HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 31 guests and 1 member online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Resourcesarrow Toolsarrow X-scan v3.3
EH-Net
May 24, 2013, 01:37:29 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
EH-Net > Resources > Tools (Moderator: don) > X-scan v3.3
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: X-scan v3.3  (Read 9016 times)
0 Members and 1 Guest are viewing this topic.
CJS
Newbie
*
Offline Offline

Posts: 8


View Profile
« on: February 22, 2008, 03:08:05 PM »
I noticed that X-scan 3.3 was recommended in a thread in these forums (SlimJim100 gave a video of it), so I downloaded it from xfocus.org to try it out.

BUT, my AVG anti-virus claimed it has a worm, specifically the file "common_pass.dic" in the /dat directory. And of course AVG labeled about 21 other different files as "potentially dangerous" but that's not surprising given what the program is supposed to do. Also, I noticed that Mcafee Siteadvisor found numerous "red" downloads from the xfocus website.

I uploaded the common_pass.dic file to virustotal.com to get more opinions, and most of the virus programs didn't complain about it.

I guess I'm just looking for a little more reassurance at this point.  Cheesy
Is this program still considered safe to use?
Logged
LSOChris
Guest
« Reply #1 on: February 22, 2008, 04:23:42 PM »
well... did you actually read what was in the file?
Logged
proudindian
Newbie
*
Offline Offline

Posts: 32


View Profile
« Reply #2 on: February 25, 2008, 06:22:52 AM »
but the download page is not opening I think...can any1 give proper link of downloading xscan
Logged
CJS
Newbie
*
Offline Offline

Posts: 8


View Profile
« Reply #3 on: February 25, 2008, 08:51:19 AM »
Quote from: ChrisG on February 22, 2008, 04:23:42 PM
well... did you actually read what was in the file?

Looks like a data/text file obviously, so why would AVG flag it as a worm? I didn't think text files under any circumstance could be harmful, unless some other program somehow "used" the contents to aid that program in some malicious behavior. Any comments about this?
Logged
dean
Guest
« Reply #4 on: February 25, 2008, 09:33:13 AM »
Antivirus/antispyware/antimalware applications do not just scan a single file and deem it to be safe. If the file is part of a larger package and it is scanned the application will make the determination that you may be infected/compromised based on that file and the package it's part of.

For example: SSH brute force scripts may download and use a standard dictionary file and if this is discovered by your AV it will alert you to that fact.

Antivirus apps don't just scan for viruses. They scan for all forms of potentially malicious software. Eg: keyloggers, BHOs, etc.... I always wonder why Symantec flags netcat as do many other AV apps.

If you are intending to run tools such as that you might want to consider disabling or removing whatever host based firewalls, IDS/IPS, AV, antispyware apps you have running. You are going to have to whitelist/exclude so many files anyway that it's going to render the tools pretty ineffective.

Ideally, you would want your regular workstation you use for daily tasks to not to be used for testing tools, reversing malware, pentesting, etc....

dean
Logged
proudindian
Newbie
*
Offline Offline

Posts: 32


View Profile
« Reply #5 on: February 27, 2008, 07:21:50 AM »
people please help me downloading x scan,i am unable to download it,can you please tell me the procedure...
Logged
sgt_mjc
Sr. Member
****
Offline Offline

Posts: 294


View Profile
« Reply #6 on: February 27, 2008, 07:36:53 AM »
Use your tools in a VM. This gives your host protection even without an AV like dean mentioned. Good luck.
Logged
Mike Conway
CISSP
CompTia Security +
C|EH
CJS
Newbie
*
Offline Offline

Posts: 8


View Profile
« Reply #7 on: February 27, 2008, 07:37:29 AM »
Quote from: proudindian on February 27, 2008, 07:21:50 AM
people please help me downloading x scan,i am unable to download it,can you please tell me the procedure...
Not sure why you are having a problem, but here is a direct link to the program:
http://xfocus.org/programs/200507/X-Scan-v3.3-en.rar
Hope this helps.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.062 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.