Re: uploading files to Apache webserver

From: mel (meling@scan-associates.net)
Date: Wed Oct 17 2001 - 18:14:24 PDT

Next message: Vinicius Dalesandro: "Reverse Http Shell Solution"

Previous message: Josh Daymont: "Re: Hacking Lotus Domino 5.0.5"
In reply to: dzzieat_private: "Re: uploading files to Apache webserver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> have you tested the PUT script so it is known working ?

it turns out that that particular directory, will give the same
HTML page no matter what html request I give:

http://victim/dir/  will return a default HTML page (which is actually
an output of some CGIs for debugging)
http://victim/dir/1.txt returns the same thing as above
http://victim/dir/non_existent_file returns the same as above

Thus /dir is mapped to a virtual directory or file (I'm not sure how this is
done in Apache)

--mel 
meling mudin (meling@scan-associates.net)

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Vinicius Dalesandro: "Reverse Http Shell Solution"
Previous message: Josh Daymont: "Re: Hacking Lotus Domino 5.0.5"
In reply to: dzzieat_private: "Re: uploading files to Apache webserver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 10:43:12 PDT