You could probably try something like GET /blah.ida HTTP/1.1 Will probably disclose the webroot. ----- Original Message ----- From: "* (todd + 1)" <toddat_private> To: <pen-testat_private> Sent: Thursday, June 14, 2001 5:30 AM Subject: finding webroot on IIS > hello all, > > Recently i came across an IIS webserver that i found to be vulnerable to the > Unicode attacks. However, i cannot determine the webroot of this drive, and > therefore i am having troubles reaching a full comprimise. The directory > "C:\Inetpub" exists, but the only contents of this directory is the folder > "mailroot". > > Additionally, when i connect and request the root document (ie GET / ), it > returns the string: "<% Response.ContentType = "text/plain" %> HELLO" > > Does anyone come across anything like this before, and what would be the > simplest method of determining the webroot? > > thanks in advance > todd willey > ubermother >
This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 17:11:29 PDT