So far gamestheory has been a project about possibilities of dealing with
both scan data and exploits in an arbitary way.
At present we're dealing with scans in a database of all the data that nmap retrieves from hosts and puts it into a format that is easily accessible.
The other type of data we have are the exploits themselves. These are also being stored in their own database with the accompanying data that is relevant to
each exploit. The service it attacks, the Nmap service version output it attacks, also in the database are contained the flags the exploit will use to atta
ck different operating systems, services and versions.
This data will make available the exploit in a useful manner within the scope of the project.
Bringing all of this together is the interface that will be the main console of the databases, data entry screen and useful interface to various
scanners, tools etc.
Within the console would be the following abilities.
1) a function that allows the user to manipulate the data in the databases.
1a) this would include the ability for the console to "talk" to the current servlet that is in place on the database computer and put a particular
network o
r scan type at the forefront of the scan jobs for users to do. This means for instance, I want to scan 203.26.137,
but I wish to do so anonymously. The cons
ole talks to the applet and asks it to put 203.26.137 at the top of the jobs queue.
This is then scanned by the next user of everscan who asks for a job
- in this way it makes the console user completely anonymous in regard to his need for information.
2) an ability to deal with some pre-defined external tools for penetration of systems - hydra comes to mind.
3) a statistical monitor that can give us numbers of systems, types of systems, countries and other data that we find relevant to the data.
4) an internal ability of the console to give access "invisibly" to systems that have been successfully exploited and taken over.
5) an ability to make available to the user a list of computers it currently has control of and an ability to send commands to all of the
computers in the n
etwork.
6) an ability to create ones' own scanlists or jobs that contain particular systems.
7) an ability for the user to be able to make a military style attack against the systems in any particular "scan" or "job".
Ultimately I would love for this all to be an X-Windows style of interface, wether gtk or something else wouldn't matter that much.
However curses would als
o be a reasonable way of doing it.
Now I would consider the above to be the minimal functionality of the interface.However something to think about would be also the following.
1) An ability for the user to chat with other users of the same data over mysql in an encrypted fashion.
2) An ability for users to share files with each other directly or indirectly in an encrypted fashion.
I have been thinking about this ever since I saw WASTE - interesting to note that there's still no real linux version available to date. I think for a trust
ed network of collaborating individuals this stuff is necesary. And to build it into the same interface gives them a pre-defined mindset with regard to the
files and chat that takes place instead of some of it falling into the inane drivel that one now finds around the internet when seeking like-minded individu
als to hack with.
Of course both Windows and Unix versions should be available.