Vulnerability Development mailing list archives
Re: Using php to bounce scan
From: oogali () INTRANOVA NET (Omachonu Ogali)
Date: Sat, 29 Apr 2000 02:13:00 -0400
This is nothing new since many people have done CGI scripts that achieve the same thing that you've conceived. On Fri, 28 Apr 2000, Thiebaut wrote:
Hi, This is my first post so I'm not 100% sure it's the right place to do it and if this is interesting enough to be posted, but still ... The problem : Nowadays few free-web-page hosting companies are providing an access to publish your pages with PHP enabled. That's the problem ;-) So why not use PHP for security purpose ? Let's say you write a PHP network scanner and use it to scan a host. Guess where would the source scan come from. The computer hosting the script, and that is actually not you. Chain proxies between you and the computer hosting the script and you'll appear as the anonymous Php3 network scanning guy. So network scanning is fun (still don't dream about -sS with php), but vulnerability scanning might also be fun. So I though to be a little more complete a simple cgi scanner would also be interesting. It's a very bad example of code optimisation ;-) but I thought the idea was not so bad so... You got both files there : http://persoweb.francenet.fr/~tbilger/linux/ Don't hesitate to mail for comments. Thiebaut Devergranne
-- +-------------------------------------------------------------------------+ | Omachonu Ogali oogali () intranova net | | Intranova Networking Group http://tribune.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-------------------------------------------------------------------------+
Current thread:
- Netaddress and amexmail, (continued)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Fabio Pietrosanti (Apr 27)
- Re: Netaddress and amexmail Blue Boar (Apr 27)
- Re: Netaddress and amexmail Marc Slemko (Apr 28)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 28)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Stone (Apr 27)
- Exploit Ease Level Rory Savage (Apr 25)
- Re: Exploit Ease Level Max Vision (Apr 26)
- Re: Exploit Ease Level Rory Savage (Apr 28)
- Using php to bounce scan Thiebaut (Apr 28)
- Re: Using php to bounce scan Omachonu Ogali (Apr 28)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- corrupted link JklojLrnzn () AOL COM (Apr 30)
- Re: Using php to bounce scan Matt Rae (Apr 30)
- Re: Using php to bounce scan Thiebaut (Apr 30)
- Re: Exploit Ease Level Max Vision (Apr 28)
- Re: Exploit Ease Level jms (Apr 29)
- Re: Exploit Ease Level Rory Savage (Apr 29)
- Re: Exploit Ease Level Mark L. Jackson (Apr 29)
- Re: Exploit Ease Level jms (Apr 29)
- Re: Exploit Ease Level Sebastian (Apr 27)