Injecting commands into a mainframe through a servlet

From: Frederic Charpentier (fcharpen@xmcopartners.com)
Date: Wed Jun 08 2005 - 08:37:49 EDT

• Next message: Sash: "RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Previous message: J. K.: "Pentesting a HP-UX with SMSC"
• In reply to: Andres Riancho: "Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Next in thread: Jason Muskat: "RE: Injecting commands into a mainframe through a servlet"
• Reply: Jason Muskat: "RE: Injecting commands into a mainframe through a servlet"
• Maybe reply: Andrew Cathrow: "re: Injecting commands into a mainframe through a servlet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

hi all,
I'm conducting a pentest and I found a url with something like AS400 or
OS390 command in a url parameter.

sample :
www.client.com/Servlet.srv?codeLogon=logon+applid+(tesre01)

I saw a multiple web site that I could add command like :
www.client.com/Servlet.srv?codeLogon=logon+applid+(tesre01)+DATA(stuff)

Anyone have I idea about howx I could exploit this ? like default
application, ...

Fred.

-- 
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web  : http://www.xmcopartners.com

• Next message: Sash: "RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Previous message: J. K.: "Pentesting a HP-UX with SMSC"
• In reply to: Andres Riancho: "Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services"
• Next in thread: Jason Muskat: "RE: Injecting commands into a mainframe through a servlet"
• Reply: Jason Muskat: "RE: Injecting commands into a mainframe through a servlet"
• Maybe reply: Andrew Cathrow: "re: Injecting commands into a mainframe through a servlet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:23 EDT