www.storm.net.nz
www.storm.net.nz |
|
| [ / ] [ Metlstorm ] [ Projects ] [ ice.storm.net.nz ] [ \m/ ] |
| Projects | |||||
| [ Security: SSH 'Jack Hai2IVR MAFL-Load Firewire, DMA & Windows Asterisk Remote Root Metl-o-UnNetCrypt ] [ Wireless: Metl Kismet GPS Plotter - Google Earth Edition Metl War Tri Pod Metl Kismet Client Metlstorms Kismet GPS Plott0r Metl Helix Wireless Grapher Metl Network Recon Visualizer ] [ Home: Rotoseat Noise Weblstorm Viewtron CharGrill ] [ Abandonware: Obscured By Clouds ] | |||||
|
|
|||||
| MAFL-Load | |||||
|
During both my 2k5 and 2k7 ssh-jack presentations, I used mafl-load to execute ssh-jack. People have been asking about it, so, here it is. MAFL-Load, the "Metlstorm Antiforensic Loader"-Loader (note clever use of redundant acronym) is a tool for running a local python script on a remote system without ever having that python script touch disk, for the purpose of failing to leave things for forensics dudes to find. It's pretty simple - it just fires up a remote python interpreter, shovels the bytecode across into a variable, and execs it. Not real challenging stuff, but handy. The easiest way to use it is with screen - screen's exec command (Ctrl-A-:) (that's control-a-colon, not a smiley) lets you run a command, and then connect that command's IO to, amongst other things, the remote process. It's a handy way to connect local and remote processes. So, try the following: Ctrl-A: !!!! mafl-load ssh-jack2 -rAnd off you go. |
Last Update: | 2007-11-22 10:23:51 | |||
| State: | Finished | ||||
| Distribution: | Public | ||||
| Tags: |
Security |
||||
| Images: | |||||
| Releases: | |||||
|
mafl-load (2kB) Ver: 1.1
As demoed at Kiwicon2k7 |
|||||
|
|
|||||