Re: Core Impact references

From: Ivan Arce (ivan.arce@coresecurity.com)
Date: Fri Nov 11 2005 - 14:40:21 EST


Hello Jason.
There are several ways to accomplish what you need within CORE IMPACT.

If you use RPT the entire test is automated in 6 steps, starting with
the initial Information Gathering (step 1) and footpriting, to Attack &
Penetration (step 2), local IG (step 3, ran after one or more targets
had been compromised), priviledge escalation (step 4), clean up 9step 5)
and finally reporting (step 6). Each step is launched manually and the
corresponding actions (implemented by several "modules")are launched
automatically both sequentially and in parallel depending on the
requirements for those actions are, and on the maximun number of
concurrent running modules you configure for CORE IMPACT, you can play
with that setting to throttle the amount of parallelism you get.

Also, you can always run things manually using the Modules tab (instead
of running them from RPT). Alternatively, you can create and use a macro
that chains the execution of several modules together and run that macro
manually. Further more you can write a "glue module" in Python that just
adds a fixed or random delay between module executions and use it in
your macro-module. All modules (including attack modules) are written in
Python so you can add you own or modify the existing ones.

I've assumed that you want to throttle the attack rate (or "module
execution" rate) not the packet rate. The current version of CORE IMPACT
does not provide a feature to throttle packet rate and in fact
throttling the packet rate for certain modules might render some
attacks unrealiable or failure-prone.

-ivan

Tony Haywood wrote:
> Jason,
>
> Traffic IQ Pro has the ability to set a delay on a per packet or per traffic
> file basis by up to 1 hour in minute, second and millisecond increments.
>
> If you are already using Core Impact but it is not providing this capability
> then you could capture the output and import the captures into Traffic IQ
> for replay.
>
> Regards
>
> Tony
>
> -----Original Message-----
> From: Jason Thompson [mailto:securitux@gmail.com]
> Sent: 09 November 2005 17:57
> To: Michael Gargiullo
> Cc: humberto1310; pen-test
> Subject: Re: Core Impact references
>
> Can Core Impact control the rate of attack? My beef with other testing
> tools is they aren't stealthy enough. If I can tune the rate at which
> attacks are performed (like 1 or 2 tests per 30 secs / minute) then I
> can reduce the chances of the attacks being noticed.
>
> -J
>
> On 11/8/05, Michael Gargiullo <mgargiullo@pvtpt.com> wrote:
>
>>Core Impact is amazing; I've used it in the past.
>>
>>I just don't have the budget for it now. It's not what you'd call
>>inexpensive.
>>
>>If your budget isn't mid 4 digits, check out metasploit. Not as
>>complete, but in combination with a scanner like nessus and an attack
>>tool.
>>
>>-Mike
>>
>>-----Original Message-----
>>From: humberto1310 [mailto:humberto1310@bol.com.br]
>>Sent: Monday, November 07, 2005 1:16 PM
>>To: pen-test
>>Subject: Core Impact references
>>
>>Hi List,
>>
>>Does anyone works with Core Impact? Any reference?
>>
>>Thanks,
>>
>>
>>------------------------------------------------------------------------
>>------
>>Audit your website security with Acunetix Web Vulnerability Scanner:
>>
>>Hackers are concentrating their efforts on attacking applications on
>>your
>>website. Up to 75% of cyber attacks are launched on shopping carts,
>>forms,
>>login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>>are
>>futile against web application hacking. Check your website for
>>vulnerabilities
>>to SQL injection, Cross site scripting and other web attacks before
>>hackers do!
>>Download Trial at:
>>
>>http://www.securityfocus.com/sponsor/pen-test_050831
>>------------------------------------------------------------------------
>>-------
>>
>>
>>
>>
>
> ----------------------------------------------------------------------------
> --
>
>>Audit your website security with Acunetix Web Vulnerability Scanner:
>>
>>Hackers are concentrating their efforts on attacking applications on your
>>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>>login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>
> are
>
>>futile against web application hacking. Check your website for
>
> vulnerabilities
>
>>to SQL injection, Cross site scripting and other web attacks before
>
> hackers do!
>
>>Download Trial at:
>>
>>http://www.securityfocus.com/sponsor/pen-test_050831
>>
>
> ----------------------------------------------------------------------------
> ---
>
>>
>
> ----------------------------------------------------------------------------
> --
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ----------------------------------------------------------------------------
> ---
>
>
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>

-- 
---
To strive, to seek, to find, and not to yield.
- Alfred, Lord Tennyson Ulysses,1842
Ivan Arce
CTO
CORE SECURITY TECHNOLOGIES
46 Farnsworth Street
Boston, MA 02210
Ph: 617-399-6980
Fax: 617-399-6987
ivan.arce@coresecurity.com
www.coresecurity.com
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:10 EDT