Try POSTing the actual commands to it. For more info on NetWare web stuff, check out RFP's Blackhat presentation. Kevin Spett SPI Labs http://www.spidynamics.com/ > ----- Original Message ----- > From: "Ralph Los" <RLosat_private> > To: <Pen-testat_private> > Sent: Wednesday, December 18, 2002 3:28 PM > Subject: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As > sistence requested. > > > > Hey - let me re-open a thread again, if you folks don't mind. I've found > a > > server at one of our pen-test clients with this NetWare HTTP/HTTPS server. > > I've been trying to figure out a way to make it tango, but have been > having > > some problems. Here's what I've tried and where I left off, maybe someone > > can toss some suggestions out. > > > > Attempt: http://address/perl/-v > > Result: NetWare port Copyright 1998 Novell Corporation. > > All rights reserved. > > > > Attempt: http://address/perl/-h > > Result: Page not found > > > > Attempt: http://address/perl/-e%20print%20%22hello%20world%22; > > Result: IE just hangs there "DONE" > > > > Attempt: http://address/perl/-e%20print%201; > > Result: IE just hangs there "DONE" > > > > So what's up? Is this box "patched" against this form of attack somehow? > > Could someone throw me another idea maybe? > > > > Thanks a bunch. > > > > > > -------------------------------------------------------------------------- > -- > > This list is provided by the SecurityFocus Security Intelligence Alert > (SIA) > > Service. For more information on SecurityFocus' SIA service which > > automatically alerts you to the latest security vulnerabilities please > see: > > https://alerts.securityfocus.com/ > > > > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:21:22 PST