Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Fast HTTP Auth Scanner

from [Andres Tarasco] Network Security [Permanent Link]
Subject: [Full-disclosure] Fast HTTP Auth Scanner
Date: Tue, 24 Jul 2007 19:26:09 +0200 
Hi list,

Fast HTTP Auth Scanner, is a new web security scanner that allows
brute-force attacks  (basic auth, webforms,..) against web-based devices
that require HTTP authentication (mostly routers)
You can download both source and binary files at
http://www.514.es/2007/07/fast_http_auth_scanner.html (english and spanish)

c:\fscan.exe
Fast HTTP auth Scanner v0.1
(c) Andres Tarasco - www.514.es

usage:
fscan.exe <params>
 -p <port>[,<port>,<port>,..]          (example -p 80,81,82,8080)
 -P <sslport>[,<sslport>,<sslport>,..] (example -P 443,1443)
 -b <0|1>                              (bruteforce (enabled by default) )
 -a <0|1>                              (Show protected hosts or all of
them)
 -i <0|1>                              (Ignore known webservers (IIS,
Apache, Sun,..)
 -t <threads>                          (default -t 200)
 -T timeout                            (default -T 15)
 -w <logfile>                          (save scan dump to disk)
 -h <ip1-ip2>                          (example -h 192.168.1.1-192.168.10.2
)
example:
fscan.exe -p 80,81 -p 443 -b 1 -h 192.168.0.1-192.168.1.254  -t 200 -T 20

c:\fscan.exe  -p 80,81,82 -h 192.168.0.0-192.169.0.0 -T 20 -t 300 -w
logfile.txt
Scanning 65535 hosts  (192.168.0.1 - 192.169.0.0)
Scanning 2 ports - bruteforce is active
Server          Port  status   password        banner
192.168.1.42        80 400                      micro_httpd
192.168.3.149       80 404                      HTTP/1.0
192.168.2.139       80 400                      micro_httpd
192.168.5.24        80 400                      micro_httpd
192.168.5.139       80 401 1234:1234            Unknown/0.0 UPnP/1.0
GlobespanVirata-EmWeb/R6_1_0
192.168.6.112       80 401 admin:1234           RomPager/4.07 UPnP/1.0
192.168.7.185       80 400                      micro_httpd
192.168.7.191       80 400                      micro_httpd
192.168.6.114      80 200 (admin:1234)         (D-Link Wireless adsl
router)
192.168.4.238       80 401 not:found            ENI-Web/R4_02
192.168.7.205       80 404                      HTTP/1.0
192.168.8.241       80 404                      HTTP/1.0
192.168.5.35        80 401 not:found            RomPager/4.07 UPnP/1.0
192.168.7.200       80 200 not:found            Boa/0.92o
192.168.10.113      80 401 admin:1234           ZyXEL-RomPager/3.02
192.168.10.82       80 400                      micro_httpd
192.168.9.32        80 401 admin:123456         cisco-IOS
192.168.10.146      80 200                      cisco-IOS
192.168.10.75       80 401 support:support      micro_httpd
192.168.11.58       80 401 1234:1234            Unknown/0.0 UPnP/1.0
GlobespanVirata-EmWeb/R6_1_0
192.168.10.117      80 404                      HTTP/1.0
192.168.7.8         80 401 not:found            WindWeb/2.0
192.168.13.28       80 401 admin:1234           RomPager/4.07 UPnP/1.0
192.168.13.216      80 403                      WindWeb/1.0.2
192.168.16.234      80 400                      HTTP/1.0
192.168.15.105      80 401 1234:1234            Unknown/0.0 UPnP/1.0
GlobespanVirata-EmWeb/R6_1_0
192.168.18.128      80 401 1234:1234            RomPager/4.07 UPnP/1.0
192.168.6.57        80 401 not:found
Allegro-Software-RomPager/2.10
192.168.11.14       80 401 not:found            RomPager/4.07 UPnP/1.0
192.168.1.89        80 401 not:found            RomPager/4.07 UPnP/1.0
192.168.22.31       80 302                      HTTP/1.0
192.168.21.150      80 401 1234:1234            RomPager/4.07 UPnP/1.0
192.168.13.247      81 401 not:found            Vivotek Network Camera
192.168.22.28       80 401 1234:1234            Unknown/0.0 UPnP/1.0
GlobespanVirata-EmWeb/R6_1_0
192.168.23.162      80 404                      HTTP/1.0
192.168.23.191      80 200                      Camera Web Server/1.0
192.168.12.249      80 401 not:found            RomPager/4.07 UPnP/1.0
192.168.12.165      80 401 not:found            RomPager/4.07 UPnP/1.0
192.168.24.101      80 401 admin:1234           ZyXEL-RomPager/3.02
192.168.25.90       80 401 admin:admin
192.168.18.135      80 401 not:found            ZyXEL-RomPager/3.02

please feel free to contact me to report bugs or new router signatures.

Andres Tarasco 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] State of Alaska Related, pwnd.security.pwnd
Next by Date:  FLEA-2007-0033-1: firefox thunderbird, Foresight Linux Essential Announcement Service
Previous by Thread:  [Full-disclosure] WabiSabiLabi exploit attached, Joey Mengele
Next by Thread:  [Full-disclosure] Fast HTTP Auth Scanner, Amichai Teumim
Indexes:  [Date] [Thread] [Top] [All Lists]