README - screamingCSS v1.00 - < January 12, 2002 > by David...

This preview shows page 1 - 2 out of 4 pages.

The preview shows page 1 - 2 out of 4 pages.
screamingCSS v1.00 -- < January 12, 2002 >by David deVitry[ [email protected] ]This program is simple a modified screamingCobra witha simple detector for Cross Site Scripting vulnerablities.See:A clean result from this program does not mean that a siteis free from CSS and a positive result should be tested byhand.Requirementswget and perl5replace screamingCobra with screamingCSS for now.------------------ Original README -----------------------screamingCobra v1.03 -- < January 11, 2002 >by Samy Kamkar [[email protected]]usage: screamingCobra.pl [-e] [-i] [-s|-v] <>[:port][/start/page]========================= TABLE OF CONTENTS =========================1. What is screamingCobra2. What screamingCobra does3. Why was screamingCobra written4. Configuring screamingCobra5. Command-line options6. Vulnerabilities found in popular sites7. Supported Operating Systems=======================_____________________________1. __ WHAT IS SCREAMING COBRA __=============================Any CGI that doesn't check arguements that are passed to itover the web are possibly vulnerable to attacks which allowa malicious user get read access to almost any file on thatsystem, if not access to execute programs.screamingCobrais almost always able to find those bugs REMOTELY due tothe common errors programmers make.screamingCobra is an application for remote vulnerabilitydiscovery in ANY UNKNOWN web applications such as CGIs and PHPpages.Simply put, it attemps to find vulernabilities in allweb applications on a host without knowing anything about theapplications.Modern CGI scanners scan a host for CGIswith known vulnerabilities.screamingCobra is able to 'find'the actual vulnerabilities in ANY CGI, whether it has beendiscovered before or not.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 4 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
jane smith
Tags
Default, Default judgment, screamingCobra

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture