Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: front page extansions
From: Sergi Rosello <sergi_75 () yahoo es>
Date: Tue, 29 May 2007 15:17:25 +0200 (CEST)


http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

and also  

http://packetstormsecurity.org/9910-exploits/webfolders.txt

but, I think you need a lot of luck.... 

--- juanbabi () yahoo com escribió:

Hi,

in doing a pen test on a web server, the scanner
found those urls:
status 403 http://www.domain.com/_vti_bin/ 
status 200 http://www.domain.com/_vti_inf.html
status 403 http://www.domain.com/inc/
status 301 http://www.domain.com/images/
status 301 http://www.domain.com/faq

FrontPage Configuration Information
    FPVersion="5.0.2.6790"
    FPShtmlScriptUrl="_vti_bin/shtml.dll/_vti_rpc"
    FPAuthorScriptUrl="_vti_bin/_vti_aut/author.dll"
    FPAdminScriptUrl="_vti_bin/_vti_adm/admin.dll"
    TPScriptUrl="_vti_bin/owssvr.dll"

 

Any idea how I can exploit those url or abuse them?

thanks a lot !

Juan


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020

------------------------------------------------------------------------




------------------------------------------------------------------------------------------------------------------------------------
    Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del 
destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de 
cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al 
remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración.   
------------------------------------------------------------------------------------------------------------------------------------


       
____________________________________________________________________________________
¡Descubre una nueva forma de obtener respuestas a tus preguntas!
Entra en Yahoo! Respuestas.
http://es.answers.yahoo.com/info/welcome

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault