La nueva FOCA 2.7
•Download as PPTX, PDF•
3 likes•843 views
This document summarizes the capabilities of the FOCA tool for extracting metadata and hidden information from files. FOCA can analyze a wide range of file types including documents, images, and PDFs. It is able to uncover personal user data, system information, network details, device information, software versions, and more. The document provides examples of FOCA analyzing files from FBI.gov and its recursive network discovery algorithm. It concludes by noting new features in version 2.7.1 like RDP file analysis and an improved reporting module.
Report
Share
Related slideshows
La nueva FOCA 2.7
- 2. FOCA 0.X
- 3. MetadataRisks“Secret” relationshipsGovernment & companiesCompanies & providersPiracyReputationSocial engineering attacksTargeting Malware
- 4. FOCA: File types supportedOffice documents:
- 8. XMP.
- 11. EXIF.
- 12. XMP.
- 13. Adobe Indesign, SVG, SVGZWhat can be found? Users:
- 14. Creators.
- 15. Modifiers .
- 16. Users in paths.
- 18. /home/johnnyf
- 20. Printers.
- 22. Paths.
- 24. Network info.
- 25. Shared Printers.
- 26. Shared Folders.
- 27. ACLS.
- 29. NetBIOS Name.
- 30. Domain Name.
- 31. IP Address.
- 33. Table names.
- 34. Colum names.
- 35. Devices info.
- 36. Mobiles.
- 37. Photo cameras.
- 38. Private Info.
- 39. Personal data.
- 40. History of use.
- 41. Software versions.Sample: FBI.govTotal: 4841 files
- 42. FOCA 1 v. RC3Fingerprinting Organizations with Collected Archives
- 43. Search for documents in Google and Bing
- 45. Capable of extracting Metadata, hidden info and lost data
- 47. Analyzes the info to fingerprint the network.
- 49. Sometimes…a pentesterneedsto be a SuperHero
- 53. SwRecognition
- 56. Network DiscoveryAlgorithmhttp://apple1.sub.domain.com/~chema/dir/fil.dochttp -> Web server GET Banner HTTPdomain.com is a domainSearch NS, MX, SPF records for domain.comsub.domain.com is a subdomainSearch NS, MX, SPF records for sub.domain.comTry allthe non verified servers onall new domainsserver01.domain.comserver01.sub.domain.comApple1.sub.domain.com is a hostnameTry DNS Prediction (apple1) onalldomainsTry Google Sets(apple1) onalldomains
- 57. Network DiscoveryAlgorithmhttp://apple1.sub.domain.com/~chema/dir/fil.doc11) Resolve IP Address12) GetCertificate in https://IP13) Searchfordomainnames in it14) Get HTTP Banner of http://IP15) Use Bing Ip:IPtofindalldomainssharingit16) Repeatforevery new domain17) Connecttotheinternal NS (1 orall)18) Perform a PTR Scansearchingforinternal servers19) Forevery new IP discovered try Bing IP recursively20) ~chema-> chemaisprobably a user
- 58. Network DiscoveryAlgorithmhttp://apple1.sub.domain.com/~chema/dir/fil.doc21) / , /~chema/ and /~chema/dir/ are paths22) Try directorylisting in allthepaths23) Searchfor PUT, DELETE, TRACE methods in everypath24) Fingerprint software from 404 error messages25) Fingerprint software fromapplication error messages26) Try commonnamesonalldomains (dictionary)27) Try Zone Transfer onall NS28) Searchforany URL indexedby web enginesrelatedtothehostname29) Downloadthe file30) Extractthemetadata, hiddeninfo and lost data31) Sortallthisinformationand presentitnicely32) Forevery new IP/URL startoveragain
- 61. Hugedomains case
- 63. FOCA 2.5 & Shodan
- 64. FOCA 2.5 URL Analysis
- 65. .listing
- 67. Search & Upload
- 69. Fuzzingoptions
- 73. RDP & ICA Files Analysis
- 74. SquidProxies
- 75. DNS Records
- 76. NetrangeScan
- 77. ParametrizedURLs
- 78. Easy Bugs search
- 79. TaskList
- 80. Plugins
- 81. FearThe FOCA
- 83. Buy a FOCA T-ShirtAnd be «Sexy» }:))
- 93. Workingon FOCA:
- 94. Chema Alonso
- 95. Alejandro Martín
- 96. Francisco Oca
- 97. Manuel Fernández «The Sur»
- 98. Daniel Romero
- 99. Enrique Rando
- 100. Pedro Laguna
- 101. SpecialThanksto: John Matherly [Shodan]