Penetration Testing mailing list archives
Directory Traversal Attacks
From: sec nerd <secn3rd () yahoo com>
Date: Tue, 20 Sep 2005 21:06:22 -0700 (PDT)
hi all, I am a web app penetration tester and wanted to know that if a web server like an IIS 5.0 gives away the webroot path, what would be the directory traversal techniques to get to the webroot.Basically what can one do or wht technique one can apply from the revealed webroot path for this IIS 5.0 SERVER. I am also looking for some sort of reference on the internet where i could see directory traversal attacks for sun solaris, linu with apache ,IIS 5.0 etc. any help in this regard will be highly appreciated. ______________________________________________________ Yahoo! for Good Donate to the Hurricane Katrina relief effort. http://store.yahoo.com/redcross-donate3/ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Directory Traversal Attacks sec nerd (Sep 21)