The Penetration Testers Framework (PTF)

April 15, 2016 | Views: 17129

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

The Penetration Testers Framework (PTF) is a framework created by Dave Kennedy at TrustedSec. Dave is the author of many other tools, yet PTF is a bit different as it aims to provide easy installation of other tools. It’s written in Python and is available on Github. For people who are familiar with Backtrack and miss the /pentest directory, they’ll love PTF as it actually creates the /pentest directory and subdirectories when installing modules.

 

To install PTF, use the git command in your Linux distribution. PTF should work on Debian and Ubuntu, and, yes, Kali Linux as well. It’s based on Debian and Fedora is also supported.

Installing PTF using git is as simple as typing:

> git clone https://github.com/trustedsec/ptf.git

If everything works as expected, you’ll get a ptf directory from where you run PTF for the first time.

Next, type:

> cd ptf

> sudo ./ptf

Sudo is not needed if you’re running as root, otherwise you must run it with sudo or it won’t work. The first thing that happens is that PTF updates itself and copies itself to the /usr/local/bin directory. The next time you run it,  you can call the ptf command without having to be in the ptf directory. PTF requires you to have an Internet connection or it won’t load.

Once it loads, you’ll get a prompt below:

ptf>

You can type ? or help to see available commands, but probably want to see all the available modules.

This is done by typing the following:

ptf> show modules

This will produce a list of available modules (tools) that PTF can install for you. PTF will try to resolve all required dependencies and simply make it work, and it usually does. Be advised: some tools have a great deal of dependencies and can take a long time to install.

There’s also a module for installing every single tool that PTF has a module for, but I personally don’t use it. If you want to install every tool available in PTF, you can do this:

ptf> use modules/install_update_all

[*] You are about to install/update everything. Proceed? [yes/no]:no

[*] Alright boss. Not installing right now. Tell me when. I want that shiny. I want it now.

You’ll be asked whether you want to proceed or not, yes or no, it’s up to you. In my example above, I answered no.

To actually install a module, use the specific module as follows. In this example, I’ll  install the password crack John the Ripper using PTF. First, use the specific module you want to install and once there, run the install command.

ptf > use modules/post-exploitation/john

ptf:(modules/post-exploitation/john)> install

To exit a module in PTF, just type quit and you will get back to the ptf> prompt. In this case, PTF resolves all the dependencies on my Kali Linux VM and then compiles John the Ripper from source. As I wrote in the beginning, PTF installs in the /pentest directory, but it also creates subdirectories depending on what pentesting phase the module belongs to.

In this case, it’s post-exploitation, as you’ve already exploited your target. To find the install directory for John the Ripper, it would be in /pentest/post-exploitation/john. For some modules, PTF creates symlinks in the /usr/local/bin directory, but not for all modules. John is one the modules that must be run from the directory where it was installed.

Exactly how PTF knows what dependencies are required and the build method being used, is based on the module configuration. Below is the configuration for the module John the Ripper.

#!/usr/bin/env python
#####################################
# Installation module for JtR
#####################################

# AUTHOR OF MODULE NAME
AUTHOR=”David Kennedy (ReL1K)”

# DESCRIPTION OF THE MODULE
DESCRIPTION=”This module will install/update John the Ripper – password cracker”

# INSTALL TYPE GIT, SVN, FILE DOWNLOAD
# OPTIONS = GIT, SVN, FILE
INSTALL_TYPE=”GIT”

# LOCATION OF THE FILE OR GIT/SVN REPOSITORY
REPOSITORY_LOCATION=”https://github.com/magnumripper/JohnTheRipper/”

# WHERE DO YOU WANT TO INSTALL IT
INSTALL_LOCATION=”john”

# DEPENDS FOR DEBIAN INSTALLS
DEBIAN=”build-essential libnss3-dev libkrb5-dev libgmp-dev”

# DEPENDS FOR FEDORA INSTALLS
FEDORA=”git,make,automake,gcc,gcc-c++,kernel-devel,nss-devel,krb5-devel,gmp-devel,openssl,openssl-devel”

# COMMANDS TO RUN AFTER
AFTER_COMMANDS=”cd {INSTALL_LOCATION},cd src,./configure && make && make install,cd {INSTALL_LOCATION},cp -a run/* {INSTALL_LOCATION},rm -rf run/”

# THIS WILL CREATE AN AUTOMATIC LAUNCHER FOR THE TOOL
LAUNCHER=””

 

This configuration is what allows you to add modules to PTF. If you want to add a tool in PTF, you can make a configuration file for it and submit it for PTF to use. Please do test it first to make sure it works. As you see above, John the Ripper is installed using git from a Github repository and dependencies for both .deb  and .rpm based distros are given. In this case, the commands to run occur after the initial install is done. It complies the code being installed by the git command.

Exactly how the configuration is built is unique to every module. Many of the modules in PTF are already installed in Kali Linux. I use PTF anyway, as PTF allows me to get the latest version of the specific tool without having to wait for the Kali Linux development team to package the new version.

PTF is a great way for easy installation and updating many of my favorite tools.

Good luck!

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
9 Comments
  1. Thank for this , i just got through watching his you tube presentation and he mentioned this, i was on my way to check it out and the search brought me here. so thanks
    after looking at it i will counter your p[ost with a tool post

  2. Great work keep it up and look forward to more

  3. Great article, small and precise, it will be good to see more from you.
    Thankyou

  4. NOTE: For people who has python3 and python2 they have to manually run the initialization script with python2.

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel