![]() This kind of scanning can (and possibly will) be counted as an attack on an organisation.ĭo NOT do it unless you have permission to scan. In the rest of this article we will look at some techniques and tools for enumerating the site with brute force. Backup archives, for example site or database backups. ![]() Functionality that has been hidden from the user.This may help you view the source of interpreted files. Temporary / Backup files, editors such as emacs make use of temporary files while you are working.Other example of things we might be able to find include: However, if we can discover the page, we may be able to make use of that functionality. For example, an admin interface will be shown in the navigation menus for admin users, but hidden from others. This could be features used for debugging and testing, or old content that has not been removed.Ī sites authorisation levels may also conceal functionality from us. However, it is common for web applications to have content and functionality that is not reachable from the main content. Last week we focused on mapping the "visible" content of a site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |