VULNHOO:
Vulnhoo is a tool being developed by Matt Marx and Kyle Riley, which started during an internship at MWRInfoSecurity. It works as a standalone python script that accepts a banner and returns a list of vulnerabilities pertaining to the various technologies extracted from it.
As an example, consider the simple banner
Apache 2.2.1
Vulnhoo will extract the service name Apache and respective version 2.2.1. This information is then used to search the CVE database for any vulnerabilities specific to Apache 2.2.1
Vulnhoo uses its built-in intelligence to parse vulnerabilities in the database where the version isn't explicitly stated.
.... versions of Apache before 2.3 allow attackers to....
This vulnerability would turn up as a positive case, as it states all versions below 2.3.
If the services contained in the banner are not immediately detectable, the script runs a weighted search that will attempt to perform a deeper, more intelligent search that prioritizes words in the banner. The most relevant search results obtained from this search are then returned.
The project is still in development and will hopefully undergo significant optimization and tweaking in the near future.
Thanks for using it, let us know what you think or any suggestions that you may have!
DOWNLOAD
You can download the latest version of Vulnhoo here.
Enjoy!
Disclaimer:
The information returned by Vulnhoo is provided to assist users in scanning their own networks, or networks for which they have been given permission to test, in order to determine the security of such networks. It is not intended to assist with scanning or locating vulnerabilities in remote sites with the intention of breaking into or exploiting services on those sites, or for information gathering purposes beyond those allowed by law. We hereby disclaim any responsibility for actions performed with this tool and urge all who seek information towards a destructive end to reconsider their life, and do something constructive instead.
