Penetration Testing mailing list archives
Re: Re: Frontpage no password privileges escalation?
From: "Jamie Riden" <jamesr () europe com>
Date: Sat, 7 Oct 2006 09:14:21 +1300
On 6 Oct 2006 00:45:55 -0000, 09sparky () gmail com <09sparky () gmail com> wrote:
Trying to get some clarification for myself: Ok, so I have full access to the FrontPage server application (via no password set). I am able to upload/download/delete/etc. At this point you could already deface the website. Why would you use a tool like tool25.dat? I am not familiar with this tool, but is it used to gain access to a web server, or used after you already have upload/download privileges?
tool25.dat and other scripts have functionality that can include connecting to mysql, mssql, oracle, postgres databases, browsing directories, sending email and of course trying a variety of different ways to execute system commands. for example, see http://www.google.com/search?hl=en&lr=&q=%22Defacing+Tool+2.0+by+r3v3ng4ns%22&btnG=Search In some ways, they're the web equivalent of the tgz's full of local privilege escalation exploits that people like to upload. There is probably an ASP equivalent - all of the ones I have looked at are for PHP. cheers, Jamie -- Jamie Riden, CISSP / jamesr () europe com / jamie.riden () gmail com NZ Honeynet project - http://www.nz-honeynet.org/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Frontpage no password privileges escalation? 09sparky (Oct 04)
- Re: Frontpage no password privileges escalation? thomas springer (Oct 05)
- <Possible follow-ups>
- Re: Re: Frontpage no password privileges escalation? 09sparky (Oct 06)
- Re: Re: Frontpage no password privileges escalation? Jamie Riden (Oct 06)
- Re: Re: Frontpage no password privileges escalation? DokFLeed (Oct 07)
- Re: Re: Frontpage no password privileges escalation? Jamie Riden (Oct 06)