(ADDED TO REPO) Dotdotpwn

[SWFu64]

A simple perl tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has: 871 traversal payloads (and counting!)

hax t00lz!

[sickness]

+1 here, this tool is awesome

[chr1x]

DotDotPwn v2.1 Relase @BugCon Security Conference 2010 (Oct 29) - México City

Post a new message on this thread and vote for DotDotPwn as tool for next BackTrack release!!

[chr1x]

DotDotPwn v2.1 is now OUT!!!

CubilFelino Official Download http://dotdotpwn.sectester.net/

Chatsubo Labs Mirror http://chatsubo-labs.blogspot.com

[stormdark]

This tool is awesome!!, surely must be a tool that everyone should know.
dotdotpwn for the next backtrack!

[1nkkubu8]

+1 Vote from me! This tool is AWESOME! Useful, human-friendly, scripting-friendly, that must be enough.

[r1l00]

Tool than includes a lot of payloads, crazy strings for discovery vulnerabilities.
All payloads in one powerful t00l.


Regards.

[DiegoBoy05]

Just checked it out yeasterday during BugCon'10... Awsome tool!

[nitr0us]

Hell yeah !

Here you have the presentation that I gave the past friday at BugCon Security Conferences:
http://www.brainoverflow.org/present...Con%202010.pdf

Also, the link of the 3 0-day exploits presented there as well...
Mongoose Web Server 2.11 Directory Traversal Vulnerability
Yaws 1.89 Directory Traversal Vulnerability
Home FTP Server v1.11.1.149 Post-Auth Directory Traversal

DOTDOTPWN V2.1 FOR THE NEXT BACKTRACK !!!!!

../../Cheers

[nitr0us]

Looking for screenshots ?

Chatsubo [(in)Security Dark] Labs: DotDotPwn v2.1 - The Traversal Directory Fuzzer

Chatsubo [(in)Security Dark] Labs: DotDotPwn - The Directory Traversal Fuzzer

Cheers !