Hi, I have been using portableapps for a while now, and finally decided to register.
I am currently compiling a toolkit of pentesting apps - john the ripper, thchydra, a packet sniffer, aircrack are a few that are already portable.
--nmap--
nmap.org/
Now I need a port scanner - nmap is the obvious option as I am familiar with it and it is probably the best around. I am using version 3 with gui. I think that the problem with making nmap portable is winpcap. I'm not an expert, but youd probably have to include all winpcap files (mostly found in c://windows/system32) and include them in the nmap folder. Then you would have to tell nmap to search for winpcap in its own folder, instead of system32. Nmap includes no .ini file. It is open source
--nessus--
http://www.nessus.org/download/
nessus is a free but closed source vuln scanner. it can be downloaded at the above address, but there is quite a complicated activation process. Therefore this couldnt be an official portableapp. It would still be a useful addition for registered users.
--metasploit--
www.metasploit.com/
metasploit is a framework for writing exploit code and executing it. It is written in ruby, and bundled with the ruby interpreter. Most importantly, it is open source, and as far as I know it has no dependencies. This would probably be the easiest to make portable.
Unfortunately, I lack the knowledge to make these apps portable. I would be most grateful if someone could have a go, and would be willing to help them wherever I could.
xtr.eme
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Nessus uses a client/server model so I assume you only want the client side portablized then right?
If a portable version of Wireshark ever gets released, maybe it's use of WinPcap could be leveraged to make NMap portable. Until then, I don't think NMap will ever be portable (installing drivers = admin account access).
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
But why should the drivers be installed? Is it not possible to just get nmap to use them?
xtr.eme
The drivers that come with Windows don't support the kind of analysis that nmap or wireshark are designed to do. There are probably some features that would work with the standard drivers; perhaps we could list "features that work" and "features that don't work" if you use a restricted account on a machine that doesn't have the driver installed.
I think I've seen that there's a wireshark portable that runs on Windows that installs the driver if you have Admin privileges, then removes it again when you are finished (clean up).
Penetration testing, analyzing passwords for weakness, intrusion detection, and network scanning would be valuable things to have available on a thumbdrive, but are likely to be quite limited in usefulness on a limited account.
MC
The WinPcap drivers have to be installed for a program to use them and do low-level network packet capture. You just can't have the file sit on the hard drive, they need to be installed thereby letting the operating system use them.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
First of all, to make an app portable, you mainly need to make it not leave any registry entries, or any other files on the pc (except maybe cache). Most apps are like that. To test, you can use regshot. And second, I searched PortableFreewareand foundhref="http://portablefreeware.com/?id=270">this port scanner. It is tested to be portable (just install it, copy the files, then uninstall). For nessus, I do not know what a vuln scanner is (not in the dictionary). And metasploit, you can use regshot on it and see if it doesn't leave reg entries or anything of that matter. And never forget, a searching really helps people with time management.
P.S. Welcome to the forums
Insert original signature here with Greasemonkey Script.
"vuln scanner" = vulnerability scanner...a common network security tool.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
Which port scanner is "this"?
Neither of the two I found, SoftPerfect Network Scanner and HoverIP, appear have the functionality I require (for example OS detection or more importantly service detection (nmap -p).
I will investigate regshot
xtr.eme
Regshot just tells you whether a particular program leaves traces when you run it.
If you need to install special drivers to use your penetration or vulnerability testers, that would definitely leave a trail through the registry.
The port scanner I guess digitxp is talking about tell you what ports are being used on your own machine (and by what software), not what ports are open on other machines.
There's nothing like nmap for that. Just boot into your Backtrack CD and you can do all that stuff and more.
MC
Yes, excellent idea. The bootable Backtrack CD is Good Stuff and a great admin tool.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
There are in fact several port scanners like nmap; nmap is just the best
xtr.eme
I think I will probably absent myself from this discussion. The last time it came up it got a little heated. I've made my points in the past for those who choose to search for them.
Let me just say that I think we should make an exception to the rule for exploit tools.
I think the portable use of exploit tools should leave all kinds of traces behind.
In fact I'm not sure why someone would want to test for exploits on someone else's machine without their explicit permission.
The owner of the machine in question probably has a right to know that exploit tools were used on their machine. Perhaps a big red desktop icon saying this machine was tested with metasploit.
"Metasploit can be used by administrators to test the vulnerability of computer systems in order to protect them, or by Black Hat hackers and script kiddies to break into remote systems. Like many information security tools, Metasploit can be used for both legitimate and unauthorized activities."
nough said by me,
Tim
Things have got to get better, they can't get worse, or can they?
"Metasploit can be used by administrators to test the vulnerability of computer systems in order to protect them, or by Black Hat hackers and script kiddies to break into remote systems. Like many information security tools, Metasploit can be used for both legitimate and unauthorized activities."
And in the same way, Portable Metasploit could be used by System Admin or Black Hats. Metasploit is a highly respected penetration testing tool. Portable Firefox is probably used by Black Hats to facilitate breaking into another PC, but that is no reason not to release it.
The owner of the machine in question probably has a right to know that exploit tools were used on their machine. Perhaps a big red desktop icon saying this machine was tested with metasploit.
I am asked by friends to test their computer systems' security. However, they do not want their registry filled with junk.
xtr.eme
Your reply is acknowledged.
Things have got to get better, they can't get worse, or can they?
http://prdownloads.sourceforge.net/wireshark/WiresharkPortable-0.99.7.pa...
@Tim : It's not the tools, it's the mentality of the people using them .
..and trust me, the rotten ones will do it no-matter how much we pretend the software doesn't exist .
Yes, I am aware that there is a portable Wireshark, however it makes no attempt at including WinPcap other than starting the installer.
Maybe this will be a feature added in the future, although the general feeling seems to be that it is impossible to do on a limited account.
xtr.eme
There is portable WinPCAP:
http://www.cacetech.com/products/oem-winpcap.htm
Unfortunately it's commercial, but it works with nmap, wireshark, etc. I'm using all those tools as portable with CACE WinPcap without any problems. Just copy the CACE WinPCap dlls into the program directory (e.g. nmap directory).
My point isn't advising people to buy it, but that there is absolutely no reason why the free/open source WinPcap cannot be made portable.
http://rmccurdy.com/scripts/MetasploitPortable.exe
* current as of 5823 SVN REV !
* you must be local admin
* winpcap is required for SYN scans !
* run the Metasploit 3 GUI.bat
* open a console ( ctrol + o )
AUTOPWN EXAMPLE
load db_sqlite3
db_destory pentest
db_create pentest
db_nmap -vvv 192.168.1.101
db_autopwn -p -t -e
rmccurdy.com for updates !!!
basically took windows installer updated it and made it portable
ENJOY ! visit the root site for more portable apps including w3af !
Signature automatically removed for containing links