PL - Nmap http://pierre.droids-corp.org/blog/html/ Mon SYN, tu l'aimes et tu l'acquittes en-us Fri, 12 Sep 2014 00:00:00 +0200 http://pierre.droids-corp.org/blog/html/2014/09/12/_active__network_recon_with_ivre.html http://pierre.droids-corp.org/blog/html/2014/09/12/_active__network_recon_with_ivre.html <![CDATA[(Active) network recon with IVRE]]> (Active) network recon with IVRE

Let’s see how to use IVRE to dig some Nmap scan results.

I’ll assume you have (successfully) installed Docker and followed the instructions in the IVRE documentation about Docker.

You should now have two running containers (ivredb and ivreweb) and one ready to run (ivreclient). The database has been initialized from the client (the --init commands in the documentation).

Read more...

]]>
Fri, 12 Sep 2014 00:00:00 +0200
http://pierre.droids-corp.org/blog/html/2015/02/24/scanning_internet_exposed_modbus_devices_for_fun___fun.html http://pierre.droids-corp.org/blog/html/2015/02/24/scanning_internet_exposed_modbus_devices_for_fun___fun.html <![CDATA[Scanning Internet-exposed Modbus devices for fun & fun]]> Scanning Internet-exposed Modbus devices for fun & fun

There is a French expression that says (translation is mine) “you don’t shoot at an ambulance”. Well, I do. Shooting at ambulances is fun. Plus it has a lot of advantages:

  • It’s less risky than shooting at a tank.
  • As my friend Renzo likes to say, ambulances are easy to spot in the jungle and they bear cross-shaped targets.
  • There are often other easy targets hanging around (casualties, doctors, etc.).

Anyway, here is a scan I have run against the whole IPv4 address space, looking for Internet-exposed Modbus services.

Read more...

]]>
Tue, 24 Feb 2015 00:00:00 +0100
http://pierre.droids-corp.org/blog/html/2016/10/25/ivre_screenshot_all_the_things.html http://pierre.droids-corp.org/blog/html/2016/10/25/ivre_screenshot_all_the_things.html <![CDATA[IVRE: screenshot all the things!]]> IVRE: screenshot all the things!
The title of this blog comes from a nice article from 2014 named Scan Internet and Screenshot all the things

Some people have been asking us how the screenshots published with the Internet-wide Modbus scan had been taken.

Truth is, there was nothing to be proud of, and nothing worth publishing. As an example, I used a PhantomJS script to screenshot a Web-based RDP client…

But there are some great news: four Nmap scripts are now integrated to IVRE to take screenshots, and handle four different protocols.

Read more...

]]>
Tue, 25 Oct 2016 00:00:00 +0200