| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | Re: Website detection |
| From: | "crazy frog crazy frog" <i.m.crazy.frog@gmail.com> |
| Date: | Thu, 22 Feb 2007 11:51:13 +0530 |
| Cc: | "3 shool" <3shool@gmail.com> |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=bo7Doz0vvoEECyAtuhE88oYfuodX1QioGuO3YWZUl9hQk++vFq6kCjGYgzxM4oKIA7oJwelIVF7K+VIXQ/N5IcqLOAKMf0770LIkHNKUZEnV0ey7QVsmFd8oi3oJdOsAXEgg0gqxeR+3rTM5s1pDy3JL3bY8g5y8A4ijo759Osc= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=sz4mTy1MlffmORhV9IPB/VomCphruz8EQfsdyjJ2nkl+zVwsZOL3/C1zusnAexT0u331AtmAHE1wdI1okVmDYl1q/pq8eAHGWZ3yRYej/mmj8ejEc/n5jnTcBrCoczJWBdPc7K0VFjR0grX/mHUYpeWQfi5zLwu0j8yQTSp4F9k= |
| In-reply-to: | <20070221015233.GB2783@sentinelchicken.org> |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| References: | <5a4274b50702190208l76d97209wec4b527a9730ad8a@mail.gmail.com> <20070221015233.GB2783@sentinelchicken.org> |
| Resent-date: | Fri, 23 Feb 2007 19:29:41 -0700 (MST) |
| Resent-from: | pen-test-return-1078483602@securityfocus.com |
| Resent-message-id: | <20070224022941.EC8061C27C7@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
sorry if it comes second time. hi, try fierce domain scan from ha.cker.org _CF On 2/21/07, Tim <tim-pentest@sentinelchicken.org> wrote: > We are doing a PT for one of our customers with 5 webservers. None of > these webservers have the website on the main url like > http://xxx.xxx.xxx.xxx but they have confirmed that they have critical > applications running on all the 5 web servers and for security > purposes they have moved the websites to something like > http://xxx.xxx.xxx.xxx/yyy. > > Now manually I guess it will take years to identify the correct URL > having the critical website by using guessing techniques. I was > wondering if there is a tool that could try various popular and brute > force combinations to automatically guess the possible URLs. > > I'm sure many of you would have wonderful ideas to address this > problem. Pls. enlighten. If these are public websites and they aren't using a robots.txt file, you can always run a google search like: site:xxx.xxx.xxx.xxx and you should get a few goodies. This won't work if they are careful though. tim ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ -- --------------------------------------- http://www.secgeeks.com get a blog on secgeeks :) register here:- http://secgeeks.com/user/register rss feeds :- http://secgeeks.com/node/feed Submit you security articles,send them to secgeek@secgeeks.com http://www.newskicks.com Submit and kick for new stories from all around the world. --------------------------------------- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: DNS mapping, crazy frog crazy frog |
|---|---|
| Next by Date: | Re: What protocol to choose for a new fuzzer?, jezzzz . |
| Previous by Thread: | Re: Website detection, Tim |
| Next by Thread: | Re: Website detection, Campbell Murray |
| Indexes: | [Date] [Thread] [Top] [All Lists] |