Penetration Testing mailing list archives
Re: Scanner for old files (.bak, ~, .old, etc.)
From: John Lampe <jwlampe () tenablesecurity com>
Date: Tue, 30 Jun 2009 11:56:01 -0500
Juan Kinunt wrote:
Hi, I would like to know if anyone knows a tool that first spiders the web in order to enumerate al files and scripts it detects and then look for this same files but with another extension. For example, first spiders the web and enumerate: index.php news.php cart.php And then looks for index.php.bak, index.php.inc, index.php~, index.bak, index.old, etc.
Check out bakfiles.nasl which is a part of the Nessus scanner. It should be very close to what you're looking for (and maybe even a few that you don't list above)
John ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Scanner for old files (.bak, ~, .old, etc.) Juan Kinunt (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Andres Riancho (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Benjamin Greenfield (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Gabriele Zanoni (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Sandro Gauci (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) John Lampe (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) rajat swarup (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Rogan Dawes (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) pUm (Jun 30)
- Re: Scanner for old files (.bak, ~, .old, etc.) Todd Haverkos (Jun 30)
- <Possible follow-ups>
- Re: Scanner for old files (.bak, ~, .old, etc.) jason_jones98 (Jun 30)