Re: HEAD request

From: Mike Klingler (whitehatguru@gmail.com)
Date: Mon Sep 11 2006 - 13:01:06 EDT

• Next message: Richard Braganza: "Re: pen testing https portal?"
• Previous message: Nish Bhalla: "RE: tools to scan source code"
• In reply to: StyleWar: "RE: HEAD request"
• Next in thread: Ory Segal: "RE: HEAD request"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If you are unsure of how to format the request properly, just use curl
-I (capital i)
That will give you the headers for any given request. Quite useful
and a lot easy to remember than the format of a request.

On 9/11/06, StyleWar <stylewar@cox.net> wrote:
> I doubt it...Tell us exactly what steps you're using to issue the request...
> maybe that will help.
>
> -
>
> StyleWar
>
> "Happiness makes up for in height, what it lacks in length"
>
> > -----Original Message-----
> > From: listbounce@securityfocus.com
> > [mailto:listbounce@securityfocus.com] On Behalf Of vijay shetti
> > Sent: Saturday, September 09, 2006 3:14 AM
> > To: pen-test@securityfocus.com
> > Subject: HEAD request
> >
> > Hello all!!!
> >
> > I am doing assessment of a web server
> >
> > When I issue HEAD request using nc I don't get any response
> > from the webserver and I get disconnected after some time.
> > What should i conclude from that?Does it mean that the
> > administrator has blocked HEAD requests?
> >
> > regards,
> > Vijay
> >
> > --------------------------------------------------------------
> > ----------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> > http://www.cenzic.com/products_services/download_hailstorm.php
> > --------------------------------------------------------------
> > ----------
> >
> >
>
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> ------------------------------------------------------------------------
>
>

-- 
Michael Klingler, CISSP
SecurityMetrics Penetration Tester
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

• Next message: Richard Braganza: "Re: pen testing https portal?"
• Previous message: Nish Bhalla: "RE: tools to scan source code"
• In reply to: StyleWar: "RE: HEAD request"
• Next in thread: Ory Segal: "RE: HEAD request"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT