Re: Penetration test of 1 IP address

[Dave <dlaud.flux () gmail com>]

> To all:
>
> I have been asked to perform a security audit of 1 IP address for client.
> They have given me the 1 IP address and a clue (webblaze).
>
> If I enter the IP address and then /webblaze, I am taken to a login page
> (user name and password requested).
>
> What tools would you recommend that I use for this assignment?
>  
nmap and nessus will tell you more about the IP and what other services 
are running that you might be able to exploit. If they just want you to 
test the strength of the webpage login then possibly using Brutus will 
reveal weak passwords etc... although this is generally a bad idea. 
Right off hand, I cant look now, but webblaze may be a publicly 
available script...download it and check the source for any possible 
coding errors that could be exploited.

> Thanks for your help.
>
> Regards,
>
>
> Edmond
>  
good luck and take it easy,
dave


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------