lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000001cbb1c7$dcb4b630$961e2290$@org>
Date: Tue, 11 Jan 2011 17:43:35 -0200
From: "Nelson Brito" <nbrito@...ure.org>
To: <dailydave@...ts.immunitysec.com>, <bugtraq@...urityfocus.com>,
	<full-disclosure@...ts.grok.org.uk>
Subject: [TOOL RELEASE] T50 Sukhoi PAK FA Mixed Packet Injector v2.45r-H2HC

T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool
designed to perform "Stress Testing". It is a powerful and an unique packet
injection tool, that is capable of:
1. Send sequentially (i.e., ALMOST on the same time) the following
protocols:
   - ICMP: Internet Control Message Protocol
   - IGMP: Internet Group Management Protocol
   - TCP:  Transmission Control Protocol
   - UDP:  User Datagram Protocol

2. Send an (quite) incredible amount of packets per second, making it a
“second to none” tool:
   - More than 1,000,000 pps of SYN Flood (+50% of the network’s uplink) in
a 1000BASE-T Network (Gigabit Ethernet).
   - More than 120,000 pps of SYN Flood (+60% of the network’s uplink) in a
100BASE-TX Network (Fast Ethernet).

3. Perform “Stress Testing” on a variety of network infrastructure, network
devices and security solutions in place.

4. Simulate Denial-of-Service attacks, validating the Firewall rules and
Intrusion Detection System/Intrusion Prevention System policies.

Further information can be found @ http://fnstenv.blogspot.com (demo video
and source code).

PS: Yes, there are some "anti-kiddo" tricks, so, please, don't blame me for
doing that...

The new version of the "T50 Sukhoi PAK FA Mixed Packet Injector" (v5.2-NG)
will be unleashed on "WEB Security Forum" (http://websecforum.com.br/evento/
/ April 9th-10th 2011 / São Paulo, Brazil).

The next release will include:
1. New License: It is still not licensed under GPL or any other common
Open-source license, but the source code will be available and the use of
any piece of source code for any free or commercial software is denied.

2. CIDR Support: Classless Inter-Domain Routing support for destination IP
address, using a really tiny C algorithm. This would allow the "T50 Sukhoi
PAK FA Mixed Packet Injector" to simulate DDoS in a laboratory environment.

   001 netmask = ~(0xffffffff>>cidr);
   002 hostid = (int)(pow(2,(32-cidr))-2);
   003 __1st_host = (ntohl(addr)&netmask)+1;
   004 __lst_host = (ntohl(addr)&netmask)+hostid;

3. TEN NEW Protocols: TEN (10) more protocols supported by "T50 Sukhoi PAK
FA Mixed Packet Injector" (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP,
AH and EIGRP).

4. Exotic Protocols: Advanced options and protocol crafting for EIGRP and
GRE were added, allowing users to make any combination while using those
exotic protocols. By the way, EIGRP is a proprietary protocol developed by
CISCO Systems, Inc.

5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC
and SACK) are supported to improve the TCP protocol.

6. DATA Payload Support: The data payload support is back, and it can be
rand or user defined.

Best regards.

Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ