+1 here, this tool is awesome
A simple perl tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has: 871 traversal payloads (and counting!)
"I do not know with what weapons World War III will be fought, but World War IV will be fought with sticks and stones."
DotDotPwn v2.1 Relase @BugCon Security Conference 2010 (Oct 29) - México City
Post a new message on this thread and vote for DotDotPwn as tool for next BackTrack release!!
Last edited by chr1x; 10-29-2010 at 10:13 PM.
This tool is awesome!!, surely must be a tool that everyone should know.
dotdotpwn for the next backtrack!
+1 Vote from me! This tool is AWESOME! Useful, human-friendly, scripting-friendly, that must be enough.
Tool than includes a lot of payloads, crazy strings for discovery vulnerabilities.
All payloads in one powerful t00l.
Just checked it out yeasterday during BugCon'10... Awsome tool!
Hell yeah !
Here you have the presentation that I gave the past friday at BugCon Security Conferences:
Also, the link of the 3 0-day exploits presented there as well...
Mongoose Web Server 2.11 Directory Traversal Vulnerability
Yaws 1.89 Directory Traversal Vulnerability
Home FTP Server v18.104.22.168 Post-Auth Directory Traversal
DOTDOTPWN V2.1 FOR THE NEXT BACKTRACK !!!!!