Web-sorrow is a web server security scanner which is used for checking a Web server for misconfiguration, version detection, enumeration, and server information. This tool is based on PERL. Mos important thing about this tool is that it is not an exploitation framework ofvculnerability scanner. It is a simple tool for checking web server misconfiguration
Current Functionality
-S – stands for standard. a set of Standard tests and includes: indexing of directories testing, banner grabbing, language detection (should be obvious), robots.txt, and 200 response testing (some servers send a 200 ok for every req)
-Eb – stands for error bagging. The default config for servers is to put the server daemon and version and sometimes even the OS inside of error pages. web-sorrow reqs a URl of 20 random bytes with get and post methods.
-auth – looks for login pages with a list of some of the most common login files and dirs. We don’t need to be very big list of URLs because what else are going to name it?
-cmsPlugins – run a huge list of plugins dirs for cms servers. the list is a bit old (2010)
-I – searches the responses for interesting strings
-Ws – looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info
-Fd – look for generally things people don’t want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting.
-proxy – send all http reqs via a proxy. example: 255.255.255.254:8080
-e – run all the scans in the scanner
web-sorrow also has false positives checking on most of it’s requests (it pretty accurate but not perfect).
Download
Current Functionality
-S – stands for standard. a set of Standard tests and includes: indexing of directories testing, banner grabbing, language detection (should be obvious), robots.txt, and 200 response testing (some servers send a 200 ok for every req)
-Eb – stands for error bagging. The default config for servers is to put the server daemon and version and sometimes even the OS inside of error pages. web-sorrow reqs a URl of 20 random bytes with get and post methods.
-auth – looks for login pages with a list of some of the most common login files and dirs. We don’t need to be very big list of URLs because what else are going to name it?
-cmsPlugins – run a huge list of plugins dirs for cms servers. the list is a bit old (2010)
-I – searches the responses for interesting strings
-Ws – looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info
-Fd – look for generally things people don’t want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting.
-proxy – send all http reqs via a proxy. example: 255.255.255.254:8080
-e – run all the scans in the scanner
web-sorrow also has false positives checking on most of it’s requests (it pretty accurate but not perfect).
Download
0 comments:
Post a Comment