Trying hard to see the connection to BackTrack here.
In answer to your question though, the best way to find all of the cgi programs on a web server would be to do something like this from the servers console:
OK, Im being a bit facetious there, and this procedure may differ depending on the exact webserver and OS your server uses, but all should have some way of listing their cgi apps from configuration files or the filesystem or an admin console or something.Code:cd /var/www/cgi-bin/ ls
If you want to do it from a seperate system, you need to use some sort of combination spidering/known URLs/brute force method, which is going to provide results that are much less complete. Try something like dirbuster, or one of the active web vulnerability scanners (e.g. one of the commercial ones or an open source one like skipfish, w3af, etc - there is a thread in the Experts forum that mentions some more).