RE: front page extansions

---

• From: Sergi Rosello <sergi_75@xxxxxxxx>
• Date: Tue, 29 May 2007 15:17:25 +0200 (CEST)

---

http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

and also

http://packetstormsecurity.org/9910-exploits/webfolders.txt

but, I think you need a lot of luck....

--- juanbabi@xxxxxxxxx escribió:

Hi,

in doing a pen test on a web server, the scanner
found those urls:
status 403 http://www.domain.com/_vti_bin/
status 200 http://www.domain.com/_vti_inf.html
status 403 http://www.domain.com/inc/
status 301 http://www.domain.com/images/
status 301 http://www.domain.com/faq

FrontPage Configuration Information
FPVersion="5.0.2.6790"
FPShtmlScriptUrl="_vti_bin/shtml.dll/_vti_rpc"
FPAuthorScriptUrl="_vti_bin/_vti_aut/author.dll"
FPAdminScriptUrl="_vti_bin/_vti_adm/admin.dll"
TPScriptUrl="_vti_bin/owssvr.dll"



Any idea how I can exploit those url or abuse them?

thanks a lot !

Juan

------------------------------------------------------------------------

This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020

------------------------------------------------------------------------

------------------------------------------------------------------------------------------------------------------------------------
Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------



____________________________________________________________________________________
¡Descubre una nueva forma de obtener respuestas a tus preguntas!
Entra en Yahoo! Respuestas.
http://es.answers.yahoo.com/info/welcome

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

---

• References:
  • front page extansions
    • From: juanbabi

• Prev by Date: Re: Database pen-testing tools
• Next by Date: Disclosure of vulns and its legal aspects...
• Previous by thread: Re: front page extansions
• Next by thread: Disclosure of vulns and its legal aspects...
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Sneaking a peek on Wlan in airports ... Are you using SPI, Watchfire or WhiteHat? ... Consider getting clear vision with Cenzic See HOW Now with ... (Pen-Test) RE: Sneaking a peek on Wlan in airports ... Are you using SPI, Watchfire or WhiteHat? ... Consider getting clear vision with Cenzic See HOW Now with ... (Pen-Test) Re: Sneaking a peek on Wlan in airports ... Are you using SPI, Watchfire or WhiteHat? ... Consider getting clear vision with Cenzic ... (Pen-Test) Re: Sneaking a peek on Wlan in airports ... Are you using SPI, Watchfire or WhiteHat? ... Consider getting clear vision with Cenzic ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2007-05