Re: Enumerating users on a Domino webserver

From: Bruno Mosconi (bmosconiat_private)
Date: Wed Jan 30 2002 - 09:07:48 PST

Next message: Eduardo Damato: "buffer overflow on whois (redhat linux 7.0/7.1 on i686)"

Previous message: OBrien, Brennan: "RE: Enumerating users on a Domino webserver"
In reply to: nicobat_private: "Enumerating users on a Domino webserver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes. The same problem here!
Domino 5.0.8A
----- Original Message -----
From: <nicobat_private>
To: <vuln-devat_private>
Sent: Wednesday, January 30, 2002 2:54 PM
Subject: Enumerating users on a Domino webserver


>
> From: nicobat_private on 30/01/2002 17:54 CET
>
> To:   vuln-devat_private
> cc:
> Subject:  Enumerating users on a Domino webserver
>
>
> Hi,
>
> during a pen-test against a Domino 5.0.8 webserver, I was able to
enumerate
> valid users.
>
> A simple "GET /mail/toto.nsf HTTP/1.0" redirects to the login page (with a
> "200 OK"
> HTTP code) if the user "toto" exists and a "404 File not Found"  is
> returned if the user
> doesn't exist.
> This issue can allow a faster brute force attack on HTTP passwords.
>
>
> I have search the Net for more information about this problem, but I found
> nothing.
>
> Can the readers reproduce this behaviour ?
> Do you see others implications than users enumeration (for social
> engineering and brute
> force attacks) ?
>
>
> Nicob
>
>
>
>
>
>

Next message: Eduardo Damato: "buffer overflow on whois (redhat linux 7.0/7.1 on i686)"
Previous message: OBrien, Brennan: "RE: Enumerating users on a Domino webserver"
In reply to: nicobat_private: "Enumerating users on a Domino webserver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jan 30 2002 - 09:53:29 PST