Re: Directory Transversal
- From: jfvanmeter@xxxxxxxxxxx
- Date: Thu, 18 Oct 2007 11:29:24 +0000
The application that i'm testing has fuctionality that is like a web server in the way that I can make a connection via a web browser and it will send HTML content to the browser that shows the status of a process.
Currently i'm running Web Scarab and Wireshark to monitor the session and capture the packets.
The service runs as "System" so I believe I have user rights that are assigned to "System", if thats not the case then it most be running as anonymous which I believe is include in the Everyone and Users groups.
Take Care and Have Fun --john
-------------- Original message ----------------------
From: "Zed Qyves" <zqyves.spamtrap@xxxxxxxxx>
Hello John,
The fact that you are getting a directory traversal should not mean
anything else to you rather than you are getting outside the web root
at least for reading files.
As for PUT, what does the OPTIONS command tell you? Is PUT an enabled
verb on the web server you are testing? otherwise you are not going to
go anywhere with that. You can also check for WEBDAV verbs that may
interest you...
In any case to go outside the web root for writing files as well you
need to have some help from the underlying O/S regaind file/directory
permissions...
Hope it helps,
ZQ
On 10/17/07, jfvanmeter@xxxxxxxxxxx <jfvanmeter@xxxxxxxxxxx> wrote:
command works on
Hello everyone, I'm in the middle of a test on a app that the following
http://mycomputer:port#/..//..//..//..//..//..//..//windows/win.inicontents of the file.
and it will prompt me to save the file, if i check my packet capture I see the
get some ideas from you all on things to try.
So far I've been unable to get a put or post command to work and was hoping to
comand
I've been trying to get nc/telnet and some other tools to help me with the put
Thanks in advance --John
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
--
---------------------------------------------------------------------
Î?Ï?ÎÏ?ν
á¼?ν Ï?á¿?δ᾽ á¼?Ï?αÏ?κε γá¿?· Ï?ὸ δὲ ζηÏ?οÏ?μενον
á¼?λÏ?Ï?Ï?ν, á¼?κÏ?εÏ?γειν δὲ Ï?á¼?μελοÏ?μενον.
Î?ιδίÏ?οÏ?Ï? ΤÏ?Ï?Ï?ανοÏ? [110]
---------------------------------------------------------------------
Creon
In this our land, so said he, those who seek Shall find; unsought, we
lose it utterly.
Oedipus Rex [110]
---------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- Prev by Date: re: Directory Transversal
- Next by Date: Re: Thanks Alex and Jond -- metasploit and proxyport
- Previous by thread: re: Directory Transversal
- Next by thread: RE: Directory Transversal
- Index(es):
Relevant Pages
|
|
