Full Disclosure mailing list archives
Re: Load balancer ?
From: GomoR <fd () gomor org>
Date: Tue, 15 Jan 2008 13:18:46 +0100
On Tue, Jan 15, 2008 at 06:41:57PM +0800, Eduardo Tongson wrote: [..]
<HTTP 1.1 without trailing slash> --> HEAD /docs HTTP/1.1 --> HOST: example.com HTTP/1.1 301 Moved Permanently Date: Tue, 15 Jan 2008 10:00:43 GMT Server: Apache Location: http://example.com/docs/
[..] There is a possible XSS attack here. Put whatever you want in your Host: header. My bet is an old Apache version, more than a load balancer. You could also use SinFP[1] to fingerprint the target, and see what operating system is returned. [1] http://www.gomor.org/sinfp -- ^ ___ ___ http://www.GomoR.org/ <-+ | / __ |__/ Research Engineer | | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- | +--> Net::Frame <=> http://search.cpan.org/~gomor/ <---+ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Load balancer ? Eduardo Tongson (Jan 15)
- Re: Load balancer ? seb (Jan 15)
- Re: Load balancer ? Eduardo Tongson (Jan 15)
- Re: [SPAM] - Re: Load balancer ? - Email found in subject jmacaranas (Jan 15)
- Re: Load balancer ? Eduardo Tongson (Jan 15)
- Re: Load balancer ? GomoR (Jan 15)
- Re: Load balancer ? seb (Jan 15)