home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
HPAVC
/
HPAVC CD-ROM.iso
/
EXPGEN~1.ZIP
/
manual.txt
< prev
Wrap
Text File
|
1998-02-03
|
8KB
|
234 lines
AGGRESSOR EXPLOIT GENERATOR v0.8axSR (BETA)
(c) Copyright by Korhan KAYA 1998,99. All rights reserved
READ DISCLAIMER ON THE STARTUP SCREEN BEFORE USING PROGRAM
** WHAT IS AGGRESSOR EXPLOIT GENERATOR ?
Aggressor exploit generator is a network testing program that can send
spoofed packets under windows by using its own ppp engine and direct
device access library. It can be used as custom packet builder.
You can create/modify any kind of ip packets on advanced mode and you
can send predefined attacks to test your network system on simple mode.
Also it has some useful tools like portscan.All linux type attacks can
be easyly implemented to windows by using this tool.
Exploit Generator is very simple form of 'The aggressor' , if you're
interested in networking vulnerability testing check 'the aggressor''s
specifications at http://members.xoom.com/aggressor
(url is invalid after 04/98)
** REGISTRATION
Aggressor exploit generator is FREE , if you have comments or suggestions
please mail to korhan_k@hotmail.com or visit official the aggressor site.
but registration of 'the aggressor' (Far more enhanced version of this
program) is available.
(Only AGEG 0.1 - 0.9 Versions is free)
** FEATURES OF EXPLOIT GENERATOR
- DIRECT DEVICE ACCESS
- BUILD IN PPP ENGINE
- PACKET BUILDER
- BUILD IN LAND ATTACK
- SPOOFED OOB ATTACK
- SMURF
- NESTEA
- BUILD IN BOINK ATTACK
- SMARTPORTS
- DEBUG MODE
** REQUIREMENTS
- Windows 95/98 (not yet tested for Windows NT , but should work)
- Modem
- Dialup connection
- Winsock 1.1
! Exploit generator is not supporting Ethernet Connections
** USING EXPLOIT GENERATOR
AGEG consists of 2 different modes : Advanced , Simple
Advanced mode is used to create custom packets and configuring AGEG.
Simple mode is used for sending predefined packets (like land) and for
using tools in AGEG (like portscan). it looks like control unit.
* FIELD DESCRIPTIONS
# Advanced Mode
- HOOK
Port to be hooked , aggressor direct device library uses this port value
to access modem . program tries to detect your modem port automaticly
but in some configurations detection may fail , in this case u must enter
your modems com port address manually (like 2f8,3f8...).
Note : if you dont know what is hardware port do not modify this field ,
improper values may make your system unstable or crashed.
- Device
Modem to be used
- Modem LEDS (CTS , DTR , RxD , TxD)
This leds indicates the leds on your modem ,if you have external modem
and you want to disable them set Modem CT to idle.
- MTU and RWINSize (Protected for now)
This parameters belongs to ppp engine,and should not be altered
- HWR WState
This is a DDH parameter , change it if you have problems with direct
modem accessing (Min 3 max 30) , values over 20 makes Direct Device
extremly slow.
- Modem CT (Modem Control Thread)
You can change modem control routine thread here , values High or Higher
can slow down your system.
- IPHEADER and TCP/ICMP/IGMP/RAW packets
If you have tcp ip knowledge this fields and values should be familar.
Meanings of these fields is explained on tcp/ip books or resources
about tcp/ip (http://www.sockets.com/ , http://www.stardust.com/ )
Also you need advanced tcp/ip knowledge to use packet builder.
(Note : Checksums of packets are autocalculated)
Override IP Protocol :
By default AGEG modifies ip protocol value with selected protocol section
You can disable this feature by checking it.
# SIMPLE MODE
- DESTINATION IP : Destination IP Address
- SOURCE IP : ip to Spoof , This field is combo box , You can define
load and save the content of this combobox by pressing
the button "..." next to combobox.
- START,STOP PORT : Range of ports to be processed
- SRC PORT : port of sender
- GET IP FROM CLIPBOARD
if checked EG will get ip from clipboard . When you copy something to
Clipboard it'll verify the text on clipboard analyses it and gets it
if it looks like ip address. places ip addr in destination ip
- SMARTPORTS
This feature is portlist, AGEG uses this listing on every process
instead of port range (like counting from 1 to 100 [Start,Stop ports])
example 1 :
[WSA] Starting Port scan on [127.0.0.1]
[WSA] Scanning port : 1029
[WSA] Scanning port : 113
[WSA] Scanning port : 139
[WSA] Scanning port : 21
[WSA] Scanning port : 23
[WSA] Scanning port : 80
[WSA] PortScanning on 127.0.0.1 is finished.
example 2 :
[AGSocket] Host [127.0.0.3] (on Port [1029]) landed
[AGSocket] Host [127.0.0.3] (on Port [113]) landed
[AGSocket] Host [127.0.0.3] (on Port [139]) landed
[AGSocket] Host [127.0.0.3] (on Port [21]) landed
[AGSocket] Host [127.0.0.3] (on Port [23]) landed
[AGSocket] Host [127.0.0.3] (on Port [80]) landed
In example 1 port scan is scanning defined ports instead of scanning
a range defined by Start,Stop ports (same as example 2) , if you
disable this feature port range will be valid.
example :
[AGSocket] Host [127.0.0.3] (on Port [139]) landed
[AGSocket] Host [127.0.0.3] (on Port [140]) landed
[AGSocket] Host [127.0.0.3] (on Port [141]) landed
[AGSocket] Host [127.0.0.3] (on Port [142]) landed
you can modify smartports by pressing '...' button next to this field.
- SHOW COUNT
if checked,ageg will show the current number of packet that being sent
- VERBOSE MODE
Will show extra detail like checksums on status window.
** KNOWN BUGS
'Windows/AGEG Packet Collusion' bug (RARE)
Modem ComAddr detection ineffiency (?)
Not tested under Windows NT
all will be fixed in 0.7 except NT tests.
VERSIONS
v0.1 Official Release (Beta1)
v0.2 Land TCP Checksum bug fixed + added more options + functions
v0.4 PortScan added + Mutli Port Processing added + Smart Ports added /
Stop Process added / new control points added to pppengine ,
more stable
v0.5 spoof HostList (load/save) Added , Spoofing OOB Added (?)
v0.6 Fixed 'Unable to find comm' bug / Added DDH Thread config
more stable
v0.666 Portscan timeout bug fixed / Boink Added (Warning : Not tested yet)
Frame buffer bug fixed/Boink is not tested because i have no
internet connection at home , but it seems ok
v0.69 Boink unable to fragment bug fixed / get ip from ClipBoard added
more stable
easter egg added / Improved ppp engine (2.5) (ppp_trans)
v0.692 Fixed Thread hook crash / PPPEngine improved Transarency
IP Limits removed.
v0.7 Windows 98 Tests , Improved GUI, Some internal corrections ,
new PPPEngine.
v0.78a Lots of bug fixes , more configuration options
Added Suffer Attack
(SYN Attack with random ip , random protocol and random ports
with random sequence, Now works ExpGen under NT , Added random
src ip option , fixed initalization faliure , more stable
v0.78c Fixed Boink Dirty stack bug
0.8axSR Smurf , Nestea , Improved Anonymous PortScanner ,
'Indexoutofbounds' bug fixed, New Options (Spoof Filtering
ISP, Spoofing Options) , More Stable