DotDotPwn is a simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on sites such as exploit-db, but those advisories just reported some (1 or 2) traversal strings with a difference with DotDotPwn which detected between 10 or 20 different attack strings on those vulnerable servers.
Features of DotDotPwn:
- Detects Directory traversal vulnerabilities on remote HTTP/FTP server systems.
- DotDotPwn checks the presence of boot.ini on the vulnerable systems through Directory traversal vulnerabilities, so it is assumed that the tested systems are Windows based HTTP/FTP servers.
- Currently, the traversal database holds 871 attack payloads. Use the -update flag to perform an online fresh update.
Sample usage:
perl ddpwn.pl -http website.com
FTP:perl ddpwn.pl -ftp ftphost.com
DotDotPwn is a very useful tool for web application penetration testers, who believe in open-source software. As it is PERL based, we can modify it as per the required environment. Hope there will be a nice front end which surely will make this tool more popular! It is also very easy to update the directory traversal database of this tool!
Requirements:
Perl with support of HTTP::Lite and Net::FTP modules
Download DotDotPwn v1.0 here
Tagged as: audit, DotDotPwn, Web Application Penetration Testing, web security
Nice! Our first post regarding the Microsoft Enhanced Mitigation Evaluation Toolkit or EMET can be found here. Now, Microsoft has released the EMET v2!
“EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications. This helps prevent vulnerabilities in those applications (especially line of business and 3rd party apps) from successfully being exploited. By deploying these mitigation technologies on legacy products, the tool can also help customers manage risk while they are in the process of transitioning over to modern, more secure products. In addition, it makes it easy for customers to test mitigations against any software and provide feedback on their experience to the vendor.“
This version sports a brand new GUI. In addition to SEHOP (Structured Error Handling Overwrite Protection), Dynamic DEP (Dynamic Data Execution Prevention), NULL page allocation, Heap Spray Allocation, this tool adds support for Export Address Table Access Filtering and the Mandatory Address Space Layout Randomization (ASLR)!
Download the EMET v2 here.
Tagged as: Enhanced Mitigation Evaluation Toolkit, Microsoft, Windows
Whoa! It sure has been a long time since we updated information about ProcNetMonitor. We had mentioned about it in our first post here. Now, the author has released an update – ProcNetMonitor version 2.7.
“ProcNetMonitor is the free tool to monitor the network activity of all running process in the system. It displays all open network ports (TCP/UDP) and active network connections for each process. It has advanced color based auto analysis system to make it easy to distinguish network oriented processes from others with just one glance at the list.“
Since we last wrote about it, this tool can now display process information on 64 bit systems too. False positives from Antivirus have also been removed and support for Windows 7 with GUI related enhancements.
Download ProcNetMonitor v2.7 here
Tagged as: Malware Analysis, ProcNetMonitor, Rootkit, system auditing tool, Windows
