wildpwn – UNIX Wildcard Attack Tool

Your website & network are Hackable


wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often.

wildpwn - UNIX Wildcard Attack Tool

The simple trick behind this technique is that when using shell wildcards, especially asterisk (*), the UNIX shell will interpret files beginning with a hyphen (-) character as command line argument to be executed by the command/program. That leaves space for some variations of the classic channelling attack.

The practical case in terms of this technique is combining arguments and filenames, as different “channels” into single entity, because of using shell wildcards.

Read the full paper here: Back To The Future: Unix Wildcards Gone Wild

Usage

Usage Example

You can download wildpwn here:

wildpwn.py

OR read more here.


Posted in: Hacking Tools, Linux Hacking

, , , , , , , , ,

Recent in Hacking Tools:
- OWASP OWTF – Offensive Web Testing Framework
- MANA Toolkit – Rogue Access Point (evilAP) And MiTM Attack Tool
- BBQSQL – Blind SQL Injection Framework

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,992,403 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,478,472 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 687,199 views

Get protected with Sucuri


Comments are closed.