Penetration Testing mailing list archives
IIS 5.0 problem with "backup" files in executable directories....how to enumerate them?
From: fr0stman <fr0stman () sun-tzu-security net>
Date: Sun, 16 Mar 2003 13:19:10 -0500
Ok I have a scanner utility that is enumerating backup copies of files that are present: i.e. http://www.blah.com/index.html If there's an index.old or index.html.old the script will find these with subsequent GET requests for the "backup" files. Where I'm running into a problem is with IIS 5.0 (Apache doesn't do this). i.e. http://www.blah.com/scripts/login.asp When I make a POST request to /scripts/login.old, etc I get a 405 method not allowed. The error in the returned header states only methods OPTIONS and TRACE are allowed which I'm assuming are the default methods allowed for a file extension that hasn't previously been setup in the IIS directory configuration. GET requests of course return 403 access denied errors. TRACE returns 200 OK for any request and OPTIONS of course returns the allowed HTTP methods. Has anyone else overcome this error or have a reliable method of determining "backup" copies of files are present in executable directories? Thanks in advance. -- -- fr0stman -- ---------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes now! Download a free 15-day trial of VAM: http://www2.stillsecure.com/download/sf_vuln_list.html
Current thread:
- IIS 5.0 problem with "backup" files in executable directories....how to enumerate them? fr0stman (Mar 17)