分享
 
 
 

介绍一套给网管使用的安全检查工具

王朝other·作者佚名  2008-05-19
窄屏简体版  字體: |||超大  

介绍一套给网管使用的安全检查工具,可检查下列漏洞:

Web Checks - 126 Checks

***********************

Web service is running

Misc Evaluate web service software

Misc MS Proxy Server

Misc Remote IIS administration

Misc Oracle owa_util package

Execute Commands msadc

Execute Commands campas

Execute Commands jj

Execute Commands formmail

Execute Commands formmail.pl

Execute Commands faxsurvey

Execute Commands get32.exe

Execute Commands alibaba.pl

Execute Commands tst.bat

Execute Commands phf

Execute Commands webdist.cgi

Execute Commands aglimpse.cgi

Execute Commands echo.bat

Execute Commands hello.bat

Execute Commands loadpage.cgi

Execute Commands Oracle Bat files

View files iissamples/issamples/query.idq

View files iissamples/issamples/fastq.idq

View files iissamples/exair/search/search.idq

View files iissamples/exair/search/query.idq

View files prxdocs/misc/prxrch.idq

View files iissamples/issamples/oop/qfullhit.htw

View files iissamples/issamples/oop/qsumrhit.htw

View files scripts/samples/search/qfullhit.htw

View files scripts/samples/search/qsumrhit.htw

View files Webhits

View files scripts/samples/search/author.idq

View files scripts/samples/search/filesize.idq

View files scripts/samples/search/filetime.idq

View files scripts/samples/search/query.idq

View files scripts/samples/search/queryhit.idq

View files scripts/samples/search/simple.idq

View files scripts/samples/search/filesize.idq

View files scripts/samples/search/filetime.idq

View files scripts/samples/search/query.idq

View files scripts/samples/search/queryhit.idq

View files scripts/samples/search/simple.idq

View files scripts/samples/search/qfullhit.htw

View files scripts/samples/search/qsumrhit.htw

View files scripts/samples/search/webhits.exe

View files iissamples/exair/howitworks/codebrws.asp

View files msadc/samples/selector/showcode.asp

View files scripts/rguest.exe

View files cgi-bin/rguest.exe

View files scripts/wguest.exe

View files cgi-bin/wguest.exe

View files Search admin webhits.exe

View files view-source

View files ~root

View files ~ftp

View files FormHandler.cgi

View files AltaVista query

View files search.cgi (EZSHOPPER)

View files htsearch

View files sojourn.cgi

View files windmail

Information cfcache.map

Information idc reveals physical paths

Information bdir.htr

Information server-info

Information server-status

Information robots.txt

Information cgi-bin/enivron.pl

Information scripts/environ.pl

Information testcgi

Information test-cgi

Information test.cgi

Information cgitest.exe

Information nph-test-cgi

Information mkilog.exe

Information mkplog.exe

Information cgi-bin/htimage.exe

Information scripts/htimage.exe

Information names.nsf

Information catalog.nsf

Information log.nsf

Information domlog.nsf

Information domcfg.nsf

Information doctodep.btr

FrontPage administrators.pwd

FrontPage authors.pwd

FrontPage users.pwd

FrontPage service.pwd

FrontPage IIS Account shtml.dll

Directory Listing cgi-bin

Directory Listing scripts

Directory Listing Netscape PageService

Shell check cgi-bin/sh

Shell check cgi-bin/csh

Shell check cgi-bin/ksh

Shell check cgi-bin/tcsh

Shell check cgi-bin/cmd.exe

Shell check scripts/cmd.exe

Perl cgi-bin/cmd32.exe

Perl scripts/cmd32.exe

Perl cgi-bin/perl.exe

Perl scripts/perl.exe

Perl Errors reveal info

Create file newdsn.exe

BUffer overrun fpcount.exe

Buffer Overrun count.cgi

Predictable SessionID rightfax

Search iissamples/issamples/query.asp

Search iissamples/exair/search/advsearch.asp

Search samples/search/queryhit.htm

Search Netscape

Password Attacks iisadmpwd/aexp3.htr

HTTP Methods allowed to root directory

HTTP Methods allowed to /users

HTTP Methods allowed to /cgi-bin

HTTP Methods allowed to /scripts

Create file in /users directory

Create file in /cgi-bin directory

Create file in / directory

Create file in /scripts directory

File Upload repost.asp

File Upload cgi-win/uploader.exe

View Source Netscape append space

View Source shtml.dll

View Source ::$DATA

Configuration .htaccess

SMTP Service - 21 Checks

************************

SMTP service is running

Service software enumeration

EXPN command allowed

VRFY command allowed

VERB command allowed

Mail relaying allowed'

Win2k SMTP IIS Service Buffer Overrun

SLMail Buffer Overrun

Exchange Service Packs

Sendmail Wizard

Sendmail debug

Sendmail piped aliases

Mail to programs

Mail from bounce check

Sendmail 8.6.9 IDENT vulnerability

Sendmail 8.6.11 DoS vulnerability

Sendmail 8.7.5 GECOS buffer overrun vulnerability

Sendmail 8.8.0 MIME buffer overrun vulnerability

Sendmail 8.8.3 MIME buffer overrun vulnerability

Decode alias check

Mail forgery

FTP Checks - 7 Checks

*********************

FTP daemon is running

Service Software enumeration

IIS 4 DoS

Anonymous logins allowed

Hidden /c directory found

Uploads allowed to /c

Uploads allowed to root

Portmapper - 2 Checks

*********************

Portmapper is listening

Dump RPC Services running

POP3 Checks - 3 Checks

**********************

POP3 Daemon is running

Service software enumeration

QPOP buffer overrun

MS SQL Server Checks - 19 Checks

********************************

MS SQL Server is running

sa login has no password

Dump logins from master database

login has a blank password

login's password is same as login name

Dump databases

guest account is enabled on database

Dump logins with access to database

Audit database roles in database

Audit members of server-wide sysadmin role

Audit members of server-wide securityadmin role

Audit members of server-wide setupadmin role

Audit members of server-wide serveradmin role

Audit members of server-wide diskadmin role

Audit members of server-wide processadmin role

Audit members of server-wide dbcreator role

Check if SQL Authentication is allowed

Check if Mixed Mode Authentication is allowed

Check if NT Authentication is allowed

NT Accounts - 8 Checks

********************

Enumnerate Account Name

User Full name

User Comment

User Privs

User Last logon

User Last password change

Account has a blank password

Account has password same as userID

NT Shares - 3 Checks

********************

Share Name

Share Type

Null session connection

NT Groups - 2 Checks

********************

Enumerate group names

Enumerate and list members

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有