Author Topic: Easy-Creds is requested  (Read 15934 times)

nubbix

  • Newbie
  • *
  • Posts: 30
    • View Profile
on: September 14, 2012, 05:01:22 AM
For any future verison releases, please include easy-creds
This is a great program script to enumirate a wifi hotspot...




ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #1 on: September 14, 2012, 11:43:33 AM
Hi nubbix (one more time),

When you ask for new tool, pls give us more informations about and post link for source.
« Last Edit: September 15, 2012, 01:17:50 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


nubbix

  • Newbie
  • *
  • Posts: 30
    • View Profile
Reply #2 on: September 15, 2012, 03:04:01 AM
Sorry, forgot the link and information

Description
easy-creds is a bash script that leverages ettercap and other tools to obtain credentials. It allows you to easily attack with basic arp poison, oneway arp poison and DHCP spoofing or a Fake AP. Includes sslstrip log file parser

Download source files her
http://sourceforge.net/projects/easy-creds/

Project Homepage
http://easy-creds.sourceforge.net/



brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #3 on: September 18, 2012, 01:41:39 PM
I'm the dev for easy-creds. v3.6 is currently hardcoded with Back Track paths, the new version 3.7 is my first attempt at platform indepenedence...its not pretty ;-) but so far its working.

One main issue I've seen on forums is ubuntu repos starting at 11.04 use a diff dhcp server so I have to work on that as well.

Here is a link to the code currently in dev: https://www.box.com/s/942672c677240bbd0fae

It will download a tar.gz file with the bash script in it. I tried to build an installer as well...again I'm no dev so its not pretty.

Let me know if you have any suggestions, code change, ideas, etc.

Happy hunting,
J0hnnyBrav0



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #4 on: September 18, 2012, 02:02:06 PM
Hi J0hnnyBrav0,

Welcome to our community !


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #5 on: September 18, 2012, 03:07:58 PM
Thanks working my way through BackBox. I like it...seems clean and sleek.

Let me know if you need any prereq infor for easy-creds. Its probably moot, but let me know.



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #6 on: September 18, 2012, 03:52:11 PM
I know that making something "NEW" can be a problem. But most of coders, make something for BT. I don't have nothing against but when i start tool and i see made for BT version tra la la, i don't use tool in 80% of case. And after few months or years, developers try BackBox, they say what you said, but all stays on that.

I can say thanks to Websploit and EAPeak developer to agree with me on this point. We worked together, fixed bugs, we give big support for this projects, but we are happy to see BackBox name on their site.

You share, and you are workng a lot to make all up to date, we do the same. But I hope that you agree with me, that BT is not best, it's only older security distro and making something only for them, it's not 100% open source project for me.

Thank you one more time, and i will download your tool and try to see if all goes well with BackBox.

Cheers !
« Last Edit: September 19, 2012, 04:27:29 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #7 on: September 18, 2012, 05:10:25 PM
Well when I say it was "made" for BT....its just the paths that called the binaries/etc (eg: /pentest/)

The new version does a lookup of the apps to gain try to assess their locations and uses those paths.

With regards to easy-creds...I wrote it for myself a long time ago...it led to us taking over the ettercap project. I never expected others to be using it...now I'm trying to redo some stuff knowing that aspect.

With regards to BT, everyone has their fav distro. I've been using it since BT2 and my best friend is a dev, so I am going to be biased ;) Gotta another buddy who does the pentoo build.

Saw backbox and figured I'd check it out. So far so good.




nubbix

  • Newbie
  • *
  • Posts: 30
    • View Profile
Reply #8 on: September 19, 2012, 04:11:36 PM
I concure, even though I recently moved back to BT5 due to recent discovery of a fix for intel graphics, i think Backbox far better looking, drawback is of course the god damn sudo function for every thing...  Anyway I digress, thank you for looking into easy-cred, it for sure be a greate asset to have included as a default program/script.



brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #9 on: September 20, 2012, 02:50:32 PM
I concure, even though I recently moved back to BT5 due to recent discovery of a fix for intel graphics, i think Backbox far better looking, drawback is of course the god damn sudo function for every thing...  Anyway I digress, thank you for looking into easy-cred, it for sure be a greate asset to have included as a default program/script.

If its that big of a deal just do: sudo -i

Then you'll be in a root shell... Thats with any linux distro.



phlame64

  • Newbie
  • *
  • Posts: 2
    • View Profile
Reply #10 on: September 29, 2012, 07:25:03 PM
I guess adding this tool would make the distro more newbie-friendly and therefore likeable. It would be nice to see it in the main repository, so one could decide whether to install it or not.



brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #11 on: October 08, 2012, 09:30:43 AM
I have posted easy-cred v3.7 to devel branch of my github.

I've worked out getting the script working with isc-dhcp-server but have not posted it yet.

you can checkout the code at http://github.com/brav0hax and let me know if you think its worth adding to backbox.

I know size is important for your distro, so I tested the install on the pwnie and it equated to an extra 11mb including all req's.

Best Regards,
Eric



ostendali

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 587
    • View Profile
Reply #12 on: October 08, 2012, 04:15:42 PM
We will evaluate and hopefully include this tools into our repository.
Thanks to everybody for notifying us this tool, much appreciated.

Happy Hacking!



brav0hax

  • Newbie
  • *
  • Posts: 7
    • View Profile
Reply #13 on: October 29, 2012, 07:50:42 AM
easy-creds v3.7 has been officially released.  Give it a whirl and let me know what you think...

https://github.com/downloads/brav0hax/easy-creds/easy-creds-v3.7.tar.gz

Best Regards,
Eric



ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #14 on: October 30, 2012, 01:08:59 AM
I made tiny bash script to install version 3.7 for personal use, but i will share with community :

wget http://www.linux.re.rs/backbox/files/easy-creds3.7-inst-script/inst.sh

chmod +x inst.sh

sudo ./inst.sh

Cheers !
« Last Edit: October 30, 2012, 02:06:13 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*