Bacon A Penetration and Auditing Framework Hernan Gips

Bacon A Penetration and Auditing Framework Hernan Gips gipsh@rubic. cc

Common problems… n. A lot of independent tools uses same input n Most tools are developed in c/c++ n Tools run in certain platforms n Tools need to be modified n Others…

Solution: Bacon A flexible and extendible Framework oriented to the security community.

Overview n Based on. NET Framework n Modular Architecture n Multi language support n Opensource n Multiplatform n Fully OO Design

What Bacon is not… n An automatic penetration tool n hack-in-a-minute tool n A static tool

Framework n Ability to load modules n Keeps session information n Provides entities to store specific information like: targets, ports, services, etc n Provides libraries for proxing, sniffing, etc.

Framework Bacon is multiplatform. Runs with: –. NET Framework – Mono – Any ECMA VM implementation

Architecture Console GUI Bacon Framework Data M O D U L E S

Internal Context The framework provides information entities oriented to security and networking. Network Generic. List Target. Collection Target Service. Collection Service

Internal Context n Each module has RW access to the context. n Internal implementation uses XML n Developer can use the entities or directly access via generic XPath queries.

Internal Context Target Context SMTP VRFY Dictionary Attack Session data… Mail Addresses Google Mails Finder Users POP 3 Brute force Attack

Modules n Each module is a DLL compiled in. NET n Framework loads modules using reflection. n Modules are multithreading n Each module runs on an different Application Domain

Modules: Reflection A developer may creates its own plugin in any language that generates. NET assembly.

Modules n Well known languages § C# § VB. NET § C++. NET n Not so well known § Iron. Python § Boo

Modules modules inherits from Bacon. Plugin abstract class n This class provides two methods: n Every – Start() – Stop() n Module has facilities to – Access the context – Log debug information

Modules Example module source code in C# [Plugin("Test", "plugin for testing purposes")] public class Test. Plugin : Bacon. Plugin { [Command("listdump", "command to test something")] …. …. [Command(“listusers", "command to test something")] … … }

Modules n Modules has commands defined on it n Each command has different parameters [Command("hack", "hacks something")] class Hack. Command : Bacon. Command { public override void Execute() { ……. } }

Modules n How loader works Test. Plugin : Bacon. Plugin MSIL Assembly Plugins Loader Plugins Manager

Modules C# VB Iron. Python MSIL Compilers (msc, monoc, etc) Bacon Common Language Runtime

Modules: Module chaining input: 192. 168. 0. 0/24 Network Scan ICMP TCP port scanner [connect()] Web directory finder Web file finder Targets Services Report Generator Dirs Files Dictionary XML

Remoting The Framework exposes its own interface like a remote service. This is useful to create distributed attacks.

Framework Interface n Integrated Command Line Console

Framework Interface n Uses Winforms n Each module may provide its own GUI

Framework Interface n You may create your own interface. (i. e. a web interface) n You may also create a common GUI generator for each module

Framework Services n Proxy. Lib Service n Sniff. Lib Service n Fuzz. Lib Service n Other

Framework: Proxy. Lib n Creates simple proxies n HTTP, Sockets, etc n Hook to events

State of Dev n Bacon got sponsored! n The framework architecture is mostly closed n We are working on creating new modules and a nice GUI.

Future n Module creation process Now n Opensource official release 3 Months n Community site release 1 Month

Conclusion n We want to create a standard framework for pentesting and auditing networks and applications. n We want the security community uses it and develops module for the framework

Any Questions?

The End. Hernan Gips gipsh@rubic. cc