http:michaeldaw.org
# Changelog:
# --V2.2-- 20/Apr/07
# * Added additional support for Anti-XSS Validation detection.
# * Added ASP Source Directory Leak Check
# * Added Apr/07 ASP.NET Validation Bypass Check
#
# --V2.1-- 25/Sep/06
# * GET /Trace.axd often leaks ASP.NET version when other methods fail.
# * Fixed "?" bug in JavaScript Validate Test
# * Added Version into usage ()
#
# * --V2.0-- 16/Sep/06
# * Version plugin allowing specific ASP.NET versioning.
# * Version brute force capabilities using JavaScript validate
# directories.
# * Check if global ASP.NET validate is being used.
# * Added brute force function and option in usage ()
This tool is based on H D Moore's Dot Net Application Scanner
Author: H D Moore <hdm[at]digitaloffense.net>
URL: http://www.digitaloffense.net/index.html?section=TOOLS
Credits:
HDM thanks for the feedback.
--Penggunan
root@bt:~# ./asp-audit.pl
Penggunaan: ./asp-audit.pl [http://target/app/file.aspx] (opts)
(opts)
- bf brute force ASP.NET version using JS Validate directories.
--Contoh 1
root@bt:~# ./asp-audit.pl http://www.*hidden*/index.aspx
[*] Sending initial probe request . . .
[*] Sending path discovery request . . .
[*] Sending ASP.NET validate discovery request . . .
[*] Sending application trace request . . .
[*] Sending null remoter service request . . .
[ .NET Configuration Analysis ]
Server -> Microsoft-IIS/6.0
Application -> /
FilePath -> D:\VirtualServers\*hidden*
ADNVersion -> 1.1.4322.2300
matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005
--contoh 2
root@bt:~# ./asp-audit.pl http://www.*hidden*/index.aspx -bf
[*] Sending initial probe request...
[*] Sending path discovery request...
[*] Sending ASP.NET validate discovery request...
[*] Sending application trace request...
[*] Sending null remoter service request...
[ .NET Configuration Analysis ]
Server -> Microsoft-IIS/6.0
AppTrace -> LocalOnly
Application -> /
FilePath -> D:\inetpub\*hidden*
ADNVersion -> 1.1.4322.2300
matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005
[*] Sending brute force discovery requests...
Found -> /aspnet_client/system_web/1_1_4322
The tool can be downloaded here:
http://michaeldaw.org/projects/asp-audit-latest.tar.gz
No comments:
Post a Comment