Penetration Testing mailing list archives
RE: Website detection
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 21 Feb 2007 14:38:20 -0500
We are doing a PT for one of our customers with 5 webservers. None of
these webservers have the website
on the main url like http://xxx.xxx.xxx.xxx but they have confirmed that
they have critical applications
running on all the 5 web servers and for security purposes they have moved
the websites to something
like http://xxx.xxx.xxx.xxx/yyy.
That's a finding in and of itself. Security through obscurity might keep automated scanners at bay, but it's akin to having an anonymous ftp server running on port 24. It's still potentially vulnerable even though you have to jump through extra hoops to find it.
Now manually I guess it will take years to identify the correct URL having
the critical website by using
guessing techniques. I was wondering if there is a tool that could try
various popular and brute force
combinations to automatically guess the possible URLs.
Have you tried Google searches using 'site:client.dom' to see if possibly these URLs are already floating around out there somewhere? PaulM ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Website detection 3 shool (Feb 20)
- RE: Website detection Password Crackers, Inc. (Feb 21)
- Re: Website detection Robin Wood (Feb 21)
- Re: Website detection pand0ra (Feb 23)
- RE: Website detection Paul Melson (Feb 21)
- Re: Website detection Tim (Feb 21)
- Re: Website detection crazy frog crazy frog (Feb 23)
- Message not available
- Re: Website detection Campbell Murray (Feb 21)