Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Sgdynamo.exe Script -- Path Disclosure
From: "Ruso, Anthony" <aruso () positron qc ca>
Date: Wed, 16 May 2001 11:55:32 -0400
I contacted Microsoft and they had no idea.

Either way: 

Sgdynamo.exe is a script that sits in your cgi-bin/scripts directory. 

It expects a HTNAME identifier like so
http://www.yourcompany.com/cgi-bin/sgdynamo.exe?HTNAME=default.htm
Surprisingly enough if you throw it a bogus HTNAME identifier is discloses a
path to "I don't know where" but it's enough to tell you if it's a Microsoft
OS or Not.
http://www.yourcompany.com/cgi-bin/sgdynamo.exe?HTNAME=bogus.htm
Has anyone heard of this?
To test it out click below and take your pick.
http://www.google.com/search?q=sgdynamo.exe&btnG=Google+Search
I've searched previous post for the file and didn't find anything at all. 
Any leads would be great !
Later
Anthony Ruso

  By Date           By Thread  

Current thread:
  • Sgdynamo.exe Script -- Path Disclosure Ruso, Anthony (May 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]