How about send it some HTML? Something like: http://address/perl/-e%20print%20><body>hello%20world</body></html> You might have to change the tags and/or add a "Content-type: text/html" Bob Mahan Network Security Operations Phone: (847) 571-5525 mailto:bmahanat_private http://www.nsoco.com > -----Original Message----- > From: Ralph Los [mailto:RLosat_private] > Sent: Wednesday, December 18, 2002 2:29 PM > To: Pen-testat_private > Subject: Re-opening an old thread: > NetWare-Enterprise-Web-Server/5.1 --As sistence requested. > Sensitivity: Confidential > > > Hey - let me re-open a thread again, if you folks don't mind. > I've found a server at one of our pen-test clients with this > NetWare HTTP/HTTPS server. I've been trying to figure out a > way to make it tango, but have been having some problems. > Here's what I've tried and where I left off, maybe someone > can toss some suggestions out. > > Attempt: http://address/perl/-v > Result: NetWare port Copyright 1998 Novell Corporation. > All rights reserved. > > Attempt: http://address/perl/-h > Result: Page not found > > Attempt: http://address/perl/-e%20print%20%22hello%20world%22; > Result: IE just hangs there "DONE" > > Attempt: http://address/perl/-e%20print%201; > Result: IE just hangs there "DONE" > > So what's up? Is this box "patched" against this form of > attack somehow? Could someone throw me another idea maybe? > > Thanks a bunch. > > > -------------------------------------------------------------- > -------------- > This list is provided by the SecurityFocus Security > Intelligence Alert (SIA) Service. For more information on > SecurityFocus' SIA service which automatically alerts you to > the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:27:10 PST