Black Asylum

While performing vulnerability assessments/penetration tests, sometimes you will need to spoof a particular IP address or MAC to get past some ACL (firewall, etc…). While some tools have this ability built in, such as nmap, most other tools do not.

You could simply change your Ethernet card’s mac and IP address, but that can cause other issues, such as DOS-ing the real system due to IP and MAC conflicts on the network.

What I am looking for is a tool, something like proxychains, where I could use it to specify a fake (spoofed) IP address and/or MAC then command to run. Basically a tool that wraps all communication that some other command/tool issues.

SPOOF -ip=<ip> -mac=<mac> <command>

SPOOF -ip=10.1.1.10 -mac=00:11:22:33:44:55 telnet 10.1.1.11
SPOOF -ip=10.1.1.10 -mac=00:11:22:33:44:55 nessus -D

Any thoughts? Is there a tool already like this?

According to the website:

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported.  SSLScan is designed to be easy, lean and fast.  The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

SSLScan is a very useful tool to quickly determine the cipher suites support by one or more websites.  Below is a screenshot of the output of the command:

# sslscan –no-failed <target>.net:443

Download it from here, or if you are running from Debian or Ubuntu, you can simply issue the command:

# apt-get install sslscan

What is Maltego?  Well according to their website, it is:

Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

What does that mean?

It means that Maltego is a commercial($) tool, that when provided a person’s name, email address, website, etc…, can quickly search for and identify related information from numerous sources on the Internet.

Maltego is particularly useful in scoping for a penetration test or social engineering engagement.  Using Maltego one can enumerate employee names, email addresses, phone numbers, postions, as well as alternate websites, dns entries, and so on.

Maltego comes with a number of built-in transforms.  A transform is a module which Maltego uses to perform a particular information search.  A varied collection of user created transforms can also be found and integrated with Maltego.