Ooo this is one of my favorite tools! It is called IIS Shortname Scanner!
It helps you identify the tilde vulnerablity in IIS 5,6,7 and 8.
Here’s the whitepaper on the vulnerability! (Link HERE)
Here’s a link to the github! (Link HERE)
You’d run it like this:
java -jar iis-shortname-scanner.jar 2 20 https://example.com/
Here’s a screenshot of output if it’s actually vulnerable!
ENJOY!
Read all the entries in this series!
- Under Utilized Tools/Resources #1
- Under Utilized Tools/Resources #2
- Under Utilized Tools/Resources #3
- Under Utilized Tools/Resources #4
- Under Utilized Tools/Resources #5
- Under Utilized Tools/Resources #6
- Under Utilized Tools/Resources #7
- Under Utilized Tools/Resources #8
- Under Utilized Tools/Resources #9
- Under Utilized Tools/Resources #10
- Under Utilized Tools/Resources #11
- Under Utilized Tools/Resources #12
- Under Utilized Tools/Resources #13
- Under Utilized Tools/Resources #14
- Under Utilized Tools/Resources #15
- Under Utilized Tools/Resources #16
- Under Utilized Tools/Resources #17
- Under Utilized Tools/Resources #18
- Under Utilized Tools/Resources #19
- Under Utilized Tools/Resources #20
- Under Utilized Tools/Resources #21
- Under Utilized Tools/Resources #22
- Under Utilized Tools/Resources #23
- Under Utilized Tools/Resources #24
- Under Utilized Tools/Resources #25
- Under Utilized Tools/Resources #26
- Under Utilized Tools/Resources #27
- Under Utilized Tools/Resources #28
END TRANSMISSION