It would be fairly simple to write a script which took a dictionary
and used curl or wget to hit the site with each dictionary word
appended on the url.
Try to add extra words to the dictionary from the company website and
company related documentation to allow you to cover company specific
words.
That is how I'd start.
Robin
On 2/19/07, 3 shool <3shool@gmail.com> wrote:
Hello Everyone,
We are doing a PT for one of our customers with 5 webservers. None of
these webservers have the website on the main url like
http://xxx.xxx.xxx.xxx but they have confirmed that they have critical
applications running on all the 5 web servers and for security
purposes they have moved the websites to something like
http://xxx.xxx.xxx.xxx/yyy.
Now manually I guess it will take years to identify the correct URL
having the critical website by using guessing techniques. I was
wondering if there is a tool that could try various popular and brute
force combinations to automatically guess the possible URLs.
I'm sure many of you would have wonderful ideas to address this
problem. Pls. enlighten.
THNX
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
|