Some lines of Python....
from socket import *
import string,sys
s=socket(AF_INET, SOCK_STREAM)
s.connect( (sys.argv[1], 80))
bleh=sys.argv[2]
s.send("GET /"+ bleh + " HTTP/1.0\n\r\n\r")
if s.recv(1024).find("HTTP/1.1 404") > -1:
print "WIIIIIIIIIIIIIIIIIIIII"
s.close()
You can make lots of improvements to this... in 4 lines and 3 minutes of code :D
Bye
Nico
backed.up.by.2048.bit.encryption_at_hushmail.com wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Is there anything out there like a port scanner but for websites, where it dictionary attacks the files. For example you plug in the domain:
>
>http://www.foo.com
>
>and tries to find .html files (or other)
>
>http://www.foo.com - index.html
> ndex.html
> dex.html
> ex.html
>
>
>......etc
>
>where runs through numerous possibilities to hit on files on the server (and even) directories). If so, one could certainly hit on some sensitive information, say where the administrator has been testing something, or internal product infos etc.
>
>If there is nothing out there like this, why not?
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: Hush 2.2 (Java)
>Note: This signature can be verified at https://www.hushtools.com/verify
>
>wnUEARECADUFAj4cj18uHGJhY2tlZC51cC5ieS4yMDQ4LmJpdC5lbmNyeXB0aW9uQGh1
>c2htYWlsLmNvbQAKCRDEHQGvBp4eRJLBAKCPZpeToNzqtkqKkaIROClm91qhXgCfe4Eo
>/YwZbPRhApi54B5jewqOYCk=
>=d2v7
>-----END PGP SIGNATURE-----
>
>
>
>
>Concerned about your privacy? Follow this link to get
>FREE encrypted email: https://www.hushmail.com/?l=2
>
>Big $$$ to be made with the HushMail Affiliate Program:
>https://www.hushmail.com/about.php?subloc=affiliate&l=427
>
>
>
>
Received on Jan 11 2003
Intro
