Information Security

Backtrack 5: Information Gathering: Network Analysis: DNS Analysis: dnsdict6

Awhile back purehate and myself started writing articles related to Backtrack in an attempt to write a single article about each application available within Backtrack 4. Things came up and we never accomplished that goal so here we go again with a second attempt to write a single article for every Backtrack application. If you have requests for any applications we will move them up in priority so the application you need more information on will have an article released sooner.

With that being said dnsdict6 is a CLI utility that was built to enumerate IPv6 sub domains for a specific domain name. Below I describe the command line switches available and provide examples so you can see what type of output dnsdict6 provides. All commands, examples, and command output has been issued via Backtrack 5 R2.

Information Security

Export Nexpose Scan Templates, Import Nexpose Scan Templates

If you are working with multiple Nexpose vulnerability scanners it makes sense to want to generate a bunch of Nexpose Scan Templates on one Nexpose Seurity Console and distribute to a bunch of other Nexpose Security Console’s. There is not much documentation I could find on doing this so luckily it is fairly easy. Follow the instructions below to first export a Nexpose Scan Template from a Nexpose Security Console and then import a Nexpose Scan Template to another Nexpose Security Console. The scan templates are stored as XML so exporting consists of copying the XML file from the server running Nexpose to either your local machine or to another server running Nexpose.

Information Security

Calculate Disk Space Size Needed To Generate A Wordlist For Password Cracking

Today I was having a discussion regarding wordlist size, the calculation to come up with the specific size the wordlist would be once generated, and various other items revolving around password cracking. Somehow the application crunch came up which in the past has been used to generate wordlists however its fairly slow compared to other technologies out there specifically Hashcat/oclHashcat’s Anyhow during the discussion I was doing some searching and had not used crunch in quite a long time but was pleasantly surprised by one of the features which generates a quick, accurate, and useful output of information regarding number of combinations that will be generated from the combinations length plus the character set/wordlists input and how much disk space those the list will take up on the hard drive. Anyhow a couple interesting things I realized tonight using crunch that I wanted to share.