WebApp Sec mailing list archives
Re: Virtual IP addresses
From: Jon Hart <jhart () spoofed org>
Date: Wed, 22 Feb 2006 19:30:45 -0500
On Wed, Feb 22, 2006 at 09:32:58PM +0100, thomas springer wrote:
Joshua, If you mean to find virtual hosts for an ip: You might want to try http://www.serversniff.net/get-hostonip.php. Enter a hostname, e.g. www.hostname.com or an ip like 64.15.205.244 to find other hostnames and domains living on this ip. You might also stop by at whois.sc - but their scope used to be limited to a few tlds. Another bet is to try https://<ipnum> - If there is a https-server living on this host, your browser will present you the domainname of the certificate.
Another idea along those lines would be to try both HTTP/1.0 and HTTP/1.1, notably HTTP/1.1 with a fake Host header. I'm not sure what the result will be with ISA, but it is worth a shot. Also, maybe check out the headers that are returned by the server -- that may give you some clues: `GET -dSe ip.address.here` -jon ------------------------------------------------------------------------- This List Sponsored by: SpiDynamics ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- Virtual IP addresses Joshua Perrymon (Feb 22)
- Re: Virtual IP addresses thomas springer (Feb 22)
- Re: Virtual IP addresses Jon Hart (Feb 22)
- Re: Virtual IP addresses Hemil (Feb 23)
- Re: Virtual IP addresses Jon Hart (Feb 22)
- Re: Virtual IP addresses foo (Feb 22)
- Re: Virtual IP addresses Paul Wong (Feb 23)
- Re: Virtual IP addresses dp (Feb 22)
- Re: Virtual IP addresses thomas springer (Feb 22)