Tuesday, August 7, 2012

AntiDef : Anti defacement command line tool

Defacement Protector v1.0 : AntiDef is developed by Nir Valtman,  in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works.

How AntiDef works?
AntiDef compares two directory paths - the web application and its backup foder. Then, it performs hash (MD5 - we need performance) on each file in the folders and a final hash on all hashed files. The final hashes of the source and the destination are compared. If they are different, then defacement is found. In this case, only the defaced files are moved (by default) to pre-defined "Defaced" folder and then replaced by the backup legitimate files. Then "Defaced" folder includes the malicious files, a timestamp of the defacement and a log.

AntiDef compares the two paths above every 60 seconds, but it can be defined differently.

The full manual is described by running the tool without parameters, i.e.
java -jar AntiDef.jar

Download AntiDef

Share This Article on Twitter/Facebook/Blog/Forum or Anywhere:

New Post Older Post Home

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com