It's a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as Web/FTP/TFTP servers,Web platforms such as CMSs,ERPs,Blogs,etc.Also,it has a protocol independent module to send the desired payload to the host and port specified. On the other hand,it also could be used in a scripting way using the STDOUT module.It's written in perl programming language and can be run either under *NIX or Windows platforms.Fuzzing modules supported in this version:- HTTP - HTTP URL - FTP - TFTP - Payload (Protocol independent) - STDOUT
Now included in the Backtrack R2
- apt-get install dotdotpwn
- cpan -i HTTP::Lite
Download: http://packetstormsecurity.org
No response to “DotDotPwn v2.1 - The Directory Traversal Fuzzer”
Leave a reply