Saturday, April 4, 2009

winAUTOPWN v1.7 Released

| Brett D. Arion |
An auto exploit framework with original exploit code, winAUTOPWN is a little unique in that it is self contained and is continually updated. Future updates are to include a server that will autoupdate the exploits. From the winAUTOPWN site:

"Features :

- Contains already custom-compiled executables of
famous and effective exploits alongwith a few
original exploits.
- No need to debug, script or compile the source
codes.
                - Scans all ports 1 - 65535 after taking the IP
address and tries all possible exploits according
to the list of discovered open ports
(OpenPorts.TXT)
- PortScan is multi-threaded.
- Doesn't require any Database at the back-end
like msf
- Can be also be used to test effectiveness of
IDS/IPS
- Launched exploits are independent and doesn't
rely on service fingerprinting (to avoid evasion,
if any)

                The aim of creating winAUTOPWN is not to compete
with already existing commercial frameworks like
Core Impact (Pro), Immunity Canvas, Metasploit
Framework (freeware), etc. which offer autohacks,
but to create a free, quick, standalone
application which is easy to use and doesn't
require a lot of support of other dependencies.
Also not forgetting that winAUTOPWN unlike other
frameworks maintains the original exploit
writer's source code intact just as it was and
uses it. This way the exploit writer's credit and
originality is maintained. The source is modified
only when required to enable a missing feature or
to remove hard-coded limitations. Under these
circumstances also, the exploit writers credits
remain intact.

Newer exploit modules are added as and when they
release and older ones are also being daily
added.
Binaries of perl, php, python and cygwin DLLs
(included) are required to exist either in a
common folder or should be properly installed
with their paths registered for those exploits
which are cannot be compiled into a PE-exe.

Some anti-viruses might falsely detect the
exploits as malicious.
                
Future :
- A separate DragonflyBSD-server is being set up
which will hold the exploit repository and the
next version will autosync the exploits from them
in the appropriate folder.

NOTE : In case of emergency, Press "Q"
/ "q" anytime to EXIT the program.

NOTE : This program winAUTOPWN is released under
the WTFPL (http://sam.zoy.org/wtfpl/)"
                

Much like the other automagic hacking/pen-testing tools we have featured, this one is surely worth a try!!

Free Security Magazines