Penetration Testing mailing list archives
Re: Scanner for old files (.bak, ~, .old, etc.)
From: Vedantam sekhar <sekhar56us () yahoo com>
Date: Thu, 16 Jul 2009 05:06:01 -0700 (PDT)
I think w3af as well can do that and freeware. --- On Wed, 7/1/09, Robin Wood <dninja () gmail com> wrote:
From: Robin Wood <dninja () gmail com> Subject: Re: Scanner for old files (.bak, ~, .old, etc.) To: "Juan Kinunt" <kinunt () gmail com> Cc: pen-test () securityfocus com Date: Wednesday, July 1, 2009, 1:33 PM 2009/6/30 Juan Kinunt <kinunt () gmail com>:Hi, I would like to know if anyone knows a tool that firstspiders the webin order to enumerate al files and scripts it detectsand then lookfor this same files but with another extension. Forexample, firstspiders the web and enumerate: index.php news.php cart.php And then looks for index.php.bak, index.php.inc,index.php~,index.bak, index.old, etc. This tool will be useful supossing that programmerstend to change theextension of the file to store old files. I know Nikto, Wikto, etc... but this tools look forpredefined filesand I would like to target already existing files butwith differentextension. If the tool does not exist I'll try to codesomething.Thanks.Webscarab can do this, find a page on the site then go to the Extensions tab where you can specify a list of extensions. The spider then goes off and checks the site and for all the pages it finds it tries them with the extra extensions. Robin ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Scanner for old files (.bak, ~, .old, etc.) Robin Wood (Jul 02)
- <Possible follow-ups>
- RE: Scanner for old files (.bak, ~, .old, etc.) Tal Argoni (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Nikhil Wagholikar (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Jeremy Brown (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) SD List (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Vedantam sekhar (Jul 17)