Results 1 to 8 of 8

Thread: Hax0rBl0x - Cred Harvester

  1. #1
    Just burned their ISO
    Join Date
    Jan 2013
    Posts
    7

    Default Hax0rBl0x - Cred Harvester

    Ladies and Gentlemen,

    Myself and my counterpart Dopey would proudly like to announce our newest tool Hax0rBl0x - Cred Harvester. The Hax0rBl0x suite is going to be a fully featured suite of tools that will make different types of attacks quick and easy.

    NOTICE: THIS TOOL DOES NOT DO ANY MITM ATTACKS. A SEPARATE TOOL WILL BE RELEASED IN THE FUTURE TO ADDRESS MITM ATTACKS.

    Google Code: http://code.google.com/p/hax0rbl0x/downloads/list

    Download: http://hax0rbl0x.googlecode.com/file...rvester_1.1.sh

    Current tools in development:
    -Hax0rBl0x.sh: This is the main menu framwork that allows us to add more tools by simply dragging and dropping files.
    -Passive OS Fingerprinting (Beta): This is a passive scanner that will read information from passing packets to find OS, Browsers, Apps, Open Ports, Uptime, Host type, and Manufacturer of each host on the network.
    -Cred Harvester: This is a tool similar to Easy-Creds or YAMAS, but extremely polished to harvest creds, cookies, social security numbers, or credit card numbers from selected targets. The info is then displayed on an easy to read summary on screen and dumped into an easy to read report for further persusing. The programs launched are Ettercap, SSLStrip, Dsniff, Hamster & Ferret, NGREP, and URLSnarf.

    Feature List (Not all inclusive. Just what I could remember.)
    Exhaustive Sanity Check for Dependencies
    Easily select which programs you want to run together.
    Auto restart if a program crashes.
    All credentials are displayed on screen in near real time.

    To-do List:

    Change Log:
    ---Version 1.1---
    -Fixed a bug related to installing the SSLDefinitions. If the directory didn't already exist, it would error out.
    -Fixed a bug with updating. Even if the file didn't exist on the server, it would act as if it had succeeded.
    -Added in the ability to check for SSLDefinition updates.
    -Changed the way the program looked for updates for future compatibility with other programs.
    -Fixed a bug in the override option not working as intended.

    Known Issues:
    Sometimes SSLStrip will report as crashed, but it'll still be running. We have a workaround in place, so the impact of the bug is nil.

    Notes:
    Hamster and Ferret has had some reported issues with the version that's installed with BT 5. There is apparently an issue with the installed version working correctly with a 64 bit OS. So to remedy this issue, we just assume that your version is broken. Even if you have Hamster and Ferret installed, the program will report that it isn't and offer to install its own version. While we do give you the option to override this and execute the script anyways, it's in your best interest to let the script do its magic. Don't worry, if we find a version already installed where we want to install ours, we'll back it up!

    "Similar to Easy-Creds (although we had the idea prior to discovering the tool) we decided to have a simple script that would handle Ettercap, SSLStrip, DSniff, URLSnarf, Hamster & Ferret (Sidejacking attack), and NGREP. In addition to dumping the output to a nice log file automatically, we wanted to have a simple display showing real-time creds as they are captured. We were able to filter the output to prevent duplicate creds displaying, and wrote a simple filter wizard to only display real-time URLSnarf data that you ACTUALLY NEED to see right now. No data is left out of the final report (with multiple logging options) so you can still get everything you need, but see real-time only what you want.

    (As a side note, we also do not blanket wipe out IPTables or anything like that. Every check is done to attempt to keep your system the same as what it was, while only changing and cleaning up what's needed for whatever program you choose to load.)" - Dopey

    We also take lots of care to sanity check EVERYTHING. That means that at no point in time should you be able to cause the script not to run by forgetting to make a file or directory or install a dependency.

    The tool is in the final stages of being created, and we're almost ready for its debut. We are REALLY excited over this addition and we hope you guys are too! If you have any ideas, comments, or feedback we'd love to hear it!

    As a side note, these tools have all been tested on both Backtrack 5 R3, as well as on the RaspberryPi running PwnPi. We've made every effort to make efficiency our top priority due to the limited processing power of the Pi.

    Here are some pictures of the current version to whet your appetite.

    Sanity Menu:


    Main Menu:


    Loading the programs:


    Everything loaded and running:


    No shots of actual credentials being harvested yet. Those are being kept behind closed doors until our release. I'll go ahead and fill you in though, it looks good!
    Last edited by ShadowBlade72; 04-02-2013 at 10:09 AM.

  2. #2
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: Hax0rBl0x - Cred Harvester

    Looking good guys!
    Keep up the good work
    Have you...g0tmi1k?

  3. #3
    Just burned their ISO
    Join Date
    Jan 2013
    Posts
    7

    Default Re: Hax0rBl0x - Cred Harvester

    Thanks g0tmi1k! We've been working on this for almost a month now and we're pretty happy with where it's at.

    We may be releasing it today baring any unforeseen bugs that may pop up during our final tests.

    Update: Released! Download link is in the OP. Please let us know if you run into any bugs!
    Last edited by ShadowBlade72; 02-19-2013 at 03:29 AM.

  4. #4
    Just burned their ISO
    Join Date
    Jan 2006
    Posts
    3

    Default Re: Hax0rBl0x - Cred Harvester

    Thanks a lot g0tmi1k! We hope you guys really like it. It's been a learning experience for us and we're hoping to help contribute to the community through projects like this. Looking forward to any feedback people are willing to share.

  5. #5
    Just burned their ISO
    Join Date
    Jan 2013
    Posts
    7

    Default Re: Hax0rBl0x - Cred Harvester

    Version 1.1 released. A couple bug fixes, and implemented in a way to check for SSL Definition updates.

  6. #6
    Just burned their ISO
    Join Date
    Jan 2013
    Posts
    7

    Default Re: Hax0rBl0x - Cred Harvester

    Quote Originally Posted by ShadowBlade72 View Post
    Version 1.1 released. A couple bug fixes, and implemented in a way to check for SSL Definition updates.
    Hey guys, just wanted to check back in. I see that we just hit 60 downloads and I was wondering what everyone thought. Looking for some feedback.

    Hope you're enjoying it.

    Cheers,
    -Shadow

  7. #7
    Just burned their ISO
    Join Date
    Mar 2013
    Posts
    2

    Default Re: Hax0rBl0x - Cred Harvester

    Great work, and I look forward to seeing this code mature, and get even better with time. You both have put a monumental effort by briefly running through the code, and it is very much appreciated. Well done!

    I haven't had a chance to test the creds checker yet, but I did find a bug in "70_Passive_Fingerprint_1.2.sh", which didn't allow me to get past the sanity check.

    Current Code:

    Code:
    fnPOFCheck() {
    	echo -e "$(tput setaf 2)[+]$(tput sgr0) p0f version check... \c"
    	p0f -i vercheck > /tmp/.pofcheck 2>&1
    	eval `cat /tmp/.pofcheck | head -n1 | awk '{for(i=1;i<NF;i++) {if ($i ~ /p0f|version/) {ver=$(++i); gsub (/[[:alpha:]]|\./,"",ver);print "VER="ver; } } }'`
    	rm /tmp/.pofcheck
    	if [[ $VER -ge 306  ]]; then
    		echo -e "$(tput setaf 2)Success$(tput sgr0)"
    	else
    		echo -e "$(tput setaf 1)Failed!$(tput sgr0)"
    		POF=1
    	fi
    }
    
    fnEttercapCheck() {
    	echo -e "$(tput setaf 2)[+]$(tput sgr0) Ettercap check... \c"
    	if [[ -e `which ettercap` ]]; then
    		echo -e "$(tput setaf 2)Success$(tput sgr0)"
    	else
    		echo -e "$(tput setaf 1)Failed!$(tput sgr0)"
    		ETTERCAP=1
    	fi
    }
    Corrected

    Code:
    fnPOFCheck() {
    	echo -e "$(tput setaf 2)[+]$(tput sgr0) p0f version check... \c"
    	p0f -i vercheck > /tmp/.pofcheck 2>&1
    	eval `cat /tmp/.pofcheck | head -n1 | awk '{for(i=1;i<NF;i++) {if ($i ~ /p0f|version/) {ver=$(++i); gsub (/[[:alpha:]]|\./,"",ver);print "VER="ver; } } }'`
    	rm /tmp/.pofcheck
    	if [[ $VER -ge 306  ]]; then
    		echo -e "$(tput setaf 2)Success$(tput sgr0)"
    	else
    		echo -e "$(tput setaf 1)Failed!$(tput sgr0)"
    		ETTERCAP=1
    	fi
    }
    
    fnEttercapCheck() {
    	echo -e "$(tput setaf 2)[+]$(tput sgr0) Ettercap check... \c"
    	if [[ -e `which ettercap` ]]; then
    		echo -e "$(tput setaf 2)Success$(tput sgr0)"
    	else
    		echo -e "$(tput setaf 1)Failed!$(tput sgr0)"
    		POF=1
    	fi
    }
    You got the two mixed up at the end of the if statements.

  8. #8
    Just burned their ISO
    Join Date
    Mar 2013
    Posts
    2

    Default Re: Hax0rBl0x - Cred Harvester

    Curiosity got the better of me, and I just did a quick test via reddit.com, its 0600 here and my eyes are closing, so forgive the formatting!

    Setup:

    Attacker :-
    Fresh install BT5r3 64bit VM
    Alfa AWUS036H

    Victim :-
    iOS phone

    Test:

    Connect via wicd to network
    Run yamas with default settings
    Attempt to log into reddit via iOS device
    Creds harvested successfully
    Quit yamas and flush IPTables etc

    disconnect/reconnect via wicd
    Run 40_Creds_Harvester_1.1.sh
    Alternated between default settings and all options enabled. The program appears to have installed correctly, and everything turns on.
    Attempt to log into reddit via iOS (Wireless was turned off and on as well)
    Creds not harvested.

    I suspected that this was ettercap playing up on my VM 64bit system, as your script doesn't use ARPspoof like yamas.

    To confirm, I ran yamas with "-e" to use ettercap instead of ARPspoof, and the creds were not harvested as I suspected. Then I thought, silly me, I haven't edited etter.conf. I changed ec_uid/gid to 0, and uncommented the iptables redir commands.

    Retried, still to no avail. ARPspoof works perfectly on my setup, but ettercap doesn't. I have no idea what causes this, and would be interested if someone could shed some light.

    Meanwhile, could you please add an ARPspoof option? I can't test this any further at the moment.

Similar Threads

  1. Credential harvester Problem?
    By QuestionHere in forum BackTrack 5 General Topics
    Replies: 0
    Last Post: 11-08-2012, 12:56 PM
  2. Problem using SET with credential harvester...
    By zeus83 in forum BackTrack 5 General Topics
    Replies: 0
    Last Post: 09-09-2012, 05:33 AM
  3. The Harvester.py
    By exeption in forum BackTrack 5 Bugs
    Replies: 3
    Last Post: 04-03-2012, 02:01 PM
  4. Parsing SSLStrip with definitions.sslstrip in easy-cred
    By ericmilam in forum BackTrack 5 Experts Section
    Replies: 3
    Last Post: 06-28-2011, 09:40 PM
  5. Parsing SSLStrip with definitions.sslstrip in easy-cred
    By ericmilam in forum BackTrack 5 Beginners Section
    Replies: 0
    Last Post: 05-31-2011, 08:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •