http://labs.portcullis.co.uk Labs Portcullis updates. en Labs portcullis Tue, 22 Feb 2011 11:21:19 GMT http://backend.userland.com/rss 60 hhttp://labs.portcullis.co.uk/mg/logo.gif http://labs.portcullis.co.uk Thu, 30 Oct 2008 11:54:12 GMT http://labs.portcullis.co.uk/application/polenum/ <p>polenum is a python script which uses the&nbsp;<a href="http://oss.coresecurity.com/projects/impacket.html">Impacket</a> Library from CORE Security Technologies to extract the password policy information from a windows machine. This allows a non-windows (Linux, Mac OSX, BSD etc..) user to query the password policy of a remote windows box without the need to have access to a windows machine.</p> <h2>features</h2> <ul> <li>can extract password and associated information from a windows machine</li> <li>will connect over a NULL or authenticated share</li> <li>supports encrypted/signed sessions</li> </ul> <h2>limitations</h2> <ul> <li>no NTLMv2 support</li> <li>has a problem with domain connected workstations</li> </ul> <h2>download</h2> <p><a href="/download/polenum-0.2.tar.bz2"> download polenum</a></p> <p>&nbsp;</p> Thu, 30 Oct 2008 11:51:42 GMT http://labs.portcullis.co.uk/application/vessl/ <p>vessl is a simple wrapper script that connects, extracts and then verifies the ssl certificate of an encrypted service. It was originally written in order to script up the ability to verify ssl certificates across a large network. </p> <h2>features</h2> <ul> <li>vessl will connect to any service that openssl can</li> <li>it will extract and verify against a given CA Pem file</li> <li>it will check that certificate matches the host it is on</li> <li>it produce a map going from ip's to hostname</li> <li>checks to see if certificate is based on a blacklisted debian key</li> </ul> <h2>dependencies</h2> <ul> <li>openssl</li> <li>ping</li> <li><a href="https://launchpad.net/ubuntu/+source/openssl-blacklist/">openssl-vulnkey</a></li> <li>mktemp</li> <li><a href="/content/vessl/generating-a-ca-pem-file/">CA Pem File</a></li> </ul> <h2>download</h2> <p><a href="/download/vessl-0.3.1.tar.bz2"> download vessl</a></p> <p>&nbsp;</p> Thu, 03 Apr 2008 14:24:31 GMT http://labs.portcullis.co.uk/application/nbtstat-1-5-2/ <p>NBTscan is a program for scanning IP networks for NetBIOS name information. It sends NetBIOS status query to each address in supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address.</p> Fri, 09 Oct 2009 13:33:35 GMT http://labs.portcullis.co.uk/application/hoppy/ <p>hoppy is a <u><strong>h</strong></u>ttp <u><strong>o</strong></u>ptions <u><strong>p</strong></u>rober written in <u><strong>py</strong></u>thon. It checks the availability of HTTP methods as well as probing them to see if they can be forced to disclose system information.</p> <h2>features</h2> <ul> <li>HTTP Method detection, TRACK, TRACE, PUT etc</li> <li>Internal IP address disclosure detection</li> <li>Internal Path Disclosure detection</li> <li>Transparent working so you can see exactly what it did</li> <li>Data extraction</li> <li>Spider to find directories for webDAV detection</li> <li>ms09-020 IIS auth bypass check on all discovered directories</li> </ul> <h2>download</h2> <p><a href="/download/hoppy-1.7.3.tar.bz2"> download hoppy</a></p> <p>&nbsp;</p>