Re: Directory Transversal

From: Zed Qyves (zqyves.spamtrap@gmail.com)
Date: Thu Oct 18 2007 - 07:10:04 EDT

• Next message: Danny Fullerton: "Re: CREST or TIGER?"
• Previous message: Danux: "Re: Executing PHP Code from MSSQL table"
• In reply to: jfvanmeter@comcast.net: "Directory Transversal"
• Next in thread: jfvanmeter@comcast.net: "RE: Directory Transversal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello John,
The fact that you are getting a directory traversal should not meananything else to you rather than you are getting outside the web rootat least for reading files.
As for PUT, what does the OPTIONS command tell you? Is PUT an enabledverb on the web server you are testing? otherwise you are not going togo anywhere with that. You can also check for WEBDAV verbs that mayinterest you...
In any case to go outside the web root for writing files as well youneed to have some help from the underlying O/S regaind file/directorypermissions...
Hope it helps,ZQ
On 10/17/07, jfvanmeter@comcast.net <jfvanmeter@comcast.net> wrote:>> Hello everyone, I'm in the middle of a test on a app that the following command works on> http://mycomputer:port#/..//..//..//..//..//..//..//windows/win.ini> and it will prompt me to save the file, if i check my packet capture I see the contents of the file.>> So far I've been unable to get a put or post command to work and was hoping to get some ideas from you all on things to try.>> I've been trying to get nc/telnet and some other tools to help me with the put comand>> Thanks in advance --John>> ------------------------------------------------------------------------> This list is sponsored by: Cenzic>> Need to secure your web apps NOW?> Cenzic finds more, "real" vulnerabilities fast.> Click to try it, buy it or download a solution FREE today!>> http://www.cenzic.com/downloads> ------------------------------------------------------------------------>>

-- ---------------------------------------------------------------------Κρέωνἐν τῇδ᾽ ἔφασκε γῇ· τὸ δὲ ζητούμενονἁλωτόν, ἐκφεύγειν δὲ τἀμελούμενον.Οιδίπους Τύρρανος [110]---------------------------------------------------------------------CreonIn this our land, so said he, those who seek Shall find; unsought, welose it utterly.Oedipus Rex [110]---------------------------------------------------------------------

• Next message: Danny Fullerton: "Re: CREST or TIGER?"
• Previous message: Danux: "Re: Executing PHP Code from MSSQL table"
• In reply to: jfvanmeter@comcast.net: "Directory Transversal"
• Next in thread: jfvanmeter@comcast.net: "RE: Directory Transversal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:10 EDT