2lz |
329 kb VoidEYE CGI Scanner 0.4b4 by Duke | Freeware |
Quickly locate vulnerable scripts on a webserver from list or ip range. Screenshot Usage
The archive contains file 'servers.dat'. Open it in any text editor and fill it with server list, in format "http://www.yourhost.dom" per each line. Then launch the voideye.exe and press 'scan' button. The window will appear and you will see there the results of the scanning. If here appears line containing '200 OK' then it means: corresponding script's found and maybe httpd is vulnerable to some kind of attack. |
--[VoidEYE 2000]----[Scan results]-- [8:51:47]--[Started scanning http://host [8:51:54]--[http://host/cgi-bin/php-cgi - Not Found (404)] [8:51:55]--[http://host/cgi-bin/test.bat - Not Found (404)] [8:51:56]--[http://host/cgi-bin/input.bat - Not Found (404)] [8:51:57]--[http://host/cgi-bin/input2.bat - Not Found (404)] [8:51:58]--[http://host/ssi/envout.bat - Not Found (404)] [8:51:59]--[http://host/cgi-bin/handler - Not Found (404)] [8:52:08]--[http://host/cgi-bin/test-cgi - FOUND (200 OK) [8:52:09]--[http://host/cgi-bin/nph-test-cgi - FOUND (200 OK) [8:52:10]--[http://host/cgi-bin/phf - FOUND (200 OK) [8:52:11]--[http://host/cgi-bin/phf.pp - FOUND (200 OK) [8:52:12]--[http://host/cgi-bin/phf.cgi - FOUND (200 OK) [8:52:13]--[http://host/cgi-bin/websendmail - FOUND (200 OK) [8:52:14]--[http://host/cgi-bin/environ.cgi - FOUND (200 OK) [8:52:15]--[http://host/cgi-bin/php.cgi - FOUND (200 OK) [8:52:24]--[http://host/cgi-bin/php - FOUND (200 OK) [8:52:25]--[http://host/cgi-bin/perl.exe - FOUND (200 OK) [8:52:27]--[http://host/cgi-bin/wwwboard.pl - FOUND (200 OK) [8:52:28]--[http://host/cgi-bin/www-sql - FOUND (200 OK) [8:52:29]--[http://host/cgi-bin/view-source - FOUND (200 OK) [8:52:30]--[http://host/cgi-bin/AT-admin.cgi - FOUND (200 OK) [8:52:31]--[http://host/cgi-bin/wwwadmin.pl - FOUND (200 OK) [8:52:32]--[http://host/cgi-bin/formmail.pl - FOUND (200 OK) [8:52:33]--[http://host/cgi-bin/sendform.cgi - FOUND (200 OK) [8:52:34]--[http://host/cgi-bin/maillist.pl - FOUND (200 OK) [8:52:35]--[http://host/iisadmpwd/achg.htr - FOUND (200 OK) [8:52:36]--[http://host/iisadmpwd/aexp.htr - FOUND (200 OK) [8:52:37]--[http://host/iisadmpwd/aexp2.htr - FOUND (200 OK) [8:52:38]--[http://host/iisadmpwd/aexp2b.htr - FOUND (200 OK) [8:52:39]--[http://host/iisadmpwd/aexp3.htr - FOUND (200 OK) [8:52:40]--[http://host/iisadmpwd/aexp4.htr - FOUND (200 OK) [8:52:41]--[http://host/iisadmpwd/aexp4b.htr - FOUND (200 OK) [8:52:42]--[http://host/iisadmpwd/anot.htr - FOUND (200 OK) [8:52:43]--[http://host/iisadmpwd/anot3.htr - FOUND (200 OK) [8:52:44]--[http://host/msadc/Samples/SELECTOR/showcode.asp - FOUND (200 OK) [8:52:46]--[http://host/_AuthChangeUrl? - FOUND (200 OK) [8:52:47]--[http://host/_AuthChangeUrl? - FOUND (200 OK) [8:52:48]--[http://host/....../autoexec.bat - FOUND (200 OK) [8:52:49]--[http://host/_AuthChangeUrl? - FOUND (200 OK) [8:52:50]--[http://host/scripts/fpcount.exe - FOUND (200 OK) [8:52:51]--[http://host/scripts/cgimail.exe - FOUND (200 OK) [8:52:52]--[http://host/scripts/tools/newdsn.exe - FOUND (200 OK) [8:52:53]--[http://host/scripts/tools/getdrvs.exe - FOUND (200 OK) [8:52:54]--[http://host/cgi-bin/bnbform.cgi - FOUND (200 OK) [8:52:56]--[http://host/cgi-bin/survey.cgi - FOUND (200 OK) [8:52:57]--[http://host/domcfg.nsf/?open - FOUND (200 OK) [8:52:58]--[http://host/cgi-bin/count.cgi - FOUND (200 OK) [8:52:59]--[http://host/cgi-bin/guestbook.cgi - FOUND (200 OK) [8:53:00]--[http://host/cgi-bin/aglimpse - FOUND (200 OK) [8:53:01]--[http://host/cgi-bin/finger?@localhost - FOUND (200 OK) [8:53:02]--[http://host/cgi-bin/jj - FOUND (200 OK) [8:53:03]--[http://host/cgi-bin/man.sh - FOUND (200 OK) [8:53:05]--[http://host/cgi-bin/webdist.cgi - FOUND (200 OK) [8:53:06]--[http://host/cgi-bin/wrap.cgi - FOUND (200 OK) [8:53:07]--[http://host/cgi-bin/handler.cgi - FOUND (200 OK) [8:53:08]--[http://host/cgi-bin/day5datacopier.cgi - FOUND (200 OK) [8:53:09]--[http://host/cgi-bin/day5datanotifier.cgi - FOUND (200 OK) [8:53:10]--[http://host/cgi-bin/pfdisplay.cgi - FOUND (200 OK) [8:53:11]--[http://host/perl/files.pl - FOUND (200 OK) [8:53:12]--[http://host/scripts/convert.bas - FOUND (200 OK) [8:53:13]--[http://host/cgi-bin/dumpenv.pl - FOUND (200 OK) [8:53:14]--[http://host/cgi-bin/upload.pl - FOUND (200 OK) [8:53:16]--[http://host/session/adminlogin?RCpage=/sysadmin/index.stm - FOUND (200 OK) [8:53:25]--[http://host/cgi-bin/campas - FOUND (200 OK) [8:53:26]--[http://host/cgi-bin/textcounter.pl - FOUND (200 OK) [8:53:27]--[http://host/cgi-bin/view-source - FOUND (200 OK) [8:53:28]--[http://host/cgi-bin/webgais - FOUND (200 OK) [8:53:29]--[http://host/cgi-bin/htmlscript - FOUND (200 OK) [8:53:30]--[http://host/cgi-win/uploader.exe - FOUND (200 OK) [8:53:32]--[http://host/cgi-win/uploader.exe - FOUND (200 OK) [8:53:33]--[http://host/cgi-dos/args.cmd - FOUND (200 OK) [8:53:34]--[http://host/cgi-dos/args.bat - FOUND (200 OK) [8:53:35]--[http://host/cgi-bin/nph-publish - FOUND (200 OK) [8:53:36]--[http://host/cgi-bin/faxsurvey - FOUND (200 OK) [8:53:37]--[http://host/~root - FOUND (200 OK) [8:53:38]--[http://host/_vti_pvt/users.pwd - FOUND (200 OK) [8:53:40]--[http://host/_vti_pvt/administrators.pwd - FOUND (200 OK) [8:53:41]--[http://host/_vti_pvt/shtml.dll - FOUND (200 OK) [8:53:42]--[http://host/_vti_pvt/shtml.exe - FOUND (200 OK) [8:53:44]--[http://host/__vti_inf.html - FOUND (200 OK) [8:53:45]--[http://host/cfdocs/expelval/openfile.cfm - FOUND (200 OK) [8:53:46]--[http://host/cfdocs/expelval/exprcalc.cfm - FOUND (200 OK) [8:53:47]--[http://host/cfdocs/expelval/displayopenedfile.cfm - FOUND (200 OK) [8:53:48]--[http://host/cfdocs/expelval/sendmail.cfm - FOUND (200 OK) [8:53:49]--[http://host/search97.vts - FOUND (200 OK) [8:53:55]--[http://host/?PageServices - FOUND (200 OK) [8:53:56]--[http://host/AdvWorks/equipment/catalog_type.asp - FOUND (200 OK) [8:53:57]--[http://host/ASPSamp/AdvWorks/equipment/catalog_type.asp - FOUND (200 OK) [8:53:58]--[http://host/cgi-bin/unlg1.1 - FOUND (200 OK) [8:53:59]--[http://host/cgi-bin/filemail.pl - FOUND (200 OK) [8:54:00]--[http://host/cgi-bin/info2www - FOUND (200 OK) [8:54:01]--[http://host/cgi-bin/finger - FOUND (200 OK) [8:54:02]--[http://host/cgi-bin/AnyForm2 - FOUND (200 OK) [8:54:03]--[http://host/cgi-bin/classifieds.cgi - FOUND (200 OK) [8:54:05]--[http://host/carbo.dll - FOUND (200 OK) [8:54:06]--[http://host/cgi-bin/fpexplore.exe - FOUND (200 OK) [8:54:07]--[http://host/cgi-bin/whois_raw.cgi - FOUND (200 OK) [8:54:08]--[http://host/scripts/counter.exe - FOUND (200 OK) [8:54:09]--[http://host/adsamples/config/site.csc - FOUND (200 OK) [8:54:10]--[http://host/cgi-bin/responder.cgi - FOUND (200 OK) [8:54:11]--[http://host/cgi-bin/wguest.exe - FOUND (200 OK) [8:54:13]--[http://host/cgi-bin/rguest.exe - FOUND (200 OK) [8:54:14]--[http://host/scripts/no-such-file.pl - FOUND (200 OK) [8:54:15]--[http://host/scripts/iisadmin/ism.dll?http/dir - FOUND (200 OK) [8:54:16]--[http://host/samples/search/queryhit.htm - FOUND (200 OK) [8:54:17]--[http://host/scripts/samples/search/webhits.exe - FOUND (200 OK) [8:54:18]--[http://host/domcfg.nsf/?open - FOUND (200 OK) [8:54:19]--[http://host/cgi-shl/win-c-sample.exe - FOUND (200 OK) [8:54:20]--[http://host/default.asp::$DATA - FOUND (200 OK) [8:54:21]--[http://host/server%20logfile - FOUND (200 OK) [8:54:23]--[http://host/cgi-bin/tigvote.cgi - FOUND (200 OK) [8:54:24]--[http://host/cgi-bin/webutils.pl - FOUND (200 OK) [8:54:25]--[http://host/blabla.idc - FOUND (200 OK) [8:54:26]--[http://host/blabla.idq - FOUND (200 OK) [8:54:27]--[http://host/blabla.ida - FOUND (200 OK) [8:54:28]--[http://host/blabla.idw - FOUND (200 OK) [8:54:29]--[http://host/msadc/msadcs.dll - FOUND (200 OK) [8:54:30]--[http://host/blabla.idc - FOUND (200 OK) [8:54:31]--[http://host/default.asp - FOUND (200 OK) [8:54:33]--[http://host/samples/ - FOUND (200 OK) [8:54:33]--[scan from list task complete |