Re: RE: listing directory structure within webserver root

dietrich_at_heusel.de
Date: 08/30/04

Next message: Kurt Seifried: "Re: listing directory structure within webserver root"

Previous message: Mister Coffee: "Re: Huge Live Linux Boot CDs"
In reply to: Chuck Fullerton: "RE: listing directory structure within webserver root"
Next in thread: Alexandre Verriere: "Re: listing directory structure within webserver root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: pen-test@securityfocus.com, Chuck Fullerton <chuckf69@ceinetworks.com>
Date: Mon, 30 Aug 2004 04:29:04 +0200

when using linux or unix you can also take the command wget with its
powerful parameters for downloading the whole directory and its
contents. for more info on wget see "man wget" or howto.

cheers,
dietrich

Chuck Fullerton <chuckf69@ceinetworks.com> schrieb am 29.08.2004,
21:47:23:
> I would recommend a tool like Webreaper. This will mirror the website onto your machine and allow you to inspect it closely.
>
> Chuck Fullerton
> CEH, OPST, CISSP, CSS1
>
> -----Original Message-----
> From: Jose Maria Lopez [mailto:jkerouac@bgsec.com]
> Sent: Sunday, August 29, 2004 12:59 PM
> To: pen-test@securityfocus.com
> Subject: Re: listing directory structure within webserver root
>
>
> El sáb, 28 de 08 de 2004 a las 21:04, Serg Belokamen escribió:
> > Hi All,
> >
> > Is there a way to somehow enumerate a directory structur on a remote
> > webserver? Brute force springs to mind but thats mathematically
> > impossible, to go through all combinations, etc.
> >
> > Cheers,
> > Serg
>
> Nessus can tell you the directories in the root of your
> web server and I think that also nikto can, so it could
> be possible to traverse the directory tree.
>
> --
> Jose Maria Lopez Hernandez
> Director Tecnico de bgSEC
> jkerouac@bgsec.com
> bgSEC Seguridad y Consultoria de Sistemas Informaticos
> http://www.bgsec.com
> ESPAÑA
>
> The only people for me are the mad ones -- the ones who are mad to live,
> mad to talk, mad to be saved, desirous of everything at the same time,
> the ones who never yawn or say a commonplace thing, but burn, burn, burn
> like fabulous yellow Roman candles.
> -- Jack Kerouac, "On the Road"
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

Next message: Kurt Seifried: "Re: listing directory structure within webserver root"

Previous message: Mister Coffee: "Re: Huge Live Linux Boot CDs"
In reply to: Chuck Fullerton: "RE: listing directory structure within webserver root"
Next in thread: Alexandre Verriere: "Re: listing directory structure within webserver root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: QualysGuard
... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
(Pen-Test)
RE: interesting wireless card and linux issue
... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
(Pen-Test)
RE: Instant Messenger
... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
(Pen-Test)
Re: All tcp ports open?
... >> Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... >> learn to write exploits and attack security infrastructure. ...
(Pen-Test)
Re: Odd server side scripts source disclosure vulnerability
... > Ethical Hacking at the InfoSec Institute. ... Check out our Advanced Hacking course, ... > learn to write exploits and attack security infrastructure. ...
(Pen-Test)