post-discovery in web vulnerability

From: davemitch@mailinator.com
Date: Thu Mar 06 2008 - 01:21:00 EST

Next message: John Babio: "RE: InfoSec certification EC/BackTrack?"
Previous message: Pete Herzog: "Re: InfoSec certification EC/BackTrack?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) hi all,
on using a vulnerability scanner for web applications (wapiti) on an internal website, the output is a list of attack URLs ,like the one below

hxxp://192.168.x.y*/pages/abstract.asp?paperid=..%2F..%2F..%2F..%2F..%2F..%2 F..%2F..%2F..%2F..%2Fboot.ini

On pasting the URL in a browser, the error message is like this

__________________________________________________

Microsoft VBScript runtime error '800a000d'

Type mismatch: '[string: "ż'"("]'

E:\INETPUB\VHOSTS\****.***.***\HTTPDOCS\WEBROOT\PA GES\../includes/toplinks-archive-courses-spas.asp, line 1
__________________________________________________ __________________________________________________

What needs to be done next, to exploit the vulnerability detected by the vulnerability scanner -wapiti ?
Any ideas or suggestions in this regard are welcome.

thankx

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Next message: John Babio: "RE: InfoSec certification EC/BackTrack?"
Previous message: Pete Herzog: "Re: InfoSec certification EC/BackTrack?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:26 EDT