proone-bne
Standalone tool for testing the BNE (Break and Enter) subsystem functionality.Overview
proone-bne is a testing and deployment tool that implements the BNE worker functionality independently from the main Proone executable. It can be used to test credential dictionaries, binary deployment, and exploitation vectors.Usage
Options
--cdict <PATH>: Path to credential dictionary (required)--nybin <PATH>: Path to nybin format binary (required)--vercmp <INT>: Version comparison callback return value- Negative: Get binary from target
- Positive: Update binary on target
- Zero: Disable M2M binary update (default)
Targets
Targets are specified as IPv4 or IPv6 addresses:Attack Vectors
The tool supports multiple attack vectors:- HTBT (Heartbeat): Attempts M2M connection to Proone instances
- Brute Force Telnet: Dictionary-based Telnet login
- Brute Force SSH: Dictionary-based SSH login using libssh2
Output
The tool outputs results for each target including:- Subject IP address
- Error code
- Successful vector used
- Whether a new instance was deployed
- Credentials that succeeded (if applicable)
- Process return code
- Target host architecture
- Binary architecture used
Example Output
M2M Binary Update
When--vercmp is used with non-zero values:
- Connects to running Proone instances via the Heartbeat protocol
- Compares version UUIDs
- Performs binary recombination if needed
- Upgrades or downgrades the target instance
Resource Requirements
- Requires TLS certificates (compiled into the binary)
- Needs credential dictionary in binary format
- Requires nybin format binary with DVault and Binary Archive
Implementation Notes
- Uses GNU Pth for cooperative multitasking
- Spawns one BNE worker per target
- All workers run in parallel (cooperatively)
- Temporary files are named
bne-tmp.<counter>
Exit Codes
| Code | Description |
|---|---|
| 0 | Success |
| 1 | Runtime error |
| 2 | Invalid arguments |
Source
Location:src/proone-bne.c