表示whisker没有发现可以用于攻击的文件。

whisker主要从以下的站点获得安全缺陷信息：http://www.foundstone.com、http://www.securityfocus.com、http://www.packetstorm.securify.com。

还有其它一些WEB服务器缺陷扫描程序，不过这些程序的包容性和反应速度都不及whisker。

Cgichk.pl

Cgichk.pl是一个使用perl编写的扫描程序，它有非常好的日志功能，能够对信息进行很好的回溯。

#./cgichk.pl
CGI scanner [in Perl] v1.1

Host: 192.168.1.2
HTTP Port [80]:
Log Session?(y/n)n
Press [enter] to check the httpd version...

HTTP/1.1 200 OK
Server: Microsoft-IIS/4.0
Date: Wed, 01 Nov 2000 19:57:13 GMT
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQQQQGZZ=HGECMCCDEJALHKKHHCPMJLEP; path=/
Cache-control: private

Press [enter] to check for CGI vulnerabilities...

Searching for UnlG - backdoor : Not Found
Searching for THC - backdoor : Not Found
Searching for phf : Not Found
Searching for Count.cgi : Not Found
Searching for test-cgi : Not Found
Searching for nph-test-cgi : Not Found
Searching for nph-publish : Not Found
Searching for php.cgi : Not Found
Searching for handler : Not Found
Searching for webgais : Not Found
Searching for webdist.cgi : Not Found
Searching for faxsurvey : Not Found
Searching for htmlscript : Not Found
Searching for pfdisplay : Not Found
Searching for perl.exe : Not Found
Searching for wwwboard.pl : Not Found
Searching for www-sql : Not Found
Searching for view-source : Not Found
Searching for campas : Not Found
Searching for aglimpse : Not Found
Searching for glimpse : Not Found
Searching for man.sh : Not Found
Searching for AT-admin.cgi : Not Found
Searching for filemail.pl : Not Found
Searching for maillist.pl : Not Found
Searching for jj : Not Found
Searching for info2www : Not Found
Searching for files.pl : Not Found
Searching for finger : Not Found
Searching for bnbform.cgi : Not Found
Searching for survey.cgi : Not Found
Searching for AnyForm2 : Not Found
Searching for textcounter.pl : Not Found
Searching for classifields.cgi: Not Found
Searching for wguest.exe : Not Found
Searching for bdir - samples : Not Found
Searching for CGImail.exe : Not Found
Searching for newdsn.exe : Found!
Searching for fpcount.exe : Not Found
Searching for counter.exe : Not Found
Searching for visadmin.exe : Not Found
Searching for openfile.cfm : Not Found
Searching for exprcalc.cfm : Not Found
Searching for dispopenedfile : Not Found
Searching for sendmail.cfm : Not Found
Searching for codebrws.asp : Not Found
Searching for codebrws.asp : Not Found
Searching for showcode.asp : Not Found
Searching for search97.vts : Not Found
Searching for carbo.dll :Not Found
Server may have CGI vulnerabilities.

从结果可以看出，这个扫描程序只能发现whisker发现的一部分缺陷。其它的一些区别还包括输出的显示。whisker对输出的分类更详尽一些，例如：Access Forbidden和Object Not Found的划分。

Malice

Malice也是一个使用perl写成的perl扫描程序，具有某些规避IDS检测的功能，而且能够进行大量的检测。

./malice5.2.pl
Malice .5.2
Anti IDS scanner that uses null scans with HEAD requests
Much props to doom for editing this.

Host: 192.168.1.2
Port: 80
HTTP/1.1 200 OK
Server: Microsoft-IIS/4.0
Date: Wed, 01 Nov 2000 20:02:45 GMT
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by
"" on "1998.10.20T15:20-0400" exp "1999.10.20T12:00-0400" r
(v 0 s 0 n 0 l 0))
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQQQQQGZZ=OHECMCCDJGGMODLBHBIEDKGO; path=/
Cache-control: private

Checking 192.168.1.2 for CGI holes.....:
Exploit Found: /scripts/tools/newdsn.exe
Location: /scripts/tools/newdsn.exe
Exploit Found: /?PageServices
Location: /?PageServices
Exploit Found: WebDAV transversal
Location: /secret/secret/sql_tool.shtml
Exploit Found: default.asp
Location: /default.asp

malice能够进行一些其它扫描程序不能做的检查，而且它会试图避开IDS系统的检测。从结果还可以看出，它查出了两个whisker没有发现的缺陷。malice的另一个不同之处是，它只显示能够的检测结果。

扫描完成后，我们就获得许多系统潜在的缺陷信息。下一步就是对这些潜在的缺陷进行实际的攻击测试。完成实际的攻击测试之后，根据测试结果对实际的缺陷进行修补。

本文讲到的一些和一些没有讲到的WEB服务器缺陷扫描工具可以从以下地址获得。

whisker:http://www.wiretricp.net
cgichk.pl:http://packetstorm.securify.com
malice:http://kickme.to/security666
netcat:http://www.securityfocus.org
nmap:http://www.insecure.org
MD-webscan:http://www.internettrash.com/users/mordrian

结论

本文介绍了WEB服务器安全规划的前两步：指纹特征分析和缺陷分析。 
http://netadmin.77169.com/HTML/20040310064000.html