Re: Webdev fuss so what?

From: mvillanova (mvillanova@citadel.com)
Date: Fri May 09 2003 - 14:56:34 EDT

• Next message: Amal Al Hajeri: "Mail Server testing"
• Previous message: Stephen Smoogen: "Re: Where is a Free Copy of ISO17799?"
• In reply to: peter devris: "Webdev fuss so what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2003-05-08 at 19:16, peter devris wrote:
> What is all the fuss about the webdev vul?
>
> I have an IIS5.0 server SP3 and thought I best check
> this out so tried the following to test and exploit my
> server
>
> webdevfinder.pl - by SensePost Research
> returns - WebDAV possibly in use

Try using the KaHT tool, (www.greyhat.org) it will return a root shell
or add a user depending on your command line switch. I've found it very
accurate.

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

• Next message: Amal Al Hajeri: "Mail Server testing"
• Previous message: Stephen Smoogen: "Re: Where is a Free Copy of ISO17799?"
• In reply to: peter devris: "Webdev fuss so what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT