PenTBox v1.0.1 - Secure IM Client

by

In: Framework , Password Cracking , PenTBox , Vulnerability Scanner

10 November 2009

PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more.
Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more).

PNG - 13.4 kb

A new update for PenTBox, includes a new program, Secure IM Client. With this program, users can create a direct chat room between client and server and with a mode of encoding that makes it a little secure.

PoC: How Base64 encoding/decoding works in the communication.

  • Client and server encode/decode the traffic in a simple Base64 based mode.
  • Server makes a random number (4 – 8).
  • Server sends this number to client. The traffic will be encoded and reversed this number of times.
  • Traffic is encoded and reversed, encoded and reversed, encoded and reversed...In the other way, traffic is reversed and decoded, reversed and decoded, reversed and decoded.

Newness of the project

IANA has approved the petition to include 6817 TCP port of PenTBox Secure IM Protocol in the list.

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Framework
Password Cracking
PenTBox
Vulnerability Scanner