Monday, January 3, 2011

ASP Auditor

Author: david.kierznowski[at]gmail.com
http:michaeldaw.org

# Changelog:
# --V2.2-- 20/Apr/07
# * Added additional support for Anti-XSS Validation detection.
# * Added ASP Source Directory Leak Check
# * Added Apr/07 ASP.NET Validation Bypass Check
#
# --V2.1-- 25/Sep/06
# * GET /Trace.axd often leaks ASP.NET version when other methods fail.
# * Fixed "?" bug in JavaScript Validate Test
# * Added Version into usage ()
#
# * --V2.0-- 16/Sep/06
# * Version plugin allowing specific ASP.NET versioning.
# * Version brute force capabilities using JavaScript validate
#  directories.
# * Check if global ASP.NET validate is being used.
# * Added brute force function and option in usage ()
This tool is based on H D Moore's Dot Net Application Scanner
Author: H D Moore <hdm[at]digitaloffense.net>
URL: http://www.digitaloffense.net/index.html?section=TOOLS

Credits:
HDM thanks for the feedback.


--Penggunan
root@bt:~# ./asp-audit.pl

Penggunaan: ./asp-audit.pl [http://target/app/file.aspx] (opts)
                   
                      (opts)
                      - bf brute force ASP.NET version using JS Validate directories.

--Contoh 1
root@bt:~# ./asp-audit.pl http://www.*hidden*/index.aspx
[*] Sending initial probe request . . .
[*] Sending path discovery request . . .
[*] Sending ASP.NET validate discovery request . . .
[*] Sending application trace request . . .
[*] Sending null remoter service request . . .

[ .NET Configuration Analysis ]

  Server      ->  Microsoft-IIS/6.0
  Application        -> /
  FilePath      -> D:\VirtualServers\*hidden*
  ADNVersion     -> 1.1.4322.2300

  matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005

--contoh 2
root@bt:~# ./asp-audit.pl http://www.*hidden*/index.aspx -bf
[*] Sending initial probe request...
[*] Sending path discovery request...
[*] Sending ASP.NET validate discovery request...
[*] Sending application trace request...
[*] Sending null remoter service request...

[ .NET Configuration Analysis ]

    Server  -> Microsoft-IIS/6.0
    AppTrace  -> LocalOnly
    Application  -> /
    FilePath  -> D:\inetpub\*hidden*
    ADNVersion  -> 1.1.4322.2300

    matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1)  Mar 2005

[*] Sending brute force discovery requests...
        Found -> /aspnet_client/system_web/1_1_4322

The tool can be downloaded here:
http://michaeldaw.org/projects/asp-audit-latest.tar.gz
Diposkan oleh Administrator di 3:37:00 PM
Label: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)