Bug 209323
| Summary: | [new port]:security/dotdotpwn : fuzzer to discover traversal directory vulnerabilities | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Rihaz Jerrin <rihaz.jerrin> | ||||
| Component: | Individual Port(s) | Assignee: | Kurt Jaeger <pi> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | pi | ||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
|
Description
Rihaz Jerrin
2016-05-06 09:10:18 UTC
Committed (3.0.2), thanks! A commit references this bug: Author: pi Date: Wed Dec 7 21:29:36 UTC 2016 New revision: 428087 URL: https://svnweb.freebsd.org/changeset/ports/428087 Log: New port: security/dotdotpwn DotDotPwn - The Directory Traversal Fuzzer It's a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such as CMSs, ERPs, Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module. It's written in perl programming language and can be run either under *NIX or Windows platforms. WWW: https://github.com/wireghoul/dotdotpwn PR: 209323 Submitted by: Rihaz Jerrin <rihaz.jerrin@gmail.com> Changes: head/security/Makefile head/security/dotdotpwn/ head/security/dotdotpwn/Makefile head/security/dotdotpwn/distinfo head/security/dotdotpwn/files/ head/security/dotdotpwn/files/patch-DotDotPwn_HTTP.pm head/security/dotdotpwn/files/patch-DotDotPwn_HTTP__Url.pm head/security/dotdotpwn/pkg-descr head/security/dotdotpwn/pkg-plist |
