WebInspect

From: Indian Tiger (indiantigerat_private)
Date: Sun Jan 19 2003 - 07:38:25 PST

Next message: Indian Tiger: "Password Tesing using SQL Injection"

Previous message: Esler, Joel -- Sytex Contractor: "RE: Identify OS?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I was using WebInspect and found Web DAV Support enabled.
It's execution part suggests following to exploit:

Issue the following request to the server:
PROPFIND / HTTP/1.0
Host:
Content-Length: 0
I can't understood, how to use these commands to exploit this vulnerability.
----------------------------------------------------------------------------
IIS was not showing any log after running WebInspect.
I think the directory for this is c:\winnt\system32\logfiles
----------------------------------------------------------------------------

Sincerely,

Balwant Rathore, CISSP


----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core

Next message: Indian Tiger: "Password Tesing using SQL Injection"
Previous message: Esler, Joel -- Sytex Contractor: "RE: Identify OS?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 19 2003 - 13:47:49 PST