Yaptest Update: v0.1.9

Release 0.1.9 of yaptest is now available.  Download here.

This release includes enumeration of users via the finger service (using finger-user-enum) and gathering of usernames and password hashes via rexd (Linux rexd client).  There are also important improvments to the gathering of topology information, which should make network diagrams generated in YaptestFE look nicer.

See below for the full change log…

* Created "modules" directory to make ebuild creation easier
* yaptest-parse-yapscan-tcp.pl now parses TTL info
* yaptest-parse-traceroute.pl now parses hop number
* Bug Fix: Negative hop number from yaptest-parse-ping-r.pl
* yaptest-parse-bannergrab.pl parses usernames guessed by
  the "finger" probes.
* Add the following support username guessing against finger
  daemons using finger-user-enum.pl:
  - yaptest-finger-user-enum.pl
  - yaptest-parse-finger-user-enum.pl
  - finger-users.txt
  NB: Only tested against one Linux finger daemon so far.
* Added yaptest-password-guess-mysql.pl
* Added API for parseing BSD MD5 hashes from john.pot.
* Added yaptest-rexd.pl to get credential information from
  hosts running rexd.
* "yaptest-progress.pl reset" takes multiple args.
* Improved parsing of /etc/groups by yaptest-groups.pl
* yaptest-credentials.pl parses issues about DES-based
  hashes and cleartext passwords in /etc/passwd.

                

Tags:

Posted in Blog