Penetration Testing mailing list archives
Re: Re: Frontpage no password privileges escalation?
From: 09sparky () gmail com
Date: 6 Oct 2006 00:45:55 -0000
Trying to get some clarification for myself: Ok, so I have full access to the FrontPage server application (via no password set). I am able to upload/download/delete/etc. At this point you could already deface the website. Why would you use a tool like tool25.dat? I am not familiar with this tool, but is it used to gain access to a web server, or used after you already have upload/download privileges? Next, with uploading tools/exploits: what type of tools/exploits would you use within the FrontPage root directory to actually gain system privileges? Can you run exploits from within this type of application to gain admin privileges? How do you know what its internal vulnerabilities are? I cannot run an VA tools against it from the internal network to see its Microsoft vulnerabilities (i.e plug and play). Or run tools like metasploit. Sorry if these are foolish questions, I am just trying to get a grasp for the procedure. I did notice that this particular server did have "nc" in the Frontpage root directory (installed by hacker), but I didn't think that it could be executed from within this folder. Also, If anyone has a link to the "tool25.dat" or other web defacement tools and/or exploits that could be run after FrontPage compromise (upload rights), I that would be great. I would be very interested in running these in our lab for further understanding/knowledge. Thanks, Sparky ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Frontpage no password privileges escalation? 09sparky (Oct 04)
- Re: Frontpage no password privileges escalation? thomas springer (Oct 05)
- <Possible follow-ups>
- Re: Re: Frontpage no password privileges escalation? 09sparky (Oct 06)
- Re: Re: Frontpage no password privileges escalation? Jamie Riden (Oct 06)
- Re: Re: Frontpage no password privileges escalation? DokFLeed (Oct 07)
- Re: Re: Frontpage no password privileges escalation? Jamie Riden (Oct 06)