Vulnerability Development mailing list archives
Re: HTTP scanners?
From: rb () CYBERPUNK RU (rb)
Date: Tue, 25 Jan 2000 12:34:00 +0300
I haven't heard about such things, but for example you can tune nmap scanner to verify only 80, 8080, 8081 and others common http potrs and scan whole network or you can use Grinder by Rhino9 - it scans only 80 port of subnet, but can return server version i think, there is no way to detect http service except port scanning of common used www service ports ... detecting server version - just send for example GET /no_such_url HTTP/1.1 to www port and analyse server output - in Server header you will see server's version i think, there is no use of this technology ( scanning subnets for www service ) except of CGI exploiting if you really want it - use Grinder or nmap if you want to find some vulnerable script - use Grinder with url like /phf but you must know - Grinder don't use proxy, so in server's logs you leaves fingerprints and as usual, if admin is not dumb, he'll send mail to abuse () yourprovider com with date, time, your ip and url like /phf and if yourprovider admin is not dumb too or is not friend of you, he asks you, what the hell are you doing P.S. sorry for english - i have a 3 in my School diary :) -----Èñõîäíîå ñîîáùåíèå----- Îò: Scorpus Kahn <scorpus () CROSSWINDS NET> Êîìó: VULN-DEV () SECURITYFOCUS COM <VULN-DEV () SECURITYFOCUS COM> Äàòà: 25 ÿíâàðÿ 2000 ã. 8:46 Òåìà: HTTP scanners?
I don't know if I am asking the right question or not, but I want to know
if
there is such a thing as a HTTP scanner? A small utility that allows you to scan networks/domains for all hosts that have a httpd running on them and will return the port number of the http server, and the make/version of the software. Possibly into a nicely sorted log or database. If there is such a thing what is it called? -Rory Savage
Current thread:
- Re: HTTP scanners? Thorsheim, Per (Jan 24)
- <Possible follow-ups>
- Re: HTTP scanners? Matt Storey (Jan 25)
- Re: HTTP scanners? rb (Jan 25)
- Re: HTTP scanners? Clifford, Shawn A (Jan 28)