| To: | "3 shool" <3shool@gmail.com> |
|---|---|
| Subject: | Re: Website detection |
| From: | pand0ra <pand0ra.usa@gmail.com> |
| Date: | Wed, 21 Feb 2007 22:24:02 -0700 |
| Cc: | pen-test@securityfocus.com |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=s4dkyGyt4t70d4u0FT/yGOck0h+OEoE2vTmQfq1DEznIcb+kW5xUKgz9Y8HVwMopOvt2Q+3HfYd8TQJahNaRuKtNaxNwpedU9XKuHp+KxjqRUVCNQnzcZ9IOuOEmwFWNpj1yPuS31/5+EVplB8TM6R3kDGYR0SkYt+gIwZHGAjk= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=hJ5VM+zKDr+O1rkGgkHkfPnk4Dme37OJmiynIhlIcwQ7Dz1Q0qKUVGvy6j2onVj0nj5dTsurkS+aG1AfZrMa+tc/QvXHwOMypvmy+rDLfWgExO1fE2+ZDaBDEh/BX6fNt31wrCorvd3jlNCJqMfnkDTi0ED/DvOXp1/aHSI81GE= |
| In-reply-to: | <2cf3b3170702201552m24dc9369ofaacf120ebf3c94c@mail.gmail.com> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <5a4274b50702190208l76d97209wec4b527a9730ad8a@mail.gmail.com> <2cf3b3170702201552m24dc9369ofaacf120ebf3c94c@mail.gmail.com> |
| Resent-date: | Fri, 23 Feb 2007 19:29:36 -0700 (MST) |
| Resent-from: | pen-test-return-1078483601@securityfocus.com |
| Resent-message-id: | <20070224022936.875EF14A019@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
You can try BiDiBlah. On 2/20/07, Robin Wood <dninja@gmail.com> wrote: It would be fairly simple to write a script which took a dictionary and used curl or wget to hit the site with each dictionary word appended on the url. Try to add extra words to the dictionary from the company website and company related documentation to allow you to cover company specific words. That is how I'd start. Robin On 2/19/07, 3 shool <3shool@gmail.com> wrote: > Hello Everyone, > > We are doing a PT for one of our customers with 5 webservers. None of > these webservers have the website on the main url like > http://xxx.xxx.xxx.xxx but they have confirmed that they have critical > applications running on all the 5 web servers and for security > purposes they have moved the websites to something like > http://xxx.xxx.xxx.xxx/yyy. > > Now manually I guess it will take years to identify the correct URL > having the critical website by using guessing techniques. I was > wondering if there is a tool that could try various popular and brute > force combinations to automatically guess the possible URLs. > > I'm sure many of you would have wonderful ideas to address this > problem. Pls. enlighten. > > THNX > > ------------------------------------------------------------------------ > This List Sponsored by: Cenzic > > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: Websites Finding, Bojan Zdrnja |
|---|---|
| Next by Date: | Re: Websites Finding, ankur jindal |
| Previous by Thread: | Re: Website detection, Robin Wood |
| Next by Thread: | RE: Website detection, Paul Melson |
| Indexes: | [Date] [Thread] [Top] [All Lists] |