Proxy-Based .ida / .idq scanning tool available

From: Kelvin (kelvinat_private)
Date: Fri Jul 20 2001 - 11:18:31 PDT

  • Next message: Stuart Staniford: "Re: Code-Red: An analytic model of its spread"

    I through together a proxy-based testing tool for the .ida / .idq
    vulnerability.
    
    The PHP source will be available when I take a second look through the
    scripting and remove any bugs I find.
    
    Thanks much to Chris St. Clair for developing the test procedures.
    
    http://www.sec33.com/webtools/iii
    
    At this point, it wigs out if you scan a server that is not IIS, so don't!
    Nah.. Just the output is a little wierd sometimes - <grin> Will fix this
    later.
    
    Thanks.
    
    ./Kelvin
    
    
    
    
    
    ----------------------------------------------------------------------------
    
    
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:
    
    http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 12:44:46 PDT