From: Sergi Rosello (sergi_75@yahoo.es)
Date: Tue May 29 2007 - 09:17:25 EDT
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
and also
http://packetstormsecurity.org/9910-exploits/webfolders.txt
but, I think you need a lot of luck....
--- juanbabi@yahoo.com escribió:
> Hi,
>
> in doing a pen test on a web server, the scanner
> found those urls:
> status 403 http://www.domain.com/_vti_bin/
> status 200 http://www.domain.com/_vti_inf.html
> status 403 http://www.domain.com/inc/
> status 301 http://www.domain.com/images/
> status 301 http://www.domain.com/faq
>
> FrontPage Configuration Information
> FPVersion="5.0.2.6790"
> FPShtmlScriptUrl="_vti_bin/shtml.dll/_vti_rpc"
> FPAuthorScriptUrl="_vti_bin/_vti_aut/author.dll"
> FPAdminScriptUrl="_vti_bin/_vti_adm/admin.dll"
> TPScriptUrl="_vti_bin/owssvr.dll"
>
>
>
> Any idea how I can exploit those url or abuse them?
>
> thanks a lot !
>
> Juan
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
>
------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------------------------------------------------------------
Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------
____________________________________________________________________________________
¡Descubre una nueva forma de obtener respuestas a tus preguntas!
Entra en Yahoo! Respuestas.
http://es.answers.yahoo.com/info/welcome
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:50 EDT