RE: front page extansions

From: Sergi Rosello (sergi_75@yahoo.es)
Date: Tue May 29 2007 - 09:17:25 EDT


http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

and also

http://packetstormsecurity.org/9910-exploits/webfolders.txt

but, I think you need a lot of luck....

--- juanbabi@yahoo.com escribió:

> Hi,
>
> in doing a pen test on a web server, the scanner
> found those urls:
> status 403 http://www.domain.com/_vti_bin/
> status 200 http://www.domain.com/_vti_inf.html
> status 403 http://www.domain.com/inc/
> status 301 http://www.domain.com/images/
> status 301 http://www.domain.com/faq
>
> FrontPage Configuration Information
> FPVersion="5.0.2.6790"
> FPShtmlScriptUrl="_vti_bin/shtml.dll/_vti_rpc"
> FPAuthorScriptUrl="_vti_bin/_vti_aut/author.dll"
> FPAdminScriptUrl="_vti_bin/_vti_adm/admin.dll"
> TPScriptUrl="_vti_bin/owssvr.dll"
>
>
>
> Any idea how I can exploit those url or abuse them?
>
> thanks a lot !
>
> Juan
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
>
------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------------------------------------------------------------
    Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------

       
____________________________________________________________________________________
¡Descubre una nueva forma de obtener respuestas a tus preguntas!
Entra en Yahoo! Respuestas.
http://es.answers.yahoo.com/info/welcome

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:50 EDT