|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: H. Kurth Bemis (kurth
kurthbemis.com)
Date: Thu Dec 18 2008 - 18:33:50 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Not sure if anything at the DNS level will help you, but if so, then
this site is useful.
http://www.guerrilladns.com/
Lets you lookup an IP or DNS name, then returned all other domains that
are hosted on the same IP.
~k
On Thu, 2008-12-18 at 18:12 -0500, Markus Matiaschek wrote:
> Hi all,
>
> i got a problem with a client which basically sums up: php safe_mode = off...
>
> so far, so bad, but now i want to know first if the clients website is
> the only attack vector, or if there are other sites running on the IIS
> of this Windows NT machine.
>
> Since i already have access to the server, the question how to do this
> with only a IP Adress is theoretical, but nonetheless interesting.
>
> I don't want to be too intrusive and install rootkits or stuff like
> this, but i thought the information of the IIS hosted websites must be
> somewhere, so i got myself some information with the following
> commands:
> regedit /e c:\output.txt HKEY_LOCAL_MACHINE\Software\Microsoft\
> regedit /e c:\output.txt HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\
>
> but i canĀ“t see any information about the clients- or any other IIS
> website there.
>
> The execution of .vbs scripts is denied, so that is not an option.
>
> I already identified interesting folders in the wwwroot of IIS, but
> none of the names of the folders or the content i tried shows up on
> google.
>
> Anyone any other Ideas?
>
> Thank you in advance,
> Markus
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Security Trends Report from Cenzic
> Stay Ahead of the Hacker Curve!
> Get the latest Q2 2008 Trends Report now
>
> www.cenzic.com/landing/trends-report
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]