Penetration Testing mailing list archives
Re: uploading files to Apache webserver
From: mel <meling () scan-associates net>
Date: Thu, 18 Oct 2001 09:14:24 +0800
have you tested the PUT script so it is known working ?
it turns out that that particular directory, will give the same HTML page no matter what html request I give: http://victim/dir/ will return a default HTML page (which is actually an output of some CGIs for debugging) http://victim/dir/1.txt returns the same thing as above http://victim/dir/non_existent_file returns the same as above Thus /dir is mapped to a virtual directory or file (I'm not sure how this is done in Apache) --mel meling mudin (meling () scan-associates net) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- uploading files to Apache webserver mel (Oct 17)
- <Possible follow-ups>
- Re: uploading files to Apache webserver dzzie (Oct 17)
- Re: uploading files to Apache webserver mel (Oct 18)