[TOOL] Gwee (Generic Web Exploitation Engine)

From: SecuriTeam (support_at_securiteam.com)
Date: 05/11/04

  • Next message: SecuriTeam: "[UNIX] Open Webmail Remote Command Execution (userstat.pl)"
    To: list@securiteam.com
    Date: 11 May 2004 16:03:09 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Gwee (Generic Web Exploitation Engine)
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    Gwee (Generic Web Exploitation Engine) is a small program written in C
    designed to exploit input validation vulnerabilities in web scripts, such
    as Perl CGIs, PHP, etc. Gwee is much like an exploit, except more
    general-purpose. It features several reverse (connecting) shell codes (x86
    Linux, FreeBSD, NetBSD, Perl script (universal), Python script
    (universal)), 4 methods of injecting (executing) them, built-in http/https
    client and built-in server (listener) for receiving connections (and
    remote shell) from injected shell codes. Gwee is distributed under the MIT
    License. NOTE: Sabu wrote the Perl and Python shell codes.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:Michel Blomgren>
    michel@cycom.se.
    The tool can be downloaded from:
    <http://cycom.se/uploads/39/5/gwee-1.21.tar.gz>
    http://cycom.se/uploads/39/5/gwee-1.21.tar.gz.
    Visit the tool's homepage at: <http://cycom.se/dl/gwee>
    http://cycom.se/dl/gwee.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: SecuriTeam: "[UNIX] Open Webmail Remote Command Execution (userstat.pl)"

    Relevant Pages

    • [NT] Horde Multiple XSS
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... based on PHP and the Horde Framework." ... Horde is subject to a client side script injection vulnerability in the ...
      (Securiteam)
    • [UNIX] Mantis Bug Tracker Multiple Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... any HTML or script code can be injected. ... * Another XSS vulnerability can be found in the signup.php script (ex.: ... there is also a remote PHP code execution in the system. ...
      (Securiteam)
    • [NT] Perl win32_stat Function Buffer Overflow Vulnerability
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Perl is "a popular programming language due to its text manipulation ... * All versions of Perl for Win32 operating systems up to and including ...
      (Securiteam)
    • [NEWS] NetworkEverywhere Router Model NR041 Script Injection via DHCP
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Everywhere NR041 Cable/DSL 4-port router "connects multiple PCs to your ... malicious script code can be ... The code for such an HTML file is ...
      (Securiteam)
    • [NT] Snitz Forum 2000 Cross Site Scripting In User Registration Form
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A cross site scripting vulnerability has been found in the user ... When registering a new account the register.asp script fails to properly ... Vendor Status: ...
      (Securiteam)