Changelog v-4.6:
The toolkit was named of ‘Single_byte_XOR’ because this version it focous in obfuscating payloads with the inclusion of Shellter PE injector and diferent msf encoders with diferent interactions to evade AV detection (windows binaries) also the tool will ship with the new automated exploit ‘web_delivery’ that execute the 2º stage in ram without touching disk.
we now have 5 modules that trys to evade AV detection (windows):
2 – Backdooring EXE Files -> bdf_backdoor module
4 – Meterpreter (ReL1K) -> powershell payload
5 – Web_delivery (PSH/PYTHON) -> powershell or python
27 – Generate shellcode -> c-to-exe -> veil-evasion
29 – Shellter PE infector -> inject shellcode into windows binaries
☆ ☆ ☆ ☆ ☆
[ Upgraded ]
msfcli replaced by msfconsole
[ Bugs Fixed ]
+ ettercap IPV6 bug -> incorrect target selection /// ///
+ host-a-file -> phishing webpages displays under MitM
[ New Modules ]
+ MitM ROUTER phishing -> capture router credentials
+ unicorn.py -> HTA drive-by URL payload execution
+ java.jar phishing -> Drive-by URL payload execution
+ adobe_flash_hacking_team_uaf -> exploit + mitm + dns_spoof
+ web_delivery msf module -> python or powershell payloads
+ Shellter PE injector (by kyREcon) binaries windows obfuscator
[ Improved ]
+ netool toolkit Gnu Public License (GPL) display
+ build shortcut to toolkit -> gnome-desktop-item-edit
+ file-selection GUI to ettercap -> zenity displays added
+ host-a-file attack -> zenity file-selection GUI added
+ windows payloads encoding (diferent msf encoders/interactions)
Operative Systems Supported:
+ Linux-Ubuntu | Linux-kali | Parrot security OS | backbox OS | Linux-backtrack (un-continued) | Mac osx (un-continued).
netool- version 4.6 codename Single_byte_XOR
Netool: its a toolkit written using ‘bash, python, ruby’ that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet) also uses macchanger to decoy scans changing the mac address.
Rootsector: module allows you to automate some attacks over DNS_SPOOF + MitM(phishing – social engineering) using metasploit, apache2 and ettercap frameworks. like the generation of payloads,shellcode,backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage.
Recently was introduced “inurlbr” webscanner (by cleiton) that allow us to search SQL related bugs, using severeal search engines, also this framework can be used in conjunction with other frameworks like nmap, (using the flag –comand-vul)
Installation:
git clone git://git.code.sf.net/p/netoolsh/opensource-kali opensource cd opensource chmod +x INSTALL.sh ./INSTALL.sh Note for version 4.6 : You must install Manually using source DOwnload tar xf *.tar.gz cd your folder ./INSTALL.sh Update type: u
Example:
inurlbr.php -q 1,2,10 --dork 'inurl:index.php?id=' --exploit-get ?´0x27 -s report.log --comand-vul 'nmap -Pn -p 1-8080 --script http-enum --open _TARGET_'
Operative Systems Supported:
Linux-Ubuntu | Linux-kali | Parrot security OS | blackbox OS | Linux-backtrack (un-continued) | Mac osx (un-continued).
“TOOLKIT DEPENDENCIES”
zenity | Nmap | Ettercap | Macchanger | Metasploit | Driftnet | Apache2 | sslstrip
“SCANNER INURLBR.php”
curl | libcurl3 | libcurl3-dev | php5 | php5-cli | php5-curl
Download : Ubuntu: opensource.tar.gz (26.9 MB) | Kali-Linux: opensource[kali].tar.gz(26.9 MB)
Source : http://sourceforge.net/projects/netoolsh/
Our Post Before : http://seclist.us/netool-sh-v-4-5-2-released-mitm-pentesting-opensource-t00lkit.html