|Platform : Windows & Unix/Linux. written in perl|
This software works as an ordinary webspider, but rather in storing the file, it analyses the HTML output and tries to inject characters that can have a special meaning for an underlying platform. Furthermore, it
tries to tamper web variables – implying to get error messages.
Errors found in web applications -often- pose a misunderstood security hole. Having your website firewalled and protected with IDS/IPS mostly doesn’t help much to your application security. As often quoted before; security is only as strong as it’s weakest link.
How to use:
LiLith v0.6a is written in perl 5 and only needs perl with some modules
that often come with perl by default. If any error arises upon starting
the program, please install following modules:
Lilith can be run from any posix or Microsoft Windows machine, such as
following example (on Linux 2.4.x):
$ perl lilith.pl
When lilith.pl is run without an argument , a short usage menu explains
how parameters need to be passed. The most default way of running this
tool is just with a host argument, such as following example:
$ perl lilith.pl www.server.com
This will start “spidering” the web pages hosted at www.server.com and
will inject several characters in places where possible, such as
Of course, LiLith has many options to “tune” your spidering process and
to increase verbosity on screen and logging output. The several options
are explained in the next section “LiLith options”.
This section explains options that can be used with LiLith:
running a website where a webapplication is located at
a certain directory (eg: /ebank/), then this directory
can be specified. *Note*: any links that jump back to
the homepage will not be followed , any external links
(hyperlinks going to other websites) will not be saved
and audited. If the target is specified with a direc-
tory (eg: “www.target.com/myapp/”), then the directory
will be parsed.
default user-agent is set to “LiLith v0.6a”, but this
can be changed. The argument for this parameter can be
nummeric and get a agent from the list (which is seen
when issuing -a 0) or a alphanummeric string that will
be used as the user-agent. This can be handy in audits
when set to for example: “Security Scan “. The
list of ‘normal’ browsers is to ensure compatibility
with browser-specific (eg: IE) applications.
-u : If the target web application is protected with basic
authentication then credentials (username and password
respectively) can be set here. For example:
-p : If you can only access the target web application by going through a proxy, this can be specified here. The
format should be in the format. Eg:
-U : If the proxy, specified with the -p argument, requires
authentication, then it can be set here. It adapts the
same format as basic authentication.
-T : If defined , then LiLith will wait seconds in
between sending two requests. This argument should be
of a nummeric nature, eg: “-T 2” will make LiLith wait
for two (2) seconds between each request.
-f : LiLith will log all requests, responses with relevant
timestamps. This can come in handy when comparing any
IDS logs against the LiLith logfile. The specified
logfile should be a writeable file, and all data will
be stored in a readable ASCII file.
-c : Ignore any cookies presented by the host [default off]
that are used by the application. Often these contain
data that should be remembered (eg: language, session
Download Version :
Windows : lilith.zip https://github.com/mhendrickx/Lilith/zipball/master
unix/linux : lilith.tar.gz https://github.com/mhendrickx/Lilith/tarball/master
For Any Question you can mailing list with author :
Michael Hendrickx <email@example.com>