WebApp Sec mailing list archives
Re: Enumerate Web Virtual Site
From: pagvac <unknown.pentester () gmail com>
Date: Sat, 18 Nov 2006 23:57:42 +0000
This topic was covered with detail in the paper "Exegesis of Virtual Hosts Hacking": http://www.infosecwriters.com/text_resources/pdf/exegesis.pdf After reading it you should have a pretty good idea on how to find different virtual sites hosted behind the same IP address. On 9/2/06, thomas springer <tuevsec () gmx net> wrote:
There is no way to enumerate all virtual hosts relyable and complete (unless you have access to the webserver-config). A good guess is the already mentioned ip-search from msn. There are also a handful of databases on the net that know about ip-numbers and hostnames. The best known might be http://dnstools.com (formerly whois.sc), another option is http://webhosting.info. Both databases focus on .com/.net/.org - domains. If you are interested in a broader tld-range you might also try http://www.tomdns.net - the site is currently in heavy beta. tomdns does some active researching after you start a query - so you might get more results when you repeat your search a few minutes later. tom Roger Liu wrote: > Dear all, > I'm testing the security of a computer which is used for a web site, but > I just get an IP address. Now I need to know how many virtual sites > running on this computer. How do I enumerate all the virtual site? Any > good idea/tools to do this ? > Thanks > > >
-- pagvac [http://ikwt.com/] ------------------------------------------------------------------------- Sponsored by: WatchfireToday's hackers exploit web applications to expose, embarrass and even steal. Firewalls and SSL may be commonplace but recent studies indicate 3 out of 4 websites remain vulnerable to attack. Watchfire's "Addressing Challenges in Application Security" whitepaper, explains what to do and provides a guideline to improving your own application security. Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTU --------------------------------------------------------------------------
Current thread:
- Re: Enumerate Web Virtual Site pagvac (Nov 19)