Re: Owl Intranet Engine - bypass admin

From: Rohan Amin (rohanat_private)
Date: Wed May 14 2003 - 19:13:21 PDT

Next message: Robert Smith: "Re: HTTPS Web site testing"

Previous message: christopher downs: "Re: HTTPS Web site testing"
In reply to: cdowns: "Owl Intranet Engine - bypass admin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Which version of Owl are you referring to?  With version 0.7 it seems
that you can view the file list (still a problem) but you can't
actually view or download any files (it kicks you back out to the
login prompt).

Regards,

Rohan



On Tue, May 13, 2003 at 05:26:39PM -0500, cdowns wrote:
> Good Afternoon,
>    After working on a pen-test this week I came across OWL ( Owl 
> Intranet Engine ) which is and open source file sharing utility written 
> in php and run on Apache. I was trying to see where I could possible 
> Inject, CSS or just plane command line exec.
> 
>    browse.php which requires("owl.lib.php"), there is a function that 
> is not checking valid loginame:passwords. So you can view and download 
> any file on the system, you can also modify them.
> 
>    I have not gotten to deep into this as I have other things to do as 
> well. If anyone has any comments please feel free to share. Im pretty 
> shure you could do a little more;)
> 
>    If you want to look here is the main hosted site, its -> 
> http://owl.sourceforge.net/
> 
>    heres is a sample:
>       
> http://www.someplace.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC
> 
>    Thanks all.
> 
>    ~!>D  
> 
> -- 
> ------------------------------------------
>      Network Security Engineer 
>      http://www.angrypacket.com
>       Christopher M Downs,RHCE
>     cdownsat_private
> 	
>   char ash[]="\x48\x61\x69\x6C\x20"
>   "\x74\x6F\x20\x74\x68\x65\x20\x4B"
>   "\x69\x6E\x67";
> -------------------------------------------
> 
> 
> 
> 
> ---------------------------------------------------------------------------
> *** Wireless LAN Policies for Security & Management - NEW White Paper ***
> Just like wired networks, wireless LANs require network security policies 
> that are enforced to protect WLANs from known vulnerabilities and threats. 
> Learn to design, implement and enforce WLAN security policies to lockdown 
> enterprise WLANs.
> 
> To get your FREE white paper visit us at:    
> http://www.securityfocus.com/AirDefense-pen-test
> ----------------------------------------------------------------------------
> 

---------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-pen-test
----------------------------------------------------------------------------

Next message: Robert Smith: "Re: HTTPS Web site testing"
Previous message: christopher downs: "Re: HTTPS Web site testing"
In reply to: cdowns: "Owl Intranet Engine - bypass admin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 15 2003 - 23:47:15 PDT