Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Another interesting Cart32 command
From: cassius () HUSHMAIL COM (cassius () HUSHMAIL COM)
Date: Wed, 3 May 2000 00:39:26 -0800

Another interesting Cart32 command

example:   http://example.com/cgi-bin/cart32.exe/expdate

This causes an error and displays a debugging page with server variables,
 the
contents of the Cart32 administration directory and sometimes, the contents
of cgi-bin.
This makes it easy to spot misconfigured Cart32 installs (customer databases
installed to the cgi-bin directory.)

You could fix this one in a hexeditor by changing the /EXPDATE string to
something random.

/fx7#d () +  <--- free pseudo-random string

-Cassius

IMPORTANT NOTICE:  If you are not using HushMail, this message could have been read easily by the many people who have 
access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.

  By Date           By Thread  

Current thread:
  • Another interesting Cart32 command cassius () HUSHMAIL COM (May 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]