Re: discovering all websites running on a server



Hi Marcus,

Try using domaintools.com In the reverse IP you will get other sites
listed on that IP.


Warm Regards,

Meenal A. Mukadam


On Sun, Dec 21, 2008 at 2:05 PM, Augusto Pereyra <aepereyra@xxxxxxxxx> wrote:

go to www.live.com

And in the search box write ip:THEIPADDRESS in the result will appear
all site hosted in that ip address.


Enjoy!


On 12/18/08, Markus Matiaschek <mmatiaschek@xxxxxxxxx> wrote:
Hi all,

i got a problem with a client which basically sums up: php safe_mode =
off...

so far, so bad, but now i want to know first if the clients website is
the only attack vector, or if there are other sites running on the IIS
of this Windows NT machine.

Since i already have access to the server, the question how to do this
with only a IP Adress is theoretical, but nonetheless interesting.

I don't want to be too intrusive and install rootkits or stuff like
this, but i thought the information of the IIS hosted websites must be
somewhere, so i got myself some information with the following
commands:
regedit /e c:\output.txt HKEY_LOCAL_MACHINE\Software\Microsoft\
regedit /e c:\output.txt
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\

but i can´t see any information about the clients- or any other IIS
website there.

The execution of .vbs scripts is denied, so that is not an option.

I already identified interesting folders in the wwwroot of IIS, but
none of the names of the folders or the content i tried shows up on
google.

Anyone any other Ideas?

Thank you in advance,
Markus

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------




--
Meenal A. Mukadam

-----------------------------------------------------------------
http://www.linkedin.com/in/meenalmukadam
-----------------------------------------------------------------
Far away there in the sunshine
are my highest aspirations.
I may/maynot reach them,
but I can look up and see their beauty,
believe in them and try to follow
where they lead
-------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------



Relevant Pages

  • Re: discovering all websites running on a server
    ... so far, so bad, but now i want to know first if the clients website is ... or if there are other sites running on the IIS ... Security Trends Report from Cenzic ... Stay Ahead of the Hacker Curve! ...
    (Pen-Test)
  • RE: discovering all websites running on a server
    ... discovering all websites running on a server ... or if there are other sites running on the IIS ... Security Trends Report from Cenzic ... Stay Ahead of the Hacker Curve! ...
    (Pen-Test)
  • Re: discovering all websites running on a server
    ... Not sure if anything at the DNS level will help you, but if so, then ... so far, so bad, but now i want to know first if the clients website is ... or if there are other sites running on the IIS ... Security Trends Report from Cenzic ...
    (Pen-Test)
  • Re: Exploiting XSS
    ... You also can do phishing by preparing your faked page identical to the ... Now what are the further steps for exploiting XSS completely???? ... Security Trends Report from Cenzic ... Stay Ahead of the Hacker Curve! ...
    (Pen-Test)
  • Re: hash-injection/pass-the-hash countermeasure
    ... Multi factor auth wouldn't fix this in most environments. ... factor part is great for the 1st part of authentication, ... Security Trends Report from Cenzic ... Stay Ahead of the Hacker Curve! ...
    (Pen-Test)