Penetration Testing: Re: Webdev fuss so what?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Webdev fuss so what?

From: mvillanova <mvillanova () citadel com>
Date: 09 May 2003 13:56:34 -0500

On Thu, 2003-05-08 at 19:16, peter devris wrote:

What is all the fuss about the webdev vul?

I have an IIS5.0 server SP3 and thought I best check
this out so tried the following to test and exploit my
server

webdevfinder.pl - by SensePost Research
      returns - WebDAV possibly in use


Try using the KaHT tool, (www.greyhat.org) it will return a root shell
or add a user depending on your command line switch.  I've found it very
accurate.  

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

By Date By Thread

Current thread:

Webdev fuss so what? peter devris (May 09)
- Re: Webdev fuss so what? mvillanova (May 11)
- <Possible follow-ups>
- RE: Webdev fuss so what? McElroy Richard (May 09)