Whisker 2.0


Whisker 2.0 ist einer der besten CGI Scanner für Linux.
Whisker 2.0 findet man unter der Adresse:
http://unc.dl.sourceforge.net/sourceforde/whisker/whisker-2.0.tar.gz

Nachdem man das Packet herunter geladen hat mit dem Kommando:
wget "http://unc.dl.sourceforge.net/sourceforde/whisker/whisker-2.0.tar.gz"

wird das Packet entpackt mit dem Kommando:
gzip –d whisker-2.0.tar.gz
tar vxf whisker-2.0.tar

Das starten von whisker Perl Script unter Shell:
perl whisker.pl –h 123.123.123.123

123.123.123.123 ist die Adresse von dem Computer den man scannen will.
Beispiel Ausgabe:
----------------------------------------------------------------------------
Whisker 2.0 beginning test against http://ftpfilesearch.com
----------------------------------------------------------------------------
Title: Notice
Whisker scans for CGIs by checking to see if the server says a particular
URL exists. However, just because a URL exists does not necessarily mean
it is vulnerable/exploitable--the vulnerability might be limited to only a
certain version of the CGI, and the server might not be using the
vulnerable version. There is also the case where many scripts use the
same generic CGI name (like count.cgi); in this case, the exact CGI being
used may not be the same one that contains the vulnerability.
Thus, the actual vulnerability of the CGI must be verified in order to get
a true assessment of risk. Whisker only helps in pointing out the problem
areas. The next step after scanning with whisker is to review each found
CGI by reviewing the reference URLs or searching for the CGI name on
SecurityFocus.com or Google.com.
----------------------------------------------------------------------------
Id: 100
Informational: the server returned the following banner:
Apache/1.3.19 (Unix) (SuSE/Linux) mod_ssl/2.8.3 OpenSSL/0.9.6a PHP/4.0.6 mod_perl/1.25 mod_throttle/3.0 mod_layout/1.0 mod_fastcgi/2.2.2 mod_dtcl
----------------------------------------------------------------------------
Whisker is currently crawling the website; please be patient.
----------------------------------------------------------------------------
Whisker is done crawling the website.
----------------------------------------------------------------------------
Id: 2017
Found URL: /cgi-bin/htsearch
See references for specific information on this vulnerability.
----------------------------------------------------------------------------
Title: Notable directories found
Id: 101
Found URLs:
/manual/
/old/
Whisker scans for a list of 'notable' directories--that is, directories
which may contain interesting information and/or CGIs. The finding of a
directory does not immediately signal a problem; rather, you should go
back and review the contents of each found URL to determine if there is
any sensitive material in those directories.
----------------------------------------------------------------------------
Whisker scan completed in less than 1 minute