Re: nbns spoofer

To:	"Nicolas RUFF" <nicolas.ruff@gmail.com>
Subject:	Re: nbns spoofer
From:	"Robin Wood" <dninja@gmail.com>
Date:	Mon, 12 Mar 2007 10:15:41 +0000
Cc:	pen-test@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ndJgEWNsLIk65U2X1ylp4GoLAm1CHdA0Nh4pLM+0ruZcNgs346o93kIO3Vh8KaY1fZeWZYaDXCbp1ITpyda56JK8X419jNrL328cH/RJzU2kge/geX14zexW2/JkZGGaDDoBWYBsxaZzlAcYT2z3OC+Jsa0fb95QJ2VhHVNrv7M=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=oRMYgTF2HDiSnPotrWFf5wjk8WDMFmkQqlxIYvpZP+u4B+bbwNDEhnnRrzo06yTAagAWSyP5lHNnmEvVZP9illGmpx1ksQI/SCzS2CVjdOw9mm/qxJfP0uD6LKODm4x/xVrrV7xL6kQ0XFn04WMnKIrOsm428RMX0aXka10LLFg=
In-reply-to:	<45F3D591.5080209@gmail.com>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<2cf3b3170702270116r3b30c6c8w8467e79bc8fd0887@mail.gmail.com> <45F3D591.5080209@gmail.com>
Resent-date:	Tue, 13 Mar 2007 17:32:07 -0700 (MST)
Resent-from:	pen-test-return-1078483763@securityfocus.com
Resent-message-id:	<20070314003207.766FF24609A@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Hi
Thanks for that. The tool currently only responds to the netbios name
it is told to so I'm going to give it a bit of the karma treatment and
get it to respond to any names. After that it should do what I'm after
nicely.

Robin

On 3/11/07, Nicolas RUFF <nicolas.ruff@gmail.com> wrote:

> Can anyone recommend a NBNS spoofer?

I see at least 2 easy ways to send fake NBNS datagrams.

- Use FakeNetBIOS tools from Honeynet Project.
http://honeynet.rstack.org/tools.php

- Capture a valid datagram in a PCAP file and use Scapy to modify &
replay it (hint: use rdpcap() to read the pcap file).

Regards,
- Nicolas RUFF


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: nbns spoofer, Nicolas RUFF Re: nbns spoofer, Robin Wood <= Re: nbns spoofer, AdamT Re: nbns spoofer, Robin Wood Message not available Re: nbns spoofer, Robin Wood Re: nbns spoofer, jmk Re: nbns spoofer, Robin Wood Re: nbns spoofer, Nikolaj

Previous by Date:	RE: TCP stack smashing, MARTIN Benoni
Next by Date:	RE: Blue Team ROE, Angelacci, Anna M CTR SPAWAR, J616
Previous by Thread:	Re: nbns spoofer, Nicolas RUFF
Next by Thread:	Re: nbns spoofer, AdamT
Indexes:	[Date] [Thread] [Top] [All Lists]