new Ncrack 0.5 release

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

new Ncrack 0.5 release

Fotis Chantzis
The Ncrack 0.5 release is finally ready!


The main new features and improvements are:

- Added 4 new modules: Redis, PostgreSQL, MySQL, SIP. Thanks to edeirme for implementing the Redis, PostgreSQL and MySQL modules.

- Added --pairwise option for special username/password iteration.

- Added --proxy option and proxy support implementation. Many thanks to Andrew Farabee (https://github.com/andrewfarabee/) for implementing it.

- Updated the Ncrack openssh library, now based on the OpenSSH 7.1 codebase and updated the SSH module to support all the latest ciphers.


Cheers,

ithilgore (Fotis Hantzis)

--

(http://sock-raw.org)


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Reply | Threaded
Open this post in threaded view
|

Re: new Ncrack 0.5 release

Henri Doreau
2016-04-13 21:15 GMT+02:00 Fotis Hantzis <[hidden email]>:

> The Ncrack 0.5 release is finally ready!
>
> https://nmap.org/ncrack/
> https://github.com/nmap/ncrack/
>
> The main new features and improvements are:
>
> - Added 4 new modules: Redis, PostgreSQL, MySQL, SIP. Thanks to edeirme for
> implementing the Redis, PostgreSQL and MySQL modules.
>
> - Added --pairwise option for special username/password iteration.
>
> - Added --proxy option and proxy support implementation. Many thanks to
> Andrew Farabee (https://github.com/andrewfarabee/) for implementing it.
>
> - Updated the Ncrack openssh library, now based on the OpenSSH 7.1 codebase
> and updated the SSH module to support all the latest ciphers.
>
>
> Cheers,
>
> ithilgore (Fotis Hantzis)
>
> --
>
> (http://sock-raw.org)
>

Congratulations for the good work!

I would like to stress that nsock proxy support is experimental
though, in the sense that not all scenarii are supported (SSLv3/TLSv1
reconnect is broken) and that it has not received as much testing as
the rest of the code. Also, users must be aware that only traffic that
goes through nsock is proxified (DNS is not, resolution is _local_ for
the target and for all hops of the proxy chain).

Regards

--
Henri
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/