Monday, February 21, 2011

is there any way to find orphaned pages without having access to the server?

Let's say I am testing beta pages on my server and was too lazy to password protect the pages I put up. I am putting them up in some obscure named sub-directory. Is there any way of people seeing the beta pages without guessing around at file names or looking at the directory from an FTP client?

These are all orphaned pages, there is no way of getting to them from the homepage.

From stackoverflow
  • As long as these pages have never been linked to at some point, and detected by a search bot, there is no way to list them.

    aaa : is there any sort of efficient link bruteforcing that gets used to find hidden content? also I was really confused for a second by your name and last initial. same as mine
  • You can test with wfuzz to try your "obscure" paths but I don't recommend this technique. At least protect them with a basic auth.

    Also be aware of using Google (or other search engine) toolbar: GoogleBot visits what you visit if you have the toolbar

    It's an old news but who knows... :)

    Chris T : +1 I didn't know about the toolbar

0 comments:

Post a Comment