Unfortunately, I've never used Retina Scanner so I'm probably not in the position to claim who's copying who. (smile) I do know that currently SSS holds the spot as the 'preferred tool' for exploit identification in the warez/hacking scene.
I've seen it used a number of times on compromised systems. That is to say, someone has popped a shell of sorts and run SSS from a script. The Modus Operandi seems to be they compromise one node running an FTPD. They then upload SSS and a predefined scan script. They then pass the appropriate commands to run SSS from the remote host to scan their real target(s). Once SSS is done they FTP back on to the machine and retrieve the results. I'll grab a copy of Retina Scanner and tear through it now that you have my curiosity peaked. - KJH Ken Hayes Network Administrator Eastbay / Footlocker.com Wausau, WI Offices (715) 261-9573 [EMAIL PROTECTED] To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> cc: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> Subject: RE: Exploit Tool 11/10/2002 07:06 PM Hi, There is one question that tickles me from long time ago. If you check on Shadow Security Scanner and Retina Scanner from Eeye, they resemble each other. Anyone knows if they are using a common GUI, or either 'copying' the others ? I found very little documentation on the official website(russian) for SSS. Thank you Regards, Leonard Ong Network Security Specialist, APAC NOKIA Email. [EMAIL PROTECTED] Mobile. +65 9431 6184 Phone. +65 6723 1724 Fax. +65 6723 1596 -----Original Message----- From: ext [EMAIL PROTECTED] [mailto:khayes@;eastbay.com] Sent: Saturday, November 09, 2002 5:03 AM To: JM Cc: [EMAIL PROTECTED] Subject: Re: Exploit Tool Shadow Security Scanner is currently the hot tool in the exploit checking circles. It's exploit DB is regularly updated with the latest and greatest. It not only checks to see if the exploit exists, it tests the exploit and then reports back it's findings. - You can customize your scans to include or exclude what filters/exploits you want to test on. - You can run the test against a single IP or a range. - Reports are delivered in HTML format but can be exported to a number of other formats Do a search at Google for it. Regards, - KJH Ken Hayes Network Administrator Eastbay / Footlocker.com Wausau, WI Offices (715) 261-9573 [EMAIL PROTECTED] To: <[EMAIL PROTECTED]> cc: "JM" Subject: Re: Exploit Tool <[EMAIL PROTECTED] m> 11/07/2002 11:15 AM Sorry for the dumb question...but someone must be able to help... There are loads of tools out there to identify vulnerabilites, I for one am using Retina 4.9. This is good in that it tell you exactly how to fix the problem. What I would like to know is if there are any tools out there that will find the vulnerabilitites and test them, i.e. Try to exploit them. For example, running the vulnerability scanner against a particular host list the following as a vulnerability; Web Servers: TCP:80 - IIS HTR ISAPI CHUNKING BUFFER OVERFLOW DESCRIPTION: A vulnerability in IIS involving the processing of chunked HTTP data and it's use by the HTR ISAPI, can be exploited by an attacker to remotely execute the code of his choice RISK LEVEL: High HOW TO FIX: Microsoft has released a hotfix to eliminate this vulnerability RELATED LINKS: Microsoft Security Bulletin eEye Advisory CVE: CAN-2002-0364 What I would like to know is, if there is a tool that could demonstrate this vulnerability by exploting it. Of course this would be done in a test environment only, but it is to demonstrate the exploit to a client who thinks these things are rarely exploited. Thanks JM --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.413 / Virus Database: 232 - Release Date: 06/11/2002 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The information in this e-mail, and any attachment therein, is confidential and for use by the addressee only. If you are not the intended recipient, please return the e-mail to the sender and delete it from your computer. Although the Company attempts to sweep e-mail and attachments for viruses, it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The information in this e-mail, and any attachment therein, is confidential and for use by the addressee only. If you are not the intended recipient, please return the e-mail to the sender and delete it from your computer. Although the Company attempts to sweep e-mail and attachments for viruses, it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses.