Re: Apache HTTPD's magical behavior
From: Ryan Yagatich (ryany@procyon.pantek.com)Date: 11/30/01
- Previous message: Russell Handorf: "Apache HTTPD's magical behavior"
- In reply to: Russell Handorf: "Apache HTTPD's magical behavior"
- Next in thread: Doru Petrescu: "Re: Apache HTTPD's magical behavior"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 Nov 2001 14:55:41 -0500 (EST) From: Ryan Yagatich <ryany@procyon.pantek.com> To: Russell Handorf <rhandorf@mail.russells-world.com> Subject: Re: Apache HTTPD's magical behavior Message-ID: <Pine.LNX.4.33.0111301452190.20306-100000@procyon.pantek.com>
Russell:
I'm sorry if there is any confusion, however these 2 URL's are
different. backbone.sourceforge.com is redirected to 'sourceforge.net'and
backbone.sourceforge.net has directory browsing available anyways. by
attempting to access: backbone.sourceforge.com/mrtg-2.8.12/ I get a 404.
when trying to access backbone.sourceforge.net/mrtg-2.8.12/ I show up with
"Index of...."
when attempting to add .. to the directory, obviously i get
backbone.sourceforge.net's directory because its browseable anyways.
Could you please explain further on any other findings?
Thanks,
Ryan Yagatich
On Fri, 30 Nov 2001, Russell Handorf wrote:
-Today I was browsing the Internet when I came across a server that would
-not let me view the contents of the root dir.
-
-However, it did let me view the contents of a dir within it's root dir. So
-I tried the following:
-
-http://
-
-And for some reason it allowed me to view the root dir and all of its contents.
-
-Anyone else have this problem?
-
-I submit the following example.
-
-First, go to
-
-http://backbone.sourceforge.com
-
-now, go to
-
-http://backbone.sourceforge.net/mrtg-2.8.12/.. (Don't forget the '..'s)
-
-I know the server log's it as viewing the readable dir plus the /.. and
-that files within the root dir, once exposed via the '..', may have a
-problem with being downloaded. That is easily circumvented via adding in
-the file name after .. (ex: http://
-
-
-russ
-==================================
-Russell Handorf
-oooo, shiney ::Wanders after it::
-
-www.russells-world.com
-www.inside-aol.com
-www.terrorists.net
-www.bad-mother-fucker.org
-www.philly2600.net
-
-"Computer games don't affect kids, I mean if Pacman affected us as kids,
-we'd all be running around in darkened rooms, munching pills and listening
-to repetitive music." ~unknown
-==================================
-
