cscamp2013 - introduction to pwncore

Introduction to

pwnCorefor Penetration Testers

Anwar Mohamed

About Me● Anwar Mohamed (@anwarelmakrahy)

● 3rd Term Computer & Communication Program, Faculty of Engineering, Alexandria University.

● Contributed to many security projects.

● The Author of:

– PwnCore “Cyber attack management tool”.

– Packetyzer “Packet analysis library”.

– Metasploit Meterpreter Android Extension.

– droidNinja “Android Exploitation Framework”.

Mobile Phones● Accelerated productivity as they move to replace

many of the other devices we used to carry in a small package.

● Wi-Fi capability, cameras, mass storage capability and a persistent internet connection via 3G and 4G.

● Allow a wide number of applications and if rooted provide many of the same tools as a computer, but with more hardware and network capabilities.

● These conveniences also carry over to make them a very powerful tool to use in penetration tests, more powerful I would argue than a laptop.

● Can be easily hidden on your person, or inside of an office building.

Metasploit Framework● Open source penetration testing tool used

for developing and executing exploit code against a remote target machine.

● The world's largest database of public, tested exploits.

● Used to test the Vulnerability of computer systems in order to protect them and on the other hand it can also be used to break into remote systems.

Meterpreter● Advanced, dynamically extensible payload that

uses in-memory DLL injection stagers and is extended over the network at runtime.

● Resides entirely in memory and writes nothing to disk.

● No new processes are created as Meterpreter injects itself into the compromised process and can migrate to other running processes easily.

● Provides limited forensic evidence and impact on the victim machine.

Feel free to ask during my talk

pwnCoreWelcome to

Follow Up● Introduction●App Architecture●Features●Simple Testing●Undergoing Features●Future Developments

IntroductionWhat is pwnCore ?● Android Cyber Attack Management Tool for

Metasploit.● GUI package that visualizes targets, recommends

exploits, and exposes the advanced capabilities of the metasploit framework.

● Has some of the nature of Armitage project, but the advantage here that pwnCore can turn your Android device capabilities into an advanced pentesting lab within clicks.

App Architecture● Developed using Java

Programming Language.● At least Android 3.0

(HONEYCOMB) , API Level: 11.● Msfrpc gui client integrated with

other features.● Allows encrypted & unencrypted

msfrpc connections.● Connections are serialized using

MessagePack.

App Architecture

FeaturesBasic Features:

● Listing available modules in metasploit “exploits, auxiliary, payloads, encoders, post”.

● Running modules with customized options.● Launching handlers and listeners.● Searching for modules specified by type.● Entering console mode for metasploit just like if you

were using msfconsole natively.● Interacting with meterpreter and shell sessions.● Listing jobs & sessions running.

FeaturesBasic Features:

● Listing available modules in metasploit “exploits, auxiliary, payloads, encoders, post”.

FeaturesBasic Features:● Running modules with

customized options.

FeaturesBasic Features:● Launching handlers and

listeners.

FeaturesBasic Features:● Searching for modules specified by type.

FeaturesBasic Features:● Entering console mode for

metasploit just like if you were using msfconsole natively.

FeaturesBasic Features:● Interacting with meterpreter and shell sessions.

FeaturesBasic Features:● Listing jobs & sessions

running.

FeaturesAdvanced Features:● Ability to work as a background process.● Importing remote hosts addresses from file.● Auto scanning new added hosts & enumerating their

operating system.● Resuming meterpreter & shell sessions if app was

exited.● Notifications with new sessions.● PwnHarvest Attack.● Meterpreter VisualCommander.

FeaturesAdvanced Features:● Ability to work as a

background process.

FeaturesAdvanced Features:● Importing remote hosts

addresses from file.

FeaturesAdvanced Features:● Auto scanning new added hosts & enumerating their

operating system.

FeaturesAdvanced Features:● Resuming meterpreter & shell

sessions if app was exited.

FeaturesAdvanced Features:● Notifications with new sessions.

FeaturesAdvanced Features:● PwnHarvest Attack.

● Smart automated vulnerability exploitation attack.

● Uses some algorithms to suggest the best exploits for a remote target and also suggests the best payload for each exploit.

● Runs in background until a new session is opened.

FeaturesAdvanced Features:● Meterpreter VisualCommander.

● Better way to run post-exploitation scripts without interacting and writing the commands directly in the session console.

● Has the capability to control multi-sessions for the same remote host.

Undergoing Features● Pivoting.● Web Interface running on an internal web server.

● File Browser for meterpreter sessions.● Plugins Architecture.

Future Features● Adding support to import remote hosts from pentesting tools' reports like Nessus.

● Porting ruby to android-devices to allow the running of metasploit natively and also recompiling needed gem files for the framework.

● Integrating pwnCore with other pentesting tools.

And BTW ...

pwnCore can also work on

Any Questions ?

Hack the Gibson!

Thank you for attending today

Github: AnwarMohamed

Twitter: @anwarelmakrahy

Gmail: anwarelmakrahy

Outlook: anwarelmakrahy

cscamp2013 - introduction to pwncore

Documents