WebApp Sec mailing list archives

RE: Web App URL Scanner

From: "Dawes, Rogan (ZA - Johannesburg)" <rdawes () deloitte co za>
Date: Tue, 14 Oct 2003 13:20:34 +0200

cat list | while read i ; do
  echo $i
  (echo "GET $i HTTP/1.0 "
   echo "Host: ${server}:${port}"
   echo ) nc -v ${server} ${port} | head -1
done | tee mylogfile

Where:
 list is a file containing the list of URL's that you would like to test for
 $server is the name or IP address of the server under test (preferably the
name)
 $port is the port on which the server is running (typically 80)
 mylogfile is a file to write the results into

If the server is an SSL server, you can use openssl instead of netcat, with
a command line like

  echo ) | openssl s_client -connect ${server}:${port} -ign_eof | head -1

in the appropriate place.

How you build the list of paths is entirely up to you.

It may be worth using a proxy tool such as WebScarab
(http://www.owasp.org/development/webscarab) to get an idea of exactly what
paths currently exist, so that you can construct your list more accurately.

Eventually, I hope to build this kind of functionality into WebScarab, but
it is not there yet.

Rogan

-----Original Message-----
From: Jimi Thompson [mailto:jimit () myrealbox com] 
Sent: 14 October 2003 04:35 AM
To: webappsec () securityfocus com
Subject: Web App URL Scanner

All,

I'm currently seeking some software that will test all possible URL's 
on an web application, much like a dictionary attack against a 
password.  I could probably write it but I'd rather just download 
something if I can.  I'd like to see if I'm able to discover URL's 
that aren't normally accessible.  If anyone has ideas, I'd be 
grateful.

Thanks,

Ms. Jimi Thompson, CISSP


Important Notice: This email is subject to important restrictions, qualifications and disclaimers ("the Disclaimer") 
that must be accessed and read by clicking here or by copying and pasting the following address into your Internet 
browser's address bar: http://www.Deloitte.co.za/Disc.htm. The Disclaimer is deemed to form part of the content of this 
email in terms of Section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you cannot access 
the Disclaimer, please obtain a copy thereof from us by sending an email to ClientServiceCentre () Deloitte co za.

Current thread:

Web App URL Scanner Jimi Thompson (Oct 14)
- RE: Web App URL Scanner roshen.chandran (Oct 14)
- Re: Web App URL Scanner Jon Hart (Oct 14)
- RE: Web App URL Scanner Lluis Mora (Oct 17)
  - RE: Web App URL Scanner Jimi Thompson (Oct 17)
- <Possible follow-ups>
- RE: Web App URL Scanner Mark Parter (Oct 14)
  - RE: Web App URL Scanner Brian Pomeroy (Oct 14)
- RE: Web App URL Scanner Dawes, Rogan (ZA - Johannesburg) (Oct 14)