Perusing the target organization’s web page will often get you off to a good start. Many
times, a website will provide excessive amounts of information that can aid attackers.
Believe it or not, we have actually seen organizations list security configuration details
and detailed asset inventory spreadsheets directly on their Internet web servers.
In addition, try reviewing the HTML source code for comments. Many items not
listed for public consumption are buried in HTML comment tags, such as <, !, and --.
Viewing the source code offline may be faster than viewing it online, so it is often
beneficial to mirror the entire site for offline viewing, provided the website is in a format
that is easily downloadable—that is, HTML and not Adobe Flash, usually in a Shockwave
Flash (SWF) format. Having a copy of the targeted site locally may allow you to
programmatically search for comments or other items of interest, thus making your
footprinting activities more efficient. A couple of tried and true website mirroring tools are
• Wget (http://www.gnu.org/software/wget/wget.html) for UNIX
• Teleport Pro (http://www.tenmax.com) for Windows
It may cost money .You can also download it free from above sites.By Teleport or Wget,
find your desired company's web pages detail.
First,after download Teleport Pro,Click on file,then click new project wizard,then click
next,then in adress bar, type an internet adress to serve as the starting location for this
project.Examples of valid internet adresses are like 'www.microsoft.com', 'www.google.com/
news/', or 'www.ibm.com/home/index.htm'.Then click next,Then click finish.then click
save.Then click on project,then click start.Be sure that your internet connection is on.
Be sure to investigate other sites beyond the main “http://www” and “https://
www” sites as well. Hostnames such as www1, www2, web, web1, test, test1, etc., are all
great places to start in your footprinting adventure. But there are others, many others.
Many organizations have sites to handle remote access to internal resources via a
web browser. Microsoft’s Outlook Web Access is a very common example. It acts as a
proxy to the internal Microsoft Exchange servers from the Internet. Typical URLs for this
resource are https://owa.example.com or https://outlook.example.com. Similarly,
organizations that make use of mainframes, System/36s or AS/400s may offer remote
access via a web browser via services like WebConnect by OpenConnect (http://www
.openconnect.com), which serves up a Java-based 3270 and 5250 emulator and allows for
“green screen” access to mainframes and midrange systems such as AS/400s via the
client’s browser.
Virtual Private Networks (VPN) are very common in most organizations as well, so
looking for sites like http://vpn.example.com, https://vpn.example.com, or http://www
. example.com/vpn will often reveal websites designed to help end users connect to their
companies’ VPNs. You may find VPN vendor and version details as well as detailed
instructions on how to download and configure the VPN client software. These sites may
even include a phone number to call for assistance if the hacker—er, I mean, employee—
has any trouble getting connected
Find the software you're looking for at arsoft-download. Com, the most comprehensive source for free-to-try software downloads on the web.
http://www.arsoft-downloads.com/directory/
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন