|
WebApp Sec
mailing list archives
Re: How to list all the URLs on a web server
From: tie <tie () einet bg>
Date: Sun, 09 Jan 2005 18:08:42 +0200
Another way to find the URLs of hidden files is to gain access to the
server logs or to some statistics derived from these logs.
More often than not webmasters generate web site statistics (HTML
documents with graphics) and publish these statistics on the same site,
using some easy to remember/guess name (for example,
www.websites.com/stats/). Sometimes, these are password-protected, but
attacking the passwords would be usually easier than trying to
bruteforce filenames that you have no information of. These statistics
usually contain a list of all accessed URLs.
Also, if you can get the application code, it will be fairly easy to get
the exact URLs. Another option would be to run a sniffer on the same
network segment where the application works.
Anyway, automated brute-forcing should be your last resort.
Regards,
tie
-----Original Message-----
From: Lists [mailto:sakaba () alexandria cc]
Sent: Friday, January 07, 2005 6:35 PM
To: webappsec () securityfocus com
Subject: How to list all the URLs on a web server
Hi Everyone,
I am auditing a system where files are stored on a web server and
accessed without authentication directly by an application that knows
each file URL. I don't like it but the app owner wants me to
demonstrate that someone could guess the URLs. I have tried a number
of spider tools but they are based on links so they don't pull up
anything.
I am wondering if there is a tool or another method where I could find
out all the URLs on the web site. The funny thing is I saw this same
kind of system with the same explanation just the other week at
another
company. Maybe its a new trend...
Regards,
sakaba
 By Date 
By Thread
Current thread:
- Re: How to list all the URLs on a web server, (continued)
|
Intro
