Penetration Testing mailing list archives
RE: Word lists, again...
From: "Barber, Chris" <cbarber () estgsecurity com>
Date: Thu, 24 May 2001 10:27:33 -0400
Another possible idea, would be to talk with someone who develop and take a look a one of there servers and do a dir/ls on the dirs for that machine, especially a test or eval type server that includes sample scripts and such. just to add my $.02 Chris -----Original Message----- From: Philip Stoev [mailto:philip () stoev org] Sent: Thursday, May 24, 2001 8:28 AM To: Penetration Testers Subject: Re: Word lists, again... You can also try a dir *.exe on your own PATH, /bin, /usr/bin, /usr/local/bin, /sbin, /usr/sbin, winnt, winnt/system32, and other such directories. Then add those executables to your dictionary. Sometimes people put weird things (ping.exe, traceroute.exe, notepad.exe, cmd.exe, command.com, bash, sh, etc.) in their CGI-BIN folders for weird purposes (such as testing if CGI execution actually works) and then forget to clean up afterwards. Philip ----- Original Message ----- From: "Alberto Grazi" <Alberto.Grazi () citria com> To: <PEN-TEST () securityfocus com> Sent: Wednesday, May 23, 2001 12:53 PM Subject: Word lists, again...
Hi, during a pen-test I have found a directory which probably has exec permission. Since I didn't have any name of files (listing is not allowed) my approach was to try a sort of "dictionary attack" on the URL. I tried with a normal English dictionary but it didn't find anything (each word was truncated to the 8th char and ".exe" was appended)... does anyone know if there is a list of common names of CGIs available (for Unix and win platforms) ? Thx Alberto
Current thread:
- Word lists, again... Alberto Grazi (May 23)
- Re: Word lists, again... Ryan Russell (May 23)
- Re: Word lists, again... H D Moore (May 23)
- Re: Word lists, again... Philip Stoev (May 24)
- <Possible follow-ups>
- RE: Word lists, again... Chris Tobkin (May 24)
- RE: Word lists, again... R. DuFresne (May 24)
- RE: Word lists, again... Barber, Chris (May 24)