Bed

Description

BED (aka Bruteforce Exploit Detector) is a plain-text protocol fuzzer that checks software for common vulnerabilities like buffer overflows, format string bugs, integer overflows, etc.

The tool is a collection of scripts to automatically test implementations of different protocols for buffer overflows and for format string vulnerabilities. This is done by sending a many different combinations of the known to be problematic strings to a server.

It is a program which is designed to check daemons for potential buffer overflows, format string bugs etc.

The Bruteforce Exploit Detector (BED) does exactly what the name implies. The program will allow you to send data to the target application in hopes that a crash will occur.

Written in Perl by mjm and Eric Sesterhenn, the tool currently supports following protocols:

  • finger
  • ftp
  • http
  • imap
  • irc
  • lpd
  • pjl
  • pop
  • smtp
  • socks4
  • socks

Usage

Syntax

bed -s <plugin> -t <target> -p <port> -o <timeout> [ depends on the plugin ]

Options

 -s <plugin>   = FTP/SMTP/POP/HTTP/IRC/IMAP/PJL/LPD/FINGER/SOCKS4/SOCKS5
 -t <target>   = Host to check (default: localhost)
 -p <port>     = Port to connect to (default: standard port)
 -o <timeout>  = seconds to wait after each test (default: 2 seconds)
 use "-s <plugin>" to obtain the parameters you need for the plugin.

 Only -s is a mandatory switch.

Example

cyborg@cyborg:~$ bed -s HTTP -t ztrela.com -p 80 

 B E D 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de )

 + Buffer overflow testing:
		testing: 1	HEAD XAXAX HTTP/1.0	....
0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?