A free penetration testing toolkit / News: Recent posts

Inguma 0.0.7.2: Bug fixes, stability and new modules

Inguma version 0.0.7.2 has been released. In this version I have added new modules and exploits, fixed many, many, many bugs as well as enhancing existing modules, such as the Oracle related stuff.

PyShellcodelib has been enhanced as well and now supports Mac OS X. But, for the moment, just BSD syscalls. Mach syscalls implementation is on the way. You will also notice that it is now object oriented as opossed to the previous versions.... read more

Posted by Joxean Koret 2008-03-12

Inguma 0.0.6: Free Shellcode Library

Inguma version 0.0.6 have been released. In this new version I added many modules as well as enhanced existent ones as, in example, the Oracle modules. The Oracle payloads now uses the Cursor Injection method when possible so CREATE PROCEDURE system privilege is not needed to become DBA.

The support for InlineEgg, added in version 0.0.5.1, have been removed and a new completely free library have been added: PyShellCodeLib. Currently, the library supports Linux and OpenBSD x86 based shellcodes.... read more

Posted by Joxean Koret 2007-11-26

Inguma 0.0.5: Brute forcing and password cracking

The latest version of Inguma (0.0.5) have been released with many fixes and new modules. The following are the most important changes and updates:

* Added the module "firetest" to test firewall configurations.
* Added module "brutessh" to brute force SSH servers.
* Added module "bruteora" to brute force Oracle servers. It will check for every (commonly) possible user or for an specified user.
* Added a tool to crack MD5 hashes using freely available rainbow tables.
* Added module "sidguess" to guess the SID of an Oracle Database instance.
* _*Initial*_ shellcode support. See the SIDVault remote root exploit and $INGUMA_DIR/lib/libexploit.py for details. x86 support with InlineEgg. Thanks you Gera!
* Added one exploit for the vulnerability in SYS.LT.FINDRICSET (Oracle CPU Oct. 2007).
* Added a password cracker for Oracle11g.
* Added a password cracker for MS SQL Server 7 and 2000.
* Enhanced the Oracle PL/SQL Fuzzer. Now, if you redirect the output only the vulnerabilities found are logged, all the rest of the output are written to stderr.

Posted by Joxean Koret 2007-10-20

Inguma 0.0.4: New modules and many bug fixes

The latest version of Inguma is 0.0.4 and among with many fixes the following new features have been added:

* Added one module to check for the most common Oracle Appplications Server vulnerable
urls.
* Added "smbgold" module, to search in SMB/CIFS shares for intereting
files (*.mdb, passwords.txt, ...).
* Added "scapereal" to distribution. Run "sniffer", sniff a packet list and type "ethereal". You
see an ethereal like GTK Window showing all the sniffed packets in a graphical fashion.
* First version of the GUI using pyqt.
* Added a module to gather information from an Oracle TimesTen server.... read more

Posted by Joxean Koret 2007-10-03

New Inguma version enhancing vulnerability research

Inguma 0.0.3 have been released and lot of work have been done. In that version you will found a disassembler (with special support for x86 and AVR) that makes easier the life of a security researcher when doing an static analysis of a commercial closed source product.

Also, in the krash directory, you will notice that a general purpose automatic "token based" fuzzer have been added with various sample packets.... read more

Posted by Joxean Koret 2007-09-06

Inguma, an Open Source pen-testing framework

I'm pleased to announce the first public version of Inguma, an open source penetration testing framework which is written completely in Python.

Currently there is no too many work made, remember that is only a pre-alpha version, but you have modules to perform the following actions:

- Communicate with a TNS Listener
- Exploits for Oracle Database (prior to CPU Oct 2006)
- Gather information from an Oracle E-Business Suite 11i instance
- A module to test nids's rules (with an snort plugin)
- 2 Portscanners: a simple TCP scan and a SYN, ACK, Fin, XMAS port scanner.
- A module to dump the SAM database
- A module to dump the RCP endpoints
- A samba client
- An sniffer
- A fuzzer for OSI layers 2,3 and 4 (ARP, TCP and IP, at the moment)
- Fuzzers for Oracle, SQL Server/Sybase, Informix and PostgreSQL
- A brute forcer for Sybase
- Python native libraries to communicate with a TNS Listener or a Sybase/SQL Server server.... read more

Posted by Joxean Koret 2007-02-16