Your SlideShare is downloading. ×
0
TCP Input TextChristian Heinrich aka “cmlh”Updated: February 2012
TCP Input TextUsed in the “Recon” Phase of Penetration TestEnumerates FQDN and TCP PortsImplements theGoogle SOAP Search ...
cache:May be out of date since last crawl by “Googlebot”Hence, positive assurance by nmap, nc, etc                        ...
Output Plug-In ArchitectureTCP Port and FQDNnmapnetcat aka ncmaltego (new).CSV FileOutput Files written to./[query]/ti...
Regular Expression=~m|(w+)://([^/:]+)(:d+)?/(.*)|;my $Protocol = $1;my $Domain_Name = $2;my $URI = ("/" . $4); // discarde...
tit_FQDN.csvForward Lookup with dig and/or nslookupScan for TCP Ports *not* within Search Results.  Neither TCP/80 or TCP...
tit_FQDN.csv Exampleglcfapp.umiacs.umd.eduwww.speedguide.netinside.c-spanarchives.orgwww.wsu.edutorrents.freebsd.orgsammel...
tit_FQDN_TCP.csv Exampleglcfapp.umiacs.umd.edu,8080www.speedguide.net,8080inside.c-spanarchives.org,8080www.wsu.edu,8080to...
tit_maltego.csv Exampleca.bing.com,http,80de.bing.com,http,80m.bing.com,http,80nz.bing.com,http,80uk.bing.com,http,80www.b...
tit_maltego.csv Example                          tcpinputtext.org   10
tit_nc.sh Examplenc   -vz   glcfapp.umiacs.umd.edu 8080nc   -vz   www.speedguide.net 8080nc   -vz   inside.c-spanarchives....
tit_nmap.sh Examplenmap   -PN   -sT   -p   T:8080   glcfapp.[snip]nmap   -PN   -sT   -p   T:8080   www.spee[snip]nmap   -P...
Output Plug-In ArchitectureTo remove duplicate entriescmlh$ sort file | uniq > nodups_fileOutput Files written to./[query]...
DataDumper.txt Example$VAR1 = bless( {  searchTime => 0.116592,  endIndex => 10,  searchComments => ,  documentFiltering =...
json_debug_log.txtDivided into three major sections marked with “#”:1. $bing_json_url2. $bing_http_request->get($bing_json...
tit RoadmapPoC v0.1 (RUXCON 2K8 in Sydney, AU, Nov 2008)Previewed at ToorCon(US) and SecTor (CA)Alpha v0.2 (SyScan’09 Sin...
Changes from v0.1 to v0.2cmlh$ ./tit.pl –key “demo” –query “inurl:8080” –start 1“TCP Input Text“ PoC v0.2Copyright 2008, 2...
tit RoadmapAlpha v0.3Support for Bing API v2 Repository at tit.codeplex.comMaltego Local Transform (CSV) Repository at...
Changes from v0.2 to v0.3cmlh$ ./tit.pl -site "bing.com""TCP Input Text" for Bing Alpha (Release Candidate) RC v0.0.1Copyr...
tit RoadmapBeta v0.4 and onwardsMerge tit-google-soap.pl and tit-bing.pl Repository at github.com/cmlh/dicsub output_pl...
QuestionsLatest Slides Available From:http://slideshare.net/cmlh/tithttps://github.com/cmlh/titContact:christian.heinri...
Upcoming SlideShare
Loading in...5
×

tit

1,658

Published on

"TCP Input Text" implements the Google SOAP Search API and Bing API v2 to extract TCP Ports and Fully Qualified Domain Names (FQDN) from Google Search Results into a .csv file and individual shell scripts for maltego, nmap and nc aka netcat to provide assurance of a listening TCP service since the time that has past of the last crawl performed by the GoogleBot and BingBot

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,658
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • \n
  • Not an OWASP Project but related to “Download Indexed Cache”.\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • -PN Disable Ping\n-sT TCP Connect Scan\n-p T: Specify TCP Port\n
  • -PN Disable Ping\n-sT TCP Connect Scan\n-p T: Specify TCP Port\n
  • -v Verbose\n-z Don’t send any data, just check that port is open\n
  • -PN Disable Ping\n-sT TCP Connect Scan\n-p T: Specify TCP Port\n
  • “uniq –c” shows the number of entries\n
  • -PN Disable Ping\n-sT TCP Connect Scan\n-p T: Specify TCP Port\n
  • -PN Disable Ping\n-sT TCP Connect Scan\n-p T: Specify TCP Port\n
  • \n
  • The “Release \n
  • \n
  • The “Release \n
  • Sub output_plugin is refactoring of csv, FQDN, nc, nmap\n
  • Not an OWASP Project but related to “Download Indexed Cache”.\n
  • Transcript of "tit"

    1. 1. TCP Input TextChristian Heinrich aka “cmlh”Updated: February 2012
    2. 2. TCP Input TextUsed in the “Recon” Phase of Penetration TestEnumerates FQDN and TCP PortsImplements theGoogle SOAP Search APIBing API v2 (new) tcpinputtext.org 2
    3. 3. cache:May be out of date since last crawl by “Googlebot”Hence, positive assurance by nmap, nc, etc tcpinputtext.org 3
    4. 4. Output Plug-In ArchitectureTCP Port and FQDNnmapnetcat aka ncmaltego (new).CSV FileOutput Files written to./[query]/tit/Bing|Google tcpinputtext.org 4
    5. 5. Regular Expression=~m|(w+)://([^/:]+)(:d+)?/(.*)|;my $Protocol = $1;my $Domain_Name = $2;my $URI = ("/" . $4); // discardedif ($3 =~ /:(d+)/) {$TCP_Port = $1} else {$TCP_Port = 80} tcpinputtext.org 5
    6. 6. tit_FQDN.csvForward Lookup with dig and/or nslookupScan for TCP Ports *not* within Search Results. Neither TCP/80 or TCP/443Output Files written to./[query]/tit/Bing|Google tcpinputtext.org 6
    7. 7. tit_FQDN.csv Exampleglcfapp.umiacs.umd.eduwww.speedguide.netinside.c-spanarchives.orgwww.wsu.edutorrents.freebsd.orgsammelpunkt.philo.atarc.cs.odu.eduwww.ripn.netphy043.tours.inra.fr202.188.95.52 tcpinputtext.org 7
    8. 8. tit_FQDN_TCP.csv Exampleglcfapp.umiacs.umd.edu,8080www.speedguide.net,8080inside.c-spanarchives.org,8080www.wsu.edu,8080torrents.freebsd.org,8080sammelpunkt.philo.at,8080arc.cs.odu.edu,8080www.ripn.net,8080phy043.tours.inra.fr,8080202.188.95.52,8080 tcpinputtext.org 8
    9. 9. tit_maltego.csv Exampleca.bing.com,http,80de.bing.com,http,80m.bing.com,http,80nz.bing.com,http,80uk.bing.com,http,80www.bing.com,http,80 tcpinputtext.org 9
    10. 10. tit_maltego.csv Example tcpinputtext.org 10
    11. 11. tit_nc.sh Examplenc -vz glcfapp.umiacs.umd.edu 8080nc -vz www.speedguide.net 8080nc -vz inside.c-spanarchives.org 8080nc -vz www.wsu.edu 8080nc -vz torrents.freebsd.org 8080nc -vz sammelpunkt.philo.at 8080nc -vz arc.cs.odu.edu 8080nc -vz www.ripn.net 8080nc -vz phy043.tours.inra.fr 8080nc -vz 202.188.95.52 8080 tcpinputtext.org 11
    12. 12. tit_nmap.sh Examplenmap -PN -sT -p T:8080 glcfapp.[snip]nmap -PN -sT -p T:8080 www.spee[snip]nmap -PN -sT -p T:8080 inside.c[snip]nmap -PN -sT -p T:8080 www.wsu.edunmap -PN -sT -p T:8080 torrents[snip]nmap -PN -sT -p T:8080 sammelpu[snip]nmap -PN -sT -p T:8080 arc.cs.odu.edunmap -PN -sT -p T:8080 www.ripn.netnmap -PN -sT -p T:8080 phy043.t[snip]nmap -PN -sT -p T:8080 202.188.95.52 tcpinputtext.org 12
    13. 13. Output Plug-In ArchitectureTo remove duplicate entriescmlh$ sort file | uniq > nodups_fileOutput Files written to./[query]/tit/Bing|Google tcpinputtext.org 13
    14. 14. DataDumper.txt Example$VAR1 = bless( { searchTime => 0.116592, endIndex => 10, searchComments => , documentFiltering => 0, searchTips =>Deprecated for json_debug_log.txt , estimatedTotalResultsCount => 51700000, searchQuery => inurl:8080, startIndex => 1, resultElements => [ bless( { [SNIP] tcpinputtext.org 14
    15. 15. json_debug_log.txtDivided into three major sections marked with “#”:1. $bing_json_url2. $bing_http_request->get($bing_json_url)- >content3. decode_json($bing_http_response)- >{SearchResponse}->{Web}->{Results}Smart::Comments are also supported for v0.3. tcpinputtext.org 15
    16. 16. tit RoadmapPoC v0.1 (RUXCON 2K8 in Sydney, AU, Nov 2008)Previewed at ToorCon(US) and SecTor (CA)Alpha v0.2 (SyScan’09 Singapore)Moving repository to code.google.com/p/titAdded FQDN Output Plug-InPreviewed at OWASP AU 2009 (February) and 5th CONFidence 2009 (Poland) tcpinputtext.org 16
    17. 17. Changes from v0.1 to v0.2cmlh$ ./tit.pl –key “demo” –query “inurl:8080” –start 1“TCP Input Text“ PoC v0.2Copyright 2008, 2009 Christian HeinrichLicensed under the Apache License, Version 2.0Output Plug-Ins (TCP_FQDN_CSV, FQDN_CSV, NMAP_SH, NC_SH)1. glcfapp.umiacs.umd.edu TCP/8080 available2. www.speedguide.net TCP/8080 available3. www.wsu.edu TCP/8080 available4. inside.c-spanarchives.org TCP/8080 available5. torrents.freebsd.org TCP/8080 available6. sammelpunkt.philo.at TCP/8080 available7. arc.cs.odu.edu TCP/8080 available tcpinputtext.org 17
    18. 18. tit RoadmapAlpha v0.3Support for Bing API v2 Repository at tit.codeplex.comMaltego Local Transform (CSV) Repository at github.com/cmlh/maltego tcpinputtext.org 18
    19. 19. Changes from v0.2 to v0.3cmlh$ ./tit.pl -site "bing.com""TCP Input Text" for Bing Alpha (Release Candidate) RC v0.0.1Copyright 2008-2012 Christian HeinrichLicensed under the Apache License, Version 2.0Output Plug-Ins: FQDN_CSV, TCP_FQDN_CSV, MALTEGO_CSV, NMAP_SH, NC_SHCreating ./sitebing.com/tit/bingcmlh$ Enabled with ## Smart::Comments tcpinputtext.org 19
    20. 20. tit RoadmapBeta v0.4 and onwardsMerge tit-google-soap.pl and tit-bing.pl Repository at github.com/cmlh/dicsub output_plugin curl and/or wget (i.e. replay web intercepting proxy) Google Translate (Speak English or Die) tcpinputtext.org 20
    21. 21. QuestionsLatest Slides Available From:http://slideshare.net/cmlh/tithttps://github.com/cmlh/titContact:christian.heinrich@cmlh.id.auhttp://cmlh.id.au/contact tcpinputtext.org 21
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×