Trustwave SpiderLabs Creates Scanning Tool to Find Information Quickly
Trustwave SpiderLabs is unveiling Scavenger, an open source scanning tool designed to drive efficiency during time-constrained pentesting and red teaming exercises.
Scavenger is a multi-threaded post-exploitation scanning tool that helps penetration testers pinpoint files and folders that may provide the most “interesting” or useful information.
After access to a Domain Administrative (DA) level access to the Windows Active Directory domain has been achieved, the tool can scan that and other remote systems via SMB and SSH services to:
- Make a list of the “latest” accessed/modified/created files and folders and keep these results in an ordered database
- Compare older versions of these lists to newly acquired ones to determine changes and identify new or most recently accessed and modified files
- Scan these filenames for words like “password” or “secret.”
- Seek out and scrape passwords and usernames to other systems or even different Windows domains
- Seek out card holder data
- Extract password hashes from the local SAM file or the Active Directory database (to be cracked later)
- Extract saved passwords from certain applications (e.g., Chrome, apps usually used by sysadmins, etc.).
The company’s future plans for the tool include the addition of services like NFS, FTP and database connections, more capabilities for retrieving passwords from remote Linux or Windows systems, more post-exploitation techniques on remote Windows and Linux systems, and the ability to handle SSH services running on a non-standard TCP port, with the user supplying the TCP port number of the services.
For more information about this news, visit www.trustwave.com.