Perl Language နဲ႔ေရးထားတဲ့ Tool ေလးတစ္ခုပါ။ ဒီေကာင္က ပုံမွာျမင္ရတဲ့အတုိင္း website ေတြကုိ Scan ေပးမွာပါ။ ဒါေၾကာင့္ windows သမားေတြကေတာ့ Perl ကုိသြင္းထားရပါမယ္။ အဲဒီအတြက္ Active Perl ဆုိတာကုိသြင္းထားရင္ အဆင္ေျပပါတယ္။ Active perl ကုိအင္စေတာ့လုပ္ထားရင္ C:\Perl ဆုိတဲ့ Directory တစ္ခုရွိလာပါမယ္။ အဲဒီ Directory မွာေဒါင္းထားတဲ့ဖုိင္ကုိ (တကယ္လုိ႔ Zip ဖုိင္ဆုိရင္ျဖည္ေပးလုိက္ေပါ့) extract ျပီး ထားလုိက္ပါ။ ဥပမာ C:\Perl\Something ေပါ့။ ကြ်န္ေတာ္ကေတာ့ C:\Perl ထဲမွာ extract လုပ္ထားေတာ့ CMD မွာ ခုလုိ dir change လုိက္ပါမယ္။
အသုံးျပဳနည္းကုိေတာ့ ဒီ မွာအေသးစိတ္ေလ့လာလုိ႔ရပါတယ္။ ကြ်န္ေတာ္ကေတာ့ ခုလုိ Google ကုိ scan ၾကည့္လုိက္ပါတယ္။ အဆင္ေတာ့ မေျပဘူးေပါ့။ အေသးစိတ္ကုိ ကုိယ့္ဘာသာကလိေပါ့ဗ်ာ။ login page ကုိရွာတာတုိ႔ အမ်ားၾကီးပါတယ္။ အုိေက။ စမ္းမယ္ဆုိရင္ ေအာက္ကေနေဒါင္းလုိက္ဗ်ာ။
Basic overview of capabilities:
Download: Direct MirrorWeb Services: a CMS and it's version number, Social media widgets and buttons, Hosting provider, CMS plugins, and favicon fingerprints
Authentication areas: logins, admin logins, email webapps
Bruteforce: Subdomains, Files and Directories
Stealth: with -ninja you can gather valuable info on the target with as few as 6 requests, with -shadow you can request pages via google cache instead of from the host
AND MORE: Sensitive files, default files, source disclosure, directory indexing, banner grabbing (see below for full capabilities)
![[MSF]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhirDSlE-BtL225zcwELV-uPG7ShLpQFgYa1B0UAdhebnIIaTM_0_rOPHwId-npaYzO06muISuLmBsRyp5MX83eBBYyDEKmSt-fT-E7WgkrKLn1TKeY5bb2gRuof1vQlhx5MHDUDjgwOko/s1600/4sec.png){kind=small}
No comments:
Post a Comment
If you good, i don't bad. if you think you can bark me, I think i can also fuck you. I'm just ordinary person. Is that OK? :)