Penetration Testing mailing list archives
re: Injecting commands into a mainframe through a servlet
From: Andrew Cathrow <andrew () cathrow com>
Date: Wed, 8 Jun 2005 14:29:13 -0400
The applid certainly does sound like it's a mainframe rather than an as/400. The initial screen you see when you connect to a mainframe via TN3270 usually asks for an applid which could be a CICS region, IMS region or a TSO session. It'd be hard to suggest where to go from here without knowing a little more of what this servlet is doing. What output do you get from the servlet, and what's in the http headers? Is the servlet running on the mainframe ? Can you telnet to the mainframe ? Try a 3270 emulator like x3270 or mochasoft from http://www.mochasoft.dk ---- Original message ----
Date: Wed, 08 Jun 2005 14:37:49 +0200 From: Frederic Charpentier <fcharpen () xmcopartners com> Subject: Injecting commands into a mainframe through a servlet To: pen-test () securityfocus com hi all, I'm conducting a pentest and I found a url with something
like AS400 or
OS390 command in a url parameter. sample : www.client.com/Servlet.srv?codeLogon=logon+applid+(tesre01) I saw a multiple web site that I could add command like : www.client.com/Servlet.srv?codeLogon=logon+applid+(tesre01)+DATA(stuff) Anyone have I idea about howx I could exploit this ? like
default
application, ... Fred. -- Frederic Charpentier - Xmco Partners Security Consulting / Pentest web : http://www.xmcopartners.com
Current thread:
- re: Injecting commands into a mainframe through a servlet Andrew Cathrow (Jun 08)
- Re: Injecting commands into a mainframe through a servlet Frederic Charpentier (Jun 09)