I'm looking to compile a suite of AFS security assurance
("hacking") tools. Flames about putting such a thing together to
/dev/null, please. Phrack 55 showed that people are starting to pay
attention to AFS, and I have no interest in playing catchup to the
black-hats in this area, too.
I have:
* John the Ripper 1.6, which does an excellent job of AFS password hacking
"out of the box."
* A shell script to mount, check, and unmount each volume in a target
cell. It needs work; I'm probably going to expand the things it checks
for and rewrite it in perl so I can pretty up the reporting.
I want:
* A program to process sniffed traffic and try to break server encryption
keys.
A detailed AFS hacking package should probably include:
* Token-grabbing exploits, for once you've hacked root on a client
machine.
What I'd like from the AFS community at large is...
- Does anyone have AFS security tools that they'd be willing to contribute
to my cause?
- What else in the way of tools would people really like to see?
- Who else is interested in working with me, and perhaps others,
specifically on AFS security issues?
- Anyone looked at AFS DoS attacks? Just how vulnerable are the current
servers?
Jonathan Clemens
Corporate Information Security, Intel
(email me for PGP key)
