Black Window - Pentest OS Berbasis Windows

Hey! Selamat tahun baru buat kalian semua disana, semoga di tahun 2019 ini apapun keinginan kalian di tahun sebelumnya yang belum terwujud, akan terwujud di tahun ini, amiin! Kembali lagi di kategori #bahassecurity yang mengulas tentang sistem keamanan dunia maya dan teknologi didalamnya. Kali ini saya ingin membahas tentang pentest os berbasis Windows, Black Window. Black Window adalah distribusi pentest os berbasis windows pertama dengan Linux yang sudah terintegrasi didalamnya. Black Window mendukung aplikasi windows dan aplikasi Linux (GUI dan terminal). Black Window juga mengimplementasikan banyak tool penetrasi yang ada di Cerberus Linux!

Lalu apa saja yang ada didalam Black Window ini? Tool yang disediakan kurang lebih ada:

Tools Preinstalled
Windows :

• Armitage
• Metasploit
• Fuzzbunch
• Dandensprits
• Ip hiders
• Wifi hacking
• Crackers
• Cypters and Binders
• Dork Scanners
• Dos+DDoser++Flooders
• Forensic Tools
• over  100 new KeyLoggers updated
• Misc. Web Tools
• over 50 new SQL Injection tools updated
• over 50 new Network Tools updated
• over 100 RAT’ s updated
• SMS & Email Bombers
• VPNs & Security
• Admin Page-Login Page Scanners
• Proxy Grabbers
• Resolvers
• Scripts & Source Codes
• Shells
• Vulnerable Scanners
• Worms, Malware, & Virus Makers
• Entire Elcomsoft

Linux:
Semua tool dari Cerberus os!
15 Cerberus Frameworks :

Metapackages

Exploits (to analyze):

• EARLYSHOVEL RedHat 7.0 – 7.1 Sendmail 8.11.x exploit
• EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86.
• ECHOWRECKER remote Samba 3.0.x Linux exploit.
• EASYBEE appears to be an MDaemon email server vulnerability
• EASYFUN EasyFun 2.2.0 Exploit for WDaemon / IIS MDaemon/WorldClient pre 9.5.6
• EASYPI is an IBM Lotus Notes exploit that gets detected as Stuxnet
• EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4 & 7.0.2
• EXPLODINGCAN is an IIS 6.0 exploit that creates a remote backdoor
• ETERNALROMANCE is a SMB1 exploit over TCP port 445 which targets XP, 2003, Vista, 7, Windows 8, 2008, 2008 R2, and gives SYSTEM privileges (MS17-010)
• EDUCATEDSCHOLAR is a SMB exploit (MS09-050)
• EMERALDTHREAD is a SMB exploit for Windows XP and Server 2003 (MS10-061)
• EMPHASISMINE is a remote IMAP exploit for IBM Lotus Domino 6.6.4 to 8.5.2
• ENGLISHMANSDENTIST sets Outlook Exchange WebAccess rules to trigger executable code on the client’s side to send an email to other users
• EPICHERO 0-day exploit (RCE) for Avaya Call Server
• ERRATICGOPHER is a SMBv1 exploit targeting Windows XP and Server 2003
• ETERNALSYNERGY is a SMBv3 remote code execution flaw for Windows 8 and Server 2012 SP0 (MS17-010)
• ETERNALBLUE is a SMBv2 exploit for Windows 7 SP1 (MS17-010)
• ETERNALCHAMPION is a SMBv1 exploit
• ESKIMOROLL is a Kerberos exploit targeting 2000, 2003, 2008 and 2008 R2 domain controllers
• ESTEEMAUDIT is an RDP exploit and backdoor for Windows Server 2003
• ECLIPSEDWING is an RCE exploit for the Server service in Windows Server 2008 and later (MS08-067)
• ETRE is an exploit for IMail 8.10 to 8.22
• ETCETERABLUE is an exploit for IMail 7.04 to 8.05
• FUZZBUNCH is an exploit framework, similar to MetaSploit
• ODDJOB is an implant builder and C&C server that can deliver exploits for Windows 2000 and later, also not detected by any AV vendors
• EXPIREDPAYCHECK IIS6 exploit
• EAGERLEVER NBT/SMB exploit for Windows NT4.0, 2000, XP SP1 & SP2, 2003 SP1 & Base Release
• EASYFUN WordClient / IIS6.0 exploit
• ESSAYKEYNOTE
• EVADEFRED

Utilities:

• PASSFREELY utility which “Bypasses authentication for Oracle servers”
• SMBTOUCH check if the target is vulnerable to samba exploits like ETERNALSYNERGY, ETERNALBLUE, ETERNALROMANCE
• ERRATICGOPHERTOUCH Check if the target is running some RPC
• IISTOUCH check if the running IIS version is vulnerable
• RPCOUTCH get info about windows via RPC
• DOPU used to connect to machines exploited by ETERNALCHAMPIONS
• NAMEDPIPETOUCH Utility to test for a predefined list of named pipes, mostly AV detection. User can add checks for custom named pipes.

Scripts Arsenal and Wine Arsenal:

• 3vilTwinAttacker
• 911ar
• a2sv
• adminfinder
• AdminPage
• ADSLPT-WPA
• wifi-breaker
• aircracktest
• airfree-wt
• airgeddon
• Airlin
• airmode
• Airodump_Scan_Visualizer
• airport-sniffer
• airssl
• airstorm
• Airvengers
• agryfuzzer
• anonsurf
• anon-manager
• anonymizer
• anon-surf-start
• anon-surf-stop
• apfucker
• apk-payload-generator
• apt2
• ARCANUS
• armitage
• asleap
• atscan
• autoDANE
• autohsgui
• automater
• AutoNessus
• autopixie
• auto-reaver
• autorelay
• avet
• backdoor-apk
• backdoorme
• backdoorppt
• BAF
• Base64ImageEncoder-Decoder
• BatchVirusGenerator
• Batch-Virus-Generator
• belkin4xx
• belkin-wpspin
• BinGoo
• BlackFilePumper
• BlindSqli
• BoopSuite
• Brutal
• BruteSploit
• brutespray
• BruteX
• BrutusV4.7
• BTIHTMLEncoder-Decoder
• BTIMultiSiteChecker
• BTIReverseIPDomainCheck
• bully
• cangibrina
• kerbnmap
• Cewl
• anon-change-identity
• CHAOS
• dll

Extra Tools:

DandenSpritz
FuzzBunch

More tools:

• acccheck
• ace-voip
• Amap
• Automater
• bing-ip2hosts
• braa
• CaseFile
• CDPSnarf
• cisco-torch
• Cookie Cadger
• copy-router-config
• DMitry
• dnmap
• dnsenum
• dnsmap
• DNSRecon
• dnstracer
• dnswalk
• DotDotPwn
• enum4linux
• enumIAX
• Xplico
• dll

Vulnerability Analysis

• BBQSQL
• BED
• cisco-auditing-tool
• cisco-global-exploiter
• cisco-ocs
• cisco-torch
• copy-router-config
• DBPwAudit
• Doona
• dll

Exploitation Tools

• Armitage
• Backdoor Factory
• BeEF
• exploitdb
• jboss-autopwn
• Linux Exploit Suggester
• Maltego Teeth
• Metasploit Framework
• dll

Wireless Attacks

• Aircrack-ng
• Asleap
• Bluelog
• BlueMaho
• Bluepot
• BlueRanger
• Bluesnarfer
• Bully
• coWPAtty
• dll

Forensics Tools

• Binwalk
• bulk-extractor
• Capstone
• chntpw
• Cuckoo
• dc3dd
• ddrescue
• DFF
• diStorm3
• Dumpzilla
• extundelete
• Foremost
• Galleta
• Guymager
• iPhone Backup Analyzer
• p0f
• pdf-parser
• dll

Sebenarnya masih banyak tool yang belum disebutkan, dan pastinya tool network/wifi scanner juga tersedia buat kamu yang suka nyolongin wifi tetangga. xD

Jika kamu ingin mencoba pengalaman menggunakan OS ini, kamu bisa mendownloadnya disini (official). Ukurannya lumayan, lumayan besar! Jadi siapkan extra storage.

Review singkat:

(+) Penggunaan yang simple, tampilan juga gak bikin sakit mata menurut gw. Tool2nya juga lumayan banyak ketimbang harus install Pentestbox saja. Ada tool yang tinggal klik saja, cocok buat kamu yang malas ngetik manual di terminal, dan ingin merasakan pengalaman baru dalam melakukan penetrasi test pada suatu sistem.

(-) Black Window itu, ibarat kamu install Pentestbox di Windows, tapi dengan tambahan tool pemanis buat kamu yang malas ngetik di terminal. Jika disuruh memilih, lebih baik menggunakan Backbox, Parrot, Kali Linux atau 'Dracos', untuk kamu yang memang ingin fokus dalam dunia security. Windows tetaplah windows, gak bisa jauh dari yang namanya virus, karena Black Window sendiri menggunakan Windows 10 sebagai OS default.

Cukup sekian pembahasan kali ini, semoga bermanfaat.

Sumber