phrack/phrack61/4.txt

                           ==Phrack Inc.==

              Volume 0x0b, Issue 0x3d, Phile #0x04 of 0x0f

|=------------------=[ T O O L Z   A R M O R Y ]=------------------------=|
|=-----------------------------------------------------------------------=|
|=-----------------------=[ Phrack  Staff ]=-----------------------------=|


    This new section, Phrack Toolz Armory, is dedicated to tool
annoucements. We will showcast selected tools of relevance to the computer
underground which have been released recently.

Drop us a mail if you develop something kewl that you think is worth of
being mentioned in #62.


Content:

     1 - Scapy, Interactive Packet Manipulation Program    by Biondi
     2 - ShellForge, Shellcode Builder                     by Biondi
     3 - objobf : burneye2 IA32 object file obfuscator     by team-teso
     4 - ELFsh, ELF objects manipulation scripting langage by Devhell labs.
     5 - Packit, Network injection, capture and auditing   by D. Bounds


----[ 1 - Scapy : interactive packet manipulation program

URL     : http://www.cartel-securite.fr/pbiondi/scapy.html
Author  : biondi@cartel-securite.fr
Comment : Scapy is a powerful interactive packet manipulation tool, packet
          generator, network scanner, network discovery tool, and packet
          sniffer. It provides classes to interactively create packets or
          sets of packets, manipulate them, send them over the wire, sniff
          other packets from the wire, match answers and replies, and
          more. Interaction is provided by the Python interpreter, so
          Python programming structures can be used (such as variables,
          loops, and functions). Report modules are possible and easy to
          make. It is able to do about the same things as ttlscan,
          nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof,
          firewalk, irpas, tethereal, tcpdump, etc.

          Here are some techniques that you can use it for : port,
          protocol, network scans, arp cache poisonning, dns poisonning,
          DoSing, nuking, sniffing etherleaking, icmpleaking, firewalking,
          NAT discovery, fingerprinting, etc.


----[ 2 - ShellForge : shellcode builder

URL     : http://www.cartel-securite.fr/pbiondi/shellforge.html
Author  : biondi@cartel-securite.fr
Comment : ShellForge is a kit that builds shellcodes from C.
          It is inspired from Stealth's Hellkit. This enables to
          create very complex shellcodes (see example which scans ports).
          C header files are included that provide macros to substitute
          libc calls with direct system calls and an Python script
          automates compilation, extraction, encoding and tests.


----[ 3 - objobf : burneye2 IA32 object file obfuscator

URL     : http://www.team-teso.net/projects/objobf/
Author  : teso@team-teso.net
Comment : Objobf is part of the burneye2 binary security suite. It is an ELF
          relocatable object file obfuscation program. While still a beta
          release it works well on smaller object files and can significantly
          increase the time for manual decompilation. Within the downloadable
          tarball there are some examples. Besides obfuscation it does limited
          code and dataflow analysis and displays them in high quality graphs,
          using the free xvcg or the propietary aiSee graphing tools.
          Full sourcecode of the objobf tool is available at the above URL.


----[ 4 - ELFsh 0.51b2 portable : ELF objects manipulation scripting language

URL      : http://elfsh.devhell.org
           http://elfsh.segfault.net (mirror)
Author   : elfsh@devhell.org
Comments : ELFsh is an interactive and scriptable ELF machine to play with
           executable files, shared libraries and relocatable ELF32
           objects. It is useful for daily binary manipulations such as
           on-the-fly patching, embedded code injection, and binary
           analysis in research fields such as reverse engineering,
           security auditing and intrusion detection. ELFsh is based on
           libelfsh, so that the API is really useable in opensource
           projects. This version works on 2 architectures (INTEL, SPARC)
           and 4 OS (Linux, FreeBSD, NetBSD, Solaris).

----[ 5 - Packit : Network injection, capture and auditing tool

URL      : http://packit.sf.net
Author   : Darren Bounds <dbounds@intrusense.com>
Comments : Packit (Packet toolkit) is a network auditing tool. Its value is
           derived from its ability to customize, inject, monitor, and
           manipulate IP traffic. By allowing you to define (spoof) nearly
           all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet header options,
           Packit can be useful in testing firewalls, intrusion
           detection/prevention systems, port scanning, simulating network
           traffic, and general TCP/IP auditing. Packit is also an
           excellent tool for learning TCP/IP. It has been successfully
           compiled and tested to run on FreeBSD, NetBSD, OpenBSD, MacOS X
           and Linux.

|=[ EOF ]=---------------------------------------------------------------=|