Re: Webdev fuss so what?

From: mvillanova (mvillanovaat_private)
Date: Fri May 09 2003 - 11:56:34 PDT

Next message: jjohnmckat_private: "Auto-Run CD - Disabling Screensavers"

Previous message: Maher Odeh: "RE: Directory listing"
In reply to: peter devris: "Webdev fuss so what?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2003-05-08 at 19:16, peter devris wrote:
> What is all the fuss about the webdev vul?
> 
> I have an IIS5.0 server SP3 and thought I best check
> this out so tried the following to test and exploit my
> server
> 
> webdevfinder.pl - by SensePost Research
>       returns - WebDAV possibly in use

Try using the KaHT tool, (www.greyhat.org) it will return a root shell
or add a user depending on your command line switch.  I've found it very
accurate.  

---------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does.
Plug your security holes.
Download a free 15-day trial of VAM:
http://www.securityfocus.com/StillSecure-pen-test
----------------------------------------------------------------------------

Next message: jjohnmckat_private: "Auto-Run CD - Disabling Screensavers"
Previous message: Maher Odeh: "RE: Directory listing"
In reply to: peter devris: "Webdev fuss so what?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 11 2003 - 10:33:11 PDT