Hello everyone,
After successful project DFF Scanner (http://www.owasp.org/index.php/Phoenix/Tools, http://sla.ckers.org/forum/read.php?12,11148,11489, http://security-net.biz/wsw/index.php?p=242&n=195), I'm happy to introduce a new tool from NSS (http://netsec.rs) WMAT.
WMAT is Web Mail Auth Tool that provide some essential functions for testing web mail logins.
How it works ? It is very simple, You give WMAT file with usernames, file with passwords, URL of web mail app and chose pattern for attack.
Patterns are XML files that define post/get fields, http method, referer, success tag, etc ... for each web mail applications.
For now I have patterns for horde, squirrelmail, kerio and mdaemon web mail.
Example of this XML file You can see here: http://security-net.biz/wmat/patterns/horde.wmat.xml.
--- horde.wmat.xml ---
<?xml version='1.0' encoding='UTF-8'?>
<data>
<username>horde_user</username>
<password>horde_pass</password>
<action_url>login.php</action_url>
<success>sidebar.php</success>
<method>post</method>
<useragent></useragent>
<referer></referer>
<additional_fields></additional_fields>
<author>ivan.markovic@netsec.rs</author>
</data>
-----------------------
I need some help from community for this patterns. In each pattern I expect author field as sign of gratitude. :)
There are some more options like setting timeout (time between each request), bell on success and option for writing output in file.
Readme file is here: http://security-net.biz/wmat/readme.txt.
This is first version and I plan to implement more options like:
- using a proxy
- special addon for generation of usernames/passwords
- automatic recognizer of web app
- ...
You can download WMAT from this URL: http://security-net.biz/wmat/wmat.zip, or
see wmat.py here: http://security-net.biz/wmat/wmat.py.txt
Please give some comments, ideas/requests, bug reports, ...
Thanks,
Ivan Markovic
Network Security Solutions
http://www.security-net.biz/
