WebApp Sec mailing list archives
RE: How to list all the URLs on a web server
From: "Lyal Collins" <lyal.collins () key2it com au>
Date: Sat, 8 Jan 2005 10:46:28 +1100
Webrute.pl, by Dennis Rand, may be able to help here. I tried this on a test machine last week. It's noisy in the logs, but thorough, and slow with large brute force combinations. Take a look - its at cirt.dk, I think. Lyal. -----Original Message----- From: Lists [mailto:sakaba () alexandria cc] Sent: Saturday, 8 January 2005 3:35 AM To: webappsec () securityfocus com Subject: How to list all the URLs on a web server Hi Everyone, I am auditing a system where files are stored on a web server and accessed without authentication directly by an application that knows each file URL. I don't like it but the app owner wants me to demonstrate that someone could guess the URLs. I have tried a number of spider tools but they are based on links so they don't pull up anything. I am wondering if there is a tool or another method where I could find out all the URLs on the web site. The funny thing is I saw this same kind of system with the same explanation just the other week at another company. Maybe its a new trend... Regards, sakaba
Current thread:
- How to list all the URLs on a web server Lists (Jan 07)
- Re: How to list all the URLs on a web server skill2die4 (Jan 08)
- RE: How to list all the URLs on a web server Lyal Collins (Jan 08)
- Re: How to list all the URLs on a web server GuidoZ (Jan 08)
- Re: How to list all the URLs on a web server Dan Connelly (Jan 09)
- Re: How to list all the URLs on a web server PCSage Information Services (Jan 10)
- <Possible follow-ups>
- RE: How to list all the URLs on a web server Ofer Shezaf (Jan 08)
- Re: How to list all the URLs on a web server Rafael San Miguel Carrasco (Jan 09)
- Re: How to list all the URLs on a web server tie (Jan 09)
- Re: How to list all the URLs on a web server michaelsilk (Jan 08)
- RE: How to list all the URLs on a web server Ofer Shezaf (Jan 10)