IMA : Identity Management Auditor
An all-in-one tool to audit accounts, authorization and passwords !
IMA is composed of several modules : Microsot Windows, ORACLE, Linux, HP-UX, IBM AIX, Microsoft SQL Server, Oracle, SAP...
Each module allows to retrieve users list, group members, password hashes... and others more.
- Users and Groups lists can be correlated in order to identified Administrators profiles
- Password hashes can be audited in order to identified NULL or Trivial password.
- All results can be exported in a single XLS file
IMA is Free software, may be Open Source...(C# Application).
This software is written in C#, so the .NET framework 2.0 Service Pack 1 and the Oracle Data Access Components (ODAC) are needed.
The IMA public release only contains theMS Windows, MS SQL Server and Oracle Database modules.
Download (.NET Framework 2.0 SP1 needed)
Beta Release (v0.4.7) - January 11 : Adding IMA Unleashed, Shares Auditor, Windows Credentials Editor (Amplia Security), Many Bugs Fixed...
IMA Full : John The Ripper & PwDump embedded may be detected/blocked by some antivirus as "Hacking Tools"
IMA Lite : Without John The Ripper & PwDump
(John the Ripper, PwDump & WCE Embedded) |
(Without John the Ripper, PwDump & WCE) |
||||||
 |
 |
 |
|
|
|
||
| System Auditor | |||||||
| ● Detailled Version | ![[FULL] Windows / Active Directory : YES](http://www.xmco.fr/ima/images/check.png "[FULL] Windows / Active Directory : YES") |
|
|
|
|
|
|
| ● Users | |
|
|
|
|
|
|
| ● Groups / Roles / Permissions | |
|
|
|
|
|
|
| ● Services / Shares / Databases | |
|
|
|
|
|
|
| ● Password Hashes | |
|
|
![[LITE] Windows / Active Directory : NO](http://www.xmco.fr/ima/images/cancel.png "[LITE] Windows / Active Directory : NO") |
|
|
|
| Password Auditor | |||||||
| ● Full password assessment | |
|
|
|
|
|
|
| ● Quick assessment (NULL or trivial passwords) |
|
|
|
* |
|
|
|
| Extra Tools | |||||||
| ● Password Generator (LM, NT, SQL2000 & SQL2005) |
|
|
|
|
|
|
|
| ● John Pot Generator (LM, NT, SQL2000 & SQL2005) |
|
|
|
|
|
|
|
| ● LM2NTCRACK GUI | |
![[FULL] Microsof SQL Server : N/A](http://www.xmco.fr/ima/images/NA.png "[FULL] Microsof SQL Server : N/A") |
|
|
|
|
|
| ● SQL2KTO2005CRACK GUI | |
|
|
|
|
|
|
| ● ORACLEDES2SHA1CRACK GUI | |
|
|
|
|
|
|
* : Imported Hashes only
Presentation:
- SSTIC 09 (Rump Session): Slides PPT
- Demonstration: Video (9.1 MB) (Compatible QuickTime/VLC)
Introduction
Most of our customers are sensibilized about Identity Management : "Can I have the member list of each group ?" "Can I have the list of Administrators profiles ?" "Did they embedded strong password ?"...
However, when you perform an audit/penetration test, you still found trivial administrative accounts (backup/backup, sa/NULL...), which for some Odd/Business reasons are "Domain Administrators" or members of the group "root".
The big deal is even if you give to the IT teams all the commands/tools with the good parameters, they cannot easily exploit these information on each server.
So, IT teams need a tool to perform automatically these tasks and gathering data... That's why I have launched the IMA project.
MS Windows/Active Directory Screenshots :
|
|
|
|
|
|
|
MS SQL Server Screenshots :
|
|
|
|
Extra Tools Screenshots :
|
|
|
|
|
Optional Resources
This software embedded compiled version of :
- John the Ripper (Password Auditor)
- PwDump 6 (Microsoft Windows Password Dumper)
- Oracle Default Password List (Pete Finnigan)
- Oracle Data Access Components (ODAC)
- WCE
History
Each releases fixed some/lot of bugs, but add a major functionality :
- Beta Release (v0.4.7) - January 11 : IMA Unleashed, Shares Auditor, WCE & many bugs fixed
- Beta Release (v0.3.1) - December 09 : Multi-Threading optimisation & many bugs fixed
- Beta Release (v0.3) - November 09 : Oracle Database support added
- Beta Release (v0.2) - October 09 : MS SQL Server support added
- Beta Release (v0.1) - June 09 : MS Windows support only
Bugs / Comments
Please report bug and/or comments to :
- Yannick Hamon <yannick.hamon@xmco.fr>
Greetings
For debugging and testing :
- Adrien Guinault <adrien.guinault@xmco.fr>
- Frederic Charpentier <fcharpentier@xmco.fr>
- François Legué <francois.legue@xmco.fr>
- Lin Miang Jin <linmiang.jin@xmco.fr>
Copyright and Licence
THIS SOFTWARE IS MADE AVAILABLE "AS IS", AND THE AUTHOR DISCLAIMS ALL
WARRANTIES, EXPRESS OR IMPLIED, WITH REGARD TO THIS SOFTWARE, INCLUDING
WITHOUT LIMITATION ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE, AND IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER
RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF
CONTRACT, TORT (INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
--
Copyright (C) 2009 Yannick Hamon <yannick.hamon@xmco.fr>
XMCO | Security Research Labs