Page 3 of 3 FirstFirst 123
Results 21 to 24 of 24

Thread: Data Mining

  1. #21
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: Data Mining

    It's also worth building a sort of default list of a directory structure when you automate these sorts of things.

    That is, C:\Program Files is probably not worth looking at (as a final folder), but C:\Backup is, in the same way that C:\WINDOWS\cmd.exe is worth looking into but C:\WINDOWS\System32\cmd.exe is not.

    I like to always grab a list of dot files/folders in a users home directory, .ssh is always interesting, but .lesshst or .viminfo are probably not so much. .bashrc is a bit of a hit and miss winner and so on, but you can programatically eliminate a lot of information by comparing them to a known not-so-hot list.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  2. #22
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Data Mining

    Something else I should have realised when I gave my earlier answer about what languages could be used for this purpose... Meterpreter has irb support, so you can do some Ruby scripting with it! So Ruby might be a possibility for this project...

    Some references:
    Metasploit: Post-exploitation fun in Metasploit 3.0
    Useful API Calls
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #23
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default Re: Data Mining

    A tool that I was just made aware of that seems to fit right in this topic is Cornell Spider. Open-source Forensics Tools for Network and System Administrators

    Spider scans a drive for US Social Security (SSN), Canadian social insurance (SIN), credit card, bank routing numbers, or International Bank Account Numbers (IBAN). It's available as Win and OSX executables, and *nix source code. I'm going to give it a test on some files which have with some fake SSNs.
    Thorn
    Stop the TSA now! Boycott the airlines.

  4. #24
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Data Mining

    More Meterpreter awesomeness that might apply here:

    Railgun!, included in Metasploit 3.4.1! Just do a Metasploit update in BT to get access.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Page 3 of 3 FirstFirst 123

Similar Threads

  1. Data Mining
    By morpheous in forum Experts Forum
    Replies: 22
    Last Post: 02-19-2010, 06:50 AM
  2. getting no data
    By chief30 in forum OLD Newbie Area
    Replies: 4
    Last Post: 02-26-2009, 02:59 AM
  3. Data or IV still do nothing
    By Upsman in forum OLD BT3final Support
    Replies: 2
    Last Post: 11-01-2008, 10:59 PM
  4. robots.txt mining made easy
    By imported_spudgunman in forum OLD Tutorials and Guides
    Replies: 7
    Last Post: 07-14-2008, 11:10 AM
  5. No data from AP
    By Cookie Monster in forum OLD Newbie Area
    Replies: 1
    Last Post: 01-01-2008, 05:23 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •