Penetration Testing mailing list archives

Re: HEAD request

From: "Mike Klingler" <whitehatguru () gmail com>
Date: Mon, 11 Sep 2006 12:01:06 -0500

If you are unsure of how to format the request properly, just use curl
-I  (capital i)
That will give you the headers for any given request.  Quite useful
and a lot easy to remember than the format of a request.

On 9/11/06, StyleWar <stylewar () cox net> wrote:

I doubt it...Tell us exactly what steps you're using to issue the request...
maybe that will help.

-

StyleWar

"Happiness makes up for in height, what it lacks in length"

> -----Original Message-----
> From: listbounce () securityfocus com
> [mailto:listbounce () securityfocus com] On Behalf Of vijay shetti
> Sent: Saturday, September 09, 2006 3:14 AM
> To: pen-test () securityfocus com
> Subject: HEAD request
>
> Hello all!!!
>
> I am doing assessment of a web server
>
> When I issue HEAD request using nc I don't get any response
> from the webserver and I get disconnected after some time.
> What should i conclude from that?Does it mean that the
> administrator has blocked HEAD requests?
>
> regards,
> Vijay
>
> --------------------------------------------------------------
> ----------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php
> --------------------------------------------------------------
> ----------
>
>



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------



--
Michael Klingler, CISSP
SecurityMetrics Penetration Tester

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

HEAD request vijay shetti (Sep 10)
- Re: HEAD request berg (Sep 11)
- Re: HEAD request Steffen Wendzel (Sep 11)
- RE: HEAD request StyleWar (Sep 11)
  - RE: HEAD request Sels, Roger (Sep 11)
  - Re: HEAD request Mike Klingler (Sep 11)
- RE: HEAD request Paul Melson (Sep 11)
- <Possible follow-ups>
- RE: HEAD request Ory Segal (Sep 11)
- RE: HEAD request Ory Segal (Sep 11)
- RE: HEAD request Levenglick, Jeff (Sep 11)
- RE: HEAD request balaji . v (Sep 11)
- RE: HEAD request Ory Segal (Sep 11)
  - Re: HEAD request Rogan Dawes (Sep 11)