scylla-v1 released.

When there’s no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works.

Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning dynamically miss configuration bugs. Scylla try to be a better tool for security auditors, extremely faster, designed based on real scenarios, developed by experienced coders and constructed with the actual IT work methods. The words “Configuration Tracer” are the best definition for Scylla, a tool to help on IT audits.

Select victim
 scylla_oracle_bruteforce
Report view Oracle

Install (Or compile) 
———————————————————————–
Well, fist of all, if this is your first time, maybe this would be a pain in the ass, so pay attention. (plz, leave the bin directory as is)
———————————————————————–
Pre reqs
———————————————————————–
You will need to download and install the following:

Visual Studio 2012 http://www.microsoft.com/visualstudio/11/en-us/downloads

.NET Framework 4.0 (maybe you should download 3.5 either)
It comes with VS 2012

ODA.NET (Oracle Data Access for .Net): Used for oracle connections, i download the ODAC1122021Xcopy_32bit
http://www.oracle.com/technetwork/database/windows/downloads/index-101290.html
To install, just follow instructions, unzip and do something like this:
install.bat odp.net2 c:oracle odac

IBM Data Server Runtime Clients (all the .net stuff): I prefer 32 bit version (i used this one)
https://www14.software.ibm.com/webapp/iwm/web/reg/pick.do?source=swg-idsrc11&S;_TACT=appddnet&S;_CMP=ibm_im〈=en_US

OpenSSL for windows (Please, install it in the default dir!)
http://slproweb.com/products/Win32OpenSSL.html

———————————————————————–
The code
———————————————————————–
Well, if you are reading this you must have the code, if not, get it from here: http://code.google.com/p/scylla-v1/

Opening the code is just easy, click the Scylla.sln file and your are done 🙂
———————————————————————–
Dealing with dependencies
———————————————————————–
This is the main reason why i prefer letting you compile the code rather than giving you a binary, cus dependencies are a pain in the ass! (I know, this can be easy to solve, but i don’t do it because fuck you. Your time dealing with this shit would be welcomed 🙂 ). If you don’t have the solution explorer, start going to “VIEW/SOLUTION EXPLORER”

Lets begin with the C++ Code:
The main dependency here is OpenSSL. So, let’s step into each of the following projects:
OpenSSL_Wrapper
SSHLogin
SSHLoginWrapper

Then, right click on then and go to properties, the go into “Configuration Properties/C/C++” and in the field “Additional Include Directory” add the following (try to find a similar path in your pc):
C:OpenSSL-Win32include;%(AdditionalIncludeDirectories)
Maybe you can have problems finding some files, if so, you would need the Windows SDK, i got it from here: http://msdn.microsoft.com/en-us/windows/desktop/hh852363.aspx
Then add the following path’s:
C:Program Files (x86)Windows Kits8.0Includeshared;
C:Program Files (x86)Windows Kits8.0Includeum;

Go into “Linker” and in the field “Additional Library Directory” add the following:
C:OpenSSL-Win32libVC;C:OpenSSL-Win32lib;%(AdditionalLibraryDirectories)
If you need to download de winSDK, maybe you should ned to add this:
C:Program Files (x86)Windows Kits8.0Libwin8umx86;

That’s all 🙂 now do it in the other projects

Here comes the harder part, the databases dependencies (DB2 and Oracle, and others):
First of all, a few comments: I only could make db2 work if there’s a bin directory, also, if you see, in ScyllaMain directory, there’s a folder that says “msg”, it’s needed for DB2, also, in the bin directory, there are 2 .dll’s (db2app.dll and db2app64.dll), I think that if you got this one, you are done :).
If you succesfully installed the IBM-someShit, i hope you don’t have any problems :).

Well, most .dll’s dependencies are in a directory named Scyllalibs, so you would not have any problem with that. This part is a pain in the ass, i know :S. But you gotta expand the following projects:
DatabaseBrowser
DBManagement and
Scylla

Then expand the References item, you should find a warning in the following references (maybe more, but the others are solved when you compile 🙂 ):
IBM.Data.DB2
MySQL.Data
Npgsql
Oracle.DataAccess
System.Data.SqlServerCe

so, for each one of those, right click/remove and then right click in the “References forlder”/add reference. In that form go to Browse and then click in the “Browse…” button, go to the libs folder, find the reference you have just deleted and add it.

———————————————————————–
Compile
———————————————————————–
Now compile =D (if you got trouble here, try compiling each project alone, starting with the C++ projects). To compile just press F6. To compile each project alone, right click in the project and press “Compile”
———————————————————————–
Run Scylla
———————————————————————–
After you compile, you got 2 options (i prefer the first one cus u’ll be able to help me with bug dealing).
1) Just click in VS the run button
2) Go to: ScyllaScyllaMainbinDebug, you’ll find a file named “Scylla.exe”, double click it.

Download : Scylla.rar (36.1 MB) 
Find Other Version |
Read more in here : http://code.google.com/p/scylla-v1/