Whisker 2.0Whisker 2.0 ist einer der besten CGI Scanner für Linux. Whisker 2.0 findet man unter der Adresse: http://unc.dl.sourceforge.net/sourceforde/whisker/whisker-2.0.tar.gz Nachdem man das Packet herunter geladen hat mit dem Kommando: wget "http://unc.dl.sourceforge.net/sourceforde/whisker/whisker-2.0.tar.gz" wird das Packet entpackt mit dem Kommando: gzip –d whisker-2.0.tar.gz tar vxf whisker-2.0.tar Das starten von whisker Perl Script unter Shell: perl whisker.pl –h 123.123.123.123 123.123.123.123 ist die Adresse von dem Computer den man scannen will. Beispiel Ausgabe: ---------------------------------------------------------------------------- Whisker 2.0 beginning test against http://ftpfilesearch.com ---------------------------------------------------------------------------- Title: Notice Whisker scans for CGIs by checking to see if the server says a particular URL exists. However, just because a URL exists does not necessarily mean it is vulnerable/exploitable--the vulnerability might be limited to only a certain version of the CGI, and the server might not be using the vulnerable version. There is also the case where many scripts use the same generic CGI name (like count.cgi); in this case, the exact CGI being used may not be the same one that contains the vulnerability. Thus, the actual vulnerability of the CGI must be verified in order to get a true assessment of risk. Whisker only helps in pointing out the problem areas. The next step after scanning with whisker is to review each found CGI by reviewing the reference URLs or searching for the CGI name on SecurityFocus.com or Google.com. ---------------------------------------------------------------------------- Id: 100 Informational: the server returned the following banner: Apache/1.3.19 (Unix) (SuSE/Linux) mod_ssl/2.8.3 OpenSSL/0.9.6a PHP/4.0.6 mod_perl/1.25 mod_throttle/3.0 mod_layout/1.0 mod_fastcgi/2.2.2 mod_dtcl ---------------------------------------------------------------------------- Whisker is currently crawling the website; please be patient. ---------------------------------------------------------------------------- Whisker is done crawling the website. ---------------------------------------------------------------------------- Id: 2017 Found URL: /cgi-bin/htsearch See references for specific information on this vulnerability. ---------------------------------------------------------------------------- Title: Notable directories found Id: 101 Found URLs: /manual/ /old/ Whisker scans for a list of 'notable' directories--that is, directories which may contain interesting information and/or CGIs. The finding of a directory does not immediately signal a problem; rather, you should go back and review the contents of each found URL to determine if there is any sensitive material in those directories. ---------------------------------------------------------------------------- Whisker scan completed in less than 1 minute |