flyingpoptartcat

i'v added some pretty detailed docs on http://code.google.com/p/web-sorrow/

Good processes to follow: http://www.fieldsassociates.co.uk/media/images/diagram_steps.gif

is nikto pronounced -> nick - toe or -> nick - too or -> neek - too or -> neek - toe http://cirt.net/ i personally say nick - toe

very funny. but not very accurate. but they do a good job with the background decor with O'Reilly and EFF stickers and such

this make me angry when i see governments trying to control something that was mean't to be free (not $)

remember to check for updates

I started a project on google code. id love your feedback! Contribute if you wish. http://code.google.com/p/web-sorrow/ A perl based tool used for checking a Web server for misconfiguration, version detection, enumeration, and server information. I will build more Functionality in the future. what is's NOT: Vulnerably scanner, inspection proxy, DDoS tool, exploitation framework. It's entirely focused on Enumeration and collecting Info on the target server CURRENT functionality: -S - stands for standard. a set of Standard tests and includes: indexing of directories testing, banner grabbing, language detection (should be obvious), robots.txt, 200 response testing (some servers send a 200 ok for every req), and thumbs.db scanning -auth - looks for login pages with a list of some of the most common login files and dirs and admin consoles. don't need to be very big list of URLs because what else are going to name it? notAlogin.php??? -Cp - scan with a huge list of plugins dirs. the list is a bit old (Drupal and wordpress plugins databases are now current but sorry joomla's still a bit old) -I - searches the responses for interesting strings -Ws - looks for web services such as hosting provider, blogging services, favicon fingerprinting, and cms version info -Fd - look for generally things people don't want you to see. The list is generated form a TON of robot.txt so whatever it finds should be interesting. -ninja - A light weight and undetectable scan that uses bits and peaces from other scans -R - use http range headers to make scans faster -Shadow - Use Google cache instead of requesting from the target host -Sd - Bruteforce Sub Domains -Db - Bruteforce Directories with the big dirbuster Database -ua - use a custom UserAgent. PUT UA IN QUOTES if theres spaces -proxy - send all http reqs via a proxy. example: 255.255.255.254:8080 -e - run all the scans in the tool web-sorrow also has false positives checking on most of it's requests (it pretty accurate but not perfect)

i think there's a hak5 segment just answering you question you should look around

I know how to use backtrack pretty good im just looking for a way to do it without waiting 2h for it to download and then install a VM... and both first guy

no matter how hard i look there is not one good tool for getting a remote router hash with out the presence of backtrack! i know wireshark but don't know how extract the password hash. any tips would help. pls don't post anything about aircrack-ng i just want the hash. (win32 if your wondering)

Spotify can take up a frack ton of space so this happend: @echo off C:\sdelete -p 1 -r %userprofile%\AppData\Local\Spotify\Storage\*.file save this to a .bat or .cmd you can change the dir of sdelete and the passes have fun!

why don't you ask them? http://anonnet.org/webirc/

or you could just do that... :'(

ok. thanks. ill try those

Thats a good idea. ill post some new code later to add that feature but i can't install any arp packages

Thank YOu

make more pretty in $i1 for loop: if($Ping){ print "$IpAddr up\n"; } else { if($i1 = 255) { print "status: $IpAddr\n"; } }

this one might be faster: #!/usr/bin/perl use IO::Socket; for($i4 = 1; $i4 < 256;$i4++){ for($i3 = 1; $i3 < 256;$i3++){ for($i2 = 1; $i2 < 256;$i2++){ for($i1 = 1; $i1 < 256;$i1++){ $IpAddr = $i4 . "." . $i3 . "." . $i2 . "." . $i1; my $sock = new IO::Socket::INET ( PeerAddr => $IpAddr, PeerPort => '80', Proto => 'tcp', ); if($sock){ print "$IpAddr up\n"; } else { print "$IpAddr checked\n"; } } } } }

ya, it ain't very practical.

didn't let me use all the white space

hey guys, i wrote this perl script that trys pinging every posible ipAddr (ipv4) possible. id love to see this grow and be optimized with new features use ,edit, and share the code as you wish: version3 #!/usr/bin/perl # writen by flyingpoptartcat #perl ipbf.pl [-S ipaddr] [-sn ipaddr] [p Proto] # #useage: # -S - IP address to start at # -sn - scan just the subnet example 1.23.10.1-255 # -p - Protocall of ping use Net::Ping; use Net::IP; use Getopt::Long; my $StartIP = "1.0.0.1"; my $Subnet = "f"; my $Proto = "icmp"; GetOptions( 'S=s' =&gt; \$StartIP, 'sn=s' =&gt; \$Subnet, 'p=s' =&gt; \$Proto, ); my $Ping = Net::Ping-&gt;new("$Proto", 0, 30); print "ip brute forcer v3...\n"; if($Subnet != 'f') { &amp;subnet(); } else { &amp;regular(); } sub regular{ print "Protocall - $Proto\nStart IP - $StartIP\n"; my $ip = Net::IP-&gt;new("$StartIP - 255.255.255.255"); while(($ip-&gt;ip()) &lt; "255.255.255.256" ){ print $ip-&gt;ip() . " up\n" if $Ping-&gt;ping($ip-&gt;ip()); $ip++; } } sub subnet{ print "Protocall - $Proto\nsubnet of $Subnet\n"; my $ip = Net::IP-&gt;new("$Subnet - 255.255.255.255"); for($i = 1;$i &lt; 256;$i++){ print $ip-&gt;ip() . " up\n" if $Ping-&gt;ping($ip-&gt;ip()); $ip++; } } version 2 #!/usr/bin/perl use Net::Ping; use Net::IP; use Getopt::Long; print "ip brute forcer v2...\n"; $StartIP = "1.0.0.1"; GetOptions( 'S=s' =&gt; \$StartIP, ) or die print q{ useage: -S - IP address to start at }; my $Ping = Net::Ping-&gt;new("icmp", 0, 30); my $ip = Net::IP-&gt;new("$StartIP - 255.255.255.255"); while(($ip-&gt;ip()) &lt; "255.255.255.256" ){ print $ip-&gt;ip() . " up\n" if $Ping-&gt;ping($ip-&gt;ip()); $ip++; } version 1 #!/usr/bin/perl use Net::Ping; $Ping = Net::Ping-&gt;new("icmp", 0, 18); print "ip brute forcer...\n"; for($i4 = 1; $i4 &lt; 256;$i4++){ for($i3 = 1; $i3 &lt; 256;$i3++){ for($i2 = 1; $i2 &lt; 256;$i2++){ for($i1 = 1; $i1 &lt; 256;$i1++){ $IpAddr = $i4 . "." . $i3 . "." . $i2 . "." . $i1; print "$IpAddr\n" if $Ping-&gt;ping($IpAddr); } } } }