介绍一套给网管使用的安全检查工具,可检查下列漏洞:
Web Checks - 126 Checks
***********************
Web service is running
Misc Evaluate web service software
Misc MS Proxy Server
Misc Remote IIS administration
Misc Oracle owa_util package
Execute Commands msadc
Execute Commands campas
Execute Commands jj
Execute Commands formmail
Execute Commands formmail.pl
Execute Commands faxsurvey
Execute Commands get32.exe
Execute Commands alibaba.pl
Execute Commands tst.bat
Execute Commands phf
Execute Commands webdist.cgi
Execute Commands aglimpse.cgi
Execute Commands echo.bat
Execute Commands hello.bat
Execute Commands loadpage.cgi
Execute Commands Oracle Bat files
View files iissamples/issamples/query.idq
View files iissamples/issamples/fastq.idq
View files iissamples/exair/search/search.idq
View files iissamples/exair/search/query.idq
View files prxdocs/misc/prxrch.idq
View files iissamples/issamples/oop/qfullhit.htw
View files iissamples/issamples/oop/qsumrhit.htw
View files scripts/samples/search/qfullhit.htw
View files scripts/samples/search/qsumrhit.htw
View files Webhits
View files scripts/samples/search/author.idq
View files scripts/samples/search/filesize.idq
View files scripts/samples/search/filetime.idq
View files scripts/samples/search/query.idq
View files scripts/samples/search/queryhit.idq
View files scripts/samples/search/simple.idq
View files scripts/samples/search/filesize.idq
View files scripts/samples/search/filetime.idq
View files scripts/samples/search/query.idq
View files scripts/samples/search/queryhit.idq
View files scripts/samples/search/simple.idq
View files scripts/samples/search/qfullhit.htw
View files scripts/samples/search/qsumrhit.htw
View files scripts/samples/search/webhits.exe
View files iissamples/exair/howitworks/codebrws.asp
View files msadc/samples/selector/showcode.asp
View files scripts/rguest.exe
View files cgi-bin/rguest.exe
View files scripts/wguest.exe
View files cgi-bin/wguest.exe
View files Search admin webhits.exe
View files view-source
View files ~root
View files ~ftp
View files FormHandler.cgi
View files AltaVista query
View files search.cgi (EZSHOPPER)
View files htsearch
View files sojourn.cgi
View files windmail
Information cfcache.map
Information idc reveals physical paths
Information bdir.htr
Information server-info
Information server-status
Information robots.txt
Information cgi-bin/enivron.pl
Information scripts/environ.pl
Information testcgi
Information test-cgi
Information test.cgi
Information cgitest.exe
Information nph-test-cgi
Information mkilog.exe
Information mkplog.exe
Information cgi-bin/htimage.exe
Information scripts/htimage.exe
Information names.nsf
Information catalog.nsf
Information log.nsf
Information domlog.nsf
Information domcfg.nsf
Information doctodep.btr
FrontPage administrators.pwd
FrontPage authors.pwd
FrontPage users.pwd
FrontPage service.pwd
FrontPage IIS Account shtml.dll
Directory Listing cgi-bin
Directory Listing scripts
Directory Listing Netscape PageService
Shell check cgi-bin/sh
Shell check cgi-bin/csh
Shell check cgi-bin/ksh
Shell check cgi-bin/tcsh
Shell check cgi-bin/cmd.exe
Shell check scripts/cmd.exe
Perl cgi-bin/cmd32.exe
Perl scripts/cmd32.exe
Perl cgi-bin/perl.exe
Perl scripts/perl.exe
Perl Errors reveal info
Create file newdsn.exe
BUffer overrun fpcount.exe
Buffer Overrun count.cgi
Predictable SessionID rightfax
Search iissamples/issamples/query.asp
Search iissamples/exair/search/advsearch.asp
Search samples/search/queryhit.htm
Search Netscape
Password Attacks iisadmpwd/aexp3.htr
HTTP Methods allowed to root directory
HTTP Methods allowed to /users
HTTP Methods allowed to /cgi-bin
HTTP Methods allowed to /scripts
Create file in /users directory
Create file in /cgi-bin directory
Create file in / directory
Create file in /scripts directory
File Upload repost.asp
File Upload cgi-win/uploader.exe
View Source Netscape append space
View Source shtml.dll
View Source ::$DATA
Configuration .htaccess
SMTP Service - 21 Checks
************************
SMTP service is running
Service software enumeration
EXPN command allowed
VRFY command allowed
VERB command allowed
Mail relaying allowed'
Win2k SMTP IIS Service Buffer Overrun
SLMail Buffer Overrun
Exchange Service Packs
Sendmail Wizard
Sendmail debug
Sendmail piped aliases
Mail to programs
Mail from bounce check
Sendmail 8.6.9 IDENT vulnerability
Sendmail 8.6.11 DoS vulnerability
Sendmail 8.7.5 GECOS buffer overrun vulnerability
Sendmail 8.8.0 MIME buffer overrun vulnerability
Sendmail 8.8.3 MIME buffer overrun vulnerability
Decode alias check
Mail forgery
FTP Checks - 7 Checks
*********************
FTP daemon is running
Service Software enumeration
IIS 4 DoS
Anonymous logins allowed
Hidden /c directory found
Uploads allowed to /c
Uploads allowed to root
Portmapper - 2 Checks
*********************
Portmapper is listening
Dump RPC Services running
POP3 Checks - 3 Checks
**********************
POP3 Daemon is running
Service software enumeration
QPOP buffer overrun
MS SQL Server Checks - 19 Checks
********************************
MS SQL Server is running
sa login has no password
Dump logins from master database
login has a blank password
login's password is same as login name
Dump databases
guest account is enabled on database
Dump logins with access to database
Audit database roles in database
Audit members of server-wide sysadmin role
Audit members of server-wide securityadmin role
Audit members of server-wide setupadmin role
Audit members of server-wide serveradmin role
Audit members of server-wide diskadmin role
Audit members of server-wide processadmin role
Audit members of server-wide dbcreator role
Check if SQL Authentication is allowed
Check if Mixed Mode Authentication is allowed
Check if NT Authentication is allowed
NT Accounts - 8 Checks
********************
Enumnerate Account Name
User Full name
User Comment
User Privs
User Last logon
User Last password change
Account has a blank password
Account has password same as userID
NT Shares - 3 Checks
********************
Share Name
Share Type
Null session connection
NT Groups - 2 Checks
********************
Enumerate group names
Enumerate and list members