This presentation will capture the development and deployment of the tool called Ranger. This Python based tool can be installed on Kali distributions using a simple Bash script. We will demonstrate how Ranger allows for automated extraction of credentials, validation of domain details, determination of group memberships, and the injection of payloads directly into memory on Windows based systems through native protocols and services. This tool has been well tested and used on a variety of engagements proving that current defensive tools do not currently stop it, but also do not detect it, even the marketed next generation solutions. In essence we have been able to cut down significant swathes of time during an engagement in an effort to demonstrate true risk to clients.
Ranger was the brainchild of Chris Duffy with support and help of a great group of friends and penetration testers who asked for a variety of features. We looked to fill a major gap in single tool capability, which has historically been filled by a larger tool catalog. As such, this tool leverages highly desired capabilities, to include ease of use, execution by command line, lightweight, simple parseable outputs, logging support for traceability, ability to support Nmap XML imports, and capable of resolving both passwords and multiple hash formats. (50 minute)
Christopher Duffy, Jonathan Fallone, and Dev Patel
Christopher Duffy is currently a Cybersecurity & Privacy specialist in the D.C. Metro area. Where he current helps lead Threat and Vulnerability Management services nationally such as, advanced technical testing.
Jonathan’s areas of specialty in targeted technical testing, which includes risk focused password cracking and security control weaknesses.
Dev is a penetration tester with a strong background in Windows, UNIX, mobile application development, and SIEM solutions. He specializes in network penetration testing, and has led assessments across multiple Fortune 500 clients in a variety of industries.