RE: Website detection
- From: "Paul Melson" <pmelson@xxxxxxxxx>
- Date: Wed, 21 Feb 2007 14:38:20 -0500
We are doing a PT for one of our customers with 5 webservers. None ofthese webservers have the website
on the main url like http://xxx.xxx.xxx.xxx but they have confirmed thatthey have critical applications
running on all the 5 web servers and for security purposes they have movedthe websites to something
like http://xxx.xxx.xxx.xxx/yyy.
That's a finding in and of itself. Security through obscurity might keep
automated scanners at bay, but it's akin to having an anonymous ftp server
running on port 24. It's still potentially vulnerable even though you have
to jump through extra hoops to find it.
Now manually I guess it will take years to identify the correct URL havingthe critical website by using
guessing techniques. I was wondering if there is a tool that could tryvarious popular and brute force
combinations to automatically guess the possible URLs.
Have you tried Google searches using 'site:client.dom' to see if possibly
these URLs are already floating around out there somewhere?
PaulM
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- Website detection
- From: 3 shool
- Website detection
- Prev by Date: Re: Websites Finding
- Next by Date: Re: Websites Finding
- Previous by thread: Re: Website detection
- Next by thread: Re: Website detection
- Index(es):
Relevant Pages
|
