Sin 4.5, some important changes

Just a quick post today about some changes in Sin.

I changed the arguments handling now so that it’s handled in a more normal way.
The help output looks like this now, which will give you a pretty good idea:

cats@enma:~$ java -jar Sin.jar --plugin Slowloris --help

[+] Sin version 4.5 starting
[+] Loading help menu

--plugin <plugin> - Specify plugin
--help - Bring up this menu, specify --plugin to show plugin help menu as well
--test - Specify that the test for the specified plugin should be run
--list - List all plugins
--scan - Run all plugin tests against target host (You can specify --host and --port, else defaults will be used)
--version - Show the Sin version, specify --plugin to show plugin version as well

[+] Loading Slowloris help menu

--host <host> - Target host to attack, default localhost
--port <port> - Target host port, default 80
--connections <connections> - Connections to open per thread, default 2
--threads <threads> - Number of threads to open, default 500
--timeout <timeout> - Time in seconds to wait between data sending, default 60
--tor <tor> - Use tor or not 1/0, default 1
--torPassword <torPassword> - Password to your local Tor service, default ''
--torChange <torChange> - The time in seconds between Tor identity change, default 10
--verbose <verbose> - Be verbose and output more data 1/0, default 0

Example: java Sin.jar --plugin Slowloris --host "127.0.0.1" --port 80 --tor 1 

And as you can see, there’s been a few changes.
One of them being a new argument called “–scan”, which will run a function in all plugins called “testSilent” (which has been added to the SinPluginAPI today).
The output is very chatty at the moment, but I plan on changing that soon.
For now it looks like this:

cats@enma:~$ java -jar Sin.jar --scan --host blog.alcor.se

[+] Sin version 4.5 starting
[+] Starting scan (Some of the tests might take a long time, so go and do something else while you wait)
[+] Running test for Slowread
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Request sent, now we wait
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Request sent, reading 28 bytes of the response (3 times)
[+] This will take about 3 times the initial timeout, if it succeeds
[+] Host appears to be vulnerable to Slowread
[+] Running test for SinfulCookie
[+] Checking target for Vulnerability
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent
[-] Host is not vulnerable to SinfulCookie
[+] Running test for ApacheRangeHeader
[+] Checking target for Vulnerability
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent
[-] Host is not vulnerable to ApacheRangeHeader
[+] Running test for Slowloris
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent, sleeping 30 seconds
[-] Host is not vulnerable to Slowloris
[+] Running test for Slowpost
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent
[+] Connecting to blog.alcor.se on port 80
[+] Connected to blog.alcor.se/31.211.236.140:80
[+] Headers sent, sleeping 0 seconds
[+] Post data sent, will wait for timeout now
[-] Host is not vulnerable to Slowpost
[+] Scan finished

But the ideal output would be something like this

cats@enma:~$ java -jar Sin.jar --scan --host blog.alcor.se

[+] Sin version 4.5 starting
[+] Starting scan (Some of the tests might take a long time, so go and do something else while you wait)
[+] Host appears to be vulnerable to Slowread
[-] Host is not vulnerable to SinfulCookie
[-] Host is not vulnerable to ApacheRangeHeader
[-] Host is not vulnerable to Slowloris
[-] Host is not vulnerable to Slowpost
[+] Scan finished

Which is what I will do tonight, since all it takes is to add a “verbose” flag to the methods that the test and testSilent methods have in common, so that I can make the “silent” one a bit more … silent šŸ™‚

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.