WebApp Sec mailing list archives
Re: How to list all the URLs on a web server
From: skill2die4 () secguru com
Date: Fri, 7 Jan 2005 17:19:13 -0600 (CST)
accessed without authentication directly by an application that knows each file URL.
I was in similar situation where the site i was testing had urls based upon client names, but then how to enumerate all the clients in order to move further ? eg... www.xyz.com/<client-name>/login.asp So, i googled -> site:"xyz.com" but got nothing as they blocked the spiders ...damn ! now what .. hummm ? then i googled -> link:"xyz.com" which produced the links of all their client pages which were pointing to xyz.com and helped me in moving further with my tests ;-) Try other options like , inurl etc.. think like a spider ! HTH, -=skillz=- www.secguru.com/webapptest-cheatsheet.html .
Current thread:
- How to list all the URLs on a web server Lists (Jan 07)
- Re: How to list all the URLs on a web server skill2die4 (Jan 08)
- RE: How to list all the URLs on a web server Lyal Collins (Jan 08)
- Re: How to list all the URLs on a web server GuidoZ (Jan 08)
- Re: How to list all the URLs on a web server Dan Connelly (Jan 09)
- Re: How to list all the URLs on a web server PCSage Information Services (Jan 10)
- <Possible follow-ups>
- RE: How to list all the URLs on a web server Ofer Shezaf (Jan 08)
- Re: How to list all the URLs on a web server Rafael San Miguel Carrasco (Jan 09)
- Re: How to list all the URLs on a web server tie (Jan 09)
- Re: How to list all the URLs on a web server michaelsilk (Jan 08)
- RE: How to list all the URLs on a web server Ofer Shezaf (Jan 10)