in and tagged , , , , , , , , , , , , , , , , , , , , , , , , by with 2 comments.

New feature added.

Talking in the #metasploit channel on freenode.net today someone (you know who you are) gave me the idea of saving the username, password, hostname/ip and port to a nessus.yaml file so they would be saved between metasploit sessions.

So tonight, I added that. New commands added are:

  • nessus_save: this will save those 4 items to ~/.msf3/nessus.yaml
  • nessus_logout will now remove that file when invoked.
  • nessus_connect will look for that file and use it’s contents if invoked with no arguments.  If the file doesn’t exist, it will display usage.

So basically, load nessus, nessus_connect admin:[email protected]:8834 and then nessus_save.  Now each time you load nessus you just need to nessus_connect and it will reuse those saved creds, until you wiped them out with nessus_logout.

Up next is investigating a way to have the nessus.yaml house multiple sets of creds and let you invoke nessus_connect with the set name to login to that server (or the default set if no set name is given).  also need to modify nessus_save to take an argument that it will use for the set name.  Tackle that later this week I guess.

It’s been merged, so svn up and you are set.  Report bugs to me or via the metasploit redmine.

thanks!


Posted in Bananas and tagged , , , , , , , , , , by with no comments yet.

So much to do.

Going to write up a bit of a “todo” list here of all the things I need to work on.

  1. Nessus IVIL wrapper for Seccubus V2 – I had a wonderful talk with Frank from seccubus a couple of weeks back and we came up with the idea of “IVIL” which is basically a common XML format to report findings in from just about any tool.  I’m going to write an example IVIL aware wrapper for Nessus that will let you create scans, download reports and output in IVIL format to be loaded into seccubus V2.  Ideally anyone could write a wrapper for any tool and convert the tools output to IVIL to be loaded into seccubus for reporting.
  2. Bug fixes for the Nessus plugin.  I need to diff out all the new things in the code that are not currently in metasploit and submit that.  Also work on a couple of tweaks and new features people have suggested.
  3. Watch some more ruby videos and read some more of my ruby book.
  4. Fix up my dev environment.  I am trying to swap over to using Netbeans as my IDE and SVN over SSH to connect to remote servers to test.  Carlos Perez has been great in showing me how this works.  Probably look at moving my dev to a vm on my laptop to repurpose the current hardware as an Astaro box.
  5. Look into using meterpreter more and learning about meterpreter scripting in order to use meterpreter as an OVAL interpreter.
  6. Work more on learning nasl.  Also looking to create a nasl script to do OVAL scanning of remote hosts directly with nessus.  Lots to do here and nasl is a bit clunky after working with ruby.  Funtimes though.
  7. Keep working on my highly threaded http scanning engine.  Basically want something that is fast and scalable for finding http(s) servers on any port.  If one exists now that grabs all kinds of info on what the server/service is, love to see it.  Emphasis on the fast and scalable, talking scanning thousands of hosts and all ports.

That’s all that springs to mind right now.  Still getting over being sick and the whole family being sick after returning from Hack3rcon.

Speaking of Hack3rcon, I had a blast.  I’ll sign off here by embedding my talk on Nessus/MSF Integration.  My first ever talk and I learnt a great deal about presenting with live demo’s.  Redt of the talks are available on irongeek.com

Nessus Bridge for Metasploit Zate Berg from Adrian Crenshaw on Vimeo.


Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , by with no comments yet.

Presenting the Nessus Bridge at #Hack3rcon this weekend.

This weekend (Oct 23rd and 24th) I will be in Charleston WV presenting/demoing the Nessus Bridge for Metasploit at Hack3rcon.  This will be the first time I’ll have presented anything outside of work and should be lots of fun.  Quite a few great speakers that I look forward to meeting.

I’ll post the presentation up here once it’s done for everyone else to take a look at.  Actually going to be presenting a few new commands that are not in the metasploit svn version of the plugin.

After Hack3rcon I’ll be back into high gear adding some new functionality to the plugin and branching out into writing a wrapper for Nessus to speak IVIL for Seccubus v2.  This is pretty exciting stuff for me.  Coming up with a xml format to speak “findings” that is tool agnostic is going to be a great thing.  It will mean moving findings between tools, or comparing findings between tools, will be much much easier.  Keep a look out for that one.

There has been some talk on the metasploit mailing list this week about using tools such as Nessus to scan through a MSF pivot and into another network.  Some interesting discussion and I think it’s something I will dive into in these next few weeks.  Start to examine what some of the limitations are and how we might overcome or avoid them.

that’s it for now.  have a good weekend.


Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , , , , , by with no comments yet.

Latest changes to the Nessus Plugin submitted to Metasploit.

Late night last night I got the code cleaned up and submitted to msfdev.

Should probably be in the Metasploit svn in a few days, I know those guys are super busy with an upcoming release.

In the mean time you can download it from the GitHub – http://github.com/Zate/Nessus-Bridge-for-Metasploit

Changes:

  • Streaming Parser for Nessus V2 Reports.
    • This streams the file from the nessus server and processes each host as it finds it instead of loading the entire file into memory which can be very intensive on large reports.  Performance is much better though it can take a while to interate through large numbers of hosts. (more…)

Posted in Security, Technology and tagged , , , , , , , by with 2 comments.

Nessus Bridge for Metasploit :: Plugin Commands

Welcome to part 5 of my Nessus Bridge for Metasploit coverage.  Here is part 1part 2part 3 and part 4 if you are just joining us.

Next up are the plugin commands.  These helpful little beasts are all about showing you what plugins are available on your nessus server, and how many of them you have.

  • nessus_plugin_list
  • nessus_plugin_family
  • nessus_plugin_details
  • nessus_plugin_prefs

Given that nessus has over 38,000 plugins, simply asking it to list them all would result in a very large list returned from the server.  Nessus gets around this by breaking the request down into several parts. (more…)


Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , , , , , , , by with no comments yet.

Streaming Parser for Nessus Plugin up for testing.

A few late night sessions of coding and I have a version of the plugin up on github.com that uses REXML Streaming Listener to parse the NessusV2 Reports.  The benefits of this is being able to handle much larger scans, much faster as it will itterate over each host and add it as it parses it, instead of the DOM/Tree method which loads the entire file into memory before parsing.

What I’d like is a few people to test it.

[singlepic id=14 w=320 h=240 mode=web20 float=]

So, grab the code from here, unpack it and then over write your metasploit install with the files in that archive.  Should be 4 of them.

Once you have done that, test it, connect to a Nessus server, import some reports, test all the other functions and maybe even just test some importing of nmap etc too if you like.

Report any bugs to me to be fixed and then when you want to remove these files, just delete these 4 from your metasploit install and then do “svn update”.


Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , by with no comments yet.

goo.gl URL Shortener

I’m a google fan, I admit it fully.  I use lots of their services, I like their stuff and I am at peace with their devling into my personal space.  It’s gonna happen, unless you choose to live your life 100% offline, you are trading personal privacy for access to services.

Their latest creation (which has been around for a while, just not public) is their very own URL shortener called goo.gl.  It does some of the usual things, it tracks metrics and it does one other things I think is really cool.  It creates a QR code for your url.

Here is one I created earlier (ha, sounds like a cooking show).

http://goo.gl/YgTu.qr for the url http://goo.gl/YgTu

Very cool.  I like QR codes.  For those of us with smart phones, a simple scan of the code and you can open the site.

I do wish the service had an easy way to copy the new urls to the clipboard though.

So what else can it do?  Well #1, I want it to tie in with their safe browsing serivce (http://www.google.com/safebrowsing/diagnostic?site=google.com) so that I can’t create a URL to a known bad site.  I’d also like them to regularly scan the urls and disable those that link to malware.  There are lots of URL shorteners and they definately pose a security risk and it’s about time someone took the step of removing bad URL’s.

Thoughts?


Posted in Security, Technology and tagged , , , , , , , , , , by with no comments yet.

It’s the small victories…

So one of the major “issues” with the Nessus for Metasploit Plugin right now is that it does not handle large reports well.  Not even the usual db_import_nessus handles large reports well and this is because it reads the entire file in one big blob then parses it.

The nexpose importer and the nmap importer both use REXML Stream Processors.

So tonight I copied the nmap_xml.rb file and am working on making it process Nessus v2 files.  I am hoping that both the Nessus plugin, and the db_import will benefit from these changes.

I’ve been looking at it for a few days and kind of avoiding it because it’s difficult and is going to require large portions of my time fumbling through learning how the current one works enough to know how/what to modify.

Well turns out it’s simpler than I thought. (more…)


Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , by with no comments yet.

Nessus Bridge for Metasploit :: Scan Commands

Welcome to part 4 of my Nessus Bridge for Metasploit coverage.  Here is part 1 and part 2 and part 3 if you are just joining us.

The Scan Commands are where this plugin starts to really differ from previously importing nessus scans from flat files.  With these commands we can stay within the metasploit framework and reach out and examine things with Nessus.  We can then use the Report Commands we just learnt about to pull that data back to later pwn stuff.

Scan Commands are as follows:

  • nessus_scan_new
  • nessus_scan_status
  • nessus_scan_pause
  • nessus_scan_pause_all
  • nessus_scan_stop
  • nessus_scan_stop_all
  • nessus_scan_resume
  • nessus_scan_resume_all (more…)

Posted in Bananas, Security, Stuff, Technology, Things and tagged , , , , , , , , , , , , , , , , , , , , by with no comments yet.