Username
Password
Remember me
Lost Password?
No account yet?
Register
Home
Blogs
Downloads
Library
Tools
Search
Exploits
Videos
Events
Hacktrix 07
HSC Research
Secure web hosting
About
Staff
Partners
Contact us
Bug report
Security Services
Home
ยป Downloads
Document Details
ASP Auditor v2 BETA
Description:
Looks for common misconfigurations and information leaks in ASP.NET applications. Changelog: * Combined code from Asp Auditor v1 BETA and HDM’s DNAScanner. * Version plugin allowing specific ASP.NET versioning. * Version brute force capabilities using JavaScript validate directories. * Check if global ASP.NET validate is being used. * Added brute force as option in usage() –usage $ ./asp-audit-latest.pl Usage: ./asp-audit-latest.pl [http://target/app/file.aspx] (opts) (opts) -bf brute force ASP.NET version using JS Validate directories. –example 1 $ ./asp-audit.pl http://www.*hidden*/index.aspx [*] Sending initial probe request… [*] Sending path discovery request… [*] Sending ASP.NET validate discovery request… [*] Sending application trace request… [*] Sending null remoter service request… [ .NET Configuration Analysis ] Server -> Microsoft-IIS/6.0 Application -> / FilePath -> D:VirtualServers*hidden* ADNVersion -> 1.1.4322.2300 matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005 –example 2 $ ./asp-audit.pl http://www.*hidden*/index.aspx -bf [*] Sending initial probe request… [*] Sending path discovery request… [*] Sending ASP.NET validate discovery request… [*] Sending application trace request… [*] Sending null remoter service request… [ .NET Configuration Analysis ] Server -> Microsoft-IIS/6.0 AppTrace -> LocalOnly Application -> / FilePath -> D:inetpub*hidden* ADNVersion -> 1.1.4322.2300 matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005 [*] Sending brute force discovery requests… Found -> /aspnet_client/system_web/1_1_4322
Property
Value
Name
ASP Auditor v2 BETA
Keywords
Filesize
47.05 kB
Google Ads
Filetype
gz (Mime Type: application/x-compressed-tar)
Creator
Everybody
Created On:
09/16/2006 00:00
Viewers
Everybody
Maintained by
Zinho
Hits
28 Hits
Last updated on
12/31/1969 16:00
Homepage
CRC Checksum
MD5 Checksum
You need to
login
to download texts/tools.
Register here
, it's fast and free!
Downloads Home
Search Document
Downloads
Tools
Port scanners
Wireless
OS
Penetration Testing
Sniffers
Programming
Antivirus
Networking
Web App Security
Remote Administration Tools
Cryptography
Anonymity
Application Security
Information Gathering
Library
Networking
Cryptography
Programming
Anonymity
Wireless
General
PC Security
System Security
OS
Web App Security
Penetration Testing
Application Security
Get Archive RSS
The latest tools and texts wherever you are
Do you own a website?
Add
these feeds
to your site and
get a link on our home page!
Newsletter
Every week our tools in your inbox?
Enter your Email
Preview
Security Services by HSC
Contact us
Become partner
Advertise with us
Join our staff
