Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bacon A Penetration and Auditing Framework Hernan Gips

Published byAntony Lloyd Modified over 9 years ago

Similar presentations

Presentation on theme: "Bacon A Penetration and Auditing Framework Hernan Gips"— Presentation transcript:

1 Bacon A Penetration and Auditing Framework Hernan Gips gipsh@rubic.cc

2 Common problems… A lot of independent tools uses same input A lot of independent tools uses same input Most tools are developed in c/c++ Most tools are developed in c/c++ Tools run in certain platforms Tools run in certain platforms Tools need to be modified Tools need to be modified Others… Others…

3 Solution: Bacon A flexible and extendible Framework oriented to the security community.

4 Overview Based on.NET Framework Based on.NET Framework Modular Architecture Modular Architecture Multi language support Multi language support Opensource Opensource Multiplatform Multiplatform Fully OO Design Fully OO Design

5 What Bacon is not… An automatic penetration tool An automatic penetration tool hack-in-a-minute tool hack-in-a-minute tool A static tool A static tool

6 Framework Ability to load modules Ability to load modules Keeps session information Keeps session information Provides entities to store specific information like: targets, ports, services, etc Provides entities to store specific information like: targets, ports, services, etc Provides libraries for proxing, sniffing, etc. Provides libraries for proxing, sniffing, etc.

7 Framework Bacon is multiplatform. Runs with: –.NET Framework –Mono –Any ECMA VM implementation

8 Architecture Architecture Bacon Framework Console GUI MODULESMODULES Data

9 Internal Context The framework provides information entities oriented to security and networking. Network ServiceCollection TargetCollection Service GenericList Target

10 Internal Context Each module has RW access to the context. Each module has RW access to the context. Internal implementation uses XML Internal implementation uses XML Developer can use the entities or directly access via generic XPath queries. Developer can use the entities or directly access via generic XPath queries.

11 Internal Context Context Mail Addresses Users Session data… Google Mails Finder POP3 Brute force Attack SMTP VRFY Dictionary Attack Target

12 Modules Each module is a DLL compiled in.NET Each module is a DLL compiled in.NET Framework loads modules using reflection. Framework loads modules using reflection. Modules are multithreading Modules are multithreading Each module runs on an different Application Domain Each module runs on an different Application Domain

13 Modules: Reflection A developer may creates its own plugin in any language that generates.NET assembly.

14 Modules Well known languages Well known languages  C#  VB.NET  C++.NET Not so well known Not so well known  IronPython  Boo

15 Modules Every modules inherits from Bacon.Plugin abstract class Every modules inherits from Bacon.Plugin abstract class This class provides two methods: This class provides two methods: –Start() –Stop() Module has facilities to Module has facilities to –Access the context –Log debug information

16 Modules Example module source code in C# [Plugin("Test", "plugin for testing purposes")] public class TestPlugin : Bacon.Plugin { [Command("listdump", "command to test something")] …. [Command(“listusers", "command to test something")] … }

17 Modules Modules has commands defined on it Modules has commands defined on it Each command has different parameters Each command has different parameters [Command("hack", "hacks something")] class HackCommand : Bacon.Command { public override void Execute() { ……. }

18 Modules How loader works How loader works TestPlugin : Bacon.Plugin MSIL Assembly Plugins Loader Plugins Manager

19 Modules C# VB IronPython MSIL Compilers (msc, monoc, etc) Common Language Runtime Bacon

20 Modules: Module chaining Network Scan ICMP Targets TCP port scanner [connect()] Services Web directory finder Web file finder Dirs Files Dictionary input: 192.168.0.0/24 Report Generator XML

21 Remoting The Framework exposes its own interface like a remote service. This is useful to create distributed attacks.

22 Framework Interface Integrated Command Line Console Integrated Command Line Console

23 Framework Interface Uses Winforms Uses Winforms Each module may provide its own GUI Each module may provide its own GUI

24 Framework Interface You may create your own interface. (i.e. a web interface) You may create your own interface. (i.e. a web interface) You may also create a common GUI generator for each module You may also create a common GUI generator for each module

25 Framework Services ProxyLib Service ProxyLib Service SniffLib Service SniffLib Service FuzzLib Service FuzzLib Service Other Other

26 Framework: ProxyLib Creates simple proxies Creates simple proxies HTTP, Sockets, etc HTTP, Sockets, etc Hook to events Hook to events

27 State of Dev Bacon got sponsored! Bacon got sponsored! The framework architecture is mostly closed The framework architecture is mostly closed We are working on creating new modules and a nice GUI. We are working on creating new modules and a nice GUI.

28 Future Module creation process  Now Module creation process  Now Opensource official release  3 Months Opensource official release  3 Months Community site release  1 Month Community site release  1 Month

29 Conclusion We want to create a standard framework for pentesting and auditing networks and applications. We want to create a standard framework for pentesting and auditing networks and applications. We want the security community uses it and develops module for the framework We want the security community uses it and develops module for the framework

30 Any Questions?

31 The End. Hernan Gips gipsh@rubic.cc

Download ppt "Bacon A Penetration and Auditing Framework Hernan Gips"

Similar presentations

.NET Framework Overview

.NET Framework Overview
Web Applications Development Using Coldbox Platform Eddie Johnston.

Web Applications Development Using Coldbox Platform Eddie Johnston.
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
Windows Programming 1 Part 1 dbg --- Getting Acquainted with Visual Studio.NET and C#

Windows Programming 1 Part 1 dbg --- Getting Acquainted with Visual Studio.NET and C#
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.

Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
Programming Our First Java Program Yingcai Xiao. What to Do Set up for Java Programming Write our first Java Program with IDE Write our first Java Program.

Programming Our First Java Program Yingcai Xiao. What to Do Set up for Java Programming Write our first Java Program with IDE Write our first Java Program.
Penetration testing – W3AF Tool

Penetration testing – W3AF Tool
Chapter 10 Application Development. Chapter Goals Describe the application development process and the role of methodologies, models and tools Compare.

Chapter 10 Application Development. Chapter Goals Describe the application development process and the role of methodologies, models and tools Compare.
2. Developing in.NET and C#. 2 Microsoft Objectives “Microsoft.NET development is based on an underlying framework of tools and classes. These tools and.

2. Developing in.NET and C#. 2 Microsoft Objectives “Microsoft.NET development is based on an underlying framework of tools and classes. These tools and.
Creating and Running Your First C# Program Svetlin Nakov Telerik Corporation www.telerik.com.

Creating and Running Your First C# Program Svetlin Nakov Telerik Corporation
Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327.

Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Windows.Net Programming Series Preview. Course Schedule - 2014 CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.

Windows.Net Programming Series Preview. Course Schedule CourseDate Microsoft.Net Fundamentals 01/13/2014 Microsoft Windows/Web Fundamentals 01/20/2014.
A Free sample background from www.powerpointbackgrounds.com © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.

A Free sample background from © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.
FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)

FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)
A Scalable Application Architecture for composing News Portals on the Internet Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta Famagusta.

A Scalable Application Architecture for composing News Portals on the Internet Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta Famagusta.
Introduction to .Net Framework

Introduction to .Net Framework
An Introduction to ASP.NET Ed Dunhill blogs.msdn.com/edunhill SLIDE7.

An Introduction to ASP.NET Ed Dunhill blogs.msdn.com/edunhill SLIDE7.
Module 1: Introduction to C# Module 2: Variables and Data Types

Module 1: Introduction to C# Module 2: Variables and Data Types
Native Support for Web Services  Native Web services access  Enables cross platform interoperability  Reduces middle-tier dependency (no IIS)  Simplifies.

Native Support for Web Services  Native Web services access  Enables cross platform interoperability  Reduces middle-tier dependency (no IIS)  Simplifies.

Similar presentations

Ads by Google