FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 02-22-2009, 09:39 PM
Maximilian Ga
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

Package: wnpp
Severity: wishlist
Owner: "Maximilian Ga" <mxey@cloudconnected.org>


* Package name : w3bfukk0r
Version : 0.2
Upstream Author : Nico Golde and Andreas Krennmair
* URL : http://www.ngolde.de/w3bfukk0r.html
* License : MIT
Programming Lang: C
Description : scan webservers for hidden directories (forced browsing)

w3bfukk0r is a forced browsing tool, it basically scans webservers
(HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force
mechanism based on a word list.



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-22-2009, 11:09 PM
Ron Johnson
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

On 02/22/2009 04:39 PM, Maximilian Ga wrote:

Package: wnpp
Severity: wishlist
Owner: "Maximilian Ga" <mxey@cloudconnected.org>


* Package name : w3bfukk0r
Version : 0.2
Upstream Author : Nico Golde and Andreas Krennmair
* URL : http://www.ngolde.de/w3bfukk0r.html
* License : MIT
Programming Lang: C
Description : scan webservers for hidden directories (forced browsing)

w3bfukk0r is a forced browsing tool, it basically scans webservers
(HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force
mechanism based on a word list.


What is the *purpose* of w3bfukk0r? Besides fscking up the intarweb?

--
Ron Johnson, Jr.
Jefferson LA USA

The feeling of disgust at seeing a human female in a Relationship
with a chimp male is Homininphobia, and you should be ashamed of
yourself.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-23-2009, 12:18 AM
Asheesh Laroia
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

On Sun, 22 Feb 2009, Ron Johnson wrote:


On 02/22/2009 04:39 PM, Maximilian Ga wrote:

Description : scan webservers for hidden directories (forced browsing)

w3bfukk0r is a forced browsing tool, it basically scans webservers
(HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force
mechanism based on a word list.


What is the *purpose* of w3bfukk0r? Besides fscking up the intarweb?


I think that the description explains that the purpose is to find hidden
directories on web servers, presumably either your own or other people's.


-- Asheesh.

--
You may be gone tomorrow, but that doesn't mean that you weren't here today.
 
Old 02-23-2009, 12:27 AM
Ron Johnson
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

On 02/22/2009 07:18 PM, Asheesh Laroia wrote:

On Sun, 22 Feb 2009, Ron Johnson wrote:


On 02/22/2009 04:39 PM, Maximilian Ga wrote:
Description : scan webservers for hidden directories (forced
browsing)


w3bfukk0r is a forced browsing tool, it basically scans webservers
(HTTP/HTTPS) for a directory by using HTTP HEAD command and brute force
mechanism based on a word list.


What is the *purpose* of w3bfukk0r? Besides fscking up the intarweb?


I think that the description explains that the purpose is to find hidden
directories on web servers, presumably either your own or other people's.


But what (besides web crawling) is the (legal) purpose of that? And
why does it need a word list?


--
Ron Johnson, Jr.
Jefferson LA USA

The feeling of disgust at seeing a human female in a Relationship
with a chimp male is Homininphobia, and you should be ashamed of
yourself.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-23-2009, 11:06 AM
Bjrn Mork
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

Noah Slater <nslater@tumbolia.org> writes:
> On Sun, Feb 22, 2009 at 05:18:39PM -0800, Asheesh Laroia wrote:
>> I think that the description explains that the purpose is to find hidden
>> directories on web servers, presumably either your own or other people's.
>
> Why would you need to find directories on your own server?

Why would you need to buy a gadget like http://www.keyringer.com/ ?


Bjrn
--
Let me tell you something, you capitalist, Napoleon is just a figment
of your imagination


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-23-2009, 11:13 AM
Nico Golde
 
Default Bug#516659: ITP: w3bfukk0r -- scan webservers for hidden directories (forced browsing)

Hi,
* Don Armstrong <don@debian.org> [2009-02-23 10:07]:
> On Mon, 23 Feb 2009, Paul Wise wrote:
[...]
> It'd also be best if this package didn't refer to invented terminology
> like "forced browsing" and instead said what it actually does (return
> the subset of HEAD requests that return 200 from a generated
> wordlist).

http://www.owasp.org/index.php/Forced_browsing

Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
 

Thread Tools




All times are GMT. The time now is 03:53 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org