IMA Project : Identity Management Auditor Project
IMA provides a simple way to audit Identity Management.
IMA is composed of several dedicated modules (MS Windows, Linux, HP-UX, IBM AIX, MS SQL Server, Oracle, SAP...).
Each module allows you to retrieve users list, group members, password hashes... and others specific information.
- Users and Groups lists can be correlated in order to identified Administrators profiles
- Password hashes can be audited in order to identified NULL or Trivial password.
- All results can be exported in a single XLS file
IMA is Free software, may be Open Source...(C# Application).
This software is written in C#, so the .NET framework 2.0 Service Pack 1 and the Oracle Data Access Components (ODAC) are needed.
Currently, only the MS Windows, MS SQL Server and Oracle Database modules are available.
Download (.NET Framework 2.0 SP1 needed)
Beta Release (v0.3.1) - December 09 : Many Bugs Fixed (Multi-Threading Engine, Loading Form, MSSQL & Oracle Auditor...)
IMA Full : IMA_Full_Beta-current.zip (v0.3.1)
IMA Lite : IMA_Lite_Beta-current.zip (v0.3.1)
(John the Ripper & PwDump Embedded) |
(Without John the Ripper & PwDump) |
||||||
 |
 |
 |
|
|
|
||
| System Auditor | |||||||
| ● Detailled Version | ![[FULL] Windows / Active Directory : YES](http://www.xmcopartners.com/ima/images/check.png "[FULL] Windows / Active Directory : YES") |
|
|
|
|
|
|
| ● Users | |
|
|
|
|
|
|
| ● Groups / Roles / Permissions | |
|
|
|
|
|
|
| ● Services / Shares / Databases | |
|
|
|
|
|
|
| ● Password Hashes | |
|
|
![[LITE] Windows / Active Directory : NO](http://www.xmcopartners.com/ima/images/cancel.png "[LITE] Windows / Active Directory : NO") |
|
|
|
| Password Auditor | |||||||
| ● Full password assessment | |
|
|
|
|
|
|
| ● Quick assessment (NULL or trivial passwords) |
|
|
|
* |
|
|
|
| Extra Tools | |||||||
| ● Password Generator (LM, NT, SQL2000 & SQL2005) |
|
|
|
|
|
|
|
| ● John Pot Generator (LM, NT, SQL2000 & SQL2005) |
|
|
|
|
|
|
|
| ● LM2NTCRACK GUI | |
![[FULL] Microsof SQL Server : N/A](http://www.xmcopartners.com/ima/images/NA.png "[FULL] Microsof SQL Server : N/A") |
|
|
|
|
|
| ● SQL2KTO2005CRACK GUI | |
|
|
|
|
|
|
| ● ORACLEDES2SHA1CRACK GUI | |
|
|
|
|
|
|
* : Imported Hashes only
Presentation:
- SSTIC 09 (Rump Session): Slides PPT
- Demonstration: Video (9.1 MB) (Compatible QuickTime/VLC)
Introduction
Most of our customers are sensibilized about Identity Management : "Can I have the member list of each group ?" "Can I have the list of Administrators profiles ?" "Did they embedded strong password ?"...
However, when you perform an audit/penetration test, you still found trivial administrative accounts (backup/backup, sa/NULL...), which for some Odd/Business reasons are "Domain Administrators" or members of the group "root".
The big deal is even if you give to the IT teams all the commands/tools with the good parameters, they cannot easily exploit these information on each server.
So, IT teams need a tool to perform automatically these tasks and gathering data... That's why I have launched the IMA project.
MS Windows/Active Directory Screenshots :
|
|
|
|
|
|
|
MS SQL Server Screenshots :
|
|
|
|
Extra Tools Screenshots :
|
|
|
|
|
Optional Resources
This software embedded compiled version of :
- John the Ripper (Password Auditor)
- PwDump 6 (Microsoft Windows Password Dumper)
- Oracle Default Password List (Pete Finnigan)
- Oracle Data Access Components (ODAC)
History
Each releases fixed some/lot of bugs, but add a major functionality :
- Beta Release (v0.3.1) - December 09 : Multi-Threading optimisation & many bugs fixed
- Beta Release (v0.3) - November 09 : Oracle Database support added
- Beta Release (v0.2) - October 09 : MS SQL Server support added
- Beta Release (v0.1) - June 09 : MS Windows support only
Bugs / Comments
Please report bug and/or comments to :
- Yannick Hamon <yannick.hamon@xmcopartners.com>
Greetings
For debugging and testing :
- Adrien Guinault <adrien.guinault@xmcopartners.com>
- Frederic Charpentier <fcharpentier@xmcopartners.com>
- François Legué <francois.legue@xmcopartners.com>
- Lin Miang Jin <linmiang.jin@xmcopartners.com>
Copyright and Licence
THIS SOFTWARE IS MADE AVAILABLE "AS IS", AND THE AUTHOR DISCLAIMS ALL
WARRANTIES, EXPRESS OR IMPLIED, WITH REGARD TO THIS SOFTWARE, INCLUDING
WITHOUT LIMITATION ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE, AND IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER
RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF
CONTRACT, TORT (INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
--
Copyright (C) 2009 Yannick Hamon <yannick.hamon@xmcopartners.com>
Xmco Partners | Security Research Labs
