Full Disclosure mailing list archives
Fast HTTP Auth Scanner
From: "Andres Tarasco" <atarasco () gmail com>
Date: Tue, 24 Jul 2007 19:26:09 +0200
Hi list, Fast HTTP Auth Scanner, is a new web security scanner that allows brute-force attacks (basic auth, webforms,..) against web-based devices that require HTTP authentication (mostly routers) You can download both source and binary files at http://www.514.es/2007/07/fast_http_auth_scanner.html (english and spanish) c:\fscan.exe Fast HTTP auth Scanner v0.1 (c) Andres Tarasco - www.514.es usage: fscan.exe <params> -p <port>[,<port>,<port>,..] (example -p 80,81,82,8080) -P <sslport>[,<sslport>,<sslport>,..] (example -P 443,1443) -b <0|1> (bruteforce (enabled by default) ) -a <0|1> (Show protected hosts or all of them) -i <0|1> (Ignore known webservers (IIS, Apache, Sun,..) -t <threads> (default -t 200) -T timeout (default -T 15) -w <logfile> (save scan dump to disk) -h <ip1-ip2> (example -h 192.168.1.1-192.168.10.2 ) example: fscan.exe -p 80,81 -p 443 -b 1 -h 192.168.0.1-192.168.1.254 -t 200 -T 20 c:\fscan.exe -p 80,81,82 -h 192.168.0.0-192.169.0.0 -T 20 -t 300 -w logfile.txt Scanning 65535 hosts (192.168.0.1 - 192.169.0.0) Scanning 2 ports - bruteforce is active Server Port status password banner 192.168.1.42 80 400 micro_httpd 192.168.3.149 80 404 HTTP/1.0 192.168.2.139 80 400 micro_httpd 192.168.5.24 80 400 micro_httpd 192.168.5.139 80 401 1234:1234 Unknown/0.0 UPnP/1.0 GlobespanVirata-EmWeb/R6_1_0 192.168.6.112 80 401 admin:1234 RomPager/4.07 UPnP/1.0 192.168.7.185 80 400 micro_httpd 192.168.7.191 80 400 micro_httpd 192.168.6.114 80 200 (admin:1234) (D-Link Wireless adsl router) 192.168.4.238 80 401 not:found ENI-Web/R4_02 192.168.7.205 80 404 HTTP/1.0 192.168.8.241 80 404 HTTP/1.0 192.168.5.35 80 401 not:found RomPager/4.07 UPnP/1.0 192.168.7.200 80 200 not:found Boa/0.92o 192.168.10.113 80 401 admin:1234 ZyXEL-RomPager/3.02 192.168.10.82 80 400 micro_httpd 192.168.9.32 80 401 admin:123456 cisco-IOS 192.168.10.146 80 200 cisco-IOS 192.168.10.75 80 401 support:support micro_httpd 192.168.11.58 80 401 1234:1234 Unknown/0.0 UPnP/1.0 GlobespanVirata-EmWeb/R6_1_0 192.168.10.117 80 404 HTTP/1.0 192.168.7.8 80 401 not:found WindWeb/2.0 192.168.13.28 80 401 admin:1234 RomPager/4.07 UPnP/1.0 192.168.13.216 80 403 WindWeb/1.0.2 192.168.16.234 80 400 HTTP/1.0 192.168.15.105 80 401 1234:1234 Unknown/0.0 UPnP/1.0 GlobespanVirata-EmWeb/R6_1_0 192.168.18.128 80 401 1234:1234 RomPager/4.07 UPnP/1.0 192.168.6.57 80 401 not:found Allegro-Software-RomPager/2.10 192.168.11.14 80 401 not:found RomPager/4.07 UPnP/1.0 192.168.1.89 80 401 not:found RomPager/4.07 UPnP/1.0 192.168.22.31 80 302 HTTP/1.0 192.168.21.150 80 401 1234:1234 RomPager/4.07 UPnP/1.0 192.168.13.247 81 401 not:found Vivotek Network Camera 192.168.22.28 80 401 1234:1234 Unknown/0.0 UPnP/1.0 GlobespanVirata-EmWeb/R6_1_0 192.168.23.162 80 404 HTTP/1.0 192.168.23.191 80 200 Camera Web Server/1.0 192.168.12.249 80 401 not:found RomPager/4.07 UPnP/1.0 192.168.12.165 80 401 not:found RomPager/4.07 UPnP/1.0 192.168.24.101 80 401 admin:1234 ZyXEL-RomPager/3.02 192.168.25.90 80 401 admin:admin 192.168.18.135 80 401 not:found ZyXEL-RomPager/3.02 please feel free to contact me to report bugs or new router signatures. Andres Tarasco
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fast HTTP Auth Scanner Andres Tarasco (Jul 24)
- <Possible follow-ups>
- Fast HTTP Auth Scanner Amichai Teumim (Jul 24)
- Re: Fast HTTP Auth Scanner Andres Tarasco (Jul 31)