GNITvse rc1: GNIT Vulnerability Scanning Engine -
Platforms:
Windows 2000,
Windows NT
Categories:
Auditing,
NetBIOS,
Network,
SMB,
System Security Management,
Windows NT
Version:
URL: http://security.ellicit.org
A vulnerability scanner which scans for the following:
- NBTStat Scan
- Null IPC Session Establishment
- Net View Scan
- Enumerates all Global Groups
- Enumerates all Local Groups
- Enumerates all User Accounts
- Gives the following details for each account:
- Global and local group membership
- Account Expiration date
- Full Name
- Bad Password Attempts
- Comments
- Last Logon Date
- Last Log Off Date
- Logon Server
- Successful Logins
- Password Age
- Primary Group ID
- Privilege Level
- RID (Relative Identifier)
- Enumerates number of Network Adapter cards installed on remote machine
- Enumerates which protocols are bound to which NICs
- Displays Web Server Type and Version
- Scans for 84 known vulnerable URL structures (easily modified)
- FTP Banner grab
- Attempts to login anonymously via FTP
- SMTP Banner grab
- POP3 Banner grab
- Telnet Connect Check
- WINS Connect Check
- DNS Connect Check
- NNTP Connect Check
- LDAP Connect Check
- SOCKS Connect Check
- Microsoft SQL Connect Check
- PCAnywhere Connect Check
- Wingate Log file Service Connect Check
- AltHTTP Connect Check
- Netbus (Default) Connect Check
- VNC Connect Check
*** Now produces final report in spiffy HTML output :)
