Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: CSS implication
From: Bill Weiss <houdini () nmt edu>
Date: Sun, 17 Mar 2002 22:31:15 -0700
Frog Man(leseulfrog () hotmail com)@Sun, Mar 17, 2002 at 06:40:24PM +0100:

I'm not sure but I think that SSI can be used with CSS.
Then we can include file :<!--#include virtual="thefile"-->, execute 
commands <!--#exec cmd="/user/bin/perl/date"--> and execute CGI script 
<!--#exec cgi="cgi/cgi.cgi"-->.
If that's false, please say it to me.
Sorry for my bad englsih :)
frog-m () n

 
If (a big if) the server supports SSI, and the injected bit of script is held
in an HTML file or something else parsed by the server instead of sent directly 
to the user (like a CGI), then SSI would work.

-- 
Bill Weiss

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]