Try the DAV Explorer. http://www.ics.uci.edu/~webdav/ This is a WEBDAV client app that provides: Treeview of WEBDAV server Upload and download of web resources Display all resource props or lock props etc... etc... It's LOADS of fun! ;) Dave McCormick "Too close for missles, I'm switching to guns." -Maverick On Sun, 19 Jan 2003, Indian Tiger wrote: > Hi, > > I was using WebInspect and found Web DAV Support enabled. > It's execution part suggests following to exploit: > > Issue the following request to the server: > PROPFIND / HTTP/1.0 > Host: > Content-Length: 0 > I can't understood, how to use these commands to exploit this vulnerability. > ---------------------------------------------------------------------------- > IIS was not showing any log after running WebInspect. > I think the directory for this is c:\winnt\system32\logfiles > ---------------------------------------------------------------------------- > > Sincerely, > > Balwant Rathore, CISSP > > > ---------------------------------------------------------------------------- > > Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 > box? > CORE IMPACT does. > www.securityfocus.com/core > > ---------------------------------------------------------------------------- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. http://www.securityfocus.com/core
This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 08:15:18 PST