Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Pages: 12Next
Current Page: 1 of 2
Fierce 1.0
Posted by: rsnake
Date: March 15, 2007 11:15AM

Okay, I've been toying with this idea for a while now - what will the next version of fierce look like. There are two things I didn't like about it in it's first incarnation. 1) it was command line. That made it error prone because you had to remember which switches did what. I wrote it and it was still confusing, even to me. 2) it isn't multi-threaded. Multi-threaded perl requires another module, and it's kinda kludgy.

So this is the next concept for fierce (this doesn't do anything yet, it's just the shell I've thrown together to give people an idea of what I want it to be). It's written in VC++



- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: WhiteAcid
Date: March 15, 2007 12:28PM

Looks good. Try to make it cross platform though.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Options: ReplyQuote
Re: Fierce 1.0
Posted by: thrill
Date: March 15, 2007 01:02PM

Heh.. nice fierce dog you got there.. almost as fierce as these:



--thrill

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Jib
Date: March 15, 2007 03:07PM

Windows.... boo!!! Def. like the GUI and multithread idea though.

[No sooner does man discover intelligence than he tries to involve it in his own stupidity.]
[Jaques Cousteau]

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 15, 2007 03:55PM

TBH, aside from the multithreaded bit, the perl version is pretty close to perfect. I SSH into my laptop to use it. But, this is good for us lazy types.

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: kuza55
Date: March 15, 2007 04:06PM

I'm personally not a big fan of GUI tools for scanning. If I know a scan is probably going to take a while, I can just redirect the output to a file, and make another script execute when its finished to do additional tasks with the results, whereas you have to be at the computer to do the same with a GUI. I'm sure the same could be achieved by setting it up so that you could save the results to a file, and then run a script, but I think it would be better to be able to use it on the command line.

Would it be out of the question to have something like nmap does where they have the standard CLI binary, but then have a GUI front end which uses the CLI library to do everything?

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 15, 2007 10:35PM

I have to admit, I'm not in love with the Windows idea myself, but I want to make it a lot more accessible. It's already usable on windows through cygwin (I use it already) but I have a feeling keeping it in PERL is reducing it's usefulness to the vast majority of people who would want something like this. Granted, the people who already know how to use cygwin to run PERL scripts are not going to care one way or another if it's a GUI or not.

Multi-threading in PERL is a huge pain (doable for me but a pain for anyone else wanting to use the program), I've looked into it, and it's just not very portable. Also, after looking into both VC++ and VC# I think I'm going to change over to VC# as VC++ looks like it's sorta on the way out and loosing momentum in the user community (this is after two days of programming in it). It's tough to find good documentation on it (MSDN is really not super helpful). I would have done it in Visual Basic but then I'd have to code in Visual Basic. Soo.... I guess my options are create a Perl-TK version which still no one will be able to use or VC#. It looks like VC# is the way to go.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 16, 2007 12:26AM

I've been poking around VC# for some time now.
Great community. That new tutorial site that came out on the first is rather good.

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 16, 2007 09:43AM

Which site is that?

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 16, 2007 10:43AM

It's the first news item in VSE-C#.

http://msdn.microsoft.com/vstudio/express/beginner/

Then you'll probably want to click Development Track under Windows Development.

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: hackathology
Date: March 16, 2007 10:53AM

looks good to me...to me, it doesnt matter its gui or cmd line. As long as it does the job, its still a tool.

http://hackathology.blogspot.com

Options: ReplyQuote
Re: Fierce 1.0
Date: March 16, 2007 05:02PM

you know you don't need to use cygwin to run perl scripts on windows: http://www.activestate.com/Products/ActivePerl/

if you do end up using C and/or the win32 api, though, I might be able to help some (although I'm not going to guarantee anything ;-)



Edited 2 time(s). Last edit at 03/16/2007 05:02PM by SirNotAppearingOnThisForum.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 16, 2007 05:15PM

I've actually had worse luck with ActivePerl than cygwin... plus, I've gotten really used to having cygwin for all the other things it allows me to do. It's just sexier.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: SW
Date: March 17, 2007 01:55AM

C#? Not my favorite. I hate having to have that .NET shit installed to run programs. :-p

VC++ is going to be replaced by VC#? Doubt it. Can't you decompile C# and view all the coding? lol. Once again, not my favorite little development by Microsoft.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: kogir
Date: March 17, 2007 02:24AM

I'll second SW on the C++ not going away thing. I use C# (almost) every day and although it's great most of the time, it's not infrequently I have to make a C++ dll to use libraries or system functions not yet exposed by the .NET framework. And yes, I know you can call native code from C#, but if you're using more than a few functions all the marshaling isn't worth it.

Conveniently, with few exceptions, C# code can run under mono on *nix.

MSDN the website is awful, but if you've the installed application and familiarized yourself with the Microsoft naming conventions the index is invaluable.

Any reason Java was ruled out?

-kogir

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 17, 2007 04:17AM

Java is satan.

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 17, 2007 11:45AM

Second on the Java is satan sentiment. Okay, maybe VC++ is a better choice after all... that's what I've written it in so far anyway so it's not tough to switch back. I just can't find good reference material on writing VC++ apps that need to deal with networking other than HTTP. I found one obscure DLL on writing DNS applications but the documentation on it is non-existent. Any thoughts?

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: SW
Date: March 17, 2007 02:49PM

I don't know anything about VC++ yet so I can't help ya. :-(

Isn't it the same a non-visual C++ with API calls and stuff? :-\

http://www.codeguru.com/forum/index.php? Is good if you have specific questions.

Options: ReplyQuote
Re: Fierce 1.0
Date: March 17, 2007 04:27PM

I find this to be quite useful: http://tangentsoft.net/wskfaq/

don't know a whole lot about perl, but after taking a quick look at your existing code, I wonder if the function gethostbyname might be what you're after.

edit2: darn bbcode



Edited 2 time(s). Last edit at 03/17/2007 04:43PM by SirNotAppearingOnThisForum.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: kogir
Date: March 18, 2007 09:12PM

RSnake, I wasn't saying you should use C++, I was just saying it's not going away. In fact, if you do it in C# chances are very good that it will run under mono on *nix as well as on windows so more people could use it.

I agree that Java is satan ;)

So, if you stick with C++, I present Winsock2: http://msdn2.microsoft.com/en-us/library/ms738545.aspx If all you need is HTTP, then WinHTTP makes things (a little) easier: http://msdn2.microsoft.com/en-us/library/aa384273.aspx

If you like MFC (C++ library), there's the CSocket class: http://msdn2.microsoft.com/en-us/library/system.net.sockets(VS.80).aspx or if you want async IO, CAsyncSocket: http://msdn2.microsoft.com/en-us/library/3d46645f(VS.80).aspx

If you use Winsock or MFC you'll want to grab the Platform SDK (comes with docs!): http://www.microsoft.com/downloads/details.aspx?FamilyId=0BAF2B35-C656-4969-ACE8-E4C0C0716ADB&displaylang=en

Otherwise, in C#, you're looking for the System.Net namespace: http://msdn2.microsoft.com/en-us/library/system.net.aspx
More specifically, System.Net.Sockets: http://msdn2.microsoft.com/en-us/library/system.net.sockets(VS.80).aspx and System.Net.WebRequest: http://msdn2.microsoft.com/en-us/library/system.net.webrequest(VS.80).aspx

Either way, looking that crap up on MSDN online made me even more aware of how crappy the online docs are. Save yourself some pain and install the MSDN library. It's an install option when using the express editions.

I'm not sure how perl exposes sockets so I don't know which method would be most familiar for you. If you have any questions I might be able to help with, let me know.

-kogir

Options: ReplyQuote
Re: Fierce 1.0
Posted by: SW
Date: March 18, 2007 09:14PM

That MSDN link for winsock2 sucks. The only working client example uses C and isn't very helpful anyways.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 18, 2007 09:25PM

kogir, for now I'm putting the visual version on hold. I know it's possible, but after getting part of it working I realized how ridiculously complex it is to do some very trivial things. I actually went so far as to try it in three different languages (VC++, C# and VBasic) none of which could do the things I wanted to do (like send DNS requests at a specific DNS server) without additional windows libraries. The winsock nightmare and the fact that all the code I could find on the topic was out of date, requiring upgrades and additional installs... forget it! I was never the best visual programmer and I even got the System.Net.DNS portions working, but after that experience I know I need help. I guess I don't get why it's so complicated to send packets.

If someone wants to use fierce in the mean time they can use cygwin.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Fierce 1.0
Posted by: psifertex
Date: March 20, 2007 06:00PM

Another way to go about doing it (doesn't help with the threading issue though) is to leave the perl back-end and just whip up a simple GUI front-end. Heck, you could even package the cygwin libraries and binaries into an installer so folks that just want point-and-click and don't want to mess with cygwin can do it. That also makes it easier to not have to remember the perl command-line, but those of us on Mac and Linux can still run it easily (albeit without gui).

Options: ReplyQuote
Re: Fierce 1.0
Posted by: jungsonn
Date: March 20, 2007 06:35PM

Kyran Wrote:
-------------------------------------------------------
> Java is satan.


Ghehe I might want to meet him then ^^


@RSnake, looks cool dude. It's nice to have a GUI around it.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: nEUrOO
Date: March 21, 2007 12:29PM

@RSnale:
Did you try Qt? I guess there is a sockets wrapper... (And it's cross-platform)

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 21, 2007 12:46PM

nEUrOO Wrote:
-------------------------------------------------------
> @RSnale:
> Did you try Qt? I guess there is a sockets
> wrapper... (And it's cross-platform)

That's almost as bad as Java imo!
Look at KDE... :(

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: jungsonn
Date: March 21, 2007 04:49PM

Whooo.. I can't keep my eyes of that doggy! damn, that animal is really hostile, If he has rabies I woudn't be impressed actualy :)

Like:






Edited 1 time(s). Last edit at 03/21/2007 04:51PM by jungsonn.

Options: ReplyQuote
Re: Fierce 1.0
Posted by: nEUrOO
Date: March 21, 2007 05:49PM

@Kyran:
For me, there is a big gap between crap (Java) and "well, it's okay after all" (C++/Qt) ;)

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Re: Fierce 1.0
Posted by: Kyran
Date: March 21, 2007 06:01PM

Really? Crap software is crap software to me. :)

- Kyran

Options: ReplyQuote
Re: Fierce 1.0
Posted by: rsnake
Date: March 21, 2007 08:53PM

The client/server method might work, but then you still have to set up the server somewhere (or I have to let everyone use mine and that's a little excessive considering the amount of DNS queries it has to perform). I like the concept though - thinking outside of the box. No, I haven't played with QT. I can take a look at it.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Pages: 12Next
Current Page: 1 of 2


Sorry, only registered users may post in this forum.