Updated: February 13, 2007 11:42:21 AM
Type: Hack Tool
Risk Impact: High
File Names: Varies
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
Hacktool.DFind allows an attacker to probe a range of IP addresses to determine whether a host whose address is in that range is vulnerable to specific exploits or is running certain legitimate services.
When Hacktool.DFind is run, it performs the following actions:
- Scans for the following vulnerabilities and services:
- Open TCP and UDP ports.
- HP Web JetAdmin
- PSOProxy Server
- HP Web Server
- Microsoft Frontpage
- Hacktool.Radmin
- RealServer
- Apache Servers
- IIS servers
- Windows Media Service
- IPC$ shares without password protection.
- Weak write permissions in Microsoft IIS web server.
- Backdoor.OptixPro.10 and variants.
- Dictionary attacks on SQL Servers
- NULL/NTAuth/Passworded connections on Hacktool.Radmin
- The CCBill webserver module
- The PHPbb webserver module
- The PHP-Nuke webserver module.
- WebDav enabled on IIS5.0 webservers
- The Microsoft Windows IIS Index Server ISAPI System-level Remote Access Buffer Overflow
(Microsoft MS01-033)
- The Microsoft SQL Server MDAC buffer overflow (Microsoft MS02-040).
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
