Here we are with a brand new Weevely release: version 1.0 brings new modules with totally refactored structure to assist remote administration tasks and penetration testing.
Here is the breakdown of the most important changes:
Supports of Windows and MacOS hosts environments
Module :net.mount, powered by HTTPfs, that mounts automagically remote filesystem to a local mountpoint
Module :file.edit to edit remote files with your favourite local text editor
Module :audit.systemfiles to find system files with bad permissions that could affect server security
Module :audit.phpconf to audit common PHP misconfiguration
SOCKS4 and SOCKS5 proxy supports
Totally rewritten module base structure to simplify module deploying
Modules arguments managament with argparse
Tons of bug fixes
If you are new to Weevely, start with an easy tutorial, and read the complete modules and generators lists.
The BackBox Team is pleased to announce the updated release of BackBox Linux, the version 3.01. This release include features such as Linux Kernel 3.2 and Xfce 4.8.
The ISO images (32bit & 64bit) can be downloaded from the following location:
The BackBox team is pleased to announce the major release of BackBox Linux, the version 3.0. This release include features such as the new Linux Kernel 3.2 flower and Xfce 4.8. Apart from the system major upgrade, all auditing tools are up to date as well.
The ISO images (32bit & 64bit) can be downloaded from the following location:
The BackBox team is proud to announce the release of dSploit, an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.
Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing (with common protocols dissection), real time traffic manipulation, etc.
Download the apk file or visit the official page on github.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2012-09-26 23:50:542018-10-02 21:26:21dSploit, Android network penetration suite
The BackBox Team was planning to release the new version (3.0) of distro in September 2012 as scheduled.
Unfortunately, this release will be delayed due to some unplanned changes and technical problem that we’ve encountered. Our team is working actively in order to release as soon as possible BackBox v3.
Sincere apologize for delay and thanks in advance for your patience.
We will post notification and keep you up to date shortly.
BackBox Team!
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00adminhttps://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.pngadmin2012-09-24 12:30:392018-10-02 21:26:27BackBox Linux version 3 will be delayed
Emilio Pinna, BackBox community member, discover a high severity vulnerability on the router Telecom ADSL Alice Gate VoIP 2 Plus Wi-Fi.
A huge number of ADSL broadband Italian users are vulnerable to connection wiretapping and phishing. The most widely distribuited italian ADSL router Alice Gate 2 Plus Voip Wi-Fi (AGPF), product by Pirelli and based of openrg middleware software, suffers a CSRF attack that allows an attacker to modify internal router configuration like DNS servers, traffic routing, VoIP configurations, DHCP parameters, etc, of a vulnerable user, leading to completely takeover the user ADSL connection. The technique is also useful to enable hidden feature and telnet/ftp/tftp/web extended admin interface.
Weevely 1.0 released!
/in NewsHere we are with a brand new Weevely release: version 1.0 brings new modules with totally refactored structure to assist remote administration tasks and penetration testing.
Here is the breakdown of the most important changes:
:net.mount, powered by HTTPfs, that mounts automagically remote filesystem to a local mountpoint:file.editto edit remote files with your favourite local text editor:audit.systemfilesto find system files with bad permissions that could affect server security:audit.phpconfto audit common PHP misconfigurationIf you are new to Weevely, start with an easy tutorial, and read the complete modules and generators lists.
BackBox Linux 3.01 released!
/in NewsThe BackBox Team is pleased to announce the updated release of BackBox Linux, the version 3.01. This release include features such as Linux Kernel 3.2 and Xfce 4.8.
The ISO images (32bit & 64bit) can be downloaded from the following location:
https://www.backbox.org/download
What’s new
System requirements
BackBox Linux 3 released!
/in ReleasesThe BackBox team is pleased to announce the major release of BackBox Linux, the version 3.0. This release include features such as the new Linux Kernel 3.2 flower and Xfce 4.8. Apart from the system major upgrade, all auditing tools are up to date as well.
The ISO images (32bit & 64bit) can be downloaded from the following location:
https://www.backbox.org/download
What’s new
System requirements
dSploit, Android network penetration suite
/in NewsThe BackBox team is proud to announce the release of dSploit, an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.
Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing (with common protocols dissection), real time traffic manipulation, etc.
Download the apk file or visit the official page on github.
BackBox Linux version 3 will be delayed
/in NewsThe BackBox Team was planning to release the new version (3.0) of distro in September 2012 as scheduled.
Unfortunately, this release will be delayed due to some unplanned changes and technical problem that we’ve encountered. Our team is working actively in order to release as soon as possible BackBox v3.
Sincere apologize for delay and thanks in advance for your patience.
We will post notification and keep you up to date shortly.
BackBox Team!
Alice Gate AGPF: CSRF reconfiguration vulnerability
/in NewsEmilio Pinna, BackBox community member, discover a high severity vulnerability on the router Telecom ADSL Alice Gate VoIP 2 Plus Wi-Fi.
A huge number of ADSL broadband Italian users are vulnerable to connection wiretapping and phishing. The most widely distribuited italian ADSL router Alice Gate 2 Plus Voip Wi-Fi (AGPF), product by Pirelli and based of openrg middleware software, suffers a CSRF attack that allows an attacker to modify internal router configuration like DNS servers, traffic routing, VoIP configurations, DHCP parameters, etc, of a vulnerable user, leading to completely takeover the user ADSL connection. The technique is also useful to enable hidden feature and telnet/ftp/tftp/web extended admin interface.
More info on official blog.