Penetration Testing mailing list archives

WebInspect

From: "Indian Tiger" <indiantiger () mailandnews com>
Date: Sun, 19 Jan 2003 21:08:25 +0530

Hi,

I was using WebInspect and found Web DAV Support enabled.
It's execution part suggests following to exploit:

Issue the following request to the server:
PROPFIND / HTTP/1.0
Host:
Content-Length: 0
I can't understood, how to use these commands to exploit this vulnerability.
----------------------------------------------------------------------------
IIS was not showing any log after running WebInspect.
I think the directory for this is c:\winnt\system32\logfiles
----------------------------------------------------------------------------

Sincerely,

Balwant Rathore, CISSP


----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
www.securityfocus.com/core

Current thread:

WebInspect Indian Tiger (Feb 19)
- Re: WebInspect Kevin Spett (Feb 19)
- Re: WebInspect David Litchfield (Feb 19)
- Re: WebInspect Dave McCormick (Feb 20)