Re: RFP's whisker wrapper

From: Michel Arboi (arboiat_private)
Date: Wed Feb 06 2002 - 04:38:05 PST

Next message: Michel Arboi: "About DB2 DoS (BID 3010)"

Previous message: Michel Arboi: "RFP's whisker wrapper"
In reply to: Michel Arboi: "RFP's whisker wrapper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michel Arboi <arboiat_private> writes:

> We have to manage all the options.

We now handle:
        -h  scan single host (IP or domain)
        -s  specifies the script database file (defaults to scan.db)
        -V  use virtual hosts when possible
        -p  specify a different default port to use
        -a  authorization username[:password]
        -I  IDS-evasive mode
        -M  use HEAD [etc.] method
        -A  alternate db format
        -P  password file for -L and -U
        -U  brute force user names via directories

We might use:
        -n+ *nmap output (machine format, v2.06+)
        -F+ *(for unix multi-threaded front end use only)
        -S+  force server version (e.g. -S "Apache/1.3.6")
        -i   more info (exploit information and such)
        -L+  brute force login name/password
             (parameter is URL; use with -a for username)

but first, I'd have to understand how they work and what they do :)

Next message: Michel Arboi: "About DB2 DoS (BID 3010)"
Previous message: Michel Arboi: "RFP's whisker wrapper"
In reply to: Michel Arboi: "RFP's whisker wrapper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 06 2002 - 04:38:30 PST