Penetration Testing mailing list archives
Re: Word lists, again...
From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 23 May 2001 19:13:44 -0600 (MDT)
On Wed, 23 May 2001, Alberto Grazi wrote:
Since I didn't have any name of files (listing is not allowed) my approach was to try a sort of "dictionary attack" on the URL. I tried with a normal English dictionary but it didn't find anything (each word was truncated to the 8th char and ".exe" was appended)...
If you're looking for the 8.3 version of the file, it would normally be 123456~1.exe, not 12345678.exe. Is that what you tried? You might also try the full word, as it's possible to disable 8.3 support, or change the default truncation from ~1. Ryan
Current thread:
- Word lists, again... Alberto Grazi (May 23)
- Re: Word lists, again... Ryan Russell (May 23)
- Re: Word lists, again... H D Moore (May 23)
- Re: Word lists, again... Philip Stoev (May 24)
- <Possible follow-ups>
- RE: Word lists, again... Chris Tobkin (May 24)
- RE: Word lists, again... R. DuFresne (May 24)
- RE: Word lists, again... Barber, Chris (May 24)