Penetration Testing mailing list archives
Re: [PEN-TEST] WebLogic 5.1.0 < SP7
From: Ted Behling <TBehling () MONARCHIS NET>
Date: Thu, 15 Mar 2001 19:26:05 -0500
Your Perl scriptlet prints "GET/..AAAAAAAAAAHTTP/1.0", which it could be interpreting as an invalid HTTP query (per RFC 1945, ftp://ftp.isi.edu/in-notes/rfc1945.txt, page 22). You answered your own question at the end of your quote; once you put a space after your GET and before your HTTP/1.0, it becomes a valid query, and hence does not return a 500. I'm not specifically flent in WebLogic, but it seems likely to me that it's gagging on not being able to parse your query rather than trying to access a parent directory. At 06:02 PM 3/15/01 -0600, Matt W. wrote:
perl -e 'print "GET" . "/.." . "A" x 10 . "HTTP/1.0" . "\n\n"' | nc <server> <port> HTTP/1.1 500 internal Server Error Server: Weblogic 5.1.0 Service Pack 6 09/20/2000 Conten-Type: text/html Connection:Close java.lang.NullPointerException The other interesting thing is if you put a space between the GET and the /.. it still does the above but if put a space between the A's and the HTTP/1.0 there is no error.
------------------------------------------------ Ted Behling, E-Commerce Consultant Monarch Information Systems, Inc. "Because Every Business Should Be An E-Business" 43 Folly Field Road, Unit 4 Hilton Head Island, SC 29928-5434 Toll-free Phone & Fax: 1-800-842-7894 Local or Outside the USA: 1-843-842-7894 mailto:tbehling () monarchis net http://www.monarchis.net ------------------------------------------------
Current thread:
- [PEN-TEST] WebLogic 5.1.0 < SP7 Matt W. (Mar 15)
- Re: [PEN-TEST] WebLogic 5.1.0 < SP7 Ted Behling (Mar 16)