Browse Source

H4: More about 'w00tw00t' scanning tech

master
Pekka Helenius 6 years ago
committed by GitHub
parent
commit
ae587be43d
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
  1. +8
    -0
      exercises/h4.md

+ 8
- 0
exercises/h4.md View File

@ -733,6 +733,14 @@ The most memorable log entry from the past years was, however, a penetration att
4.125.148.79 - - [07/Aug/2013:20:53:35 +0400] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 142 "-" "ZmEu" 4.125.148.79 - - [07/Aug/2013:20:53:35 +0400] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 142 "-" "ZmEu"
``` ```
`w00tw00t` scanning technique is an old one and dates back to the last decade. However, it is still being widely used. More about this intrusive scanning technique:
- [Symantec: Hacktool.DFind](https://www.symantec.com/security-center/writeup/2005-011411-1411-99)
- [NinTechNet: How to block web vulnerability scanners with iptables.](https://blog.nintechnet.com/how-to-block-w00tw00t-at-isc-sans-dfind-and-other-web-vulnerability-scanners/)
Information about `w00tw00t` is widely available from other online sources as well.
**d)** Create a set of websites on your local computer and copy the sites to your web server with scp command. **d)** Create a set of websites on your local computer and copy the sites to your web server with scp command.
-------------- --------------


Loading…
Cancel
Save