Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Errors displayed on a web server

Re: Errors displayed on a web server

From: Daniel <deeper_at_gmail.com>
Date: Tue, 5 Jul 2005 16:32:54 +0100

well its WebSphere for sure, and what ever you were doing with the
URL's made it throw a hissyfit

Was this just for non existant urls or were you doing some fuzzing as well?

On 7/5/05, Bénoni MARTIN <Benoni.MARTIN_at_libertis.ga> wrote:
> Hi list,
>
> I am currently performing a pen-test on a company's web server, and I found the following error display when testing some random-generated URLs. It seems to be some Java code, but as I do not know this language, anyone skilled on tha can tell me if this stuff can be useful for further attacks or not (the real company name has been hidden behind ****)?
>
>
>
>
>
>
> <---------- // Snip ---------->
>
>
>
> A recursive error was detected.
> The server cannot use specified error page. Please check the application error-path.
>
>
> Original Error:
> Error Message: File not found: //profile*
> Error Code: 404
> Target Servlet: File Serving Enabler
> Error Stack:
>
> --------------------------------------------------------------------------------
> Root Error-1: File not found: //profile*
>
> com.ibm.servlet.engine.webapp.WebAppErrorReport: File not found: //profile*
> at java.lang.Throwable.fillInStackTrace(Native Method)
> at java.lang.Throwable.fillInStackTrace(Compiled Code)
> at java.lang.Throwable.<init>(Compiled Code)
> at java.lang.Exception.<init>(Compiled Code)
> at javax.servlet.ServletException.<init>(Compiled Code)
> at com.ibm.websphere.servlet.error.ServletErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppDispatcherResponse.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.SimpleFileServlet.doGet(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(Compiled Code)
> at com.ibm.servlet.engine.webapp.IdleServletState.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstance.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(Compiled Code)
> at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(Compiled Code)
> at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(Compiled Code)
> at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(Compiled Code)
> at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp$ServiceRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp.notifySQEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQEventSource.notifyEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.notifyService(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.outofproc.OutOfProcThread$CtlRunnable.run(Compiled Code)
> at java.lang.Thread.run(Thread.java:479)
>
>
>
>
>
> Recursive Error:
> Error Message: Server caught unhandled exception from servlet [Srv***********]: Requested path : /ga/profile* is not deliverd by this application !
> Error Code: 0
> Target Servlet: null
> Error Stack:
>
> --------------------------------------------------------------------------------
> Root Error-1: Requested path : /ga/profile* is not deliverd by this application !
>
> javax.servlet.ServletException: Requested path : /ga/profile* is not deliverd by this application !
> at java.lang.Throwable.fillInStackTrace(Native Method)
> at java.lang.Throwable.fillInStackTrace(Compiled Code)
> at java.lang.Throwable.<init>(Compiled Code)
> at java.lang.Exception.<init>(Compiled Code)
> at javax.servlet.ServletException.<init>(Compiled Code)
> at com.***********.fo.engine.Srv***********.doPost(Compiled Code)
> at com.***********.fo.engine.Srv***********.doGet(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(Compiled Code)
> at com.ibm.servlet.engine.webapp.IdleServletState.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstance.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.include(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebApp.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppDispatcherResponse.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.SimpleFileServlet.doGet(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(Compiled Code)
> at com.ibm.servlet.engine.webapp.IdleServletState.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstance.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(Compiled Code)
> at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(Compiled Code)
> at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(Compiled Code)
> at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(Compiled Code)
> at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp$ServiceRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp.notifySQEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQEventSource.notifyEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.notifyService(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.outofproc.OutOfProcThread$CtlRunnable.run(Compiled Code)
> at java.lang.Thread.run(Thread.java:479)
>
>
>
> --------------------------------------------------------------------------------
> Wrapped Error-2: Server caught unhandled exception from servlet [Srv***********]: Requested path : /ga/profile* is not deliverd by this application !
>
> com.ibm.servlet.engine.webapp.UncaughtServletException: Server caught unhandled exception from servlet [Srv***********]: Requested path : /ga/profile* is not deliverd by this application !
> at java.lang.Throwable.fillInStackTrace(Native Method)
> at java.lang.Throwable.fillInStackTrace(Compiled Code)
> at java.lang.Throwable.<init>(Compiled Code)
> at java.lang.Exception.<init>(Compiled Code)
> at javax.servlet.ServletException.<init>(Compiled Code)
> at com.ibm.websphere.servlet.error.ServletErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.UncaughtServletException.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.include(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebApp.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppDispatcherResponse.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.SimpleFileServlet.doGet(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(Compiled Code)
> at com.ibm.servlet.engine.webapp.IdleServletState.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstance.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(Compiled Code)
> at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(Compiled Code)
> at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(Compiled Code)
> at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(Compiled Code)
> at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp$ServiceRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp.notifySQEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQEventSource.notifyEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.notifyService(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.outofproc.OutOfProcThread$CtlRunnable.run(Compiled Code)
> at java.lang.Thread.run(Thread.java:479)
>
>
>
> --------------------------------------------------------------------------------
> Wrapped Error-3: Server caught unhandled exception from servlet [Srv***********]: Requested path : /ga/profile* is not deliverd by this application !
>
> com.ibm.servlet.engine.webapp.WebAppErrorReport: Server caught unhandled exception from servlet [Srv***********]: Requested path : /ga/profile* is not deliverd by this application !
> at java.lang.Throwable.fillInStackTrace(Native Method)
> at java.lang.Throwable.fillInStackTrace(Compiled Code)
> at java.lang.Throwable.<init>(Compiled Code)
> at java.lang.Exception.<init>(Compiled Code)
> at javax.servlet.ServletException.<init>(Compiled Code)
> at com.ibm.websphere.servlet.error.ServletErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppErrorReport.<init>(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebApp.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppDispatcherResponse.sendError(Compiled Code)
> at com.ibm.servlet.engine.webapp.SimpleFileServlet.doGet(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at javax.servlet.http.HttpServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictServletInstance.doService(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet._service(Compiled Code)
> at com.ibm.servlet.engine.webapp.IdleServletState.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.StrictLifecycleServlet.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstance.service(Compiled Code)
> at com.ibm.servlet.engine.webapp.ValidServletReferenceState.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.ServletInstanceReference.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.handleWebAppDispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.dispatch(Compiled Code)
> at com.ibm.servlet.engine.webapp.WebAppRequestDispatcher.forward(Compiled Code)
> at com.ibm.servlet.engine.srt.WebAppInvoker.handleInvocationHook(Compiled Code)
> at com.ibm.servlet.engine.invocation.CachedInvocation.handleInvocation(Compiled Code)
> at com.ibm.servlet.engine.srp.ServletRequestProcessor.dispatchByURI(Compiled Code)
> at com.ibm.servlet.engine.oselistener.OSEListenerDispatcher.service(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp$ServiceRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.SQEventListenerImp.notifySQEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQEventSource.notifyEvent(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.notifyService(Compiled Code)
> at com.ibm.servlet.engine.oselistener.serverqueue.SQWrapperEventSource$SelectRunnable.run(Compiled Code)
> at com.ibm.servlet.engine.oselistener.outofproc.OutOfProcThread$CtlRunnable.run(Compiled Code)
> at java.lang.Thread.run(Thread.java:479)
>
>
>
>
> <---------- Snip // ---------->
>
Received on Jul 05 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]