Web Application Security
Re: new tool, File Disclosure Browser Sep 27 2011 01:04PM
Robin Wood (robin digininja org)
Take two on the URL:

http://www.digininja.org/projects/fdb.php

Robin

On 27 September 2011 13:40, Robin Wood <robin (at) digininja (dot) org [email concealed]> wrote:
> Hi
> I've released a new tool, the File Disclosure Browser. The app takes
> .DS_Store files found on websites and parses through them to find a
> list of all potential files in the directory. It can then either just
> display the URLs for the files or if you give it a proxy it can browse
> to the files itself.
>
> I wrote it after reading the PDC blog post on passing DirBuster
> through Burp and figured doing the same thing for the contents of
> DS_Store files would be useful. I plan to extend it in the future to
> handle dwsync from Dreamweaver and other common files that disclose
> the names of files on the server.
>
> It is written in Perl and is my first attempt at writing a app from
> scratch so there is little error checking and potentially some bad
> code but it seems to work for most of the cases I've tried.
>
> You can download it from here https://www.damart.co.uk/
>
> Feel free to give feedback.
>
> Robin
>

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus