The application that i'm testing has fuctionality that is like a web server in
the way that I can make a connection via a web browser and it will send HTML
content to the browser that shows the status of a process.
Currently i'm running Web Scarab and Wireshark to monitor the session and
capture the packets.
The service runs as "System" so I believe I have user rights that are assigned
to "System", if thats not the case then it most be running as anonymous which I
believe is include in the Everyone and Users groups.
Take Care and Have Fun --john
-------------- Original message ----------------------
From: "Zed Qyves" <zqyves.spamtrap@gmail.com>
Hello John,
The fact that you are getting a directory traversal should not mean
anything else to you rather than you are getting outside the web root
at least for reading files.
As for PUT, what does the OPTIONS command tell you? Is PUT an enabled
verb on the web server you are testing? otherwise you are not going to
go anywhere with that. You can also check for WEBDAV verbs that may
interest you...
In any case to go outside the web root for writing files as well you
need to have some help from the underlying O/S regaind file/directory
permissions...
Hope it helps,
ZQ
On 10/17/07, jfvanmeter@comcast.net <jfvanmeter@comcast.net> wrote:
Hello everyone, I'm in the middle of a test on a app that the following
command works on
http://mycomputer:port#/..//..//..//..//..//..//..//windows/win.ini
and it will prompt me to save the file, if i check my packet capture I see
the
contents of the file.
So far I've been unable to get a put or post command to work and was hoping
to
get some ideas from you all on things to try.
I've been trying to get nc/telnet and some other tools to help me with the
put
comand
Thanks in advance --John
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
--
---------------------------------------------------------------------
Î?Ï?ÎÏ?ν
á¼?ν Ï?á¿?δ᾽ á¼?Ï?αÏ?κε γá¿?· Ï?ὸ δὲ ζηÏ?οÏ?μενον
á¼?λÏ?Ï?Ï?ν, á¼?κÏ?εÏ?γειν δὲ Ï?á¼?μελοÏ?μενον.
Î?ιδίÏ?οÏ?Ï? ΤÏ?Ï?Ï?ανοÏ? [110]
---------------------------------------------------------------------
Creon
In this our land, so said he, those who seek Shall find; unsought, we
lose it utterly.
Oedipus Rex [110]
---------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
