DotDotPwn is a simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on sites such as exploit-db, but those advisories just reported some (1 or 2) traversal strings with a difference with DotDotPwn which detected between 10 or 20 different attack strings on those vulnerable servers.
Features of DotDotPwn:
- Detects Directory traversal vulnerabilities on remote HTTP/FTP server systems.
- DotDotPwn checks the presence of boot.ini on the vulnerable systems through Directory traversal vulnerabilities, so it is assumed that the tested systems are Windows based HTTP/FTP servers.
- Currently, the traversal database holds 871 attack payloads. Use the -update flag to perform an online fresh update.
Sample usage:
perl ddpwn.pl -http website.com
FTP:perl ddpwn.pl -ftp ftphost.com
DotDotPwn is a very useful tool for web application penetration testers, who believe in open-source software. As it is PERL based, we can modify it as per the required environment. Hope there will be a nice front end which surely will make this tool more popular! It is also very easy to update the directory traversal database of this tool!
Requirements:
Perl with support of HTTP::Lite and Net::FTP modules
Download DotDotPwn v1.0 here
Tagged as: audit, DotDotPwn, Web Application Penetration Testing, web security
All of you web application penetration testers, check out this release of XSSer version 0.7a, for it now has 26 new injections!
“XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.“
These are the changes:
- Added attack payloads to fuzzer (26 new injections).
- Added POST connections: Now you can inject on webforms.
- Added Statistics: reports with data about efficiency, connections, vectors, etc..
- Added URL Shorteners: Now, it is possible to have valid results in short links. for the moment support tinyurl and is.gd. your “malicious” code ready to share!!
- Added IP Octal: Spoofing for fuzzing vectors. Your remote/local IPs encoded in Octal.
- Added Post-processing payloads: When you see have a valid “hole/payload”, you can say to XSSer to prepare the real code that you want to inject.
- Added DOM Shadows: For this version, this implementation is a server side anti-logging feature. You can inject code using Document Object Model eval function, to evade some possible server IDS’s.
- Added Cookie injector: Now is possible to inject code on HTTP Cookie parameters automatically.
- Added Browser DoS (Denial of Service): Yes!!. If you have a valid payload to inject, XSSer will prepare you a code for share with victims who “collapse” their browsers. DoS of client browser ready for play friend -scripter-!
You can download XSSer version 0.7a here.
Searches leading to this post:
xsser tutorial
Tagged as: cross-site scripting, FireFox, HTTPS, Open Source, Web Application Penetration Testing, Web Application Scanner, xss attack, XSSer, XSSploit
Good news for Websecurify lovers, as we have an updated Websecurify version 0.7 amongst us finally!
“Websecurify is a web and web2.0 security initiative specializing in researching security issues and building the next generation of tools to defeat and protect web technologies.”
This version contains the following improvements:
- Users interface improvements
- Faster, more stable testing platform
- Improved extension development API
- Less false-positives
- Significant testing performance gains
- Automatic taking of vulnerability screenshots
- Integration with the Websecurify Network
- Improved fuzzing strategies
- Workspace perspectives
- Integrated application and extension automatic updates
Download Websecurify version 0.7 here!
Tagged as: local file inclusion, Open Source, Web Application Penetration Testing, Web Application Scanner, web application testing, Websecurify
