Ear

478 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
478
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Ear

    1. 1. EAR(E)xtensible (A)pi for (R)econnaissance
    2. 2. What/Why/How• Automatable Reconnaissance• Similar Maltego• Very early stage• Rails 2.3.8
    3. 3. Pentesters care about• Organizations• Users• Domains• Devices (Hosts) / Services / Apps• Locations• etc...
    4. 4. USAGEo = Organization.create :name => “masshackers” o.tasks o.run_task(“dns_tld_brute”)
    5. 5. USAGEo = Organization.find_by_name(“masshackers”) o.children
    6. 6. USAGEo = Organization.find_by_name(“masshackers”) o.domains o.devices o.users
    7. 7. USAGEo = Organization.find_by_name(“masshackers”) o.run_task(“dns_tld_brute”) o.domains.each do |d| d.run_task(“dns_sub_brute”) end
    8. 8. Background Concepts• Database Schema / Objects• Active Record (Rails ORM)• Task Manager• Object Manager
    9. 9. Background Concepts• ORM makes it easy to interact w/ a view of the world.• Keep track of things you care about, but for free
    10. 10. Objects• Rails makes it simple to declare objects• Migration create_table "organizations" do |t| t.string "name" t.text "description" t.string "address" t.string "email_mask" end• Class Definition def Organization end
    11. 11. Object Manager• Maintains relationships between objects• Who created who? (Parent / Child)
    12. 12. Tasks• Methods to make sure they can operate on an object• Setup/Run/Cleanup• Create new objects!
    13. 13. Task Manager• Maintains a list of known tasks• Lets us check to see if we can operate on an object• Runs task methods in the right order (setup / run / cleanup)• Records task runs
    14. 14. Objects->Tasks• Each Task has a: • allowed_types • update_types • create_types• TaskManager checks these at task run time
    15. 15. Tasks -> Objects• Task has a create_object method • creates the object • uses the object manager to maintain parent child relationships
    16. 16. Interacting• Rails isn’t just a web framework• script/console is super-powerful• interact directly with models
    17. 17. demo!

    ×