#MATRIUX LEANDROS:Open Source Linux

Penetration Testing and Forensic Distribution

“Aut viam Invenium Aut Faciam”

Prajwal Panchmahalkar, C|EHLead Develop, Matriux@pr4jwal, http://www.matriux.com/#BSidesLV 2013Mentored by Josh : @savant42

#whois?Prajwal Panchmahalkar • L30• Security Researcher• Lead Developer, Matriux• Blogger• Recent Grad, MSCS, Texas Tech University• Web Developer – to feed myself..!!

• Email: prajwal@matriux.com• Twitter: @pr4jwal• Website: http://www.matriux.com/

“Aut viam Invenium Aut Faciam”

“Aut viam Invenium Aut Faciam”

#Statutory warning

“Aut viam Invenium Aut Faciam”

#why?#Matriux• The most commonly asked question:

• Why another distro … while there are many others?• While there are many other desktop variants isn’t there

space for one more security distro?• Just follow the spirit of Linux…!

• The best way to learn Linux – make ONE.• Wanted to build one overcoming the existing systems• Have one that complied with out needs initially.

“Aut viam Invenium Aut Faciam”

#why?#Matriux• The most commonly asked question:

• Why another distro … while there are many others?• While there are many other desktop variants isn’t there

space for one more security distro?• Just follow the spirit of Linux…!

• The best way to learn Linux – make ONE.• Wanted to build one overcoming the existing systems• Have one that complied with out needs initially.

“Aut viam Invenium Aut Faciam”

#challenges faced?#Base Platform:• Ubuntu??• Slax??• Fedora??• Debian??• ……??#Expertize:• Lacked initial knowledge on how to start#Collaboration#Infrastructure#Legal Consultancy / advisory services#And definitely “Financial”..!

“Aut viam Invenium Aut Faciam”

#Matriux?#initial releases:• Matriux alpha (slax) – early 2008• Matriux Lithium (Ubuntu KDE) – 2009/11• Matriux Xenon (Ubuntu Gnome) – 2010/11• Matriux Krypton (Debian) – 2011/08• Matriux Krypton v1.2 (Debian) – 2012/02• Matriux Ec-Centric (Debian) – 2012/08

“Aut viam Invenium Aut Faciam”

#who should use?• Penetration Testers• Digital Forensic Investigators• Auditors • System and Network Administrators• Exploit Developers• Security enthusiasts• Casual Linux users??

“Aut viam Invenium Aut Faciam”

#features?• 330+ open source penetration testing, forensic and security

tools• Custom Kernel 3.9.4• Very own custom installation tool – MID (Matriux Installation

Disk)• Latest tools – until last updated (2013.07.30)• Smart phone penetration testing applications.• Forensics not neglected – given equal importance. • Build update tool – MUT (Matriux update tool)• Applications from team Matriux• USB persistent• New section in arsenal - PCI-DSS

“Aut viam Invenium Aut Faciam”

#matriux• Security tools logically organized based on work-flow into

#Arsenal :• Reconnaissance• Scanning• Gain Access• Frameworks• Wireless• Forensics• PCI- DSS• Debuggers• Tracers• Misc• Services

“Aut viam Invenium Aut Faciam”

#matriux• #Reconnaissance :• DNS• HTTrack• Dradis Framework• etherape• Magic Tree• quickrecon• peepdf• tcptracers• wireshark

“Aut viam Invenium Aut Faciam”

#matriux• #Scanning:• CISCO• Batman tools• Web Scanners• Angry IP scan• ettercap• gggooglescan• metagoofil• Blind eliphant• Nikto• XSS tools• Vega• p0f• t50

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• Passwords:

• Brutessh• Crunch• Ophcrack• John• Sucrack• Gcrack• Etemenanki• Vncpwdump• Iisbruteforecer• Medusa• rarcrack

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• Passwords:

• Brutessh• Crunch• Ophcrack• John• Sucrack• Gcrack• Etemenanki• Vncpwdump• Iisbruteforecer• Medusa• rarcrack

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• SQL:

• Bing-sqli-scanner• bsqlbf• minimysqlat0r• SQLBrute• sqlmap• sqlninja• sqlsus

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• SQL:

• Bing-sqli-scanner• bsqlbf• minimysqlat0r• SQLBrute• sqlmap• sqlninja• sqlsus

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• THC - IPv6:

“Aut viam Invenium Aut Faciam”

#matriux• #Gain Access:• THC - IPv6:

“Aut viam Invenium Aut Faciam”

#matriux• #Frameworks:• Inguma• Metasploit• Social Engineering Toolkit• w3af• BEef• GrendelScan• OWASP Mantra• Skipfish• Web Scarab• yersinia• Subterfuge• BurpSuite• maltego

“Aut viam Invenium Aut Faciam”

#matriux• #Wireless:• Bluetooth• Kismet• Reaver• VOIP

• SIP

• Aircrack-ng Suite• Fern wifi cracker• Gerix wifi cracker• GrimWEPA• WepBuster• WEPlab• pyrit• Wifi radar

“Aut viam Invenium Aut Faciam”

#matriux• #Forensics:• Acquisition• Analysis• Meta extractors• Dhash• dcfldd• fmem• memdump• Mobius forensic toolkit• pyflag• warrick• LIME

“Aut viam Invenium Aut Faciam”

#matriux• #Forensics:• Acquisition:

• A.I.R.• Galleta• Guymager• Steghide• Volatilitux• Volatility

“Aut viam Invenium Aut Faciam”

#matriux• #Forensics:• Analysis:

• androguard• apkviewer• Autopsy sleuthkit• foremost• Forensic data identifier• Gparted• Iphone Analyzer• Jbrofuzz• Vinetto• Pasco• Scalpel

“Aut viam Invenium Aut Faciam”

#matriux• #Forensics:• Metaextractors:

• pdftools• Flash tools• Text extractors• Image extractors• Meta info extractors

“Aut viam Invenium Aut Faciam”

#matriux• #PCI-DSS:• Babel• Ccsrch• Code janitor• Dep-checker• Eramba• Fossbarcode• Fossology• Ftimes• Open SCAP• Panbuster• SeNF• Spider Helix• Verinice

“Aut viam Invenium Aut Faciam”

#matriux• #Debuggers:• Boomerang• Crash• Ddd• Dissy• E2dbg• Electronic fence (efence)• Gdb• Hexedit• Javascript lint• Netifera• valgrind

“Aut viam Invenium Aut Faciam”

#matriux• #Tracers:• Etrace• Leak-tracer• Ltrace• Pstack• Strace• xtrace

“Aut viam Invenium Aut Faciam”

#what you do now?• Download Matriux.• Install it.• Play with it. • Have fun (you can help us improve it.)• Get back to us at:• info@matriux.com• @matriuxtig3r

“Aut viam Invenium Aut Faciam”

#what we from do now?• Public release - in couple of weeks. • Package repository – in a couple of weeks. • MSTF – Matriux Security Testing Framework. (WIP)• DVM – Damn Vulnerable Matriux. (WIP)

“Aut viam Invenium Aut Faciam”

#Thanks for sitting through this !!

Prajwal Panchmahalkar • Email: prajwal@matriux.com• Twitter: @pr4jwal• Website: http://www.matriux.com/• irc: freenode.net/ #matriux

“Aut viam Invenium Aut Faciam”

Thanks to Josh: @savant42 for helping me!

Many thanks to Manu Zacharia, Gokul C Gopinath and Mikael Schoentgen for helping me through this build