Monday, May 17, 2010

Sockets Practice: tpscan.c

tpscan.c is a thread portscanner--some more proof of concept/socket practice.

As expected, it speeds things up nicely:

dennis@ipa:~/projects/sockets/tpscan$ time ./tpscan x.x.x.x
25/smtp is open.
80/www is open.
995/pop3s is open.
0m28.40s real 0m0.00s user 0m0.00s system

dennis@ipa:~/projects/sockets/portscan$ time ./portscan x.x.x.x

Portscanning x.x.x.x (x.x.com)

25/smtp
80/www
995/pop3s

2m15.71s real 0m0.00s user 0m0.01s system

Tuesday, May 4, 2010

Update: rficrawl.c

I turned rficrawl.c from RFI Coverage in Emerging Threats into a RFI scanner, it looks like this now:

dennis@ipa:~/projects/rficrawl$ rficrawl 127.0.0.1 test

Vulnerable: /animals/animals.php?id=
Vulnerable: /OpenSiteAdmin/scripts/classes/DatabaseManager.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/FieldManager.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/Filter.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/Filters/SingleFilter.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/Form.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/FormManager.php?path=
Vulnerable: /OpenSiteAdmin/scripts/classes/LoginManager.php?path=