RE: Penetration test of 1 IP address

From: Lyal Collins (lyal.collins@key2it.com.au)
Date: Thu Feb 09 2006 - 01:18:37 EST

• Next message: vasile revnic: "Re: Penetration test of 1 IP address"
• Previous message: US Infosec: "Re: Qualys"
• In reply to: Edmond Chow: "RE: Penetration test of 1 IP address"
• Next in thread: vasile revnic: "Re: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Some technicques and tools to consider.

DNS the IP address, and find anythring about the site, owner, contacts, etc.
Google the site name, IP address, and any of the contact details.
Google the /webblaze. Maybe it's been googled, or there is public
information about this.
Get a feel for the environment, names and terms that may be used in the site

See if there are other directories at the web server - common terms include
/admin/, /manuals, /docs, /images

Then start nmap or other port scanning - there may be other services on the
IP address. Don't forget UDP as well as TCP

Scan the source code of the home page at /webblaze/ and see if there are any
hints to the site's directory structure, forms, server names, code etc.

Use the above info to configure a Nessus scan, and or an amap scan - so you
get more details about the software used in the site.
Google any results on software and app names, get some hints.

Recon, think, try.
Rinse and repeat.

Lyal

-----Original Message-----
From: Edmond Chow [mailto:echow@videotron.ca]
Sent: Wednesday, 8 February 2006 5:45 PM
To: 'Michael Gargiullo'; pen-test@securityfocus.com
Cc: 'Edmond Chow'
Subject: RE: Penetration test of 1 IP address

To all:

I have been asked to perform a security audit of 1 IP address for client.
They have given me the 1 IP address and a clue (webblaze).

If I enter the IP address and then /webblaze, I am taken to a login page
(user name and password requested).

What tools would you recommend that I use for this assignment?

Thanks for your help.

Regards,

Edmond

----------------------------------------------------------------------------

--
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: vasile revnic: "Re: Penetration test of 1 IP address"
• Previous message: US Infosec: "Re: Qualys"
• In reply to: Edmond Chow: "RE: Penetration test of 1 IP address"
• Next in thread: vasile revnic: "Re: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT