Welcome to remote-exploit.org. We are just a group of people that like to experiment with computers. We hope that we can provide some information back to the public and support the ongoing process of learning.

Career Academy sell educational material to the public. A remote-exploit.org reader delivered us a screenshot. [screenshot (http://www.remote-exploit.org/images/0/01/Auditor-on-career-academy.jpg)]. Find details about the Ethical Hacking course [here (http://www.careeracademy.com/index.asp?PageAction=VIEWPROD&ProdID=74)].

Its funny, they earn about 1000 dollar and did not contribute to this project, i sent them a fair play reminder.

greetz

max

I received today a nice email from syngress with an invitation to write a foreword for this upcoming book. See details here: http://www.syngress.com/catalog/?pid=3330 Below is the text copied from the description from their website:

This is the first fully integrated Penetration Testing book and bootable Linux CD containing the “Auditor Security Collection” which includes over 300 of the most effective and commonly used open source attack and penetration testing tools. This powerful tool kit and authoritative reference is written by the security industry’s foremost penetration testers including HD Moore, Jay Beale, and SensePost. This unique package provides you with a completely portable and bootable Linux attack distribution and authoritative reference to the toolset included and the required methodology.

Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine all possible attack vector into their own network, and also be expert in using the literally hundreds of tools required to execute the plan and meticulously document their results. This book provides both the art and the science. The authors of the book are expert penetration testers who have developed many of the leading pen testing tools; such as the Metasploit framework. The authors allow the reader “inside their heads” to unravel the mysteries of thins like identifying targets, enumerating hosts, application fingerprinting, cracking passwords, and attacking exposed vulnerabilities. Along the way, the authors provide an invaluable reference to the hundreds of hijacking tools; sniffers; scanners; Web application; and vulnerability assessment tools from the bootable-Linux CD including the Metasploit Framework; ettercap, dsniff, Ethereal, Nmap, Paketto, Scanrand, Hydra, Paros, Nessus, and many more.

Well i have moved the forum now as well. It was a horror thingy....copy pasting 18 megs of data in small pieces. terrible...anyway... we are back.

max

Hi there, i have transfered my domains to another hoster and so something was screwd up on the main domain resolution. The website was not accessible for an unknown timeframe. The forum is currently closed until i managed to bring it back up on the new location. I will post as soon i got it back up.

sorry for the hassle.

max

Hi there, just like to give you a sign that i am not dead. I work some time on the new backtrrack but really don't find the right drive at the moment. Dont let your head hang, i will continue on it as i allways did.

greetings

max

Maven Security Inc will be using Auditor for their hands-on security course at the IT Security World Conference in San Francisco, CA this Sept 26 & 27, 2005. See http://events.mavensecurity.com for more info.

We like to thank Maven Security Inc for contributing use some cash for covering our costs and like to inform about their event here.

Muts and I just got an article up on Security Focus about both SNMP and GRE tunneling and how to combine both methodologies for one swift attack. Go on and click on!

http://www.securityfocus.com/infocus/1847

~ William

It's been a while since my last blog post but here is one to get me back into the routine. Kismet and other wireless tools are useful but nothing beats good'ol Ethereal with display filters. I've made a condensed post on how to quickly start using Ethereal wireless filters. The summer semester is over to back to researching I go.

Research Section

~ William

Hi there, just like to note, that i am back from vacation and start now again to work on the upcoming version.

Greetings

max

A new article about bypassing CISCO SNMP access lists using spoofed SNMP UDP packets is in the "Our Papers" section.

http://new.remote-exploit.org/index.php/SNMP_Spoof

With the kind and *patient* help from redkommie, we managed to recreate a real world scenario attack using GRE tunnels. Check out the updated article (http://new.remote-exploit.org/index.php/Router_sniff) and the action demo at the Tutorial Section

Interesting plans to combine the best features from WHAX and Auditor are being concocted...more info soon.

The guys from the linux magazine did translate and republish my article about hotspotter in the english Linux-Magazine. (July 2005 issue). Please take a read, hotspotter is a very interessting tool during auditing on wireless networks. Get it from our paper section or click here

My friends at wardriving.ch did an amazing job in building embedded pc based wardriving box. See the full article at http://www.wardriving.ch/hpneu/wdbox/index.htm the article coints instructions where to get the material and how to build the software distribution. Meet the guys at what the hack and support them in their build up process.

Well i just like to note that Joshua Wright did a great job on developing the SANS course on wireless auditing. SANS uses and distributes Auditor Security Collection on its course "Auditing Wireless Networks (Audit 511)".

Copy past from the sans.org website:

• "SANS is the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system"

I just wrote a quick mail to SANS today, to see if they will support the Auditor Project, because they never donated anything, just profit and distribute the CD to their students.

I have added some tutorials from IRONGeek to our Tutorial Section.

Hi i just prepared a quick xdelta to the no-ipw iso which generates a beta version of Auditor which has the new aircrack, kismet and patched hostapd drivers in it. I will release a full version after some testing.

http://new.remote-exploit.org/downloads/auditor-from-200605-02-no-ipw2100-to-120705-01-no-ipw2100_iso.xdelta

I've just put a link into the tutorials section for a first draft of my photo-tut on modding a Netgear WG511 v1 to add an SMA socket.

Tutorial Section

At the moment it's quite a large page to d/l. I will edit & improve it, reducing the pic sizes, etc, soon. It's a fairly simple mod. Hope it's of some interest!

Re@lity

Tutorial on cracking VPNs is out! The demonstration is against PPTP VPN tunnels which use MSCHAP authentication.

Tutorial Section

Enjoy!

~ William

We are pleased to announce that we have now our IRC channel. The information on the irc channel / server is given below.

Server : irc.freenode.net

Channel : #remote-exploit

We would like to first of thank Williamc / TwinVega for contributing this Video. The video will help you understand the security flaw in Bluetooth enabled devices and how the tool Bluesnarfing tool can be used to exploit the same. We would be really happy to receive such user contributions. Tutorial can be accessed at our tutorial section section.

Note: the attack is limited to a few models of mobile phone only

WPA tutorial is done and its up @ our tutorial section section. If you guys don’t know the Clint MAC address you can use the Void11 attack to do the de authenticate part ;)

We are proud to present a tutorial on how to use Void11 to Mass De-Authentication wireless clients. This method can be very useful during certain situations. Well its now @ our tutorial section section.

Note: We have lost 700 Gb of transfer in 10 days. We would really appreciate every click on our sponsor links.

I am proud to announce the release of the new version of the Auditor Security Collection CD-ROM. We put in a lot of effort to bring it into that final look and feel as you can see in the Auditor development log. It seems to be the best version released ever. Not only because of its completeness, no it seems to be the most stable and bugfree version.

!!IMPORTANT!! You will see that in this version you have to choose between two different ISO versions. This has to be done because systems with an integrated Intel b/g chip based wireless card will not boot with the ipw2100 driver on the cd. If you want to be able to use Auditor Security Collection on a system with an IPW2200 card you need to download the "-no-ip2100" version of the iso otherwise it will not boot.

Auditor download section of our website to find a mirror nearby. See the Changes site for more detailed information and list of changes and fixes.

Just to remind you again, this project lives from the money of the donations and the revenue from the online adds, so please support us.