WMAT - Web Mail Auth Tool Hello everyone, After successful project DFF Scanner (http://www.owasp.org/index.php/Phoenix/Tools, http://sla.ckers.org/forum/read.php?12,11148,11489, http://security-net.biz/wsw/index.php?p=242&n=195), I'm happy to introduce a new tool from NSS (http://netsec.rs) WMAT. WMAT is Web Mail Auth Tool that provide some essential functions for testing web mail logins. How it works ? It is very simple, You give WMAT file with usernames, file with passwords, URL of web mail app and chose pattern for attack. Patterns are XML files that define post/get fields, http method, referer, success tag, etc ... for each web mail applications. For now I have patterns for horde, squirrelmail, kerio and mdaemon web mail. Example of this XML file You can see here: http://security-net.biz/wmat/patterns/horde.wmat.xml. --- horde.wmat.xml --- <?xml version='1.0' encoding='UTF-8'?> <data> <username>horde_user</username> <password>horde_pass</password> <action_url>login.php</action_url> <success>sidebar.php</success> <method>post</method> <useragent></useragent> <referer></referer> <additional_fields></additional_fields> <author>ivan.markovic@netsec.rs</author> </data> ----------------------- I need some help from community for this patterns. In each pattern I expect author field as sign of gratitude. :) There are some more options like setting timeout (time between each request), bell on success and option for writing output in file. Readme file is here: http://security-net.biz/wmat/readme.txt. This is first version and I plan to implement more options like: - using a proxy - special addon for generation of usernames/passwords - automatic recognizer of web app - ... You can download WMAT from this URL: http://security-net.biz/wmat/wmat.zip, or see wmat.py here: http://security-net.biz/wmat/wmat.py.txt Please give some comments, ideas/requests, bug reports, ... Thanks, Ivan Markovic Network Security Solutions http://sla.ckers.org/forum/read.php?12,26600,26600#msg-26600 Sat, 25 May 2013 02:07:46 -0500 Phorum 5.2.15a http://sla.ckers.org/forum/read.php?12,26600,26962#msg-26962 Re: WMAT - Web Mail Auth Tool http://sla.ckers.org/forum/read.php?12,26600,26962#msg-26962
Just to say that we released a new version of WMAT, the download link is the same: http://security-net.biz/wmat/wmat.zip.

In new version we have support for SSL, Proxy and automatic password generator.
Updated readme can be found here: http://security-net.biz/wmat/readme.txt.


Please feel free to give any comment ... Thanks!]]> Ivan Projects Mon, 09 Mar 2009 17:40:59 -0500 http://sla.ckers.org/forum/read.php?12,26600,26600#msg-26600 WMAT - Web Mail Auth Tool http://sla.ckers.org/forum/read.php?12,26600,26600#msg-26600
After successful project DFF Scanner (http://www.owasp.org/index.php/Phoenix/Tools, http://sla.ckers.org/forum/read.php?12,11148,11489, http://security-net.biz/wsw/index.php?p=242&n=195), I'm happy to introduce a new tool from NSS (http://netsec.rs) WMAT.

WMAT is Web Mail Auth Tool that provide some essential functions for testing web mail logins.

How it works ? It is very simple, You give WMAT file with usernames, file with passwords, URL of web mail app and chose pattern for attack.

Patterns are XML files that define post/get fields, http method, referer, success tag, etc ... for each web mail applications.

For now I have patterns for horde, squirrelmail, kerio and mdaemon web mail.
Example of this XML file You can see here: http://security-net.biz/wmat/patterns/horde.wmat.xml.

--- horde.wmat.xml ---
<?xml version='1.0' encoding='UTF-8'?>
<data>
<username>horde_user</username>
<password>horde_pass</password>
<action_url>login.php</action_url>
<success>sidebar.php</success>
<method>post</method>
<useragent></useragent>
<referer></referer>
<additional_fields></additional_fields>
<author>ivan.markovic@netsec.rs</author>
</data>
-----------------------

I need some help from community for this patterns. In each pattern I expect author field as sign of gratitude. :)

There are some more options like setting timeout (time between each request), bell on success and option for writing output in file.

Readme file is here: http://security-net.biz/wmat/readme.txt.

This is first version and I plan to implement more options like:
- using a proxy
- special addon for generation of usernames/passwords
- automatic recognizer of web app
- ...

You can download WMAT from this URL: http://security-net.biz/wmat/wmat.zip, or
see wmat.py here: http://security-net.biz/wmat/wmat.py.txt


Please give some comments, ideas/requests, bug reports, ...


Thanks,
Ivan Markovic
Network Security Solutions]]> Ivan Projects Tue, 17 Feb 2009 09:13:14 -0600