|
Penetration Testing
mailing list archives
Proxy-based Unicode Scanner / Anonymous
From: "Loyal Moses" <loyal () budlight com>
Date: 13 Jun 2001 03:42:04 -0000
Hey, hey!
http://www.sec33.com/webtools/unicode
Interestingly enough it was only suppose to be a php script that ran a test
for Unicode via the web. Mostly so I could do some remote testing from just
about any system with a browser.
Well, ... it then became a php script that utilizes any web-proxy on any
port. So you can route your unicode test from just about anywhere.
Well after that, I figured I would just incorporate several directory
structures both standard and non-standard mixed with all the variations of
the exploit and it added up to around 40 or more. I only have 29 on the web,
but I've tested the scripts on my clients and while other checks come up
negative.. This one seems to do the trick.
If anyone has any ideas or a list of their versions of the exploit I would
like to take a look.
Thanks,
./lm
_______________________________________________________________
Get your FREE Bud Light e-mail account at http://budlight.com
Bud Light E-Mail must be used responsibly and only is for consumers 21 years of age and older!
Disclaimer: Neither Anheuser-Busch, Inc. (the makers of BUD LIGHT beer) nor the operator of this E-Mail service or
their respective affiliates have seen, endorsed or approved any of the content in this e-mail and expressly disclaim
all liability for the content in whole and in part.
 By Date 
By Thread
Current thread:
- Proxy-based Unicode Scanner / Anonymous Loyal Moses (Jun 12)
|
Intro
