TAG | Loki
There has been, again, some development within the loki domain. Today I’m going to write about the latest module added to the suite, a module for decoding and cracking Cisco’s TACACS+.
Within the last months I had some time to work on my code and today I’m releasing some of that: a new version of dizzy as well as two new loki modules.
Today is a great day, its the day, Loki finally runs on all big operating systems. Im proud to announce the first Loki release for Windows!
There are a few things not working (yet / at all) under Windows. Those are:
- The WLCCP Module – ive not yet managed to build and link against asleap on windows [but time may help (-; ]
- TCP-MD5 Auth for BGP – This will never work, as Windows has no TCP-MD5 impl. in the kernel
- The MPLS Module – Had some hassle here with WinPcap, may be working in the future
The most testing so far was done on Windows 7 were all the other functions work as they do on Linux and Mac.
Download the installer here [1ebf2edbb0cdb631dc2704e82d9c2d778fac703d].
Today I’m going to open up the ‘Week of releases’, which means there will be some new software in the next days.
Lets start with a new version of loki. The version goes up to 0.2.7 and there are a lot of new features:
- SCTP support in the base.
- Invalid option and invalid header scan in the ICMP6 module.
- On-line msg updates for neighbor messages in the RIP module.
- New module for rewriting 802.1Q labels
- Lots of small improvements and bug-fixes
- Some new features I won’t tell right now, get the source and find them yourself 😉
Also there are new packages for gentoo, ubuntu-11.04 and fedora-15, also its the first time, packages for amd64 systems are available.
- Package for gentoo – c29a6cca7a1f7394a473d4b50a1766e9f13fd5a5
- Manifest – 9338ebcc6a3cb58478671f00cac3114efe5df337
- Package for ubuntu 11.04 i386 – bf9fa05aa20677ac209126b78c3829940daaa8ee
- pylibpcap – e30c9c8ab1a8e1ee3ddedd05475767dc9f85b526
- Package for ubuntu 11.04 amd64 – 50f5c784f039a15613affd52e304e61fd2a16a58
- pylibpcap – 9457644ef52fd6bfdb0da8790eee759cc4f76c8b
- Package for fedora 15 i686 – 06398d9c8ca5fd0d80b0da65756b01bfe07652b4
- Package for fedora 15 amd64 – 06c1fca3f8390cbe00e8e5c427327379c30222d6
Everybody who is interested in our newest tool ‘Loki’ is welcomed to head over to ERNW’s tool section and download it. Take this monster for a spin and let us know in the comments how you like it. Loki’s coding father Daniel is more than happy to answer your questions and criticism.
You don’t even know what Loki is?
In short: An advanced security testing tool for layer 3 protocols.
In long: Have a read in the Blackhat2010 presentation slides and mark TROOPERS11 in your calendar to meet the guys behind the research and for sure get a live demo of the capabilities – development is still ongoing, so prepare yourself for even more supported protocols and attack types.
And again: Talking about TROOPERS11… we’ve already selected the first round of speakers. Details to be published soon 🙂
Have a great day!