Intellitamper: Indexing of Websites
Results 1 to 6 of 6

Thread: Intellitamper: Indexing of Websites

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Intellitamper: Indexing of Websites

    One way that attackers can find out information about a site is how well they can index it and determine your directory structure. A tool like wget can be handy in this regard. Interestingly enough, one of my students ran across this tool: IntelliTamper. This Windows tool, while not worked on since 2002, seems relatively fast and even has options to allow you to access a site using cookie information. It may be a good way to determine exactly how much information you provide to an attacker.

    I did cause it to crash once (as I've said elsewhere, I'm quite good at that) so it may have the occassional burp, but otherwise, it looks rather interesting as an information gathering tool.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    the beign of authority kurt_der_koenig's Avatar
    Join Date
    Jan 2004
    Location
    Pa
    Posts
    567
    Actually I posted about this here.... lol jk Anyways, thanks for the link. I will definately try this out tomorrow.

  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    Hey, thanks, MsMittens. As always, you come up with some very cool things.

    I ran this on my site and it just showed the opening page. I feel very relieved at this. I ran it on one of the other college's sites and it was going until it crashed. I'll be contacting that SA to have a chat.

  4. #4
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    great link thanks.

    Originally posted here by rapier57
    Hey, thanks, MsMittens. As always, you come up with some very cool things.

    I ran this on my site and it just showed the opening page. I feel very relieved at this. I ran it on one of the other college's sites and it was going until it crashed. I'll be contacting that SA to have a chat.
    try port scanning your site then try different combinations like http://ursite.comortnumberhere example http://yahoo.com:3333 you might find out some vulnerability in your site by default that softare only scans port 80 but if you specify a perticular port number it works too.i tried it on my site on port 8888 and it gave me some threating information.
    nobody is perfect i am nobody

  5. #5
    Banned
    Join Date
    Apr 2003
    Posts
    1,147
    We run port scanners on all our servers on a regular basis.

  6. #6
    Senior Member
    Join Date
    Oct 2004
    Posts
    122
    hey i crashed that too....lol.
    rapier57 just try to do that search on any of onen ports like 8888 for tomcat or so on you might get a few alarming results i was shocked at what i just saw.Just see what information it gives out and how that information can be used by an attarcker.
    nobody is perfect i am nobody

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides