WebApp Sec mailing list archives
Re: Virtual IP addresses
From: Hemil <hemil () net-square com>
Date: Thu, 23 Feb 2006 13:51:43 +0530
Hi,Try MSNHostFP features of MSNPawn. It uses MSN search engine database for footprinting. More details can be found at
http://net-square.com/msnpawn/index.shtml ---Hemil Jon Hart wrote:
On Wed, Feb 22, 2006 at 09:32:58PM +0100, thomas springer wrote:Joshua, If you mean to find virtual hosts for an ip: You might want to try http://www.serversniff.net/get-hostonip.php. Enter a hostname, e.g. www.hostname.com or an ip like 64.15.205.244 to find other hostnames and domains living on this ip. You might also stop by at whois.sc - but their scope used to be limited to a few tlds. Another bet is to try https://<ipnum> - If there is a https-server living on this host, your browser will present you the domainname of the certificate.Another idea along those lines would be to try both HTTP/1.0 and HTTP/1.1, notably HTTP/1.1 with a fake Host header. I'm not sure what the result will be with ISA, but it is worth a shot. Also, maybe check out the headers that are returned by the server -- that may give you some clues: `GET -dSe ip.address.here` -jon ------------------------------------------------------------------------- This List Sponsored by: SpiDynamicsALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulationhttps://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
------------------------------------------------------------------------- This List Sponsored by: SpiDynamicsALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- Virtual IP addresses Joshua Perrymon (Feb 22)
- Re: Virtual IP addresses thomas springer (Feb 22)
- Re: Virtual IP addresses Jon Hart (Feb 22)
- Re: Virtual IP addresses Hemil (Feb 23)
- Re: Virtual IP addresses Jon Hart (Feb 22)
- Re: Virtual IP addresses foo (Feb 22)
- Re: Virtual IP addresses Paul Wong (Feb 23)
- Re: Virtual IP addresses dp (Feb 22)
- Re: Virtual IP addresses thomas springer (Feb 22)