Penetration Testing mailing list archives

Scripts found on web server

From: "Hussein Ghazy (ProtechT)" <hussein.ghazy () protecht-me com>
Date: Tue, 27 Sep 2005 22:08:51 +0400

Hi,

I was doing a penetration testing on one of our client's website, I found
some scripts. How can I exploit them & how can I hide them from end users.

Example:
http://www.xyz.com/login.asp

Thanks & Best Regards
Hussein Ghazy


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

RE: Password "security" - was"Passwords with Lan Manager (LM) under Windows" and "Whitespace in passwords" Miguel Dilaj (Sep 27)
- Scripts found on web server Hussein Ghazy (ProtechT) (Sep 28)