From: Felix Huber (huberfelixat_private)
Date: Sat Dec 29 2001 - 08:28:04 PST

  • Next message: sq: "Re: Questions"

    Hi everybody,
    I just looked through some scans, and I found one problem over and over
    Is it a really good practice to write code like this? Can we really expect
    the same directory structure everywhere?
    (anaconda.nasl, htmlscript.nasl, ...)
    SuSE 7:
    Redhat 5:
    Redhat 7:
    Not to mention webhoster configs like:
    I hope you see what I mean - I suggest at least 4-5 variations (../, ../../,
    A other problem is the trigger for some windows scans. I don't think we
    should look for "c:\windows" - I suggest c:\boot.ini for WinNT/2K/XP and
    c:\autoexec.bat for Win9x/ME.
    idq_dll.nasl: "/query.idq?CiTemplate=../../../../../winnt/win.ini";
    Won't work with Windows XP (windows/win.ini)
    Other opinions?
    Felix Huber
    Felix Huber, Security Consultant, Webtopia
    Guendlinger Str.2, 79241 Ihringen - Germany
    huberfelixat_private     (07668)  951 156 (phone)     (07668)  951 157 (fax)
                                             (01792)  205 724 (mobile)

    This archive was generated by hypermail 2b30 : Sat Dec 29 2001 - 08:28:34 PST