Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Web App URL Scanner

RE: Web App URL Scanner

From: Dawes, Rogan (ZA - Johannesburg) <rdawes_at_deloitte.co.za>
Date: Tue, 14 Oct 2003 13:20:34 +0200

cat list | while read i ; do
  echo $i
  (echo "GET $i HTTP/1.0 "
   echo "Host: ${server}:${port}"
   echo ) nc -v ${server} ${port} | head -1
done | tee mylogfile

Where:
 list is a file containing the list of URL's that you would like to test for
 $server is the name or IP address of the server under test (preferably the
name)
 $port is the port on which the server is running (typically 80)
 mylogfile is a file to write the results into

If the server is an SSL server, you can use openssl instead of netcat, with
a command line like

  echo ) | openssl s_client -connect ${server}:${port} -ign_eof | head -1

in the appropriate place.

How you build the list of paths is entirely up to you.

It may be worth using a proxy tool such as WebScarab
(http://www.owasp.org/development/webscarab) to get an idea of exactly what
paths currently exist, so that you can construct your list more accurately.

Eventually, I hope to build this kind of functionality into WebScarab, but
it is not there yet.

Rogan

> -----Original Message-----
> From: Jimi Thompson [mailto:jimit_at_myrealbox.com]
> Sent: 14 October 2003 04:35 AM
> To: webappsec_at_securityfocus.com
> Subject: Web App URL Scanner
>
>
> All,
>
> I'm currently seeking some software that will test all possible URL's
> on an web application, much like a dictionary attack against a
> password. I could probably write it but I'd rather just download
> something if I can. I'd like to see if I'm able to discover URL's
> that aren't normally accessible. If anyone has ideas, I'd be
> grateful.
>
> Thanks,
>
> Ms. Jimi Thompson, CISSP
>

Important Notice: This email is subject to important restrictions, qualifications and disclaimers ("the Disclaimer") that must be accessed and read by clicking here or by copying and pasting the following address into your Internet browser's address bar: http://www.Deloitte.co.za/Disc.htm. The Disclaimer is deemed to form part of the content of this email in terms of Section 11 of the Electronic Communications and Transactions Act, 25 of 2002. If you cannot access the Disclaimer, please obtain a copy thereof from us by sending an email to ClientServiceCentre@Deloitte.co.za.
Received on Oct 14 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]