Penetration Testing mailing list archives
discovering all websites running on a server
From: "Markus Matiaschek" <mmatiaschek () gmail com>
Date: Thu, 18 Dec 2008 18:12:10 -0500
Hi all, i got a problem with a client which basically sums up: php safe_mode = off... so far, so bad, but now i want to know first if the clients website is the only attack vector, or if there are other sites running on the IIS of this Windows NT machine. Since i already have access to the server, the question how to do this with only a IP Adress is theoretical, but nonetheless interesting. I don't want to be too intrusive and install rootkits or stuff like this, but i thought the information of the IIS hosted websites must be somewhere, so i got myself some information with the following commands: regedit /e c:\output.txt HKEY_LOCAL_MACHINE\Software\Microsoft\ regedit /e c:\output.txt HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ but i canĀ“t see any information about the clients- or any other IIS website there. The execution of .vbs scripts is denied, so that is not an option. I already identified interesting folders in the wwwroot of IIS, but none of the names of the folders or the content i tried shows up on google. Anyone any other Ideas? Thank you in advance, Markus ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- discovering all websites running on a server Markus Matiaschek (Dec 18)
- Re: discovering all websites running on a server H. Kurth Bemis (Dec 18)
- Re: discovering all websites running on a server Augusto Pereyra (Dec 21)
- Re: discovering all websites running on a server Meenal Mukadam (Dec 23)
- RE: discovering all websites running on a server ADAMS, JEFF W, ATTSI (Dec 23)