BED Package Description
BED stands for Bruteforce Exploit Detector. It is designed to check daemons for potential buffer overflows, format strings et. al.
- Author: mjm, eric
- License: GPLv2
Tools included in the bed package
bed – A network protocol fuzzer
root@kali:~# bed
BED 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de )
Usage:
./bed.pl -s <plugin> -t <target> -p <port> -o <timeout> [ depends on the plugin ]
<plugin> = FTP/SMTP/POP/HTTP/IRC/IMAP/PJL/LPD/FINGER/SOCKS4/SOCKS5
<target> = Host to check (default: localhost)
<port> = Port to connect to (default: standard port)
<timeout> = seconds to wait after each test (default: 2 seconds)
use "./bed.pl -s <plugin>" to obtain the parameters you need for the plugin.
Only -s is a mandatory switch.
BED 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de )
Usage:
./bed.pl -s <plugin> -t <target> -p <port> -o <timeout> [ depends on the plugin ]
<plugin> = FTP/SMTP/POP/HTTP/IRC/IMAP/PJL/LPD/FINGER/SOCKS4/SOCKS5
<target> = Host to check (default: localhost)
<port> = Port to connect to (default: standard port)
<timeout> = seconds to wait after each test (default: 2 seconds)
use "./bed.pl -s <plugin>" to obtain the parameters you need for the plugin.
Only -s is a mandatory switch.
bed Usage Example
Use the HTTP plugin (-s HTTP) to fuzz the target server (-t 192.168.1.15):
root@kali:~# bed -s HTTP -t 192.168.1.15
BED 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de )
+ Buffer overflow testing:
testing: 1 HEAD XAXAX HTTP/1.0
BED 0.5 by mjm ( www.codito.de ) & eric ( www.snake-basket.de )
+ Buffer overflow testing:
testing: 1 HEAD XAXAX HTTP/1.0