Penetration Testing mailing list archives
[PEN-TEST] Finding Web Admin Pages
From: Julian Niemeyer <julian.niemeyer () VIRGIN NET>
Date: Sun, 25 Mar 2001 11:59:28 +0100
Some Web servers seem to allow administration via HTTP. Obviously, there is not a link on the home page "Click here to administer the server"! Instead, the pages are hidden away - security through obscurity. I want to be able to find them. For a tool, I am first going to look at elza from www.stoev.org before writing anything. I recon it will be easy to check if a search returns a 404, 403 or 401. However, I am keen to avoid having to brute force directiories. Does anyone know of a list of well-used or default admin pages and ports for web servers (or other systems for that matter). If not, perhaps folks could post any that they have come across to this list so a collection can be compiled. Thanks, Julian
Current thread:
- [PEN-TEST] Finding Web Admin Pages Julian Niemeyer (Mar 25)
- Re: [PEN-TEST] Finding Web Admin Pages Fyodor (Mar 25)
- Re: [PEN-TEST] Finding Web Admin Pages H D Moore (Mar 25)
- Re: [PEN-TEST] Finding Web Admin Pages Gossi The Dog (Mar 25)
- [PEN-TEST] Cobalt Raq II - Unprotected Admin Pages H D Moore (Mar 25)
- Re: [PEN-TEST] Cobalt Raq II - Unprotected Admin Pages Gossi The Dog (Mar 25)
- [PEN-TEST] Cobalt Raq II - Unprotected Admin Pages H D Moore (Mar 25)
- <Possible follow-ups>
- Re: [PEN-TEST] Finding Web Admin Pages Yonatan Bokovza (Mar 25)