Proxy-Based .ida / .idq scanning tool available

From: Kelvin (kelvinat_private)
Date: Fri Jul 20 2001 - 11:18:31 PDT

Next message: Stuart Staniford: "Re: Code-Red: An analytic model of its spread"

Previous message: James Edwards: "Jetdirect card Attack???-Final from original poster"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I through together a proxy-based testing tool for the .ida / .idq
vulnerability.

The PHP source will be available when I take a second look through the
scripting and remove any bugs I find.

Thanks much to Chris St. Clair for developing the test procedures.

http://www.sec33.com/webtools/iii

At this point, it wigs out if you scan a server that is not IIS, so don't!
Nah.. Just the output is a little wierd sometimes - <grin> Will fix this
later.

Thanks.

./Kelvin





----------------------------------------------------------------------------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see:

http://aris.securityfocus.com

Next message: Stuart Staniford: "Re: Code-Red: An analytic model of its spread"
Previous message: James Edwards: "Jetdirect card Attack???-Final from original poster"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 12:44:46 PDT