Saturday, September 6, 2014

Web Server Cookie Disclouser Vulnerability Scanner

Hello Guys,
           I have write a Python code for checking Web Application Vulnerability

HTTP Only cookie is only accessed from the server side, no client script can access that cookie, when a webserver get a big cookie like same 10000 of characters for example A is char, it cannot process so it get us back error 400 [bad request], in that error has a vulnerability, its disclose cookies on a webserver.
Most of all dont know about the how to check a HTTPOnly vulnerability and web server Cookie Disclouser Vulnerability, some People runs a Tools like Acunetix and burp scan or netsparker there are most of time you will see a HTTPOnly flag is not set or cookies not protected, they just saw it and patched it through .htaccess file or including scripts in php headers file to protect a web server. But Most of dnt know how to check it, So i made it a script for checking specially for cookie disclouser vulnerability on web server
[+] I Have Made a Python Script for Checking HTTPOnly and Web server Cookie Disclouser Vulnerability.
[+] Test it Manually for checking vulnerability of HttpOnly on Web Applications, this is very common vulnerabilty on nowadays [+] Impact of this Vulnerability is Low as well as Medium depending upon the Attacker :D
Usage:-
[+] Using of this python file on windows is very Simple
[+] Download a python for windows from here: https://www.python.org/ftp/python/2.7.8/python-2.7.8.msi
[+] Run a python File [+] C:\python27>python.exe and file path
Here is some Screenshots:
[+] If Target is Vulnerable



[+] If Target is Not Vulnerable


[+] Proof of Exploiting Vulnerability using Browser, Need an Cookie Manager


Download the Python Code from here:
https://github.com/frank3nstien

Direct Link:
https://github.com/frank3nstien/web_server_cookie_disclouser_script 

Friday, April 18, 2014

Heartbleed Testing Tools [OpenSSL |CVE-2014-0160]


HeartBleed Response with Vulnerable System:-





 Here's a nice collection of heart bleed tools to help you along with this exploit:-
'ONLINE' OpenSSL Heartbleed Vulnerability Scanner: 
This is for those of you in this thread that are having trouble with the Python scripts below
--https://pentest-tools.com/vulnerability-scanning/openssl-heartbleed-scanner

A Checker:  (site and tool) for CVE-2014-0160:
--https://github.com/FiloSottile/Heartbleed  

ssltest.py: Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford
--http://pastebin.com/WmxzjkXJ

ssltest.py: (modified version) Added URL crawler and auto-detection function, reducing the trouble to manually enter the URL. You can also use a proxy server, so you can choose your own search engine in the code, and change their keywords. Feel free to edit/modify to suit your needs.
--http://pastebin.com/cLt1Uk6H

ssltest.py: (modified version #2) This version is updated for handling different version of SSL/TLS
--http://pastebin.com/WtDbK1gR

pacemaker.py: Pacemaker Attempts to abuse OpenSSL clients that are vulnerable to Heartbleed (CVE-2014-0160). Compatible with Python 2 and 3.
--https://github.com/Lekensteyn/pacemaker

SSL Server Test:
--https://www.ssllabs.com/ssltest/index.html

Metasploit Module:
--https://github.com/rapid7/metasploit-framework/pull/3206/files

Nmap NSE script: Detects whether a server is vulnerable to the OpenSSL Heartbleed:
--https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse

Nmap NSE script: Quick'n'Dirty OpenVAS nasl wrapper for ssl_heartbleed based on ssl_cert_expiry.nas
--https://gist.github.com/RealRancor/10140249

Heartbleeder: Tests your servers for OpenSSL:
--https://github.com/titanous/heartbleeder?files=1

Heartbleed Attack POC and Mass Scanner:
--https://bitbucket.org/fb1h2s/cve-2014-0160

Heartbleed Honeypot Script:
--http://packetstormsecurity.com/files/126068/hb_honeypot.pl.txt

Bleed Out Heartbleed Command Line Tool v.1.0.0.10:
Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.


http://packetstormsecurity.com/files/126102/BleedOut1.0.0.10.zip

Windows CMD example:
Code:
C:\Users\frank3nstien\Desktop\BleedOut1.0.0.10-1\Bin>BleedOut -h quirktools.com

Enjoy and Thanks for viewing my Blog

*Greetz to m0bi13_xT and My PC