Vulnerability Development mailing list archives
SSI Injection Question
From: Max <max0r () digitalsamurai org>
Date: Fri, 1 Sep 2000 01:58:33 +0000
Please excuse me if this has already been discussed, or I end up sounding really stupid. Imagine you had a CGI script (i.e search engine), that would return input entered by the user to some sort of result page, for example, "no matches for pretzel". Now, imagine again that this result had an extention that was listed to be run over by the SSI interperator. What would happen if you passed a string like "<!--#include virtual="/etc/password"-->"? When the string was printed to a result page would it then by parsed by the SSI interperator? The only reason I ask is because its not uncommon for sites to set "AddType server-parsed .html", for the sake of having a universal extention. Thanks, Max. -- [FCS] Yea, We Regulate [FCS]
Current thread:
- SSI Injection Question Max (Sep 01)
- Re: SSI Injection Question David Schwartz (Sep 01)
- Re: SSI Injection Question Mark Rafn (Sep 01)
- Re: SSI Injection Question Bluefish (P.Magnusson) (Sep 03)
- Re: SSI Injection Question Joe (Sep 01)