Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:29:11 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1811688856&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2FUNIX%2Fcgi-scanners%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1811688856.1338190151.1338190151.1338190151.1%3B%2B__utmz%3D32867617.1338190151.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/101842/nikto-2.1.4.tar.gz http://packetstormsecurity.org/files/101842/nikto-2.1.4.tar.gz http://packetstormsecurity.org/files/101842/Nikto-Web-Scanner-2.1.4.html Sat, 19 Feb 2011 12:12:12 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/85889/nikto-2.1.1.tar.gz http://packetstormsecurity.org/files/85889/nikto-2.1.1.tar.gz http://packetstormsecurity.org/files/85889/Nikto-Web-Scanner-2.1.1.html Thu, 04 Feb 2010 05:09:11 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/82060/nikto-2.1.0.tar.gz http://packetstormsecurity.org/files/82060/nikto-2.1.0.tar.gz http://packetstormsecurity.org/files/82060/Nikto-Web-Scanner-2.1.0.html Mon, 19 Oct 2009 22:57:14 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/76492/nikto-2.03.gz http://packetstormsecurity.org/files/76492/nikto-2.03.gz http://packetstormsecurity.org/files/76492/Nikto-Web-Scanner-2.03.html Thu, 04 Sep 2008 17:00:00 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/61823/nikto-2.01.tar.gz http://packetstormsecurity.org/files/61823/nikto-2.01.tar.gz http://packetstormsecurity.org/files/61823/Nikto-Web-Scanner-2.01.html Fri, 14 Dec 2007 18:00:16 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/60861/nikto-2.00.tar.gz http://packetstormsecurity.org/files/60861/nikto-2.00.tar.gz http://packetstormsecurity.org/files/60861/Nikto-Web-Scanner-2.00.html Tue, 13 Nov 2007 04:12:52 GMT Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. http://packetstormsecurity.org/files/54426/nikto-1.36.tar.bz2 http://packetstormsecurity.org/files/54426/nikto-1.36.tar.bz2 http://packetstormsecurity.org/files/54426/Nikto-Web-Scanner-1.36.html Wed, 14 Feb 2007 20:47:49 GMT Nikto is a perl open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2400 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. http://packetstormsecurity.org/files/41711/nestea.tgz http://packetstormsecurity.org/files/41711/nestea.tgz http://packetstormsecurity.org/files/41711/nestea.tgz.html Sun, 20 Nov 2005 20:53:01 GMT Nestea is a CGI scanner that also looks for forbidden files and directories. It has a database of 2097 vulnerabilities and it takes about 10 minutes to completely scan a host. http://packetstormsecurity.org/files/37748/nikto-1.35.tar.gz http://packetstormsecurity.org/files/37748/nikto-1.35.tar.gz http://packetstormsecurity.org/files/37748/Nikto-Web-Scanner-1.35.html Mon, 30 May 2005 21:40:45 GMT Nikto is a perl open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2400 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. http://packetstormsecurity.org/files/33807/hsh-gen.tar.gz http://packetstormsecurity.org/files/33807/hsh-gen.tar.gz http://packetstormsecurity.org/files/33807/hsh-gen.tar.gz.html Fri, 16 Jul 2004 17:12:00 GMT hsh-gen is a script used to create shell wrappers to assist in exploitation of remote execution via directory traversal attacks on cgi scripts. http://packetstormsecurity.org/files/31732/nikto-1.31.tar.gz http://packetstormsecurity.org/files/31732/nikto-1.31.tar.gz http://packetstormsecurity.org/files/31732/Nikto-Web-Scanner-1.31.html Mon, 29 Sep 2003 20:34:42 GMT Nikto 1.31 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. http://packetstormsecurity.org/files/31167/nikto-1.30.tar.gz http://packetstormsecurity.org/files/31167/nikto-1.30.tar.gz http://packetstormsecurity.org/files/31167/Nikto-Web-Scanner-1.30.html Wed, 28 May 2003 08:37:12 GMT Nikto 1.30 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. http://packetstormsecurity.org/files/30703/nikto-1.23.tar.gz http://packetstormsecurity.org/files/30703/nikto-1.23.tar.gz http://packetstormsecurity.org/files/30703/Nikto-Web-Scanner-1.23.html Sun, 05 Jan 2003 08:06:01 GMT Nikto 1.23 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) over 2000 remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. http://packetstormsecurity.org/files/30673/wmap1.3.tar.gz http://packetstormsecurity.org/files/30673/wmap1.3.tar.gz http://packetstormsecurity.org/files/30673/wmap1.3.tar.gz.html Sun, 29 Dec 2002 03:20:59 GMT Wmap v1.3 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan. http://packetstormsecurity.org/files/30671/cst1_4.tar.gz http://packetstormsecurity.org/files/30671/cst1_4.tar.gz http://packetstormsecurity.org/files/30671/cst1_4.tar.gz.html Sun, 29 Dec 2002 01:19:01 GMT CST is a java based web scanner that scans using a database of scripts (user editable). The sample databases included contains +1600 possibly vulnerable scripts/dirs. You can scan with or without a proxy server. The scanner has 11 different Anti-IDS tactics and sends fake "X-Forwarded-For:", "Referer:" and "User-Agent:" headers to hide your scan even more. You can also specify a wait time between 2 script fetches. The scanner uses HEAD requests instead of GET for faster scanning, and has support for scanning virtual hosts. You can also specify another port to scan instead of the standard port 80. The scanner outputs the scripts/dirs that return a 200, 403 or 401 HTTP code and outputs the webserver software. A full and comprehensive manual is included. http://packetstormsecurity.org/files/30565/libwhisker-1.6.tar.gz http://packetstormsecurity.org/files/30565/libwhisker-1.6.tar.gz http://packetstormsecurity.org/files/30565/libwhisker-1.6.tar.gz.html Fri, 06 Dec 2002 10:34:26 GMT Libwhisker is a perl module for performing whisker CGI vulnerability checks. It adds a vast array of functionality and has robust functions that are geared toward network auditing. Function reference available here. http://packetstormsecurity.org/files/30564/whisker-2.1.tar.gz http://packetstormsecurity.org/files/30564/whisker-2.1.tar.gz http://packetstormsecurity.org/files/30564/whisker-2.1.tar.gz.html Fri, 06 Dec 2002 10:23:17 GMT Whisker is a high quality URL scanner which is used to search for known vulnerable CGIs on websites. Whisker does this by both scanning the the CGIs directly as well as crawling the website in order to determine what CGIs are already currently in use. Whisker is scriptable and is easily tailored to do lots of flexible web scanning. Very stealthy. Implemented anti-IDS techniques. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host, Proxy, and SSL support. http://packetstormsecurity.org/files/29757/iss.c http://packetstormsecurity.org/files/29757/iss.c http://packetstormsecurity.org/files/29757/iss.c.html Wed, 25 Sep 2002 21:40:51 GMT This tool can be used to scan IIS servers for the unicode directory traversal vulnerability. http://packetstormsecurity.org/files/29589/cuinapache.c http://packetstormsecurity.org/files/29589/cuinapache.c http://packetstormsecurity.org/files/29589/cuinapache.c.html Tue, 10 Sep 2002 04:35:06 GMT ChecaUserinApache - A utility that makes use of the 401 error page in Apache to verify whether or not a user exists on that system. http://packetstormsecurity.org/files/29554/IISscan2002.pl http://packetstormsecurity.org/files/29554/IISscan2002.pl http://packetstormsecurity.org/files/29554/IISscan2002.pl.html Thu, 05 Sep 2002 06:25:03 GMT IISscan2002.pl scans for over 97 IIS strings and gets past certain IIS 4 an IIS 5 unicode charter set hot fixes as well as the ability to get cmd.exe access on open IIS servers vulnerable to the unicode flaw. http://packetstormsecurity.org/files/29549/arirang-1.6.tar.gz http://packetstormsecurity.org/files/29549/arirang-1.6.tar.gz http://packetstormsecurity.org/files/29549/arirang-1.6.tar.gz.html Thu, 05 Sep 2002 05:16:35 GMT Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities including the apache chunking bug, IIS .ida buffer overflow, and more. Documentation available here. http://packetstormsecurity.org/files/29506/cgivti2.V2.pl http://packetstormsecurity.org/files/29506/cgivti2.V2.pl http://packetstormsecurity.org/files/29506/cgivti2.V2.pl.html Fri, 30 Aug 2002 04:56:54 GMT Cgivti2.V2.pl uses a webserver host list provided by the user to scan for cgi, vti, msadc and several other vulnerabilities. Like cgivti.V2.pl, this script is easily configured to include other vulnerabilities. http://packetstormsecurity.org/files/29482/cgivti.V2.pl http://packetstormsecurity.org/files/29482/cgivti.V2.pl http://packetstormsecurity.org/files/29482/cgivti.V2.pl.html Thu, 29 Aug 2002 06:36:18 GMT This scanner searches for vulnerable web servers for Common Gateway Interface and Vermeer Technology Incorporated services. Version 2 allows for Class C IP generation done "On The Fly" and a timeout scheme added thanks to MaB of Efnets #programmers. http://packetstormsecurity.org/files/26537/nikto-1.20.tar.gz http://packetstormsecurity.org/files/26537/nikto-1.20.tar.gz http://packetstormsecurity.org/files/26537/Nikto-Web-Scanner-1.20.html Sun, 11 Aug 2002 23:18:35 GMT Nikto 1.20 is a PERL, open source web server scanner which supports SSL. Nikto checks for (and if possible attempts to exploit) remote web server vulnerabilities and misconfigurations. It also looks for outdated software and modules, warns of any version specific problems, supports scans through proxies (with authentication), host Basic authentication and more. Data is kept in CSV format databases for easy maintenance, and supports the ability to automatically update local databases with current versions on the Nikto web site. New this version: password file guessing, Google file-hunting, SSL details and bug fixes. http://packetstormsecurity.org/files/26527/cgivti.pl http://packetstormsecurity.org/files/26527/cgivti.pl http://packetstormsecurity.org/files/26527/cgivti.pl.html Fri, 09 Aug 2002 05:47:23 GMT This scanner searches for vulnerable web servers for Common Gateway Interface and Vermeer Technology Incorporated services.