2

I have a web service (ASP.NET) running on my application server. It can be reached via http://xxxxxx/Servercomponents/servercomp.asmx

Is possible to find this even if you don't know the file name and directory location? Could you scan for it with e.g. nmap or wget? Or could a spider tool like skipfish find it?

schroeder
  • 123,438
  • 55
  • 284
  • 319
John
  • 21
  • 2
  • Why do you want to know? Are you asking how easy it is to hide something like that, or how to find something? Is your perspective from the developer or attacker side? – schroeder Mar 28 '12 at 16:38
  • 1
    If this is on internet and not excluded from search(robots, authenticated only etc etc) try google site: inurl: .asmx. Spiders can find it given it follows a common name or is linked or called from a page which spider can see. – Sachin Kumar Mar 28 '12 at 16:40
  • @SachinKumar that's an easy way to check +1! But then only if indexed by search engines – schroeder Mar 28 '12 at 16:42
  • @schroeder yupes, thats why I entered it as a comment and not answer because its not a full proof solution :) – Sachin Kumar Mar 28 '12 at 16:45

2 Answers2

1

Brute-Force

Scanners can brute-force guess the names of files and find it that way, although if the names are non-standard, it might take a while.

Spidering

If the asmx is linked to by another page that is discoverable (like index.html), then a spider will find it easily.

schroeder
  • 123,438
  • 55
  • 284
  • 319
1

Query Google with "inurl:asmx" or "inurl:asmx site:xxxxxx" The first one finds all known URL's with "asmx" in it; the second one does the same, but only for you website xxxxxx.

jippie
  • 790
  • 1
  • 4
  • 9
  • This was suggested in the comments, and is a good idea, but only half an answer. Spidering tools would provide a more complete look. – schroeder Apr 03 '12 at 20:42