|
ASP Auditor v2 BETA
|
|
Hits: 28 |
|
Date added: 09/16/2006 |
|
Looks for common misconfigurations and information leaks in ASP.NET applications.
Changelog:
* Combined code from Asp Auditor v1 BETA and HDM’s DNAScanner.
* Version plugin allowing specific ASP.NET versioning.
* Version brute force capabilities using JavaScript validate
directories.
* Check if global ASP.NET validate is being used.
* Added brute force as option in usage()
–usage
$ ./asp-audit-latest.pl
Usage: ./asp-audit-latest.pl [http://target/app/file.aspx] (opts)
(opts)
-bf brute force ASP.NET version using JS Validate
directories.
–example 1
$ ./asp-audit.pl http://www.*hidden*/index.aspx
[*] Sending initial probe request…
[*] Sending path discovery request…
[*] Sending ASP.NET validate discovery request…
[*] Sending application trace request…
[*] Sending null remoter service request…
[ .NET Configuration Analysis ]
Server -> Microsoft-IIS/6.0
Application -> /
FilePath -> D:VirtualServers*hidden*
ADNVersion -> 1.1.4322.2300
matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005
–example 2
$ ./asp-audit.pl http://www.*hidden*/index.aspx -bf
[*] Sending initial probe request…
[*] Sending path discovery request…
[*] Sending ASP.NET validate discovery request…
[*] Sending application trace request…
[*] Sending null remoter service request…
[ .NET Configuration Analysis ]
Server -> Microsoft-IIS/6.0
AppTrace -> LocalOnly
Application -> /
FilePath -> D:inetpub*hidden*
ADNVersion -> 1.1.4322.2300
matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005
[*] Sending brute force discovery requests…
Found -> /aspnet_client/system_web/1_1_4322 |
|
|
|
|
|
|
ASP Auditor v1.0 BETA
|
|
Hits: 14 |
|
Date added: 09/19/2006 |
|
The purpose of ASP Auditor is to identify vulnerable and weakly configured ASP.NET servers.
Usage:
$ ./asp-audit.pl
ASP Audit v1.0 (BETA) [ david.kierznowski@gmail.com ]
Usage: ./asp-audit.pl (opts) [host] [port]
(opts)
-h these usage instructions
-b brute force ASP.NET version using JS Validate
directories.
-m match against fingerprints
-v verbose messaging
Some examples can be seen below:
$ ./asp-audit.pl labs.microsoft.com
Target: labs.microsoft.com
Server Software: Microsoft-IIS/6.0
ASP Framework: YES
ASP Simple Version: 2.0.50727
ASP Specific Version: Unknown
ASP verbose messages: No
ASP Validate: No
Default Error Messages: No
$ ./asp-audit.pl -m labs.microsoft.com
Target: labs.microsoft.com
Server Software: Microsoft-IIS/6.0
ASP Framework: YES
ASP Simple Version: 2.0.50727
ASP Specific Version: Unknown
ASP verbose messages: No
ASP Validate: No
Default Error Messages: No
Fingerprint matches:
2.0.50727.07 Version 2.0 (Visual Studio.NET 2005 CTP) Aug 2005
2.0.50727.26 Version 2.0 (Visual Studio.NET 2005 RC / SQL Server 2005 CTP) Sep 2005
2.0.50727.42 Version 2.0 RTM (Visual Studio.NET 2005 RTM / SQL Server 2005 RTM) Nov 2005
$ ./asp-audit.pl *hidden*
Target: *hidden*
Server Software: Microsoft-IIS/6.0
ASP Framework: YES
ASP Simple Version: Unknown
ASP Specific Version: Unknown
ASP verbose messages: No
ASP Validate: No
Default Error Messages: YES
$ ./asp-audit.pl -b *hidden*
Target: *hidden*
Server Software: Microsoft-IIS/6.0
ASP Framework: YES
ASP Simple Version: Unknown
ASP Specific Version: Unknown
ASP verbose messages: No
ASP Validate: No
Default Error Messages: YES
Found: aspnet_client/system_web/1_1_4322
Found: aspnet_client/system_web/2_0_50727 |
|
|
|
|
|
Raw SSL Client
|
|
Hits: 8 |
|
Date added: 11/06/2006 |
|
Simple java client to issue commands to a SSL enabled server. |
|
|
|
|
|
THCSSLCheck
|
|
Hits: 34 |
|
Date added: 11/19/2006 |
|
Windows tool that checks the remote ssl stack for supported ciphers and version.
|
|
|
|
|
|
Snark v0.16 -- HTTP Interrogation Proxy
|
|
Hits: 40 |
|
Date added: 11/26/2006 |
|
A so called attack proxy , Snark allows a user to monitor and edit HTTP requests and responses. Snark can be configured to act as a web proxy, or in a tunnel mode which allows for proxy chaining, or use with other tools. Snark was written in perl and should run in any environment that is supported by perl, and wxWindows. |
|
|
|
