DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool

Cybertroopers storming your ship?


A simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on sites such as exploit-db, but those advisories just reported some (1 or 2) traversal strings with a difference with DotDotPwn which detected between 10 or 20 different attack strings on those vulnerable servers.

Features

  • Detects Directory traversal vulnerabilities on remote HTTP/FTP server systems.
  • DotDotPwn checks the presence of boot.ini on the vulnerable systems through Directory traversal vulnerabilities, so it is assumed that the tested systems are Windows based HTTP/FTP servers.
  • Currently, the traversal database holds 871 attack payloads. Use the -update flag to perform an online fresh update.

Requirements

Perl with support of HTTP::Lite and Net::FTP modules

The full README file is available here.

You can download DotDotPwn v1.0 here:

ddpwn.tar.gz

Or read more here.


Posted in: Hacking Tools, Web Hacking

, , , , , , , , , , , ,

Recent in Hacking Tools:
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control
- SPF (SpeedPhish Framework) – E-mail Phishing Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,972,936 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,399,537 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,732 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Comments are closed.