Frontpage snoop (developed by me) nice hack tool
FrontPage snoop v 1.2:
This tool takes advantage of frontpage enabled web servers by checking for weaknesses in an automated fashion. It will firstly attempt to get the “service.pwd” file from the target website which will hold the username(s) and password(s) for that site in a user:h45h fashion, were the password will have the DES hash that is relatively easily cracked - which will enable an attacker full admin access to the site. It lists all the /vti_pvt/ files which divulges a lot of info, it then tries the /vti_inf.html file which, when you view the source code of that page, shows in the comments the servers configuration and settings. And lastly it attempts to check if FTP is enabled as an upload access point (if not it’ll likely be webdav or fp extensions). As you can see this can lead to the entire compromise of a vulnerable server in an easy to use automated fashion. Coded in VC++ required the .NET framework 3.5 or above.
