Re: scanner/http/vhost_scanner | Misleading name

[Jacky Jack <jacksonsmth698 () gmail com>]

Nope, I'm thinking of actual virtual host digger which doesn't concern
with dns instead  it deals with only the target.
For example,  the target is a web server which has many virtual hosts defined.
I need a module that automates:

GET / HTTP/1.1
Host: {Common_VIRTUAL_HOSTS}
Connection: close

hosts will be:

- intranet.company.com
- test.company.com
- www1.company.com

The digger will compare the result between the page content hash of
with host header and without host header.

These names haven't been defined in DNS server till the production stage.
If you think it sounds logical, someone will come up to code this new module.



On Thu, Mar 25, 2010 at 3:46 AM, Jonathan Cran <jcran () 0x0e org> wrote:
> On Wed, Mar 24, 2010 at 3:27 PM, Jonathan Cran <jcran () 0x0e org> wrote:
> > > > scanner/http/vhost_scanner should be scanner/http/subdomain_scanner
> > > > as it digs for subdomains.
> >
> > nope, it's doing queries against each host for :80 and comparing that with
> > a known value. not the same as a subdomain scanner, which is just going to
> > query for a dns record.
>
> if you're looking for dns subdomain scanning, take a look at gather/dns_enum
>
> jcran
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework