Weakness CGI vulnerability scanner
Weakness is a fairly simple CGI vulnerability network scanner. It
scans for 94 different CGI vulnerabilities. Of the vulnerabilities on
the NASA list, it scans for these 12:
Aglimpse
AnyForm
campas
textcounter
GuestBookCheck
Glimpse Vulnerability
PHPBufferOverflow
vulnphf
CgiPerlMailPrograms (websendmail)
Handler Check
uploader
webdist
The scanner only checks to see if the filename of a cgi program know
to be vulnerable exists, but not whether the cgi served by the web
server actually is vulnerable. Also, scanning can only be done on
port 80. Weakness is written to run on windows, and is available at:
http://www.silcom.com/~royalblu/weakness.zip
Pros:
- Simple command line interface.
- Checks for lots of CGI vulnerabilities.
Cons:
- Not very flexible; however, the source code is pretty simple and
would therefore be easy to modifiy. For example, it would be
trivial to add the ability to specifiy the port on the command
line.
- Doesn't do any analysis beyond checking for the existence of
vulnerable scripts.
Axes
- Static vs Dynamic: Dynamic, since Weakness is used to check the status
of a running machine.
- Library vs Instrumenting: Library, since it never sees source code.
- Testing vs Production: Production, since it is most likely used to
scan prodcution systems, although it could also be used to test a new
system configuration before the system is put into production.
- Opaque vs Clear vs Cloudy: Opaque, since it only looks for files
from the network.
- List vs Heuristic: List, since it has a list of files it looks for.
- Conservative vs Liberal: Conservative, since Weakness assumes the
presence of a particular filename indicates the presence of a particular
vulnerability.
- Concurrent vs Single: Concurrent, since it scans a whole system.
- Alert vs Advice: Alert.