Page 2 of 8 FirstFirst 1234 ... LastLast
Results 11 to 20 of 73

Thread: Fast-Track V 2.0 RELIZED

  1. #11
    Member
    Join Date
    Feb 2006
    Posts
    167

    Default More changes...

    Updated the movie a bit to reflect some of the recent changes in Fast-Track

    http://www.securestate.com/files/fas...fasttrack.html

    Also, im releasing another large update here within the next couple of days. I rewrote the SQL injector portion to do binary payloads instead of having to use FTP!!! I still kept the FTP stuff in there, but you do not have to rely off of a separate egress connection anymore!

    So basically:
    A reverse shell is converted from binary to hex..
    The string is split up into multiple http requests
    The hex is echo'ed into a text file
    debug is ran to convert to an executable on victim
    Reverse executable created, and executed to remote attacker

    Thanks Muts for the idea!

    ReLiK

  2. #12
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    again a fine reliz from rel1k

    keep up the good work
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  3. #13

    Default Same issue

    I actually also posted on the other thread. I am having the exact same problem. If you resolved it I would really appreciate it if you can let me on the secret. Thanks. If not.....BUMP!!!

    ---------
    Originally Posted by dapirates1
    I am running bt3 and when i run updated fast track like the video my autopwn stops when it gets to here.[*] Binding to 12345778-1234-abcd-ef00-0123456789ab:0.0@ncacn_np:192.168.1.64[\lsarpc] ...[*] Bound to 12345778-1234-abcd-ef00-0123456789ab:0.0@ncacn_np:192.168.1.64[\lsarpc] ...

    it does nothing for about 5 minutes. Then my bt3 crashes and i have to reboot. Does anybody else get this. I might try on my bt2

    I posted in the autopwn/fast-track thread in tutorial section but was told to post here.

  4. #14
    Member
    Join Date
    Feb 2006
    Posts
    167

    Default

    Have you tried running autopwn seperately to see if it is fast-track that is doing this? It doesn't do it on my BT3 beta install, it successfull goes through everything, including that specific exploit... Try running autopwn without using Fast-Track and seeing if it works.

  5. #15
    Member
    Join Date
    Feb 2006
    Posts
    167

    Default

    Additionally 1.9 has been released, has some MAJOR changes in it. I added binary payload delivery through sql injection, no longer need FTP as a median to reverse something off. Added a mass sql brute forcer with wordlists. and much more... Change log below:

    ~~~~~~~~~~~~~
    version 1.9
    ~~~~~~~~~~~~~
    * Wow it works! Added binary payload delivery for the SQL Injector..Fast-Track
    now uploads a reverse shell through an actual HTTP request now instead of relying
    off of FTP to transfer a from our server. I kept the FTP portion in there incase
    anyone still needed to use that specific function or for some reason the binary
    upload wasn't working, but this new addition rocks!
    * Broke everything up into multiple menus in SQL Injector, now has four different
    menues ranging from binary payload auto, ftp auto, binary payload manual, ftp manual,
    and string generator.
    * Fixed a small bug in auto update.
    * Changed a few issues with the FTP brute forcer
    * Cleaned up some code
    * Changed the wordlist brute forcer for SQL to use rstrip() instead of [:-1] incase of
    spaces. Much more efficent and was causing inconsistancies with wordlists that had
    spaces at the end of them.
    * Changed some menu handling
    * Changed the mass brute forcer in SQL to add a couple more passwords
    * Changed some stuff in the service menu that was messed up
    * Changed some of the tutorials to reflect changes
    * Added a "mass" option in the sql brute forcer, you can now scan any subnet you want
    and run brute force attacks with dictionaries on them automatically. As soon as one
    successfully is brute forced, it jumps you right into a shell. Nice!!
    * Fixed where you couldn't enter /cidr notations in the ip ranges in the sql brute forcer,
    you can now specify 192.168.1.1/16 or /24, or whatever.
    * Added it so when you do the mass wordlist brute, or the small wordlist brute, it
    automatically spawns you a shell if guessed, no longer have to go to the seperate menu
    to enter the shell.
    * Cleaned up the small sql brute quite a bit
    * Cleaned up some of the "look and feel" on the menus
    * This really should be a new release with all the changes/additions, but for now going
    to release it as 1.9 and not 2.0 yet until it goes through bugtesting.

  6. #16
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Nice one Rel1k

  7. #17
    Member imported_Deathray's Avatar
    Join Date
    Oct 2007
    Posts
    381

    Default

    Quote Originally Posted by spankdidly View Post
    Just ran into something Odd. I ran the fast|track script that comes with BT3beta, and I tried to install sqlite. It gave an error about ruby, but now fast|track is missing from bt3. This is a hard drive install. I can't find any trace of it at all. Has anyone encountered this?
    Just happened to me too, and I can confirm it was because I lost internet connection .
    - Poul Wittig

  8. #18
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by Deathray View Post
    Just happened to me too, and I can confirm it was because I lost internet connection .
    YUP. I lost internet running fast-track and it wiped out the file. Veddy Odd. I'll get an ethernet cord with a clip this time.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  9. #19

    Default

    I apologize. I did not means to insinuate that it is the fault of fast-track. No it happens when I run autopwn on it's own to. It actually happened under Windows too. Can't figure out why...

    Quote Originally Posted by relik View Post
    Have you tried running autopwn seperately to see if it is fast-track that is doing this? It doesn't do it on my BT3 beta install, it successfull goes through everything, including that specific exploit... Try running autopwn without using Fast-Track and seeing if it works.

  10. #20
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I am running fast-track on four machines and have never had the issue.

    2 toshiba satellites
    sony vaio
    asus eeepc


    Nice one rel1k I cant wait to get home and update

Page 2 of 8 FirstFirst 1234 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •