Delicious WebApp Hacking

Wednesday, January 12, 2011

Rob Fuller


In the last post I showed off how's Wayback machine can be used to pull urls for a domain, another place where URLs are stored and can be searched by domain is (a bookmarking service).

I've seen people bookmark everything from internal web portals to urls with special no-auth passwords in them. It may even reveal subdomains and hosts you didn't know about. This can be a very handy set of data.

Be forewarned though, Delicious has been putting ads in the results and I haven't gotten a solid regex to work on picking them out yet. So comb your results before slamming them in the requestor script from the last post.

The module works basically the same way, but here it is in action:

msf auxiliary(enum_delicious) > info
       Name: Pull Links (URLs) for a domain
    Version: 11107
    License: Metasploit Framework License (BSD)
       Rank: Normal

Provided by:  Rob Fuller

Basic options:

  Name     Current Setting Required    Description
   ----        -------------------------        ---------
  DOMAIN         yes                           Domain to request URLS for
  OUTFILE          no                            Where to output the list for use


  This module pulls and parses the URLs stored by users
  for the purpose of replaying during a web assessment. Finding
  unlinked and old pages.

msf auxiliary(enum_delicious) > set DOMAIN
msf auxiliary(enum_delicious) > run

[*] Pulling urls from
[*] Page number: 1
[*] Page number: 2
[*] Page number: 3
[*] Page number: 4
[*] Located 81 addresses for
[*] Auxiliary module execution completed
msf auxiliary(enum_delicious) >

Both this and the Wayback module can be found in the Metasploit trunk

Cross-posted from Room362

Possibly Related Articles:
Web Application Security Metasploit Domain Archives Delicious
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.