Home page logo

pen-test logo Penetration Testing mailing list archives

Re: uploading files to Apache webserver
From: mel <meling () scan-associates net>
Date: Thu, 18 Oct 2001 09:14:24 +0800

have you tested the PUT script so it is known working ?

it turns out that that particular directory, will give the same
HTML page no matter what html request I give:

http://victim/dir/  will return a default HTML page (which is actually
an output of some CGIs for debugging)
http://victim/dir/1.txt returns the same thing as above
http://victim/dir/non_existent_file returns the same as above

Thus /dir is mapped to a virtual directory or file (I'm not sure how this is
done in Apache)

meling mudin (meling () scan-associates net)

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]