Results 1 to 6 of 6

Thread: morpheus scanner

  1. #1
    Just burned his ISO
    Join Date
    Sep 2006
    Posts
    20

    Cool morpheus scanner

    I got a bunch of hits on my web logs from "morepheus f*****g scanner". Anyone have any idea where i could download this from to see the results my server gave?
    i did quite a few google searches and came up with jack nothing.



    what sense does it make to edit the profanity in the title but not the post -- pureh@te

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by ragecyr View Post
    I got a bunch of hits on my web logs from "morepheus f*****g scanner". Anyone have any idea where i could download this from to see the results my server gave?
    i did quite a few google searches and came up with jack nothing.



    what sense does it make to edit the profanity in the title but not the post -- pureh@te
    Maybe you didn't find any because you're not spelling morpheus right? You have it spelled two different ways in the same post.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by ragecyr View Post
    I got a bunch of hits on my web logs from "morepheus f*****g scanner". Anyone have any idea where i could download this from to see the results my server gave?
    i did quite a few google searches and came up with jack nothing.
    So I did a google search and turned up the following for ya:
    http://www.google.com/search?num=50&...er&btnG=Search

    Went to the first one http://ekle.us/index.php/2007/05/upd...ucking_scanner

    It looks like on the second link says that this is a user agent that looks for vulns in PHP based websites.
    Also if you are wanting/needing a scanner you could use some of the tools in bt to see what your server gives.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #4
    Just burned his ISO
    Join Date
    Sep 2006
    Posts
    20

    Default

    ... thanks for the help, but you guys are looking wayyyy too much into this.
    i spelled it wrong in my post, i did the google searches correct.
    I have read, and looked for a good 30min for the tool and just couldnt' find it. the one place i figured i would turn next is here, as someone here is bound to have heard of it, and have it.
    I have scanned my server many times over with various tools, i just want to see waht this one gives. That way its also educational for me to know where it fits in my scale, comparing it to dfind, web inspect, nikto.

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by ragecyr View Post
    ... thanks for the help, but you guys are looking wayyyy too much into this.
    i spelled it wrong in my post, i did the google searches correct.
    I have read, and looked for a good 30min for the tool and just couldnt' find it. the one place i figured i would turn next is here, as someone here is bound to have heard of it, and have it.

    Again :
    It turns out that Morfeus is a scanner that looks for vulnerabilities in PHP based web sites (as this one is). I guess it failed to find any vulnerabilities in my blogging software because I haven't noticed any problems,

    From http://ekle.us/index.php/2007/05/upd...ucking_scanner

    It is simply a HTTP_USER_AGENT
    Just like the one in your web browser of choice.

    There in the link that I have posted twice is a solution on how to deal with it!


    It is simply a "bot" acting like user agent to see what type of servers respond and what info they send back to the agent.
    Have a look at any of the sites that shows your user agent type in your browser. In Konquerer it is settings | configure | security
    This will show you what type of info your browser spits out to a probe

    Also another useful tool that is in BT is httprint
    This will show the same types of results and it can be run at multiple targets and on different ports.
    There is even a tutorial on it here as well.

    There are according to google 6000 results for this.
    I would suggest that you continue with this search
    However since it is relatively new there will probably not be a lot of info out.


    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6
    Just burned his ISO
    Join Date
    Sep 2006
    Posts
    20

    Default

    nevermind

    (............ = 10 characters)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •