Foca

All posts tagged Foca

Get Foca

Download Link: http://www.informatica64/foca.aspx enter an email in the textbox at the bottom of the page labeled “Cuenta de correo”. A download link will be sent out; this link will expire.

Install from downloaded package.

Now What?

What are you trying to do?

  1. Create Project
    1. Click Project a New project
    2. Enter the Project name, Domain name and Alternative domains. The domain and alternative domains will be used during later analysis. Alternative domains such as ftp.website.com or secondarywebsite.com are used by Foca during later analysis.
    3. Be aware that on a website with a large number of documents disk space can be consumed quickly. Take this into account when selecting the Folder where save documents location.
    4. Click the Create button


Figure 1: New Project Creation

  1. Save the .FOCA file. This file contains the project definitions and information that will be found later with the exception of documents which will be stored in the location provided earlier.
  2. Network and Domains Information
    1. Select the Network Icon. The buttons will have black text when active and the text will be grey when deselected. By default all searches are selected.
    2. Click Start à This can take a significant amount of time because of the dictionary search option. All of the names or IP’s added when the project was created as domain website or alternative domains will be searched.
    3. Select the Domains icon. Information gathered about the domain will be in the center pane.

 

Figure 2: Domain Information

  1. When the Domains icon is selected three main options can be selected to gather more information about the selected targets and to be used later to gather metadata.
  2. Clicking the Technology Recognition button will identify the web server type in use (Apache, IIS, ColdFusion, etc.). See Figure 2 for example.
  3. The Crawling button uses Google and Bing search engines to list the known files and folders.

 

Figure 3: Search Engine Crawling

  1. The Files button crawls the target using Google, Bing and Exalead to find documents of the selected type. These files form the basis of the metadata analysis in Section 4.
  2. Vulnerability Enumeration
    1. Currently there are no examples available of vulnerabilities found using Foca to populate this section.
    2.  Document Enumeration and Metadata Analysis
      1. Select the Metadata icon. The files found in section 2g will be listed to ensure a complete list select the Select all button.
      2. Download files for analysis. Select a subset of files and select Download from the right click menu. Alternatively right click any file and select Download All.
      3. Once all files are downloaded right click any file and select Extract All Metadata from the menu. When this completes select Analyze Metadata from the right click menu. This will populate information into the other sections of Foca.
      4. Examples of Metadata Usage
        1. The names found in the Users section create a list of accounts to be brute forced accounts.
        2. The Folders and Printers section provide names of internal systems that can be targeted if a foothold is found externally.
        3. The Software, Emails, and Operating Systems sections are the most useful when combined in a spear phishing attack. Knowing the specific operating system and software in use allows a very targeted exploit to be created. Combine this exploit with the specific information in a document from the user tied to the email address and a very effective phishing campaign should be possible.