Tutorial for using Load Balance Detector 0.1 in BT4
This is quick and easy.
For Background on Load Balancing see the link.
Description: lbd (load balancing detector) detects if a given domain uses
DNS and/or HTTP Load-Balancing (via Server: and Date: headers and diffs
between server answers). It's useful for pentesters and other curious people
For this example we use the fake domain at www.yourtargetdomain.com
open a shell and navigate to the following
Or under the menu Backtrack>Information Gathering>All>lbd
doing so gives us the following:
Usage is simple
lbd - load balancing detector 0.1 - Checks if a given domain uses load-balancing .
Written by Stefan Behte (http://ge.mine.nu)
Proof-of-concept! Might give false positives .
usage: ./lbd.sh [domain]
root@bt:/pentest/enumeration/lbd# ./lbd.sh www.yourtargetdomain.com
output truncated by me
Checking for DNS-Loadbalancing: FOUND
www.l.yourtargetdomain.com has address 192.168.39.147
www.l.yourtargetdomain.com has address 192.168.39.99
www.l.yourtargetdomain.com has address 192.168.39.103
www.l.yourtargetdomain.com has address 192.168.39.104
Checking for HTTP-Loadbalancing [Server]:
Checking for HTTP-Loadbalancing [Date]: 09:59:52, 09:59:52, 09:59:52, 09:59:52, 09:59:52, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:53, 09:59:54, , NOT F OUND
Checking for HTTP-Loadbalancing [Diff]: NOT FOUND
www.yourtargetdomain.com does Load-balancing. Found via Methods: DNS