about us

Welcome Everyone! Hi guys hacktadine is here. I want to personally welcome everyone to the site. i am the founder of APRESEC (A PREsistent SECurity). i like to play with tech and i feel myself as an techfreek. if u visit this blog it means you are buddy. so feel free to join our community
Posted by

DotDotPwn -20% you need to know

 

dotdotpwn

It’s a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc.

Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.

It’s written in perl programming language and can be run either under *NIX or Windows platforms. It’s the first Mexican tool included in BackTrack Linux (BT4 R2).

Fuzzing modules supported in this version:

  • HTTP
  • HTTP URL
  • FTP
  • TFTP
  • Payload (Protocol independent)
  • STDOUT

Source: https://github.com/wireghoul/dotdotpwn
DotDotPwn Homepage


  • Author: chr1x, nitr0us
  • License: GPLv2

Tools included in the dotdotpwn package

dotdotpwn.pl – DotDotPwn – The Directory Traversal Fuzzer
 

dotdotpwn Usage Example

Use the HTTP scan module (-m http) against a host (-h 192.168.1.1) , using the GET method (-M GET):

root@hacktadine:~# dotdotpwn.pl -m http -h 192.168.1.1 -M GET

Comments

Post a Comment

another post