script: using wapiti to audit a list of domains

 §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, †êå¢hïñg, †µ†ðrïål§, Backbox, Hå¢kïñg, Kali, Lïñµx, Penetration Testing, Rê§êår¢h, ßå¢k†rå¢k, Vulnerability Testing  No Responses »
Dec 042013
 

I often review various vulnerability scanners.  When I review them, I look at several different things:

  • were they able to find a vulnerability I previously missed?
  • are they accurate in their findings?
  • how quickly do they complete an audit compared to “insert some other vulnerability scanner here”?
  • sometimes I will also grab the tcpdumps of the audits for even further analysis
  • how accessible and easy are they to use by “skiddies”?
  • based on the tcpdumps + noise generated on the server logs, are the audit signatures of wapiti easy to detect?

Continue reading »

Quick Fix for Apache CVE-2011-3192

 §¢rïþ†§, §¥§†êm ÄÐmïñ阮rå†ïðñ, Apache, Lïñµx, Rê§êår¢h, Redhat  4 Responses »
Aug 242011
 

Thought I would share this quick fix ref CVE-2011-3192 with the POC available here:
http://seclists.org/fulldisclosure/2011/Aug/175

First, if you are an apache admin, get this fixed ASAP. I was able to take down a small test server with 7 http get requests.

Login to the server and run this command to see if you have mod_headers installed:

locate mod_headers

If you see mod_headers.so in that list, you can continue to Configuring Apache.  Otherwise go to Compiling Mod_Headers

Continue reading »