Re: listing directory structure within webserver root

From: Jose Maria Lopez (jkerouac_at_bgsec.com)
Date: 08/29/04

  • Next message: Tim: "Re: All tcp ports open?" 
    To: pen-test@securityfocus.com
Date: 29 Aug 2004 18:58:31 +0200

    El sáb, 28 de 08 de 2004 a las 21:04, Serg Belokamen escribió:
    > Hi All,
    >
    > Is there a way to somehow enumerate a directory structur on a remote
    > webserver? Brute force springs to mind but thats mathematically
    > impossible, to go through all combinations, etc.
    >
    > Cheers,
    > Serg

    Nessus can tell you the directories in the root of your
    web server and I think that also nikto can, so it could
    be possible to traverse the directory tree. 

    -- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
  • Next message: Tim: "Re: All tcp ports open?"

    Relevant Pages

    • RE: Craking Serv-u passwords stored in .ini file.
      ... The only people for me are the mad ones -- the ones who are mad to live, ... the ones who never yawn or say a commonplace thing, but burn, burn, burn ... Ethical Hacking at the InfoSec Institute. ... learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • RE: Craking Serv-u passwords stored in .ini file.
      ... The only people for me are the mad ones -- the ones who are mad to live, ... the ones who never yawn or say a commonplace thing, but burn, burn, burn ... Ethical Hacking at the InfoSec Institute. ... learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: Web direcroty and files browser
      ... The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. ... Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • Re: Securing web site with redundancy ?
      ... High Availability at the same time, as the heartbeat you ... The only people for me are the mad ones -- the ones who are mad to live, ... the ones who never yawn or say a commonplace thing, but burn, burn, burn ... Ethical Hacking at the InfoSec Institute. ...
      (Pen-Test)
    • Re: listing directory structure within webserver root
      ... > all of the softwares use follow-link methods. ... The only people for me are the mad ones -- the ones who are mad to live, ... the ones who never yawn or say a commonplace thing, but burn, burn, burn ... Ethical Hacking at the InfoSec Institute. ...
      (Pen-Test)