NOTHINK

"homo quisque faber ipse fortunae suae"

• Home
• Malware network activity
  • DNS network traffic
  • IRC network traffic
  • HTTP network traffic
• Honeypot
  • Statistics
  • SSH honeypot
  • Malicious binaries collected
  • Last threats (daily)
• Misc
  • Blacklist
  • Spam
  • Viruswatch
• FAQ

About me

I'm Matteo Cantoni, 30 years old, living in Italy with my girlfriend Anna and my dog Maggie. I'm employed as security analyst for a telephone company; my jobs include network security, penetration testing, policy auditing and malware analysis. I'm an OpenBSD/Metasploit/Perl aficionado. I love sports, any sports, particularly motorcycle racing and triathlon.


I can be contacted via e-mail to matteo.cantoni@nothink.org.



My contribution to Metasploit Framework

Auxiliary
=========

Name                                     Description
----                                     -----------
admin/http/tomcat_administration         Tomcat Administration Tool Default Access
admin/tikiwiki/tikidblib                 TikiWiki information disclosure
admin/webmin/file_disclosure             Webmin file disclosure
dos/wireshark/chunked                    Wireshark chunked_encoding_dissector function DOS
scanner/ftp/anonymous                    Anonymous FTP Access Detection
scanner/http/frontpage_login             FrontPage Server Extensions Login Utility
scanner/http/open_proxy                  HTTP Open Proxy Detection
scanner/http/tomcat_mgr_login            Tomcat Application Manager Login Utility
scanner/snmp/snmp_enum                   SNMP Enumeration Module
scanner/snmp/snmp_set                    SNMP Set Module
scanner/vnc/vnc_none_auth                VNC Authentication None Detection

Exploits
========

Name                                     Description
----                                     -----------
unix/webapp/awstats_configdir_exec       AWStats configdir Remote Command Execution
unix/webapp/pajax_remote_exec            PAJAX Remote Command Execution
unix/webapp/sphpblog_file_upload         Simple PHP Blog <= 0.4.0 Remote Command Execution
unix/webapp/tikiwiki_graph_formula_exec  TikiWiki tiki-graph_formula Remote PHP Code Execution
unix/webapp/tikiwiki_jhot_exec           TikiWiki jhot Remote Command Execution

Perl modules

Mail::Maps::Lookup, query the MAPS lookup service via DNS
Mail::OpenRelay::Simple, check if a mail server runs as an open relay
Net::Scan::Google, allows you to query Google site without api-key and with random parameters to avoid any restriction.
Text::Extract::Stuff, Perl module to extract stuff from text
WWW::UserAgent::Random, Perl extension to generate random User Agent

Perl scripts

googlegath, simple Google-Search to gathering site/domain informations
gpsdriveToGoogleEarth, extract data from gpsdrive db and build a "kml" file for Google Earth (example, example)
snmpcheck, useful to get information via SNMP protocols for Windows, Linux, Cisco and other platforms...
snmpscan, multi-threads SNMP scanner. It could be useful for systems gathering or penetration testing

Miscellaneous

add-ons, useful add-ons for Firefox
suckme, mitm sniffer for iPhone/iPod Touch
wardriving, my old wardriving stuff