Ransack is a post exploitation shellscript for penetration testers. Its purpose is to grab any information deemed relevant on a system, post root compromise. This information may include config files, ssh keys, ssl keys, or any other information deemed valuable.
Ransack's sole purpose is to grab any information deemed relevant following a root compromise during an authorized penetration test. This information may include config files, ssh keys, ssl keys, or any other information deemed valuable. The goal is to minimize the amount of time spent digging, through a machine in search of specifics. Instead, ransack will look for any data that stores configuration information (which may at times contain usernames and passwords), connection based information (including who is connected to what, what processes are listening and so forth), usernames and groups.
It is written specifically as a shell script to avoid relying on another programming language that may not at times be available on another system. Rather than having to install python, perl, ruby, etc., it relies on tools that are always on most modern and legacy Unix variants.It will also parse out who may be what is considered at high value target: Someone in a specific group (wheel, root, etc) and copy over their information as well.
This tool is for post exploitation penetration testing it is not meant to be used for nefarious purposes and was never meant to be. It is simply a tool to make gathering information simpler while performing AUTHORIZED penetration tests.
If you have to ask:
How does it work?!?
How can I get r00t?!? or some other question along these lines there is a 99.99999% chance that there is an ID 10 T error on the machine you're using. You will need to
fix that issue before proceeding. Sloppy - sure, but effective, reliable and quick Tested on various versions of FreeBSD, OpenBSD, Debian,CentOS, Ubuntu, etc.
On FreeBSD/AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ with 2TB, I was able to get all that I needed in under 6 minutes.