WebApp Sec mailing list archives
RE: Website "Scanner"
From: <glyng () corsaire com>
Date: Wed, 8 Jan 2003 23:24:31 -0000
Hi, It would be fairly straight-forward to use a dictionary generator in conjunction with any of the mentioned cgi-scanners (e.g. nikto, whisker etc.) - or simply piped through netcat - to achieve your aim. As others have mentioned, the key limiter will be the time involved to make so many requests to a server. It would probably be more efficient to produce a list of 'likely' root names (e.g. index, default, login) and extensions (htm, html, asp, php etc.) and iterate through them based on selected or enumerated paths on the target. Glyn.
-----Original Message----- From: backed.up.by.2048.bit.encryption () hushmail com [mailto:backed.up.by.2048.bit.encryption () hushmail com] Sent: 08 January 2003 21:13 To: webappsec () securityfocus com; cneppes () port80software com Cc: vuln-dev () securityfocus com Subject: RE: Website "Scanner" -----BEGIN PGP SIGNED MESSAGE----- On Wed, 08 Jan 2003 13:00:47 -0800 Chris Neppes <cneppes () port80software com> wrote:A very rich list of hacker and other network security tools: http://www.insecure.org/tools.htmlNothing there that I can see. The concept's quite simple:- say you even know the directory http://www.microsoft.com/new_products/bigwinner2002.html I want something that via dictionary or other, attacks all the files in "new_products" until it hits on something.Port80 Software, Inc. www.port80software.com 5252 Balboa Ave., Ste. 605 San Diego, CA 92117 cneppes () port80software com 858.268.7960 voice 619.606.2860 cell 858.268.7760 fax Web server modules for Microsoft IIS. security. performance. user experience. -----Original Message----- From: backed.up.by.2048.bit.encryption () hushmail com [mailto:backed.up.by.2048.bit.encryption () hushmail com] Sent: Wednesday, January 08, 2003 12:54 PM To: webappsec () securityfocus com Cc: vuln-dev () securityfocus com Subject: Website "Scanner" -----BEGIN PGP SIGNED MESSAGE----- Is there anything out there like a port scanner but for websites, where it dictionary attacks the files. For example you plug in the domain: http://www.foo.com and tries to find .html files (or other) http://www.foo.com - index.html ndex.html dex.html ex.html ......etc where runs through numerous possibilities to hit on files onthe server(and even) directories). If so, one could certainly hit on some sensitive information, say where the administrator has been testing something, or internal product infos etc. If there is nothing out there like this, why not? -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wnUEARECADUFAj4cj18uHGJhY2tlZC51cC5ieS4yMDQ4LmJpdC5lbmNyeXB0aW9uQGh1 c2htYWlsLmNvbQAKCRDEHQGvBp4eRJLBAKCPZpeToNzqtkqKkaIROClm91qhXgCfe4Eo /YwZbPRhApi54B5jewqOYCk= =d2v7 -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427-----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wnUEARECADUFAj4ck9wuHGJhY2tlZC51cC5ieS4yMDQ4LmJpdC5lbmNyeXB0aW9uQGh1 c2htYWlsLmNvbQAKCRDEHQGvBp4eRKckAJ0RSnfBT9vI8BHnQrW1PFzUI9n+SgCdGGDd jDhzEZgZ8aQ8F1YgqtYPCEQ= =llxu -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
Current thread:
- Re: Website "Scanner", (continued)
- Re: Website "Scanner" sullo (Jan 08)
- Re: Website "Scanner" Javier Fernandez-Sanguino (Jan 09)
- Re: Website "Scanner" Martin Eiszner (Jan 11)
- Re: Website "Scanner" Javier Fernandez-Sanguino (Jan 09)
- RE: Website "Scanner" Nelson Sampaio Araujo Junior (Jan 08)
- Re: Website "Scanner" Chris Reining (Jan 08)
- Re: Website "Scanner" Nicolas Waisman (Jan 11)
- RE: Website "Scanner" Chris Neppes (Jan 08)
- RE: Website "Scanner" Zimin, Alex (Jan 08)
- Re: Website "Scanner" Joris De Donder (Jan 08)
- RE: Website "Scanner" backed . up . by . 2048 . bit . encryption (Jan 08)
- RE: Website "Scanner" glyng (Jan 08)
- Re: Website "Scanner" Kurt Seifried (Jan 08)
- Re: Website "Scanner" sullo (Jan 09)
- RE: Website "Scanner" glyng (Jan 08)
- Re: Website "Scanner" sullo (Jan 08)
- Re: Website "Scanner" backed . up . by . 2048 . bit . encryption (Jan 08)
- Re: Website "Scanner" Nelson Sampaio Araujo Junior (Jan 09)
- Re: Website "Scanner" Chris Wysopal (Jan 09)
- Re: Website "Scanner" Mary Landesman (Jan 21)
- Re: Website "Scanner" Dave Aitel (Jan 09)
- Re: Website "Scanner" Kevin Spett (Jan 11)
- Re: Website "Scanner" Nelson Sampaio Araujo Junior (Jan 09)
- RE: Website "Scanner" glyn (Jan 10)
- Re: Website "Scanner" Todd Charron (Jan 11)