Jump to content

Recommended Posts

Posted

Okay I have seen about about on websites with a masked link say it may have the url followed by at the end #!listen/cr2r is there anyway of finding the true link for use in a program say for instance nikto ?

Thanks

Posted (edited)

Masked urls like a URL shortner to see where it redirects to? Not sure with nikto, but you can always paste one into http://validator.w3.org/ to see the final redirected URL's or use wget to script a fake scan and ignore the download but keep a debug log to view all the links it 301/302 redirects through. Could be scripted to automate inline and show the output in a console without having to use a browser to visit a malicious link, but I like using http://validator.w3.org/ since it doesn't require giving up your IP to do the lookup.

* http://validator.w3.org/ also lets you look at the source code of the final site so you can check it for malicious code.

Edited by digip
Posted

If you don't mind the destination knowing where you came from you could use my HTTP Traceroute tool which will follow all redirects and give you full information from each one.

http://digi.ninja/projects/http_traceroute.php

Nikto won't help you with this as it is a static scanner, it looks at the URL you gave it and tests for known issue. It will probably tell you if it is a redirect and the next hop but if you are looking at these as used maliciously then they often use multiple hops so won't get to the end.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...