While working on an upcoming article for QD I ran into an issue with the dnsenum.pl Perl script. I followed the process of installing the optional Perl modules and when I went back to test dnsenum it would no longer return any IP addresses. Instead of dnsenum returning actual IP addresses it was returning odd…
The pdfid script in Backtrack Linux is a PDF forensics tool that will quickly provide you an overview of a PDF files potential threats and pdfid provides a way to disarm those threats. PDFid is written in Python and is located in /pentest/forensics/pdfid/. The current version of pdfid is 0.0.11 and was released April 28th,…
A tool that is more than likely not used very often in Backtrack is the ipcalc which is a command line to that will quickly provide you broadcast address, network address, netmask, and Cisco wildcard mask. If you do a lot of Backtrack Linux installations that each require different IP information for various networks this…
The smbclient command line application included in Backtrack Linux is a staple for pentesting. I would imagine anyone that has done a pentest has used it to quickly verify SMB (Server Message Block) or CIFS (Common Internet File System) shares. The smbclient manpage describes it as a FTP-like client to access SMB/CIFS resources on servers.…
Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe…
The sbd command is a netcat clone that offers decent encryption, allows for command execution, and will install on Linux or Windows. You are likely aware of netcat and all of the different ways you can use it including reverse shells, port scanning, etc. The sbd command is a great tool for opening up protected…
PBNJ is made ip of two commands which are scanpbnj and outputpbnj. The manpages for both scanpbnj and outputpbnj are located in collapsed tables at the bottom of this post in case you want more details. When you run scanpbnj it technically a script that runs nmap and dumps the results to a database. The…