The Interceptor 1.0

The Interceptor is a way to listen in to network traffic as it flows past.

The Interceptor does away with the wired monitor port and instead spits out the traffic over wireless meaning the listener can be anywhere they can make a wireless connection to the device. As the data is encrypted (actually, double encrypted, see how it works) the person placing the tap doesn’t have to worry about unauthorized users seeing the traffic.

Here are some possible situations for use:

  • Penetration testing – If you can gain physical access to a targets office drop the device between the office printer and switch then sit in the carpark and collect a copy of all documents printed. Or, get an appointment to see a boss and when he leaves the room to get you a drink, drop it on his computer. The relative low cost of the Fon+ means the device can almost be considered disposable and if branded with the right stickers most users wouldn’t think about an extra small box on the network.
  • Troubleshooting – For sys-admins who want to monitor an area of network from the comfort of their desks, just put it in place and fire up your wireless.
  • IDS – If you want to see what traffic is being generated from a PC without interfering with the PC simply add the Interceptor and sit back and watch. As the traffic is cloned to a virtual interface on your monitoring machine you can use any existing tools to scan the data.
The Interceptor 1.0
Platform: Linux
Last update: 18 March 2009
Developer: Robin Wood
File type: .tar.bz2
File size: 33 Kb
License: Creative Commons
Categories: Analyzers
Downloads: 36

L0phtCrack 6 – New Release

Olá pessoal. Finalmente depois de quase 3 anos de não atualizações o L0phtCrack está de volta em uma nova versão que será lançada dia 11 de Março na SOURCE Boston Conference.

Para quem não conhece, o L0phtCrack é uma ferramenta para auditoria de senhas Windows. Basicamente ele efetua ataques de Brute-force, Dictionary e Rainbow-Tables em Hashes LM e NTLM.

Realmente é uma ferramenta muito legal e foi o que pena o que fizeram quando a Symantec comprou a ferramenta de seus desenvolvedores iniciais e a jogou no Freezer, simplesmente fazendo de conta que a ferramenta nunca existiu.

Ao que parece muitas inovações serão acrescentadas na ferramenta, como por exemplo melhoria nos algoritmos de quebra e suporte a novos padrões de rainbow-tables.

Eu sinceramente gostaria MUITO que a versão 6 viesse com suporte a multiplos núcleos de processamento, isso realmente ajudaria muito quanto o ganho de poder dos ataques.  Vamos aguardar para ver.

Quem quiser enquanto isso conhecer a última versão que foi lançada antes de seu total abandono pode baixar aqui.

Good Hacking 4 All.

Book of Month: March

Professional Rootkits
Author: Ric Vieler
Publisher: Wrox
Year: 2007
Pages: 360
Amazon’s book description: This book provides the detailed, step-by-step instructions and examples required to produce full-featured, robust rootkits. Presented in modular sections, source code from each chapter can be used separately or together to produce highlyspecific functionality. In addition, Vieler details the loading, configuration, and control techniques used to deploy rootkits. All ancillary software is fully detailed with supporting source code and links to the compilers, utilities, and scripts necessary to build and run every example provided.