Tools

PHP Scanner

This little tool scans PHP Scripts for potential vulnerable PHP functions and then traces back its parameters. With this you can easily see if a parameter of a vulnerable function comes from userinput. Additionally PHP Scanner allows you to mark those lines in the source (bottom frame) and build custom CURL code to exploit the issues found.
Manual Scanmouseover highlight exploit curlcode
(new and open source version: see RIPS)

RIPS – A static source code analyser for vulnerabilities in PHP scripts

Finally I improved the code from my old PHP Scanner and the new tool called RIPS was released during the Month of PHP Security. RIPS is open source and freely available at http://sourceforge.net/projects/rips-scanner/.

Some features:

  • detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more
  • 5 verbosity levels for debugging your scan results
  • mark vulnerable lines in source code viewer
  • user-defined function code by mouse-over on detected call
  • list of all user-defined functions and program entry points (user input) connected to the source code viewer
  • create CURL exploits for detected vulnerabilties with few clicks
  • 7 different syntax highlighting colour schemata
  • only minimal requirement is a local webserver with PHP and a browser (tested with Opera and Firefox)

RIPS - Codeviewer RIPS - Exploit Creator RIPS - Function List + Mouseover

Download

3 Responses to Tools

  1. lexak says:

    Hi Johannes Dahse! Thank you for new release RIPS and comment me in CHANGELOG. It is very useful tools. I found some vulnerabilities in my site by RIPS. I will be glad to assist your project.

  2. mp says:

    Hi Johannes,
    would you mind to give a look and review my ‘special’ SQLi framework? I do think you will find it …very useful, and maybe you could suggest me how to improve it.
    It’s at Woodmann for now, because I dont have the time to make a site for it… maybe later in future.
    You can see a screenshot here to quickly understand what it is made and thought for..

    (on Woodmann’s CISTL http://www.woodmann.com/collaborative/sectools/index.php/SiAF_-_SQLi_Attack_Framework )

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 87 other followers

%d bloggers like this: