Wednesday, August 29, 2012

TheHarvester v 2.0 - Collects email accounts, usernames and hostnames


TheHarvester is a tool to collect email accounts, usernames and hostnames/subdomains from different public sources like search engines and PGP key servers.
This tool is intended to help Penetration testers in the early stages of the project. It's a really simple tool, but very effective.

The sources supported are:
  • Google - emails,subdomains/hostnames
  • Google profiles - Employee names
  • Bing search - emails, subdomains/hostnames,virtual hosts
  • Pgp servers - emails, subdomains/hostnames
  • Linkedin - Employee names
  • Exalead - emails,subdomain/hostnames
Some examples: 
  • Searching emails accounts for the domain microsoft.com, it will work with the first 500 google results.
./theharvester.py -d microsoft.com -l 500 -b google
  • Searching emails accounts for the domain microsoft.com in a PGP server, here it's not necessary to specify the limit.
./theharvester.py -d microsoft.com -b pgp


Searching for user names that works in the company microsoft, we use google as search engine, so we need to specify the limit of results we want to use:
./theharvester.py -d microsoft.com -l 200 -b linkedin
  • Searching in all sources at the same time, with a limit of 200 results:
./theHarvester.py -d microsoft.com -l 200 -b all

Read more ...>>

HTExploit : Open Source Tool to Bypass Standard Directory Protection


HTExploit (HiperText access Exploit) is an open-source tool written in Python that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process to gain access to a protected directory contents. Presumably, if such an attack is successful, you can launch further attacks such as SQL Injection, Local File Inclusion, Remote File Inclusion, etc. on discovered files.

Features of HTExploit:
  • Multiples modules to execute.
  • Save the output to an specify directory.
  • HTML Reporting.
  • Use multiples wordlist to probe against htaccess bypassing.
  • Mode verbose for a full detailed information.
  • Multi-platform and flexible.
The vulnerability exists because web servers like Apache forward PHP-based requests within .htaccess to the PHP engine itself. The .htaccess file allows you to specify the requests get sent to PHP to try to interpret. However, on encountering non-standard input, PHP automatically treats it as a GET request, and allows the utility to start saving the PHP files on a webserver to your local filesystem, bypassing security restrictions!

Read more ...>>

Anonymous FTP Scanner - Python Script



Anonymous FTP Scanner is a Python Script "FtpScan.py" - Which Scans for FTP servers allowing Anonymous Login.

Read more ...>>

Subscribe to: Posts (Atom)

 

Sponsor

To Top Page Up Page Down To Bottom Auto Scroll Stop Scroll