Vulnerability Development mailing list archives
Using php to bounce scan
From: thiebaut.adsl () WANADOO FR (Thiebaut)
Date: Fri, 28 Apr 2000 22:08:03 +0200
Hi, This is my first post so I'm not 100% sure it's the right place to do it and if this is interesting enough to be posted, but still ... The problem : Nowadays few free-web-page hosting companies are providing an access to publish your pages with PHP enabled. That's the problem ;-) So why not use PHP for security purpose ? Let's say you write a PHP network scanner and use it to scan a host. Guess where would the source scan come from. The computer hosting the script, and that is actually not you. Chain proxies between you and the computer hosting the script and you'll appear as the anonymous Php3 network scanning guy. So network scanning is fun (still don't dream about -sS with php), but vulnerability scanning might also be fun. So I though to be a little more complete a simple cgi scanner would also be interesting. It's a very bad example of code optimisation ;-) but I thought the idea was not so bad so... You got both files there : http://persoweb.francenet.fr/~tbilger/linux/ Don't hesitate to mail for comments. Thiebaut Devergranne
Current thread:
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions., (continued)
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Schockaert, Rudy (Apr 24)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Fabio Pietrosanti (Apr 27)
- Re: Netaddress and amexmail Blue Boar (Apr 27)
- Re: Netaddress and amexmail Marc Slemko (Apr 28)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 28)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Stone (Apr 27)
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Schockaert, Rudy (Apr 24)
- Exploit Ease Level Rory Savage (Apr 25)
- Re: Exploit Ease Level Max Vision (Apr 26)
- Re: Exploit Ease Level Rory Savage (Apr 28)
- Using php to bounce scan Thiebaut (Apr 28)
- Re: Using php to bounce scan Omachonu Ogali (Apr 28)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- corrupted link JklojLrnzn () AOL COM (Apr 30)
- Re: Using php to bounce scan Matt Rae (Apr 30)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- Re: Exploit Ease Level Max Vision (Apr 28)
- Re: Exploit Ease Level jms (Apr 29)
- Re: Exploit Ease Level Rory Savage (Apr 29)
- Re: Exploit Ease Level Mark L. Jackson (Apr 29)
- Re: Exploit Ease Level jms (Apr 29)