[Full-disclosure] Hellsing

I was looking through my Projects/ folder earlier today and found this 
discarded piece of work.  I vamped it up a little bit and decided to post it in 
my blog (socialnetworkwhore.com) as well as here.  It still has a few things 
busted (like ssl only works with non self signed certificates), but it gets the 
job done.

Now on to an explanation... Hellsing is a web attack application utility which 
uses a configuration file to define your attack methods.  It supports cookies, 
ssl, post and get methods.  It uses format strings to build useful attack 
patterns.

Example Usage:

./hellsing -c hellsing.conf -t 1 -k 127.0.0.l  -v www.localhost -x /index.php 
-f 't:123;c:/bin/ls' -o

This tells hellsing to attack the ip 127.0.0.1 over ssl (-o flag; defaults to 
port 80; 443 for ssl) and target the virtual host www.localhost.  The target 
app is index.php and the module to be used is 1 (see -l for all modules).  
Arguments to the module are t and f, each with the respective values of 123 and 
/bin/ls.

I left a few web app vulns in the config file to give you examples to play 
with.  You can do a few more things like encoding (see -e) and selective output 
buffering (see -s).

Oh one other thing, it sends lots of headers. when I wrote it, I wanted it to 
emulate the headers firefox sent in a generic http get request.

Anyhow have a good one.

- Ben

hellsing-0.2.tar.gz
Description: application/gzip

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/