The database which comes with Whisker is fairly complete, albiet the vulnerability checks are outdated. You can find a copy online at http://www.wiretrip.net/rfp/ On Wednesday 23 May 2001 04:53 am, Alberto Grazi wrote: > Hi, > during a pen-test I have found a directory which probably has exec > permission. > Since I didn't have any name of files (listing is not allowed) my > approach was to try a sort of "dictionary attack" on the URL. > I tried with a normal English dictionary but it didn't find anything > (each word was truncated to the 8th char and ".exe" was appended)... > does anyone know if there is a list of common names of CGIs available > (for Unix and win platforms) ? > > Thx > > Alberto ---------------------------------------- Content-Type: application/x-pkcs7-signature; charset="iso-8859-1"; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Description: ----------------------------------------
This archive was generated by hypermail 2b30 : Wed May 23 2001 - 19:40:05 PDT