CORE IMPACT v2.0

CORE IMPACT v2.0



-------------------------------------------
C O R E I M P A C T v 2 . 0 i s o u t !
-------------------------------------------

This update includes general application enhancements as well as several new modules.


New functionality highlights
---------------------------------------

CORE IMPACT v2.0 has an improved Module View, now supporting subcategories. The new Module View can also be docked on different places in the console's window, taking advantage of an improved window space use.

Also, 'Reuse socket' was added to the set of available connection methods for level0 agents. Reuse socket gives an exploit module the ability to deploy a new level0 agent on a target system without having to create a new connection. Reuse socket allows agent communications to bypass packet filtering rules and IDS systems that detect new connections.

CORE IMPACT v2.0 has also several other new features, such as executed modules sorting and an improved Modules Reference.


New modules

-------------------

The following list of new modules are now part of CORE IMPACT v2.0:

* SMB ShareEnum2 exploit: a Denial of Service exploit for Windows
* SecureCRT client exploit: a client-side exploit for the SecureCRT ssh client
* WinVNC client exploit: a client-side exploit for the WinVNC client
* X-ThinPro exploit: a remote exploit for the X-ThinPro XServer
* Solaris cachefsd exploit: a local exploit for Solaris
* OpenBSD select exploit: a local exploit for OpenBSD
* IIS meta exploit: a macro module for attacking IIS servers with several exploits
* SQL Server CAN-2002-0649 exploit: a remote exploit for MS SQL Server
* SQL Server Hello exploit: a remote exploit for MS SQL Server
* rpc.statd format string exploit: a remote exploit for Linux
* Agents/Level 0/Install using unix-portshell: a level0 deploy module for taking advantage of non-IMPACT remote-shell exploits.
* Agents/Level 0/Install using win-portshell: a level0 deploy module for taking advantage of non-IMPACT remote-shell exploits.
* Agents/Level 1/Install using SMB: a level1 deploy module using SMB shares
* Network discovery - ARP: an information gathering module
* ARP spoofer: an ARP spoofer module
* Fake SMB server: an SMB server that runs on any level0 agent
* Nessus output interpreter: an import module
* Connect Proxy: a TCP proxy for a HTTP CONNECT proxies
* Send HTML E-mail: a helper module


Updated modules
-------------------------

The following existing modules were modified:

* Apache chunked encoding exploit: Improved reliability and perfomance. Added reuse socket support.
* Apache mod_php exploit: Added reuse socket support.
* IIS CGI Filename Decode: Added Windows NT as target
* rpc.dtspcd exploit: Added reuse socket support.
* ftpd glob overflow exploit: Added reuse socket support.
* lprng exploit: Added reuse socket support.
* ttdbserverd delete any file: Added Solaris 2.6 as target
* ttdbserverd format string: Added Solaris 2.6 as target
* wuftpd format string: Added reuse socket support.
* IIS UNICODE: Deploys a level0 agent
* Windows Service Manager: uses the new SMB implementation (does not rely on the source agent being Windows).


New libraries
------------------
* PyBlowfish: a native blowfish implementation library for Python


Updated libraries
------------------------
* SSH lib: Supports PyBlowfish for faster encryption
* exploit lib: Improved. Supports 'reuse socket' when possible.


To see more about CORE IMPACT, see www.coresecurity.com/products/coreimpact

Wed, September 04
  • Request Info

Media Contact

InkHouse PR for Core Security
781-966-4100
core@inkhouse.net