Haxf4rall
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
  • Home
  • 2019
  • July
  • 1
  • TROMMEL – Search Files For Potential Vulnerable Indicators

TROMMEL – Search Files For Potential Vulnerable Indicators

July 1, 2019July 27, 2019 Comments Off on TROMMEL – Search Files For Potential Vulnerable Indicators
trommel scan trommel vulnerability scanner

TROMMEL sifts through embedded device files to identify potential vulnerable indicators. The tool can be used to search files and configurations in a directory and find potential vulnerability. Usually any security scanner will produced reports and finding without properly confirming the system vulnerability.

Vulnerability scanner allow security professional to automate and accelerate the vulnerability assessment while it will be required to validate any security issue reported. This tool can be an additional way to verify files for vulnerabilities. TROMMEL identifies the following indicators related to:

  • Secure Shell (SSH) key files
  • Secure Socket Layer (SSL) key files
  • Internet Protocol (IP) addresses
  • Uniform Resource Locator (URL)
  • email addresses
  • shell scripts
  • web server binaries
  • configuration files
  • database files
  • specific binaries files (i.e. Dropbear, BusyBox, etc.)
  • shared object library files
  • web application scripting variables, and
  • Android application package (APK) file permissions.

Upon execution, TROMMEL provides the following feedback to the researcher in the terminal and writes 2 (CSV parsable) results files:

  • Results will be saved to User-Supplied-File-Name_Trommel_YYYYMMDD_HHMMSS.
  • Hashes of files will be saved to User-Supplied-File-Name_TROMMEL_Hash_Results_YYYYMMDD_HHMMSS.

Checks the system architecture by using the BusyBox binary. The text file is named according to the above naming convention and will contain the following information preceding the identified indicators:

  • TROMMEL Results File Name: [Researcher Supplied File Name]
  • Directory: [Researcher Supplied Directory]
  • There are [Count of Files] total files within the directory.

The results should be reviewed to identify and remove false positives and to identify indicators that need further analysis for potential vulnerabilities.

Dependencies

  • Python-Magic – See documentation for instructions for Python3-magic installation

Usage

$ trommel.py --help

Output TROMMEL results to a file based on a given directory. By default, only searches plain text files.

$ trommel.py -p /directory -o output_file

Output TROMMEL results to a file based on a given directory. Search both binary and plain text files.

$ trommel.py -p /directory -o output_file -b

Notes

  • The intended to assist researchers during firmware analysis to find potential vulnerabilities
  • Network defenders can benefit as well to assess devices on their network or for devices they plan to add to their network
  • Devices can include IoT (web cams, smart devices (light bulbs, plugs, switches, TVs, fridge, coffee maker, etc.)), SCADA/ICS, routers, really anything with an embedded flash chip that boots an OS on startup.
  • TROMMEL has been tested using Python3 on Kali Linux x86_64.

 

Post navigation

Project iKy – Email Information Gathering Tool with a Visual Interface
Government Hackers broke into Russian Search Company Yandex

Related Articles

TikiTorch – Process Injection Tool

- Privilege Escalation
October 28, 2019

Syhunt Community 6.7 – Web And Mobile Application Scanner

- Vulnerability Scanners
October 1, 2019

OpenVAS – Open Vulnerability Assessment System

- Vulnerability Scanners
August 6, 2019August 6, 2019
hacker gadgets
hacker phone covers

Recent Posts

PlutoCrypt Ransomware Decryptor

PlutoCrypt Ransomware Decryptor

May 27, 2023
Galaxy Fold 4

Samsung to improve the durability of the waterdrop hinges in the foldable smartphones

May 26, 2023
CISA Adds CVE-2023-2868 Vulnerability to KEV Catalog

CISA Adds CVE-2023-2868 Vulnerability to KEV Catalog

May 26, 2023
Google releases Chrome version 111 to fix 40 security vulnerabilities

Google releases Chrome version 111 to fix 40 security vulnerabilities

May 26, 2023
PoC Exploit Released for GitLab CVE-2023-2825 Vulnerability

PoC Exploit Released for GitLab CVE-2023-2825 Vulnerability

May 26, 2023
CVE View

Mondoo v7.17.1 releases: Cloud-Native Security & Vulnerability Risk Management

February 16, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Categories

  • Secure Coding
  • Documentary
  • Courses & Ebooks
  • Hack Tools
  • Hacking Tutorials
  • Mobile Hacking
  • News
  • Operating Systems
  • TOR
  • Tricks & How To’s

Active Members

Useful Links

Contact Us

Disclaimer

Privacy Policy

Submit a Tool

Copyright 2019. All rights reserved | Theme: OMag by LilyTurf Themes