WScan v3.0 - CRST红狼小组的web扫描器
来自C.R.S.T的WScan v3.0,cooldiyer作品,一个很不错的web扫描器,夜火极力推荐哦~
wscan V3.0 - Network Security Scanner (By cooldiyer Jul 22 2008)
usage: wscan <-v> <-h Host> <-r RulesFile> <-p Port> <-m MaxThread>
<-t Timeout> <-l LogFile>
Example:
> wscan -h www.baidu.com -r cgi.txt -p 80 -m 10 -t 3
速度,稳定一流
规则文件实例如下,类似twwwscan的规则语法,规则需以";"结束
如下只关注200状态码
200-> HEAD :/database/lyboard.mdb^桃源网络论坛数据库;
200-> HEAD :/database/PE_Region.mdb^动网论坛数据库;
200-> HEAD :/data/dvbbs7.mdb^动网论坛数据库;
200-> HEAD :/databackup/dvbbs7.mdb^动网论坛备份数据库;
关注200,403,301任意一个
200|403|301-> HEAD :Eedit/^Eedit/;
200|403|301-> HEAD :eWebEditorNet/^eWebEditorNet/;
200|403|301-> HEAD :edit/eWebEditorNet/^edit/eWebEditorNet/;
200|403|301-> HEAD :Admin/eWebEditorNet/^Admin/eWebEditorNet/;
200|403|301-> HEAD :Admin/eWebEditorNet/UploadFile/^Admin/eWebEditorNet/UploadFile/;
上传压缩包内容如下:
BUGS.txt
cgi.txt
db.txt
dic.txt
dirfile.txt
edit.txt
nt.txt
php.txt
scan.bat
script.txt
unix.txt
unix_cgi.txt
wscan.exe
admin.txt
upfile.txt
