Update Web Sorrow v-1.4.9 – a perl based tool for misconfiguration, version detection, enumeration, and server information scanning.

changelog v-1.4.9 : ADDED: -reject and -die ENHANCED: host specification. fixed one bug
Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks.
Current functionality:

-host [host] — Defines host to scan, a list separated by semicolons, type ranges, and 1.1.1.* type ranges. You can also use the type ranges for domains like www1-10.site.com

-port [port num] — Defines port number to use (Default is 80)

-proxy [ip:port] — Use an HTTP, HTTPS, or gopher proxy server


-S — Standard set of scans including: agresive directory indexing,

Banner grabbing, Language detection, robots.txt,

HTTP 200 response testing, Apache user enum, SSL cert,

Mobile page testing, sensitive items scanning,

thumbs.db scanning, content negotiation, and non port 80

server scanning

-auth — Scan for login pages, admin consoles, and email webapps

-Cp [dp | jm | wp | all] scan for cms plugins.

dp = drupal, jm = joomla, wp = wordpress

-Fd — Scan for common interesting files and dirs (Bruteforce)

-Sfd — Very small files and dirs enum (for the sake of time)

-Sd — BruteForce Subdomains (host given must be a domain. Not an IP)

-Ws — Scan for Web Services on host such as: cms version info,

blogging services, favicon fingerprints, and hosting provider

-Db — BruteForce Directories with the big dirbuster Database

-Df [option] Scan for default files. platfroms/options: Apache,

Frontpage, IIS, Oracle9i, Weblogic, Websphere,

MicrosoftCGI, all (enables all)

-ninja — A light weight and undetectable scan that uses bits and

peices from other scans (it is not recomended to use with any

other scans if you want to be stealthy. See readme.txt)

-fuzzsd — Fuzz every found file for Source Disclosure

-e — Everything. run all scans

-intense — like -e but no bruteforce

-I — Passively scan interesting strings in responses such as:

emails, wordpress dirs, cgi dirs, SSI, facebook fbids,

and much more (results may Contain partial html)

-dp — Do passive tests on requests: banner grabbing, Dir indexing,

Non 200 http status, strings in error pages,

Passive Web services


-ua [ua] — Useragent to use. put it in quotes. (default is firefox linux)

-Rua — Generate a new random UserAgent per request

-R — Only request HTTP headers via ranges requests.

This is much faster but some features and capabilitises

May not work with this option. But it’s perfect when

You only want to know if something exists or not.

Like in -auth or -Fd

-gzip — Compresses http responces from host for speed. Some Banner

Grabbing will not work

-d dir — Only scan within this directory

-https — Use https (ssl) instead of http

-nr — Don’t do responce analisis IE. False positive testing,

Iteresting headers (other than banner grabbing) if

you want your scan to be less verbose use -nr

-Shadow — Request pages from Google cache instead of from the Host.

(mostly for just -I otherwise it’s unreliable)

-die — Stop scanning host if it appears to be offline

-reject — Treat this http status code as a 404 error


web-sorrow also has false positives checking on most of it’s requests (it pretty accurate but not perfect)


basic: perl Wsorrow.pl -host scanme.nmap.org -S
stealthy: perl Wsorrow.pl -host scanme.nmap.org -ninja -proxy
scan for login pages: perl Wsorrow.pl -host -auth
CMS intense scan: perl Wsorrow.pl -host -Ws -Cp all -I
most intense scan possible: perl Wsorrow.pl -host -e
dump http headers: perl headerDump.pl
Check if host is alive: perl hdt.pl -host
sample output

using option -Ws
[*] _______WEB SERVICES_______ [*]

[+] Found service or widget: google analytics

[+] Found service or widget: disqus.com commenting system

[+] Found service or widget: quantserve.com

[+] Found service or widget: twitter widget

using option -S

[+] Server Info in Header: “Via: varnish ph7”

[+] HTTP Date: Mon, 22 Oct 2012 01:36:11 GMT

[+] HTTP Title: [cen0red]

[+] robots.txt found! This could be interesting!

[?] would you like me to display it? (y/n) ? Y

[+] robots.txt Contents:

User-agent: *


Sitemap: http://[cen0red]/sitemap.xml

[+] Directory indexing found in “/icons/”

[+] xmlrpc: /xmlrpc.php

HTTP CODE: 403 -> [+] Apache information: /server-status/

[+] Domain policies: /crossdomain.xml

[+] OPEN HTTP server on port: 81
Download : Web-Sorrow_v1.4.9.zip (7.1 MB)
Find Other Version |
Read more in here : http://code.google.com/p/web-sorrow/ or contact at twitter :@flyinpoptartcat