Published on February 26th, 2018 |
WebLorean is a time-travel tool for web admins and IT security people. This tool allows pentesters and sysadmins to run an infogather phase against a website’s past hosts, exploting the human weakness of lazyness.
If we go to Netcraft, and check some domain name using their tools, we MIGHT find the hosting history of a website. Yes, www.example.com used to run on server A, then server B, now server C! And, wow, thats weird, the old servers are still up and running.
So, www.example.com MIGHT still be configured in one of those servers. You know how hosting companies [dont] do their homework sometimes 😉
So, an attacker could fire up a scanner, and by any means available, target www.example.com thru the older IP addresses, and scan our OLD WEBSITE[s], which, of course, we no longer keep updated (maybe not even the server, for that matter…). And you know what outdated usually means: holes. Lots of them.
And holes lead to lots of things: remote code execution, data exfiltration, resource control.
Additionally, this could can be used to detect bad implementations of CDNs, and to uncover origin servers behind CDNs.
cd weblorean ./weblorean.py http://www.example.org
More Information: here
Thanks to our friend Arturo ‘Buanzo‘ Busleiman for sharing this tool with us. 😉