Archive.org Stored Domain URLs - Metasploit
This page contains detailed information about how to use the auxiliary/scanner/http/enum_wayback metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Archive.org Stored Domain URLs
Module: auxiliary/scanner/http/enum_wayback
Source code: modules/auxiliary/scanner/http/enum_wayback.rb
Disclosure date: -
Last modification time: 2021-11-10 10:05:45 +0000
Supported architecture(s): -
Supported platform(s): -
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This module pulls and parses the URLs stored by Archive.org for the purpose of replaying during a web assessment. Finding unlinked and old pages.
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Basic Usage
msf > use auxiliary/scanner/http/enum_wayback
msf auxiliary(enum_wayback) > show targets
... a list of targets ...
msf auxiliary(enum_wayback) > set TARGET target-id
msf auxiliary(enum_wayback) > show options
... show and set options ...
msf auxiliary(enum_wayback) > exploit
Required Options
- DOMAIN: Domain to request URLS for
Knowledge Base
Introduction
This module pulls and parses the URLs stored by Archive.org for the purpose of replaying during a web assessment. Finding unlinked and old pages. This module utilizes Archive.org's Wayback Machine's API.
Usage
msf5 > use auxiliary/scanner/http/enum_wayback
msf5 auxiliary(scanner/http/enum_wayback) > set domain rapid7.com
domain => rapid7.com
msf5 auxiliary(scanner/http/enum_wayback) > run
[*] Pulling urls from Archive.org
[*] Located 43656 addresses for rapid7.com
http://mailto:[email protected]/
http://mailto:[email protected]/
http://mailto:[email protected]/robots.txt
http://rapid7.com
http://rapid7.com/
http://rapid7.com/GlobalStyleSheet.css
http://rapid7.com/WebResources/images/Background2.gif
http://rapid7.com/WebResources/images/GlobalNavigation/Downloads_u.gif
http://rapid7.com/WebResources/images/GlobalNavigation/Home_d.gif
http://rapid7.com/WebResources/images/GlobalNavigation/NeXpose_d.gif
http://rapid7.com/WebResources/images/GlobalNavigation/NeXpose_u.gif
http://rapid7.com/WebResources/images/GlobalNavigation/Support_d.gif
http://rapid7.com/WebResources/images/GlobalNavigation/Support_u.gif
...snip...
Go back to menu.
Msfconsole Usage
Here is how the scanner/http/enum_wayback auxiliary module looks in the msfconsole:
msf6 > use auxiliary/scanner/http/enum_wayback
msf6 auxiliary(scanner/http/enum_wayback) > show info
Name: Archive.org Stored Domain URLs
Module: auxiliary/scanner/http/enum_wayback
License: Metasploit Framework License (BSD)
Rank: Normal
Provided by:
mubix <[email protected]>
Check supported:
No
Basic options:
Name Current Setting Required Description
---- --------------- -------- -----------
DOMAIN yes Domain to request URLS for
OUTFILE no Where to output the list for use
Description:
This module pulls and parses the URLs stored by Archive.org for the
purpose of replaying during a web assessment. Finding unlinked and
old pages.
Module Options
This is a complete list of options available in the scanner/http/enum_wayback auxiliary module:
msf6 auxiliary(scanner/http/enum_wayback) > show options
Module options (auxiliary/scanner/http/enum_wayback):
Name Current Setting Required Description
---- --------------- -------- -----------
DOMAIN yes Domain to request URLS for
OUTFILE no Where to output the list for use
Advanced Options
Here is a complete list of advanced options supported by the scanner/http/enum_wayback auxiliary module:
msf6 auxiliary(scanner/http/enum_wayback) > show advanced
Module advanced options (auxiliary/scanner/http/enum_wayback):
Name Current Setting Required Description
---- --------------- -------- -----------
PROXY no Proxy server to route connection. <host>:<port>
PROXY_PASS no Proxy Server Password
PROXY_USER no Proxy Server User
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Auxiliary Actions
This is a list of all auxiliary actions that the scanner/http/enum_wayback module can do:
msf6 auxiliary(scanner/http/enum_wayback) > show actions
Auxiliary actions:
Name Description
---- -----------
Evasion Options
Here is the full list of possible evasion options supported by the scanner/http/enum_wayback auxiliary module in order to evade defenses (e.g. Antivirus, EDR, Firewall, NIDS etc.):
msf6 auxiliary(scanner/http/enum_wayback) > show evasion
Module evasion options:
Name Current Setting Required Description
---- --------------- -------- -----------
Go back to menu.
Error Messages
This module may fail with the following error messages:
Check for the possible causes from the code snippets below found in the module source code. This can often times help in identifying the root cause of the problem.
OUTFILE did not exist, creating..
Here is a relevant code snippet related to the "OUTFILE did not exist, creating.." error message:
59: print_status("Writing URLs list to #{datastore['OUTFILE']}...")
60: file_name = datastore['OUTFILE']
61: if FileTest::exist?(file_name)
62: print_status("OUTFILE already existed, appending..")
63: else
64: print_status("OUTFILE did not exist, creating..")
65: end
66:
67: File.open(file_name, 'ab') do |fd|
68: fd.write(data)
69: end
Go back to menu.
Related Pull Requests
- #8716 Merged Pull Request: Print_Status -> Print_Good (And OCD bits 'n bobs)
- #8593 Merged Pull Request: Fix enum_wayback using CDX API
- #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
- #6655 Merged Pull Request: use MetasploitModule as a class name
- #6648 Merged Pull Request: Change metasploit class names
- #2525 Merged Pull Request: Change module boilerplate
- #1228 Merged Pull Request: MSFTIDY cleanup #1 - auxiliary
- #952 Merged Pull Request: standardizing author info
- #674 Merged Pull Request: Comply with msftidy
Go back to menu.
See Also
Check also the following modules related to this module:
- auxiliary/cloud/aws/enum_ec2
- auxiliary/cloud/aws/enum_iam
- auxiliary/cloud/aws/enum_s3
- auxiliary/cloud/kubernetes/enum_kubernetes
- auxiliary/gather/enum_dns
- auxiliary/scanner/http/apache_userdir_enum
- auxiliary/scanner/http/cisco_ironport_enum
- auxiliary/scanner/http/drupal_views_user_enum
- auxiliary/scanner/http/gitlab_graphql_user_enum
- auxiliary/scanner/http/gitlab_user_enum
- auxiliary/scanner/http/influxdb_enum
- auxiliary/scanner/http/infovista_enum
- auxiliary/scanner/http/jenkins_enum
- auxiliary/scanner/http/jira_user_enum
- auxiliary/scanner/http/ntlm_info_enumeration
- auxiliary/scanner/http/radware_appdirector_enum
- auxiliary/scanner/http/rfcode_reader_enum
- auxiliary/scanner/http/sap_businessobjects_user_enum
- auxiliary/scanner/http/sap_businessobjects_version_enum
- auxiliary/scanner/http/sentry_cdu_enum
- auxiliary/scanner/http/sevone_enum
- auxiliary/scanner/http/squiz_matrix_user_enum
- auxiliary/scanner/http/synology_forget_passwd_user_enum
- auxiliary/scanner/http/tomcat_enum
- auxiliary/scanner/http/wordpress_login_enum
Authors
- mubix
Version
This page has been produced using Metasploit Framework version 6.1.36-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.