GoogleCodeExporter
commented
9 years ago The question I get asked all the time is: Why Subterfuge? It’s exceedingly
hard to see any positive side to the tool, and that is by design. While there
might be a place for Subterfuge in every penetration testers toolkit, the fact
is that its genre of attack, Man-in-the-Middle, is usually second in level of
restriction to Denial of Service. Subterfuge is here to demonstrate a problem.
I heartily believe that perception is reality, and as such Subterfuge exist to
give the perception of inescapable danger on public networks. Tools like
Firesheep have aided public knowledge of these kinds of vulnerabilities, but
because most of the tools in this sphere are painful to configure, and
impossible for a non-savvy user to understand the level of risk is difficult to
understand.
Subterfuge is a game changer. When using the tool simplicity is inescapable,
and the risk is self-evident. Furthermore, its visualization capabilities
through features like the Network View and Credential Harvester make it an
outstanding mechanism to demonstrate the power of cyber techniques.
If I had to site one experience that validates the existence of a tool like
Subterfuge I would have to point to a class I taught at the United States Air
Force Academy. The undergraduate students were not necessarily Computer Science
Majors, or even technically oriented, but the moment I switched Subterfuge on
and the credentials started rolling in a collective gasp went up in the room.
You could definitely say that they got the concept. That’s one group of
people I’m not worried will be doing their banking in the airport anytime
soon.
Moreover, this tool does have a place in a penetration testers toolkit.
Man-in-the-Middle Attacks are powerful. Nothing demonstrates this better then
Subterfuge. The idea of failing to test a network for vulnerabilities that
could allow an attacker to gain and leverage this position is erroneous. As the
Man-in-the-Middle Framework Subterfuge, more then any other tool allows for and
makes this kind of security validation easy.
Note that Subterfuge was built to demonstrate security vulnerabilities; any
usage outside of this field may be suspect. I won’t berate the reader with a
tirade of possible consequences save to say that Subterfuge is a tool with
inherently malicious purposes, and that to use it as such may not be strictly
legal in most situations.
That’s it! I hope you enjoy subterfuge…
Matthew Toussain
~ 0sm0s1z
Original comment by Mtoussain@gmail.com on 24 Aug 2012 at 9:16
- Added labels: Type-Other, Component-Docs
- Removed labels: Type-Task
Original issue reported on code.google.com by
Mtoussain@gmail.comon 22 Aug 2012 at 7:47