Webspeed remote testing tips?

["Mark Sec" <mark.sec () gmail com>]

Alo,

does anyone have more info about webspeed vulnerabilities ?
or howto execute remote commands?
does anyone have "glosary" about msgs errors o services?

I tried:

(1) http://server/cgi-bin/anyfile.sh/WService=anything?WSMadmin
Messenger: Internal command access denied. (6368)

(2) http://server/cgi-bin/anyfile.sh/|id;uname;ls;
Messenger: URL contains invalid syntax. (6369)

(3) http://server/cgi-bin/wspd_cgi.sh?
Msngr: the specified service name does not exist or has a bad format.
(5825): wsbroker1

wsbroker1? what services we can execute ?

(4) http://server/scripts/wsisa.dll/WService=anything?WSMadmin <- for win32
(not successful)
(5) http://server/scripts/wsnsa.dll/WService=anything?WSMadmin <- for Unix
(not successful)


regards
-  Mark  :-)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/