WebApp Sec mailing list archives
RE: .asp giving 404
From: "Calderon, Juan Carlos (GE, Corporate, consultant)" <juan.calderon () ge com>
Date: Wed, 13 Apr 2011 09:37:09 -0400
3 things on top of my mind 1. Your page is doing a "unaware" redirection to a non existing page, so it is loaded, but then it redirects you (or transfer you, they are different in ASP) and you get the 404 error massage 2. Antivirus is detecting and removing the shell or putting it on quarantine (not likely if it is a web page) 3. IIS server is hardened and classic asp pages are "served" by 404.dll a dll created by MS to prevent access to pages of certain type. Hope it helps, Juan C Calderon -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Robin Wood Sent: Tuesday, April 12, 2011 12:00 PM To: webappsec () securityfocus com Subject: .asp giving 404 On a recent test I got FTP write access to a web server which had an ASP based site on it. I uploaded an ASP shell and tried to browse to it but got a 404. I uploaded it to a directory that had directory listing enabled and confirmed the file was there but again browsing to it gave a 404. I uploaded a text file and image and could browse to both of those fine. I also tried downloading an existing page and modifying that then re-uploading it but didn't have permission to overwrite the file. I vaguely remember something to do with file permissions having to be set correctly for ASP to run from years ago when I did some dev work in it but can't remember. Can someone tell me what was likely to have been going on and if there is any way around it given the access I had? Robin This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus -------------------------------------- This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- .asp giving 404 Robin Wood (Apr 13)
- RE: .asp giving 404 Calderon, Juan Carlos (GE, Corporate, consultant) (Apr 13)
- Message not available
- Fwd: .asp giving 404 arvind doraiswamy (Apr 14)
- Message not available
- Message not available
- Re: .asp giving 404 Robin Wood (Apr 14)
- RE: .asp giving 404 Calderon, Juan Carlos (GE, Corporate, consultant) (Apr 13)
- Re: .asp giving 404 Robin Wood (Apr 14)
- <Possible follow-ups>
- RE: .asp giving 404 Steve Syfuhs (Apr 14)
- Re: .asp giving 404 Robin Wood (Apr 15)
- Message not available
- Re: .asp giving 404 Robin Wood (Apr 15)
- Re: .asp giving 404 Robin Wood (Apr 15)