Omphalos: Difference between revisions

No edit summary
 
(6 intermediate revisions by the same user not shown)
Line 2: Line 2:
[[File:omphalos-2011-12-01.jpg|thumb|right|Three omphalos processes, 2011-12-01]]
[[File:omphalos-2011-12-01.jpg|thumb|right|Three omphalos processes, 2011-12-01]]


A tool for network enumeration, protection, observation and domination. Omphalos makes use of passive and active portscanning, DNS/DHCP/[[Zeroconf]] server interrogation, portknock detection, covert channel detection and establishment, ARP scanning, automatic WEP cracking, man-in-the-middling, and a whole host of other tricks. GPS integration? Oh yes. Coordination across multiple interfaces? Of course. Use of Linux's MMAP_RX_SOCKET and MMAP_TX_SOCKET? Wouldn't have it any other way. Userspace networking is made visible to the host via a [[TUN/TAP]] device. While designed as an offensive tool, omphalos has proven useful for network debugging and troubleshooting, as well as experimentation.
A tool for network enumeration, protection, observation and domination. Omphalos makes use of passive and active portscanning, DNS/DHCP/[[Zeroconf]] server interrogation, portknock detection, covert channel detection and establishment, ARP scanning, automatic WEP cracking, man-in-the-middling, and a whole host of other tricks. GPS integration? Oh yes. Coordination across multiple interfaces? Of course. Use of Linux's <tt>MMAP_RX_SOCKET</tt> and <tt>MMAP_TX_SOCKET</tt>? Wouldn't have it any other way. Userspace networking is made visible to the host via a [[TUN/TAP]] device. While designed as an offensive tool, omphalos has proven useful for network debugging and troubleshooting, as well as experimentation.


* '''The latest release is [https://nick-black.com/src/omphalos/rel/current/ 0.99.7-rc1], released 2013-01-30.'''
* '''The latest release is [https://github.com/dankamongmen/omphalos/releases/tag/v0.99.9 0.99.9], released 2019-11-20.'''
* [[Debian]]-compatible .deb files are available via the [http://www.sprezzatech.com/sprezzos.html SprezzOS] APT repository
* [[Arch]]'s AUR contains [https://aur.archlinux.org/packages/omphalos/ omphalos]


Omphalos is not a "''point-and-click''" tool so much as "''pull the pin''" or perhaps "''spray the area''". Default behavior is to redirect and seize all traffic, attack weak cryptosystems, archive authentication materials, and learn everything that can be learned. Ideally, a tiny microprocessor would be paired with power and a network device, stealthily physically inserted into a network, and left there; <tt>omphalos</tt> and [[Hackery#liburine|liburine]] would then combine to provide complete network dominance. I hope to combine network programming and the techniques of high-performance computing to create a tool capable of much havoc.
Omphalos is not a "''point-and-click''" tool so much as "''pull the pin''" or perhaps "''spray the area''". Default behavior is to redirect and seize all traffic, attack weak cryptosystems, archive authentication materials, and learn everything that can be learned. Ideally, a tiny microprocessor would be paired with power and a network device, stealthily physically inserted into a network, and left there; <tt>omphalos</tt> and [[Hackery#liburine|liburine]] would then combine to provide complete network dominance. I hope to combine network programming and the techniques of high-performance computing to create a tool capable of much havoc.


'''Omphalos: Because one layer is never enough.''' Code is hosted on [https://github.com/dankamongmen/omphalos GitHub]. Bugtracking is hosted on [https://nick-black.com/bugzilla/buglist.cgi?cmdtype=runnamed&namedcmd=omphalos bugzilla]. There's a mailing list at [http://groups.google.com/group/omphalos-dev Google Groups].
'''Omphalos: Because one layer is never enough.''' Code is hosted on [https://github.com/dankamongmen/omphalos GitHub], as are [https://github.com/dankamongmen/omphalos/issues modern issues]. Old bugs are still available at [https://nick-black.com/bugzilla/buglist.cgi?cmdtype=runnamed&namedcmd=omphalos bugzilla]. There's a mailing list at [http://groups.google.com/group/omphalos-dev Google Groups].
==Similar Tools==
==Similar Tools==
* [http://www.thoughtcrime.org/software/sslsniff/ SSLSNIFF] from Thoughtcrime Labs
* [http://www.thoughtcrime.org/software/sslsniff/ SSLSNIFF] from Thoughtcrime Labs
Line 378: Line 378:
* VLAN hopping
* VLAN hopping


====802.11====
====[[WiFi|802.11]]====
* Passively attack weak cryptosystems (especially WEP), or do so actively if configured
* Passively attack weak cryptosystems (especially WEP), or do so actively if configured
* Channel hopping or locked operation
* Channel hopping or locked operation
Line 412: Line 412:
===User Interfaces===
===User Interfaces===
* <tt>omphalos-tty</tt>: line-based console output with [[readline]]-based input
* <tt>omphalos-tty</tt>: line-based console output with [[readline]]-based input
* <tt>omphalos-ncurses</tt>: screen-based terminal output with ncurses-based input
* <tt>omphalos-ncurses</tt>: screen-based terminal output with [[ncurses]]-based input
* GTK: I'd like to add a GTK UI, but it's not a major priority
* GTK: I'd like to add a GTK UI, but it's not a major priority
** If you'd like to contribute freely-licensed, original artwork to this effort, please contact me!
** If you'd like to contribute freely-licensed, original artwork to this effort, please contact me!