PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: URL Enumeration for Web Server IP Address

From: mitchell <mitchell () csc bg>
Date: Fri, 11 Jan 2013 03:24:19 +0200
Here is a short script that I use:

https://github.com/mukareste/utils/blob/master/pentest/findvhosts.py

You will need an API key for the Bing Search API.

I am not a developer, so don't laugh at the code :-).

--
# m.


On Fri, Jan 11, 2013 at 12:33 AM, allison nixon <elsakoo () gmail com> wrote:

this is also a handy tool but has a FP rate

http://www.yougetsignal.com/tools/web-sites-on-web-server/


On Thu, Jan 10, 2013 at 3:17 PM, Rob Fuller <jd.mubix () gmail com> wrote:


You can also do CIDR lookups on deepmagic:
https://www.deepmagic.com/ptrs/ptrs?search=cidr%3A4.23.173.0%2F24&limit=


--
Rob Fuller | Mubix
Certified Checkbox Unchecker
Room362.com | Hak5.org


On Thu, Jan 10, 2013 at 2:44 PM, TheTolik <thetolik () yahoo com> wrote:


Thank you Xavier.

This is fantastic, exactly what I was looking for! I'm glad there is this
option and will certainly make use of it. But this also raises a question --
Why isn't there some form of an RFC that natively presents URL's for
standard web server applications.... I can see this being somewhat of a
possible security consideration, but nonetheless....

Andy | Oxbeef



________________________________
From: Xavier Mertens <xavier () rootshell be>
To: PaulDotCom Security Weekly Mailing List
<pauldotcom () mail pauldotcom com>
Cc: TheTolik <thetolik () yahoo com>; PaulDotCom Security Weekly Mailing
List <pauldotcom () mail pauldotcom com>
Sent: Thursday, January 10, 2013 12:43 PM
Subject: Re: [Pauldotcom] URL Enumeration for Web Server IP Address

Use bing.com with a 'ip:x.x.x.x' query?
Alternative: morningstarsecurity.com/research/bing-ip2hosts

/x

Sent from my iPad

On 10 Jan 2013, at 18:55, anthony kasza <anthony.kasza () gmail com> wrote:

If it's a public site you could use passive DNS data
<http://www.bfk.de/bfk_dnslogger.html>
You could also try robtex <http://ip.robtex.com/>

-AK

On Thu, Jan 10, 2013 at 11:29 AM, TheTolik <thetolik () yahoo com> wrote:

Gurus,


I've run into an interesting challenge and cannot seem to figure out a

solution. Does anyone know if it's possible to enumerate or query for a
list

of URL's hosted on a specific IP address?


With dedicated web servers, hitting the IP address through http:// would

serve the page, but in case of shared web servers serving multiple

sites/URL's, is there an effective way to find all URL's serviced?


Any advice would be greatly appreciated.


Andy | Oxbeef


_______________________________________________

Pauldotcom mailing list

Pauldotcom () mail pauldotcom com

http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom

Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com





--
_________________________________
Note to self: Pillage BEFORE burning.

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: