Tuesday, September 11, 2007

SIPVicious tools in the works

Been working on more features with regards to svmap. Some of these features find themselves in svwar and svcrack as well in the next release version. So what features of interest?
  • Svmap is now session based. This allows us to have the following features:
    • You may stop a current scan, go have a coffee and resume it later.
    • If the power cuts, a natural disaster occurs or anything bad happens, you can resume your scan later because of the autosave feature, provided you survived the accident.
    • Results are now stored in BSD database form. Svreport.py comes in quite handy .. more on this below.
  • You can now pass various types of host ranges to svmap, depending on your (bad) taste and habits. Examples:
    • 1.1.1.1-20 1.1.2-4.1-10
    • 1.1.1.*
    • 1.1.1.1-1.1.2.20
    • sipvicious.org/22
    • 10.0.0.1/24
    • sipvicious.org
  • Random scans. Two kinds of random scans:
    • Internet random - you don't pass svmap any host/ip ranges. It scans the IPs randomly, avoiding those that belong to private networks or reserved address space
    • Random targeted scan. You pass a range of hosts/ips and they are scanned randomly instead of sequentially.
  • Output to an ASCII table when the scan is complete. If you need to see the results instantly, then the verbose option is your friend. Double verbose gives out a lot of debug information.
  • Lots of bug fixes, optimizations and cleaning up ;)
Earlier I mentioned svreport.py which is a new script that will be soon added to the suite. It will grab previous sessions from SIPVicious tools and export them to the following formats:
  • PDF - Portable Document Format
  • XML - Extensible Markup Language
  • CSV - Comma delimited files
  • Text - Human friendly format
That's all for now. If you're curious check out the svn repository. Otherwise version 0.2 is on the way.

No comments: