Breaking

Sunday, 28 January 2018

SPARTA - Network Penetration Testing Kali Linux





SPARTA is a python GUI application that simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to their toolkit and by displaying all tool output in a convenient way. If less time is spent setting up commands and tools, more time can be spent focusing on analysing results.
Source: http://sparta.secforce.com/
SPARTA Homepage | Kali sparta Repo
  • Author: SECFORCE (Antonio Quina and Leonidas Stavliotis)
  • License: GPLv3 
Best thing of SPARTA GUI  Toolkit it scans detects the service running on the target port.
Also, it provides Bruteforce attack for scanned open ports and services as a part of enumeration phase.


Installation

 git clone https://github.com/secforce/sparta.git


 Alternatively, download the latest zip file here.

cd /usr/share/
git clone https://github.com/secforce/sparta.git

Place the "sparta" file in /usr/bin/ and make it executable.
Type 'sparta' in any terminal to launch the application.


When SPARTA is first launched, either via the Kali Applications menu or by running sparta at the command line, the main interface will open, presenting you with your workspace. Initially, the hosts pane will be empty so you can either import an Nmap scan results file or, as this example shows, click in the pane on the text “Click here to add host(s) to scope“.
After clicking “Add to scope“, the Nmap scan will begin and we are presented with a progress indicator in the Log pane.

The default Nmap scan is quite thorough and will take some time to complete. Once SPARTA has some hosts and ports to work with, it proceeds to run additional tools against the discovered services such as nikto, smbenum, snmpcheck, and more.

Open Ports & Services:

  • Nmap results will provide target open ports and services.



  • Above figure shows that target operating system, Open ports and services are discovered as scan results.

Brute Force Attack on Open ports:

  • Let us Brute force Server Message Block (SMB) via port 445 to enumerate the list of users and their valid passwords.

  • Right-click and Select option Send to Brute.Also, select discovered Open ports and service on target.
  • Browse and add dictionary files for Username and password fields.

 Click Run to start the Brute force attack on the target.Above Figure shows Brute force attack is successfully completed on the target IP and the valid password is Found!

Points to remember 
  • Always think failed login attempts will be logged as Event logs in Windows.
  • Password changing policy should be 15 to 30 days will be a good practice.
  • Always recommended to use a strong password as per policy.Password lockout policy is a good one to stop brute force attacks (After 5 failure attempts account will be locked)
  •  The integration of business-critical asset to SIEM( security incident & Event Management) will detect these kinds of attacks as soon as possible.
 

No comments:

Post a Comment