.pike Should we include .htm, and .html as well, since those can be mapped to be dynamic on most web servers? (i.e. you can enable SSI on .html on Apache.) I presume you're working on a web server scanner of some sort. It has occurred to me that it would be nice to have a tool that would spider a site, and record all URLs that are referred to via PUT or POST, or GET with variable passing. I realize that a dumb spider wouldn't get all the default examples files that aren't normally referenced, but are sitting there half the time. Nor would it get nested forms that require the first form to have some intelligent input to proceed, but it could be written to be somewhat interactive so that a person could help it get past forms when needed. Just a thought. I've often wanted a tool that I could point at a site, let run for a few hours, and come back with a probably list of server side scripts to poke at. Be nice if it produced lists of variables, too, while I'm asking... BB Michal Zalewski wrote: > I am looking for a list of common locations, filenames and file extensions > for cgi scripts, servlets and parsed html on miscleanous servers.
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 16:19:52 PDT