Automated remote CGI vulnerability discovery

[Samy Kamkar <SKamkar () LucidX com>]

I would like to present screamingCobra to you all, originally developed 
at Caezar's Challenge V (originally named crawl5b).

screamingCobra was developed to do "automated remote vulnerability 
discovery without source code to the application."

Basically, it recursively crawls a site (without requiring the user to 
do ANY legwork at all), without leaving that site or going over links it 
has already gone to, and looks for anything that looks like it's able to 
accept arguements such as CGIs, forms, etc..  It then attempts to access 
/etc/passwd on the system by common CGI bugs that even the most well 
known sites on the net are usually vulnerable to.  It can be extended to 
attempt to execute an application on the remote system, as well.  It 
uses a number of techniques to do these.  If it succeeds, it returns the 
URL that was accessed and you can quickly see the problem and patch the bug.

You can find it at http://cobra.LucidX.com or version 1.02 directly at 
http://cobra.LucidX.com/CURRENT.tar.gz

Originally developed for NIX machines, this new version is compatible 
with any OS that has Perl installed.
Also included is a Win32 binary for Windows users that do not have Perl.

I hope this can be of use to some of you as it has been to many 
administrators and other users generally interested in network security.

Please contact me if you have any questions or comments!

--
Samy Kamkar -- (877) 898-1424 -- cp5 () LucidX com
LucidX.com / LA.pm.org / pdump.org / code.LucidX.com