CGI-Telnet 1.0, a cgi telnet script that runs on various Unix and NT webservers has vulnerabilities which can be manipulated into giving a user access. The password file is accessible in the web path and passwords are kept DES encrypted.
5a370b31c3a81464a6d4fc140e949b83The x1b pack is a series of scripts written by the author as an exercise into socket programming with perl. Included are a port scanner with banner grabbing capabilities, a DNS service enumeration script with zonetransfer, some brute forcing utilities, a CGI web scanner, and a couple of other utilities.
a4f30b7624eda9bcedf87bc0ca6758feCgivti2.V2.pl uses a webserver host list provided by the user to scan for cgi, vti, msadc and several other vulnerabilities. Like cgivti.V2.pl, this script is easily configured to include other vulnerabilities.
f743fb6b423ff1082ef30ebbdbd6c7adThis scanner searches for vulnerable web servers for Common Gateway Interface and Vermeer Technology Incorporated services. Version 2 allows for Class C IP generation done "On The Fly" and a timeout scheme added thanks to MaB of Efnets #programmers.
23a078671cbcdad1c38669a40867f812The CGI Debugger v1.0 (/cgi-bin/debug.pl) displays information that may be useful to an attacker including the document root and server version info when passed a bogus argument.
ddb7fd50aef76edb9699b1fb940a343fThis scanner searches for vulnerable web servers for Common Gateway Interface and Vermeer Technology Incorporated services.
4b4ba0f298dbced006bf1f5245830a0eNull.pl is a Perl script which uses a dictionary file to launch a brute force attach against a remote host using a null session.
c3ee8e2e5ce7d30d55a5caed3e1599d3This is a perl script that checks for the whois_raw cgi vulnerability. Code ripped from Piffys issscan.pl.
ddfe4c5c572ec8dea65094f4496e5058
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed