Run of fresh-snapshots for dotdotpwn
Try this locally package):
debcheckout dotdotpwn
cd dotdotpwn
new-upstream --snapshot --import-only
Summary
new-upstream --snapshot --import-onlyDiff
Branch: pristine-tar
diff --git a/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.delta b/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.delta
new file mode 100644
index 0000000..babbc6c
Binary files /dev/null and b/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.delta differ
diff --git a/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.id b/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.id
new file mode 100644
index 0000000..cbfa6ef
--- /dev/null
+++ b/dotdotpwn_3.0.2+git20200208.98760e1.orig.tar.gz.id
@@ -0,0 +1 @@
+0d046ef0505740a41970cf551f6cba4f85bb086c
Branch: upstream
Tag: upstream/3.0.2+git20200208.98760e1diff --git a/DotDotPwn/HTTP_Url.pm b/DotDotPwn/HTTP_Url.pm
index 34014a8..802bac8 100644
--- a/DotDotPwn/HTTP_Url.pm
+++ b/DotDotPwn/HTTP_Url.pm
@@ -46,6 +46,8 @@ sub FuzzHTTP_Url{
$UserAgent = @UserAgents[int(rand(@UserAgents))];
$UserAgent =~ s/[\r\n]//g;
$http->agent($UserAgent);
+ $http->ssl_opts(verify_hostname => 0);
+ $http->ssl_opts(SSL_verify_mode => 0x00);
my $tmp_url = $url; # Not to overwrite the TRAVERSAL token
$tmp_url =~ s/TRAVERSAL/$traversal/g;
diff --git a/README.txt b/README.md
similarity index 89%
rename from README.txt
rename to README.md
index e109e03..d48c372 100644
--- a/README.txt
+++ b/README.md
@@ -1,4 +1,5 @@
-=== DESCRIPTION ===
+### DESCRIPTION ###
+
DotDotPwn - The Directory Traversal Fuzzer
It's a very flexible intelligent fuzzer to discover traversal
@@ -22,15 +23,14 @@ Fuzzing modules supported in this version:
- STDOUT
+### REQUIREMENTS ###
-
-=== REQUIREMENTS ===
- Perl (http://www.perl.org)
Programmed and tested on Perl 5.8.8 and 5.10
- Nmap (http://www.nmap.org)
Only if you plan to use the OS detection feature
-(needs root priviledges)
+(needs root privileges)
Perl modules:
- Net::FTP
@@ -42,28 +42,34 @@ Perl modules:
You can easily install the missing modules doing the
following as root:
+
+```
# perl -MCPAN -e "install <MODULE_NAME>"
+```
+
or
+
+```
# cpan
cpan> install <MODULE_NAME>
+```
+### EXAMPLES ###
-
-=== EXAMPLES ===
Read EXAMPLES.txt
+### CONTACT ###
-=== CONTACT ===
Official Website: http://dotdotpwn.sectester.net
Official Email: dotdotpwn@sectester.net
Bugs / Contributions / Improvements: dotdotpwn@sectester.net
+### AUTHORS ###
-=== AUTHORS ===
-
+```
Christian Navarrete aka chr1x Alejandro Hernandez H. aka nitr0us
http://twitter.com/chr1x http://twitter.com/nitr0usmx
chr1x@sectester.net nitrousenador@gmail.com
@@ -71,14 +77,15 @@ Bugs / Contributions / Improvements: dotdotpwn@sectester.net
CubilFelino Security Research Lab Chatsubo [(in)Security Dark] Labs
http://chr1x.sectester.net http://chatsubo-labs.blogspot.com
+```
+### CHANGE HISTORY ###
-=== CHANGE HISTORY ===
Read CHANGELOG.txt
+### LICENSE ###
-
-=== LICENSE ===
+```
DotDotPwn - The Directory Traversal Fuzzer
Copyright (C) 2012 Christian Navarrete and Alejandro Hernandez H.
@@ -94,3 +101,4 @@ GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>
+```