This simple utility will connect to a webserver of your choosing and verify whether or not it is compliant to RFC 2616. Designed to verify Microsoft IIS servers.
5b11c0bdc25366a8b34ef23012f5c5ecbc7af057a245736c18f21d6c0f7efddb
#######################################################################
#!/usr/bin/perl
#
# isurlscan.pl - Testing User-Agent: overflow field
#
# This tool simply checks an IIS machine for the implementation of the
# URLScan information security control provided by Microsoft. This tool
# does not comply with RFC 2616 and is therefore detectable.
#
# Detects:
# - URLScan up to 6.0.3547.0
# - Other versions ??
#
# References:
# - Stephen Cope <mail@nonsense.kimihia.org.nz>
# - RFC 2616
#
# Quickhack code: feel free to modify, update, delete, ... this piece
# of quickly slapped together code for your own fun and profit :)
#
#######################################################################
use IO::Socket;
use Net::hostent;
print "isurlscan.pl - Test Microsoft URL Scan Usage, by Filip Maertens\n";
die " [x] Too little arguments, syntax: isurlscan [host] (port)\n\n" if @ARGV == 0;
#######################################################################
# COMMAND LINE STUFF
$port = $ARGV[1];
$port = "80" if $ARGV[1] == "";
$host = inet_ntoa(gethostbyname($ARGV[0])->addr);
print " Evaluating parameters:\n";
print " - Hostname : $ARGV[0], ($host:$port)\n";
print " - Port : $port\n";
print " Creating request: ";
$request = "HEAD /isurlscan.exe HTTP/1.0\nHost:$ARGV[0]\nUser-Agent:IsURLScan v0.01\r\n\r\n";
print "Done\n";
#######################################################################
# ZHA REEL STUFF
print " Connection status: ";
$socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>$port) || die "Failed.\n";
print "Alive\n";
print $socket "$request";
# Check returned data
my $the_response=<$socket>;
# get the header data :: if you feel savvy, you might want to insert more controls here
while(<$socket>=~ m/^(\S+):\s+(.+)/) {
# skip over the headers
}
my $data='';
# get the entity body
while (<$socket>) {
$data.=$_
};
close($socket);
$status = "RFC 2616 compliant";
$status = "Non RFC 2616 compliant, URL Scan might be implemented" if length($data) > 0;
print " Target status: ";
print "$status\n\n";
#######################################################################
# (EOF)