Remote Access Session V0.7 Beta - By Angel Ramos <seamus@salix.org>
Remote Access Session is a security tool to analyze the integrity of systems. The program tries to gain access to a system using the most advanced tecniques of remote intrusion. It lets to work on normal mode (fast) and hard mode (more intensive).
There is a big difference between "Remote Access Session" and other remote security audit tools as "Nessus" or "Internet Scanner": If "Remote Access Session" find a remote vulnerability that gives user account or root, it will try to exploit it and it will return a shell. In my honest opinion, this is the only way to discard false positives of remote vulnerabilities, and the only way to know the real danger our machines can recieve.
"Remote Access Session" is not a hacker tool. It has been designed to system administrators and security engineers, because of that I haven't incorporate on it stealth tecniques of remote systems intrusions as SYN or FIN Scan, Proxy Scan, zappers or any other clean tool. This tool is very very noise, and very easy to detect for the remote machine audited. You only must run this application against your own machines or machines that you have the propietary's permission. On other cases, you will be breaking the law and you could be serious problems.
This is a beta version of "Remote Access Session". This version just has a few features (but useful to manual perimetral security audits):
-Advanced and Fast scanning capabilities. This tool doesn't
block againts a firewall and it's fast!!!.
-Total service's banner info added: Includes web server detection
version and named version, and the classical too (ftp, pop ...).
-Writes reports with info of the host analized to the hard disk.
-Remote OS detect feature (Thanks to savage for QueSO).
-If detects vulnerabilities, the tool chooses the right exploits
based on version, vendor and OS of the services that run on the
remote host and ask you on a interactive way if you want to run
these exploits in order to check the real danger
the remote host can recieve and discard false positives.
-The tool includes, for now, 69 remote exploits for various OS and
various services.
-It supports networks scan mode.
-It runs on Linux, BSDs and Solaris operating systems.
For install notes see the INSTALL file.
NOTE FOR SOLARIS USERS
You need to install the libpcap package and GNU make on your Solaris in order raccess compile!!
NOTE FOR BSDs USERS
You need to install GNU make in order to raccess compile!!
For generic install notes see the INSTALL file.
To run on default mode please type: raccess 'host_to_attack' After, just answer the questions the tool aks you. You can view the avalaible options typing: raccess If any exploit halts during the program execution press Ctrl-C to abort it and pass to the next exploit or phase of the program.
---
About network mode:
If you combine scan mode with network mode (-sn) the network scanning not will be interactive and raccess will save all the hosts reports of the network on the current directory.
If the scan mode is disabled the network scan will be interactive, with exploits launching and requires human intervention host by host. ---
Tested on Debian GNU/Linux, OpenBSD 2.9 and Solaris 2.7.
Dedicated to my girlfriend Silvia (ironcita), and great friends: Ivanhoe, ICEHOUSE and mousetrap. Daddy, this's for you!!!
Thanks to: savage (for QueSO).
Greets to all the Debian project people!
Please email me to <seamus@salix.org> for bugs and other main things (It's very important on this Beta stage), and to <seamus@debian.org> for Debian related stuff about the deb package.
---
Angel Ramos 2002