From: crazy frog crazy frog (i.m.crazy.frog@gmail.com)
Date: Thu Feb 22 2007 - 01:21:13 EST
sorry if it comes second time.
hi,
try fierce domain scan from ha.cker.org
_CF
On 2/21/07, Tim <tim-pentest@sentinelchicken.org> wrote:
> > We are doing a PT for one of our customers with 5 webservers. None of
> > these webservers have the website on the main url like
> > http://xxx.xxx.xxx.xxx but they have confirmed that they have critical
> > applications running on all the 5 web servers and for security
> > purposes they have moved the websites to something like
> > http://xxx.xxx.xxx.xxx/yyy.
> >
> > Now manually I guess it will take years to identify the correct URL
> > having the critical website by using guessing techniques. I was
> > wondering if there is a tool that could try various popular and brute
> > force combinations to automatically guess the possible URLs.
> >
> > I'm sure many of you would have wonderful ideas to address this
> > problem. Pls. enlighten.
>
> If these are public websites and they aren't using a robots.txt file,
> you can always run a google search like:
>
> site:xxx.xxx.xxx.xxx
>
> and you should get a few goodies. This won't work if they are careful
> though.
>
> tim
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>
-- --------------------------------------- http://www.secgeeks.com get a blog on secgeeks :) register here:- http://secgeeks.com/user/register rss feeds :- http://secgeeks.com/node/feed Submit you security articles,send them to secgeek@secgeeks.com http://www.newskicks.com Submit and kick for new stories from all around the world. --------------------------------------- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:36 EDT