IIS Vulnerability Scanner
Results 1 to 9 of 9

Thread: IIS Vulnerability Scanner

  1. #1
    Junior Member
    Join Date
    Sep 2003
    Posts
    11

    IIS Vulnerability Scanner

    After days of work and dreams full of perl multitasking implementation I finally finished the first version of IIS Vulnerability Scanner. This unique IIS scanner perl script has more than 1700 vulnerability checks in its data file which was compiled from tools like Xscan, Nikto.pl, urlchk and many more. Hundreds of unique unicode attacks and vulnerable file existance checks, dozens of directory traversal vulnerability checks. This is the ultimate tool to scan your IIS webserver for vulnerabilities. Download it from here, and enjoy:

    http://www.freewebs.com/okidan/

    To make it even better I need people, I need help. I want to develop it. But for that I need,

    1) To add comments, links to most of the vulnerability checks.
    2) Add exploit support, basically to create "IIS exploits in Perl" check support. The exploits will be checked one by one. I have a dozen of IIS webserver exploits in Perl, that can be a good start.
    3) Write simple exploits for some of the vulnerabilities to decrease the amount of work of the users. Like for ex, finding htimage.exe in one of webserver directories means that the Image mapper is most probably vulnerable to DoS and Path Disclosure vulnerabilities. In the DoS case, large argument must be sent to the program, that can be done by hand, and nobody bothered writing exploit for it. But we will have to, because we are developing all-in-one IIS Vulnerability Scanner, Audit and Assesment tool. Concretely the only program an IIS webadmin needs to keep an eye on the security of his not so secure webserver.

    And much more... But I cant do it alone. If you want to take part in the development of this project or help somehow, contact me. Or visit my forums: http://free.phpbb-host.org/okidan/

    Any comments, bug reports are welcome and greatly appreciated.
    If one day cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.

  2. #2
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    Nice program. I have yet to test it out but I looked over the code and it looks good. Nice job. Keep up the good work.
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.

  3. #3
    1337 n00b kryptonic's Avatar
    Join Date
    Sep 2003
    Location
    Tacoma, Washington.
    Posts
    520
    Good job. Im downloading your scanner right now. Ill test it out. It looks good though.
    00110001 01101101 00100000 00110101 00110000 00110000 00100000 00110001 00110011 00110011 00110111

  4. #4
    Senior Member
    Join Date
    Jun 2004
    Posts
    379
    OkIDaN like The Grunt said nice work i would help you but i dont know pearl but if you need somthing that dose not involve me programing in pearl i will help.

  5. #5
    Banned
    Join Date
    Feb 2004
    Posts
    29

    Re: IIS Vulnerability Scanner

    Originally posted here by OkIDaN
    After days of work and dreams full of perl multitasking implementation I finally finished the first version of IIS Vulnerability Scanner. This unique IIS scanner perl script has more than 1700 vulnerability checks in its data file which was compiled from tools like Xscan, Nikto.pl, urlchk and many more. Hundreds of unique unicode attacks and vulnerable file existance checks, dozens of directory traversal vulnerability checks. This is the ultimate tool to scan your IIS webserver for vulnerabilities. Download it from here, and enjoy:

    http://www.freewebs.com/okidan/

    To make it even better I need people, I need help. I want to develop it. But for that I need,

    1) To add comments, links to most of the vulnerability checks.
    2) Add exploit support, basically to create "IIS exploits in Perl" check support. The exploits will be checked one by one. I have a dozen of IIS webserver exploits in Perl, that can be a good start.
    3) Write simple exploits for some of the vulnerabilities to decrease the amount of work of the users. Like for ex, finding htimage.exe in one of webserver directories means that the Image mapper is most probably vulnerable to DoS and Path Disclosure vulnerabilities. In the DoS case, large argument must be sent to the program, that can be done by hand, and nobody bothered writing exploit for it. But we will have to, because we are developing all-in-one IIS Vulnerability Scanner, Audit and Assesment tool. Concretely the only program an IIS webadmin needs to keep an eye on the security of his not so secure webserver.

    And much more... But I cant do it alone. If you want to take part in the development of this project or help somehow, contact me. Or visit my forums: http://free.phpbb-host.org/okidan/

    Any comments, bug reports are welcome and greatly appreciated.
    Your script is so cool, will you be working on an Apache one for your next project?

  6. #6
    Junior Member
    Join Date
    Sep 2003
    Posts
    11
    Thanks for your replys. I have to add so many features to this one to develop it to the best that I dont think I will ever start work in any other WebServer scanner soon. Apache indeed has a really wide range of checks, I would rather write a universal scanner, than an Apache one.

    And one more thing, I would really like to hear the results of your scans, like what you achieved, found, fixed, etc.
    If one day cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.

  7. #7
    Junior Member
    Join Date
    Oct 2004
    Posts
    14
    if you want it translated to german or french i can possibly help

  8. #8
    Junior Member
    Join Date
    Oct 2004
    Posts
    3

    Lightbulb



    Great job on the scanner. One small suggestion.....allow the port to be added on the commandline. Your script adds port 80.

    I tried 'perl iisvs.pl https://xx.xx.xx.xx:443 and the scripted made it https://xx.xx.xx.xx:443:80

    I also tired it without the https://

    Again, Great job on the app.

    joe

  9. #9
    Junior Member
    Join Date
    Nov 2004
    Posts
    7
    good job,
    thanks for you reading

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •