Yaptest Update: v0.1.6
Deanx contributed a module to runs vessl (which I blogged about recently) against SSL services. It even parses out lots of SSL releated issues and enters them into the database for easy search / report compilation.
Also included in this release are modules to:
- Fingerprint DNS servers using fpdns
- Detect and screenshot open X11 Server using xdpyinfo and xwd
- Obtain usernames from the ident (AKA “auth”) service on 113/TCP using ident-user-enum
- Query Windows domain controllers using all enumerated naming contexts
- Parse Oracle-related issues and other info from the the output of tnscmd
The database schema has been updated to improve performance and to hold network topology information. Hopefully in future it will be possible to produce network maps using the information in the yaptest database.
Here’s the rather long changelog for this release…
* Added yaptest-x-open.pl to run commands against open X11 servers * Added yaptest-fpdns.pl to fingerprint any DNS servers found. * Added yaptest-ident-user-enum.pl to grab usernames if the ident/auth service is running on 113/TCP. * Added yaptest-vessl.pl - contributed by deanx. Performs verious checks on SSL certs and adds corresponding issues to database. * run_test now supports markup to use port_info, e.g. ::PORTINFO-ldap_namingcontext:: * yaptest-ldapsearch.pl modified to run a query using each naming context found as a base DN. * run_test's port filter can now select a range of ports * The run_test 'command' markup for ports can handle subtraction, e.g. ::PORT-6000:: for X11 tests. * run_test's port_info filter can now use <, > * run_test's filter can now be applied to only a subset of hosts using the host_filter argument. * Bug Fix: yaptest-issues.pl can delete port-issues * Bug Fix: Permission problem on icmp_names table * Bug Fix: yaptest-password-guess-smb.pl works now * Bug Fix: yaptest-parse-nmap-xml.pl is better at parsing the nmap_os_guess host_info field * Bug Fix: view_insecure_protos no long contains ssl ports * Bug Fix: view_host_info no longer contains null rows * yaptest-issue.pl parses a few more issues from nessus * yaptest-parse-enum4linux.pl parses user enumeration issues. * Added yaptest-dns.pl and yaptest-parse-dns.pl to check for recursive lookups. May do more in future. * Schema update: added primary keys back * Schema update: support for holding network topology info (initially used only by YaptestFE v0.9.1) * Schema update: Added speed-up indexes to the credentials table * yaptest-parse-nmap-xml.pl modified to parse topology info from TCP traceroutes which are done automatically by later versions of nmap. * yaptest-traceroute.pl and yaptest-ping-r.pl added to collect network topology information. * Actually added yaptest-host-info.pl to the tar ball! * yaptest-parse-snmpwalk.pl now parses the interface IPs into the "interfaces" table. Helps to identify multi-homed hosts for the network map. * Added yaptest-parse-tnscmd.pl to parse port_info and issues about oracle services.
Posted in Blog