Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

HTTP Verb Tampering

From: s0ul () hushmail me
Date: Mon, 06 Jul 2009 19:13:25 +0200
hey guys,

i need some help with a HTTP Verb Tampering attack!
by using this attack i already gained access to a folder secured by 
.htaccess - my problem at the moment is:

HOW TO DOWNLOAD FILES BY USING HTTP Verb Tampering?

GET, POST and HEAD methods are excluded via .htaccess is there any 
other method or http verb which allows me to download files without 
having to gain "real" admin status?

thanx for your help,
sincerely, 
s0ul 

--
Find the right voice for your project by clicking here!
 http://tagline.hushmail.com/fc/BLSrjkqeFODyUoGdFsWDkBpxQDOZ5jUIytygbZUMolB9pKy3FjUMy78EFAs/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: