Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Scan virtual hosts

From: Adli Abdul Wahid <adli.wahid () gmail com>
Date: Sun, 4 Sep 2005 06:28:30 +0000
On 8/29/05, Gareth Davies <gareth.davies () mynetsec com> wrote:

Geert VAN ACKER wrote:

Dear list,
is it possible to enumerate all virtual hosts on a given IP address ? I
prefer Linux soft.
Thx,

 
I've been using DMitry
(http://mor-pah.net/code/download.php?file=DMitry-1.2a.tar.gz) . While
you can get all virtual hosts given an IP, it does some other cool
stuff like whois lookup, subdomains query, etc (see below) from the
command line. Quite useful for your enumeration needs.

-- 
[adli@an-naml 14:21 ~/DMitry-1.2a]$ ./dmitry
Deepmagic Information Gathering Tool
"There be some deep magic going on"

Usage: ./dmitry [-winspfb] [-t 0-9] [-o %host.txt] host
  -o     Save output to %host.txt or to file specified by -o file
  -i     Perform a whois lookup on the IP address of a host
  -w     Perform a whois lookup on the domain name of a host
  -n     Retrieve Netcraft.com information on a host
  -s     Perform a search for possible subdomains
  -e     Perform a search for possible email addresses
  -p     Perform a TCP port scan on a host
* -f     Perform a TCP port scan on a host showing output reporting
filtered ports
* -b     Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
*Requires the -p flagged to be passed
-

-- 
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2DA9DA7F

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: